Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/1-KrtgJ5q6aaFBGP8OSPbXCqof7s.roa
File: 1-KrtgJ5q6aaFBGP8OSPbXCqof7s.roa (raw, json)
Hash identifier: XMsU5I1Qc91QtgrXx32HeOrNSxjQbJQTF+T+sertJYg=
Subject key identifier: F8:AA:ED:80:9E:6A:E9:A6:85:04:63:FC:39:23:DB:5C:2A:A8:7F:BB
Certificate issuer: /CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Certificate serial: 018CC7268D19ADD46B36975D3201C27ED519
Authority key identifier: B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/1-KrtgJ5q6aaFBGP8OSPbXCqof7s.roa
Signing time: Mon 01 Jan 2024 22:30:41 +0000
ROA not before: Mon 01 Jan 2024 22:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15542
IP address blocks: 217.102.240.0/20 maxlen: 24
213.34.224.0/19 maxlen: 24
212.115.192.0/19 maxlen: 24
185.200.96.0/22 maxlen: 24
82.176.0.0/16 maxlen: 24
212.92.64.0/19 maxlen: 24
217.63.64.0/19 maxlen: 24
62.238.0.0/16 maxlen: 24
2a02:f68::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.mft
rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 22:02:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:8d:19:ad:d4:6b:36:97:5d:32:01:c2:7e:d5:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Validity
Not Before: Jan 1 22:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8aaed809e6ae9a6850463fc3923db5c2aa87fbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:48:e2:22:09:5e:02:3c:35:e4:e3:90:53:0c:
2f:f1:7e:52:ea:f8:46:8d:1a:89:4b:54:ac:29:a2:
f7:85:cf:a0:01:55:07:ad:a0:10:0b:79:ab:6e:e3:
3e:39:71:45:24:b2:54:22:23:5b:3d:e5:a1:46:62:
5a:06:3f:47:37:6e:3c:0e:c8:65:51:15:27:06:41:
74:00:02:38:46:71:58:10:52:04:b6:66:ec:16:b9:
35:0a:21:5c:41:ce:71:2f:4c:c4:54:ef:51:09:ef:
e8:a6:83:e0:2f:de:57:44:5a:f9:0d:f3:d7:8e:f2:
0b:8d:f1:0a:7a:b7:f9:73:a8:30:d2:ed:9c:49:f9:
f8:4e:21:ab:61:39:33:eb:cb:51:48:ff:16:55:ed:
f6:5a:b6:df:35:2c:70:a7:ec:89:08:a8:72:52:a3:
d5:bd:c3:e7:10:e2:b4:ff:e4:f1:80:cf:1d:80:97:
e7:61:f1:95:48:d5:a1:00:67:85:4f:dd:93:97:34:
b7:fe:f0:80:3a:b1:7e:30:86:7c:a5:b7:cd:bf:3b:
db:02:7d:c1:09:7e:bf:06:cf:9e:a4:e0:17:41:73:
a8:e2:bb:83:fd:7e:02:65:90:37:a5:47:be:4a:9c:
dc:88:d4:2d:7a:c7:63:55:a0:92:a0:98:6b:6f:fa:
e2:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:AA:ED:80:9E:6A:E9:A6:85:04:63:FC:39:23:DB:5C:2A:A8:7F:BB
X509v3 Authority Key Identifier:
keyid:B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/1-KrtgJ5q6aaFBGP8OSPbXCqof7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.238.0.0/16
82.176.0.0/16
185.200.96.0/22
212.92.64.0/19
212.115.192.0/19
213.34.224.0/19
217.63.64.0/19
217.102.240.0/20
IPv6:
2a02:f68::/29
Signature Algorithm: sha256WithRSAEncryption
9c:7e:18:34:89:17:37:df:05:6b:22:8f:b4:d0:72:69:80:ec:
6a:7f:2e:a9:00:74:eb:26:a7:9f:59:6d:cd:bd:f1:26:bf:16:
55:00:5d:4f:33:23:3f:44:20:45:32:60:8a:6e:ae:8c:f9:1b:
aa:33:8a:1f:39:91:fe:72:08:97:2c:fa:ba:7b:b7:86:95:86:
4d:3a:3f:09:c6:c3:8d:ef:56:29:64:cb:45:76:26:fb:06:87:
33:f6:02:84:81:bb:43:20:e7:ed:89:53:f8:bd:33:b2:9c:e3:
e9:ad:3c:01:66:dc:af:99:bf:b5:a0:52:f9:0e:ee:1b:c5:74:
74:79:3d:4a:91:7a:99:fd:be:5a:ba:2f:26:05:6c:e3:67:32:
ef:43:a8:d3:68:45:40:df:82:dc:0e:15:6c:cc:43:a5:24:ea:
e1:f8:e6:21:eb:fe:91:ee:72:59:d7:56:ad:47:f0:4a:67:9f:
01:1a:a1:80:74:24:eb:93:9e:7d:43:60:fc:9d:5a:86:b6:8c:
53:4c:71:e7:9d:30:db:82:d2:bd:be:52:d2:e4:a0:05:fa:f7:
95:bd:34:2f:b8:47:5f:32:1e:84:4f:ca:54:fb:b6:88:0a:03:
68:d5:ef:73:76:5c:36:f1:28:5d:5e:2c:43:a5:d6:00:f0:a6:
31:e9:c1:96
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYzHJo0ZrdRrNpddMgHCftUZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTRhNjAxY2EzNWM2YzgzNzZiODlhYWY0NDNiNjNlYTQz
OWNkYjgwHhcNMjQwMTAxMjIzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGFhZWQ4MDllNmFlOWE2ODUwNDYzZmMzOTIzZGI1YzJhYTg3ZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUjiIgleAjw15OOQUwwv8X5S6vhG
jRqJS1SsKaL3hc+gAVUHraAQC3mrbuM+OXFFJLJUIiNbPeWhRmJaBj9HN248Dshl
URUnBkF0AAI4RnFYEFIEtmbsFrk1CiFcQc5xL0zEVO9RCe/opoPgL95XRFr5DfPX
jvILjfEKerf5c6gw0u2cSfn4TiGrYTkz68tRSP8WVe32WrbfNSxwp+yJCKhyUqPV
vcPnEOK0/+TxgM8dgJfnYfGVSNWhAGeFT92TlzS3/vCAOrF+MIZ8pbfNvzvbAn3B
CX6/Bs+epOAXQXOo4ruD/X4CZZA3pUe+SpzciNQtesdjVaCSoJhrb/rifQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFPiq7YCeaummhQRj/Dkj21wqqH+7MB8GA1UdIwQY
MBaAFLGkpgHKNcbIN2uJqvRDtj6kOc24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAt
M2E1NjI4Y2M4MWQ5LzEvMS1LcnRnSjVxNmFhRkJHUDhPU1BiWENxb2Y3cy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2QvZGZlYzQwLWI4NmUtNDk0Yy1iYTEwLTNhNTYyOGNjODFk
OS8xL3NhU21BY28xeHNnM2E0bXE5RU8yUHFRNXpiZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBWBggrBgEFBQcBBwEB/wRHMEUwNAQCAAEwLgMDAD7uAwMA
UrADBAK5yGADBAXUXEADBAXUc8ADBAXVIuADBAXZP0ADBATZZvAwDQQCAAIwBwMF
AyoCD2gwDQYJKoZIhvcNAQELBQADggEBAJx+GDSJFzffBWsij7TQcmmA7Gp/LqkA
dOsmp59Zbc298Sa/FlUAXU8zIz9EIEUyYIpuroz5G6ozih85kf5yCJcs+rp7t4aV
hk06PwnGw43vVilky0V2JvsGhzP2AoSBu0Mg5+2JU/i9M7Kc4+mtPAFm3K+Zv7Wg
UvkO7hvFdHR5PUqRepn9vlq6LyYFbONnMu9DqNNoRUDfgtwOFWzMQ6Uk6uH45iHr
/pHuclnXVq1H8EpnnwEaoYB0JOuTnn1DYPydWoa2jFNMceedMNuC0r2+UtLkoAX6
95W9NC+4R18yHoRPylT7togKA2jV73N2XDbxKF1eLEOl1gDwpjHpwZY=
-----END CERTIFICATE-----
Generated at Tue Jun 25 04:42:48 2024 by rpki-client on console-fra.rpki-client.org