Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/3b84bd-133b-43d9-b9cf-17efa57b39d7/1/8V3vY_Lny5IfFriQzkjX53OLBvY.roa
File: 8V3vY_Lny5IfFriQzkjX53OLBvY.roa (raw, json)
Hash identifier: hNZXW+6JxtEC41gs54mzEnP4YsAZCQJIPq0XNq2ro5U=
Subject key identifier: F1:5D:EF:63:F2:E7:CB:92:1F:16:B8:90:CE:48:D7:E7:73:8B:06:F6
Certificate issuer: /CN=be6144b459bce139f2734a44fbdb46c981329b2b
Certificate serial: 019108B54AD6E718C0AEAD199F6AF3BA3CD0
Authority key identifier: BE:61:44:B4:59:BC:E1:39:F2:73:4A:44:FB:DB:46:C9:81:32:9B:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vmFEtFm84Tnyc0pE-9tGyYEymys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/3b84bd-133b-43d9-b9cf-17efa57b39d7/1/8V3vY_Lny5IfFriQzkjX53OLBvY.roa
Signing time: Wed 31 Jul 2024 12:13:04 +0000
ROA not before: Wed 31 Jul 2024 12:13:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12741
IP address blocks: 46.182.96.0/21 maxlen: 21
78.154.64.0/19 maxlen: 19
185.9.124.0/22 maxlen: 22
217.28.144.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/3b84bd-133b-43d9-b9cf-17efa57b39d7/1/vmFEtFm84Tnyc0pE-9tGyYEymys.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/3b84bd-133b-43d9-b9cf-17efa57b39d7/1/vmFEtFm84Tnyc0pE-9tGyYEymys.mft
rsync://rpki.ripe.net/repository/DEFAULT/vmFEtFm84Tnyc0pE-9tGyYEymys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:08:b5:4a:d6:e7:18:c0:ae:ad:19:9f:6a:f3:ba:3c:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be6144b459bce139f2734a44fbdb46c981329b2b
Validity
Not Before: Jul 31 12:13:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f15def63f2e7cb921f16b890ce48d7e7738b06f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:74:6d:a6:84:d0:d9:b0:9c:4a:42:cb:df:97:
fe:e5:0d:8a:cc:06:13:06:18:b6:08:bc:cd:28:a7:
ab:b1:72:a7:8e:db:7f:c9:3e:47:ae:9c:e3:81:a4:
53:5b:4d:7c:b1:bb:94:17:9e:70:46:60:48:0d:e8:
22:5a:03:37:ba:c4:3d:a3:f0:ac:e8:3c:6c:29:dc:
93:25:a1:f7:4c:c3:ef:81:06:3a:81:ed:88:6a:25:
77:43:e9:db:32:d2:7f:3a:1a:90:3c:e1:63:20:07:
80:d1:76:17:c2:c4:12:7b:c5:df:ac:b0:9a:11:01:
0b:c1:9c:26:38:3d:9c:60:7d:c0:f0:a9:5a:64:ae:
7c:02:c2:6f:f5:dd:0e:f7:ad:e1:21:ee:ed:ae:f2:
ae:7d:e8:24:5c:b7:b8:8a:3b:b4:be:22:7f:e4:25:
b4:bd:e8:3b:71:4e:6d:77:e9:f2:cf:65:fe:53:18:
66:3e:d3:bb:63:93:1c:81:35:26:9a:e3:fe:f6:85:
91:bd:4c:ac:08:ab:75:3a:7f:de:2f:3b:15:44:59:
26:48:35:73:00:a5:0e:c0:12:ad:8c:b2:7b:06:1c:
33:47:f4:4f:21:48:88:82:12:e8:a9:0a:49:0e:2d:
78:96:5e:e9:1f:ed:08:0a:15:33:b0:77:1d:83:94:
a3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:5D:EF:63:F2:E7:CB:92:1F:16:B8:90:CE:48:D7:E7:73:8B:06:F6
X509v3 Authority Key Identifier:
keyid:BE:61:44:B4:59:BC:E1:39:F2:73:4A:44:FB:DB:46:C9:81:32:9B:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vmFEtFm84Tnyc0pE-9tGyYEymys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3b84bd-133b-43d9-b9cf-17efa57b39d7/1/8V3vY_Lny5IfFriQzkjX53OLBvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3b84bd-133b-43d9-b9cf-17efa57b39d7/1/vmFEtFm84Tnyc0pE-9tGyYEymys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.96.0/21
78.154.64.0/19
185.9.124.0/22
217.28.144.0/20
Signature Algorithm: sha256WithRSAEncryption
38:0c:f0:14:4f:6d:07:cc:1d:47:86:20:b2:a6:c6:7e:a8:d5:
8c:6e:b3:9a:f8:71:d4:f3:21:fb:08:76:3e:d7:dc:1b:2b:bf:
43:f6:18:62:62:2f:ca:be:b6:20:60:a7:46:0e:18:32:9d:57:
ae:61:19:b4:d5:dd:0d:e7:8a:51:61:ab:da:03:e5:ac:70:48:
22:e1:73:be:30:3a:42:58:fc:7d:be:89:7a:2e:43:d5:f9:bc:
7c:63:e0:ac:60:d7:20:0b:30:2b:54:b9:c5:c0:ba:05:bb:94:
31:da:3a:f3:37:c1:35:a8:fe:30:8a:7c:8c:09:3b:a7:3f:79:
a0:ac:62:a6:32:61:98:50:0e:bf:cb:6f:81:d8:5a:8b:a2:af:
3f:d0:be:f8:88:14:66:92:a8:60:bb:cf:99:dd:5b:95:e3:2a:
88:db:3c:12:ca:ff:88:37:b9:de:08:fa:54:f5:53:f4:27:7e:
be:97:79:91:f0:9f:77:27:83:39:40:6e:84:70:5b:40:02:fd:
06:90:85:ac:dc:56:9e:28:69:8a:3b:03:6d:58:3c:7a:0f:d7:
59:79:8e:3f:54:fe:72:79:80:50:43:82:20:49:35:95:0d:82:
29:1b:2b:e6:b0:3e:33:42:bf:c7:3c:85:50:4c:16:11:88:3b:
6f:88:88:dc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZEItUrW5xjArq0Zn2rzujzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNjE0NGI0NTliY2UxMzlmMjczNGE0NGZiZGI0NmM5ODEz
MjliMmIwHhcNMjQwNzMxMTIxMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTVkZWY2M2YyZTdjYjkyMWYxNmI4OTBjZTQ4ZDdlNzczOGIwNmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonRtpoTQ2bCcSkLL35f+5Q2KzAYT
Bhi2CLzNKKersXKnjtt/yT5HrpzjgaRTW018sbuUF55wRmBIDegiWgM3usQ9o/Cs
6DxsKdyTJaH3TMPvgQY6ge2IaiV3Q+nbMtJ/OhqQPOFjIAeA0XYXwsQSe8XfrLCa
EQELwZwmOD2cYH3A8KlaZK58AsJv9d0O963hIe7trvKufegkXLe4iju0viJ/5CW0
veg7cU5td+nyz2X+UxhmPtO7Y5McgTUmmuP+9oWRvUysCKt1On/eLzsVRFkmSDVz
AKUOwBKtjLJ7BhwzR/RPIUiIghLoqQpJDi14ll7pH+0IChUzsHcdg5SjKwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPFd72Py58uSHxa4kM5I1+dziwb2MB8GA1UdIwQY
MBaAFL5hRLRZvOE58nNKRPvbRsmBMpsrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm1GRXRGbTg0VG55YzBwRS05dEd5WUV5bXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8zYjg0YmQtMTMzYi00M2Q5LWI5Y2Yt
MTdlZmE1N2IzOWQ3LzEvOFYzdllfTG55NUlmRnJpUXpralg1M09MQnZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8zYjg0YmQtMTMzYi00M2Q5LWI5Y2YtMTdlZmE1N2IzOWQ3
LzEvdm1GRXRGbTg0VG55YzBwRS05dEd5WUV5bXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDLrZgAwQF
TppAAwQCuQl8AwQE2RyQMA0GCSqGSIb3DQEBCwUAA4IBAQA4DPAUT20HzB1HhiCy
psZ+qNWMbrOa+HHU8yH7CHY+19wbK79D9hhiYi/KvrYgYKdGDhgynVeuYRm01d0N
54pRYavaA+WscEgi4XO+MDpCWPx9vol6LkPV+bx8Y+CsYNcgCzArVLnFwLoFu5Qx
2jrzN8E1qP4winyMCTunP3mgrGKmMmGYUA6/y2+B2FqLoq8/0L74iBRmkqhgu8+Z
3VuV4yqI2zwSyv+IN7neCPpU9VP0J36+l3mR8J93J4M5QG6EcFtAAv0GkIWs3Fae
KGmKOwNtWDx6D9dZeY4/VP5yeYBQQ4IgSTWVDYIpGyvmsD4zQr/HPIVQTBYRiDtv
iIjc
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:57:03 2024 by rpki-client on console-ams.rpki-client.org