Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/0b8f11-a011-4764-bcf3-6dbba2b1dca7/1/8RzPw7TTyHI8fh_Bx6dQ22iVtT8.roa
File: 8RzPw7TTyHI8fh_Bx6dQ22iVtT8.roa (raw, json)
Hash identifier: 23o2QhYSx7tw3NbQz0FWBjCjQzbCfpE4QX8l5wDQmu8=
Subject key identifier: F1:1C:CF:C3:B4:D3:C8:72:3C:7E:1F:C1:C7:A7:50:DB:68:95:B5:3F
Certificate issuer: /CN=ee0581767af4579e44da977b1082d94b3c7b9298
Certificate serial: 018CC349193CCA8063188689396F6D0D89DF
Authority key identifier: EE:05:81:76:7A:F4:57:9E:44:DA:97:7B:10:82:D9:4B:3C:7B:92:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7gWBdnr0V55E2pd7EILZSzx7kpg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/0b8f11-a011-4764-bcf3-6dbba2b1dca7/1/8RzPw7TTyHI8fh_Bx6dQ22iVtT8.roa
Signing time: Mon 01 Jan 2024 04:29:56 +0000
ROA not before: Mon 01 Jan 2024 04:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29684
IP address blocks: 193.105.119.0/24 maxlen: 24
195.85.224.0/24 maxlen: 24
2001:678:39c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/0b8f11-a011-4764-bcf3-6dbba2b1dca7/1/7gWBdnr0V55E2pd7EILZSzx7kpg.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/0b8f11-a011-4764-bcf3-6dbba2b1dca7/1/7gWBdnr0V55E2pd7EILZSzx7kpg.mft
rsync://rpki.ripe.net/repository/DEFAULT/7gWBdnr0V55E2pd7EILZSzx7kpg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:19:3c:ca:80:63:18:86:89:39:6f:6d:0d:89:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee0581767af4579e44da977b1082d94b3c7b9298
Validity
Not Before: Jan 1 04:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f11ccfc3b4d3c8723c7e1fc1c7a750db6895b53f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:76:63:bb:7b:b7:18:76:45:4d:75:8f:51:40:
6c:d5:69:c7:28:6e:71:0f:96:d6:e4:4a:dd:19:92:
0b:18:93:e3:11:a5:4e:a0:aa:2a:3b:2b:f5:15:63:
0a:b4:c5:db:54:0d:43:a2:65:0f:a5:33:dc:40:b5:
19:4c:dd:d4:46:b9:89:03:98:c8:30:2e:f7:ca:41:
41:3a:c0:4c:33:93:48:b4:ef:be:6e:a6:fc:8c:bf:
6d:19:d3:bb:e4:57:f0:08:b6:0c:e4:48:a7:1c:40:
1c:30:b5:9c:a7:a8:b8:90:dd:3b:7b:3e:3b:a7:fc:
7f:ee:60:70:68:25:1f:fa:1b:66:b4:72:4a:8c:31:
c7:3e:7d:88:28:b1:9d:91:0b:fc:43:46:03:3d:9d:
85:ee:ef:1b:69:65:14:ba:56:2e:d9:39:4f:6f:61:
02:ed:56:50:f2:47:18:f1:1a:ca:95:cb:76:47:63:
cb:11:fb:15:a4:15:d4:f0:eb:8e:33:e4:86:28:40:
fd:3d:b3:0c:2d:66:4e:2a:88:ef:24:a3:81:d6:92:
de:ff:89:7a:35:17:db:ed:ff:90:19:4a:ad:00:b9:
f7:78:a1:84:4a:da:aa:f3:c4:da:3a:fa:6d:00:ef:
5c:d6:0d:e2:ac:87:a0:9c:75:26:eb:af:fd:5c:ec:
99:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:1C:CF:C3:B4:D3:C8:72:3C:7E:1F:C1:C7:A7:50:DB:68:95:B5:3F
X509v3 Authority Key Identifier:
keyid:EE:05:81:76:7A:F4:57:9E:44:DA:97:7B:10:82:D9:4B:3C:7B:92:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gWBdnr0V55E2pd7EILZSzx7kpg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0b8f11-a011-4764-bcf3-6dbba2b1dca7/1/8RzPw7TTyHI8fh_Bx6dQ22iVtT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0b8f11-a011-4764-bcf3-6dbba2b1dca7/1/7gWBdnr0V55E2pd7EILZSzx7kpg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.105.119.0/24
195.85.224.0/24
IPv6:
2001:678:39c::/48
Signature Algorithm: sha256WithRSAEncryption
4d:5e:a5:02:d5:45:3a:83:47:4f:bb:f5:2f:c8:42:89:3a:38:
f7:af:fb:76:10:22:bb:2b:42:3a:55:a2:0d:9b:b4:f3:fb:5c:
ab:98:d7:9d:e1:de:0c:7f:2a:51:3b:10:69:93:61:2b:49:8d:
3d:d3:0b:3d:35:60:68:bd:77:65:db:8e:9b:25:de:a5:3f:d3:
10:8b:ac:53:71:70:2c:4c:7b:37:a4:f4:05:a1:e5:38:98:c6:
2e:f3:85:7d:ac:5f:70:73:40:9a:0b:6b:b9:5c:68:94:23:fa:
d9:3e:8f:c5:89:c6:3f:76:9d:2d:85:ce:06:88:0d:a2:d4:bf:
d3:fd:19:c5:f2:b2:a3:35:c7:a0:dd:ab:1f:4a:cd:88:b9:40:
b5:c4:b9:1a:60:41:10:02:bf:5d:d8:32:35:9d:a5:e2:86:c6:
dc:e6:fc:cc:3b:72:b8:58:e3:76:f4:5e:aa:71:5d:88:33:16:
67:c2:ce:60:41:b7:d8:ff:9b:cc:95:f2:af:fa:44:aa:a9:58:
28:b0:79:37:3b:41:39:24:f5:3a:82:32:21:bc:c5:9f:07:8a:
fe:14:97:66:e2:c3:d5:30:6c:42:f8:85:59:1a:89:d1:48:94:
43:e5:63:8b:12:68:b2:30:03:e0:27:26:3e:c9:b6:cb:fe:45:
34:b8:6d:d4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzDSRk8yoBjGIaJOW9tDYnfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMDU4MTc2N2FmNDU3OWU0NGRhOTc3YjEwODJkOTRiM2M3
YjkyOTgwHhcNMjQwMTAxMDQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTFjY2ZjM2I0ZDNjODcyM2M3ZTFmYzFjN2E3NTBkYjY4OTViNTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHZju3u3GHZFTXWPUUBs1WnHKG5x
D5bW5ErdGZILGJPjEaVOoKoqOyv1FWMKtMXbVA1DomUPpTPcQLUZTN3URrmJA5jI
MC73ykFBOsBMM5NItO++bqb8jL9tGdO75FfwCLYM5EinHEAcMLWcp6i4kN07ez47
p/x/7mBwaCUf+htmtHJKjDHHPn2IKLGdkQv8Q0YDPZ2F7u8baWUUulYu2TlPb2EC
7VZQ8kcY8RrKlct2R2PLEfsVpBXU8OuOM+SGKED9PbMMLWZOKojvJKOB1pLe/4l6
NRfb7f+QGUqtALn3eKGEStqq88TaOvptAO9c1g3irIegnHUm66/9XOyZnQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPEcz8O008hyPH4fwcenUNtolbU/MB8GA1UdIwQY
MBaAFO4FgXZ69FeeRNqXexCC2Us8e5KYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2dXQmRucjBWNTVFMnBkN0VJTFpTeng3a3BnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8wYjhmMTEtYTAxMS00NzY0LWJjZjMt
NmRiYmEyYjFkY2E3LzEvOFJ6UHc3VFR5SEk4ZmhfQng2ZFEyMmlWdFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8wYjhmMTEtYTAxMS00NzY0LWJjZjMtNmRiYmEyYjFkY2E3
LzEvN2dXQmRucjBWNTVFMnBkN0VJTFpTeng3a3BnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwWl3AwQA
w1XgMA8EAgACMAkDBwAgAQZ4A5wwDQYJKoZIhvcNAQELBQADggEBAE1epQLVRTqD
R0+79S/IQok6OPev+3YQIrsrQjpVog2btPP7XKuY153h3gx/KlE7EGmTYStJjT3T
Cz01YGi9d2Xbjpsl3qU/0xCLrFNxcCxMezek9AWh5TiYxi7zhX2sX3BzQJoLa7lc
aJQj+tk+j8WJxj92nS2FzgaIDaLUv9P9GcXysqM1x6Ddqx9KzYi5QLXEuRpgQRAC
v13YMjWdpeKGxtzm/Mw7crhY43b0XqpxXYgzFmfCzmBBt9j/m8yV8q/6RKqpWCiw
eTc7QTkk9TqCMiG8xZ8Hiv4Ul2biw9UwbEL4hVkaidFIlEPlY4sSaLIwA+AnJj7J
tsv+RTS4bdQ=
-----END CERTIFICATE-----
Generated at Tue May 7 11:10:22 2024 by rpki-client on console-fra.rpki-client.org