Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/VF8bfQg6w0asv6lm0nVK7YBkF9s.roa
File: VF8bfQg6w0asv6lm0nVK7YBkF9s.roa (raw, json)
Hash identifier: 0YfXvsqhVjiurgfIAuNgN4UNC1R/IUFaKXNk5fWRfDE=
Subject key identifier: 54:5F:1B:7D:08:3A:C3:46:AC:BF:A9:66:D2:75:4A:ED:80:64:17:DB
Certificate issuer: /CN=aca77c708af0ba1f81549c9f87089559390167a5
Certificate serial: 018CC9BC2428ECE080C3E8D25B69EA44E705
Authority key identifier: AC:A7:7C:70:8A:F0:BA:1F:81:54:9C:9F:87:08:95:59:39:01:67:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/VF8bfQg6w0asv6lm0nVK7YBkF9s.roa
Signing time: Tue 02 Jan 2024 10:33:19 +0000
ROA not before: Tue 02 Jan 2024 10:33:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24989
IP address blocks: 217.79.208.0/20 maxlen: 24
88.84.136.0/21 maxlen: 24
89.202.0.0/17 maxlen: 24
217.68.144.0/20 maxlen: 24
193.110.116.0/22 maxlen: 24
2a02:20a8::/32 maxlen: 48
2001:4c68::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:24:28:ec:e0:80:c3:e8:d2:5b:69:ea:44:e7:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca77c708af0ba1f81549c9f87089559390167a5
Validity
Not Before: Jan 2 10:33:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=545f1b7d083ac346acbfa966d2754aed806417db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b3:2f:ab:86:83:46:ac:04:e8:cf:59:51:68:
de:aa:b5:c9:94:b2:e3:65:73:b4:86:8a:e0:f5:51:
2e:16:55:24:43:32:98:a6:9c:b6:ca:02:2f:d1:f4:
5e:da:0a:5a:85:b3:12:90:3d:c9:d6:f1:7b:c8:a6:
cb:9c:84:30:6d:e7:98:10:57:a4:4e:ff:1e:ae:41:
28:27:f2:b0:6f:74:1e:be:ce:19:61:51:60:fa:85:
ad:41:d9:78:eb:a1:d2:2b:fd:18:65:84:47:fa:72:
d8:ad:d8:cc:62:bd:1b:a7:fa:09:89:67:d0:83:b8:
b8:18:23:0a:17:86:08:72:bb:bf:fb:f3:52:8d:6d:
1d:64:26:5c:d3:40:c2:01:11:d2:c2:07:a9:e3:0c:
73:7e:bb:f4:32:10:5c:ab:9e:31:40:3e:0d:04:78:
9f:07:6b:69:05:a9:3e:7f:a9:e7:b1:20:0d:51:6f:
f5:43:4f:b3:1a:a0:63:ab:67:a5:ec:2d:22:9a:c1:
d1:49:0d:01:b4:26:1a:7b:05:27:11:08:7a:96:eb:
6b:a3:5f:89:49:dc:99:7b:fe:74:72:92:b5:6d:7a:
da:55:fe:f1:f9:e6:bb:e1:a9:57:5b:63:ad:39:73:
39:a4:ae:c1:94:1b:14:42:be:b9:43:5e:fd:74:5a:
9a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:5F:1B:7D:08:3A:C3:46:AC:BF:A9:66:D2:75:4A:ED:80:64:17:DB
X509v3 Authority Key Identifier:
keyid:AC:A7:7C:70:8A:F0:BA:1F:81:54:9C:9F:87:08:95:59:39:01:67:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/VF8bfQg6w0asv6lm0nVK7YBkF9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.84.136.0/21
89.202.0.0/17
193.110.116.0/22
217.68.144.0/20
217.79.208.0/20
IPv6:
2001:4c68::/32
2a02:20a8::/32
Signature Algorithm: sha256WithRSAEncryption
53:0c:bb:57:3a:e5:28:bb:34:c2:68:e2:34:28:37:1c:ca:b6:
fd:bb:08:c0:b2:d5:4e:ac:21:f5:e7:be:49:b3:55:04:8f:6e:
b8:f7:81:19:87:1b:b8:b0:38:fb:e9:c2:af:cd:05:37:9b:62:
57:0d:e2:c4:77:3a:43:60:6a:0b:51:52:66:1e:2c:6a:c1:ad:
05:fb:cd:54:7e:6b:19:d5:0c:b9:32:cb:a6:20:09:54:85:a6:
98:ce:56:e0:6d:71:e7:93:ed:2d:3e:f2:ad:8d:9a:5f:5e:fa:
2f:49:78:c8:0c:87:2a:ea:bf:63:69:3e:c5:fa:2d:d0:db:0e:
8c:08:d0:c6:5f:bd:f7:17:ad:30:08:c1:bf:d7:40:57:06:ed:
ad:9b:ea:ce:26:13:bf:94:45:a5:dc:c6:31:5a:00:95:6a:da:
72:12:68:14:d1:84:48:52:01:2b:47:ee:0d:12:9d:a3:4d:79:
cc:48:24:fc:2c:b2:01:5e:40:00:d8:53:10:a1:70:cf:47:94:
9f:d1:8c:66:64:de:fc:9e:7b:73:89:75:5a:85:05:74:1f:30:
68:5c:e8:db:6a:91:3b:29:19:d1:d1:ca:85:a3:32:84:9a:c4:
9d:56:0a:65:9b:2c:bf:00:1e:65:41:58:16:b9:47:dd:88:c5:
8b:d5:61:ac
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzJvCQo7OCAw+jSW2nqROcFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTc3YzcwOGFmMGJhMWY4MTU0OWM5Zjg3MDg5NTU5Mzkw
MTY3YTUwHhcNMjQwMTAyMTAzMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDVmMWI3ZDA4M2FjMzQ2YWNiZmE5NjZkMjc1NGFlZDgwNjQxN2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7Mvq4aDRqwE6M9ZUWjeqrXJlLLj
ZXO0horg9VEuFlUkQzKYppy2ygIv0fRe2gpahbMSkD3J1vF7yKbLnIQwbeeYEFek
Tv8erkEoJ/Kwb3Qevs4ZYVFg+oWtQdl466HSK/0YZYRH+nLYrdjMYr0bp/oJiWfQ
g7i4GCMKF4YIcru/+/NSjW0dZCZc00DCARHSwgep4wxzfrv0MhBcq54xQD4NBHif
B2tpBak+f6nnsSANUW/1Q0+zGqBjq2el7C0imsHRSQ0BtCYaewUnEQh6lutro1+J
SdyZe/50cpK1bXraVf7x+ea74alXW2OtOXM5pK7BlBsUQr65Q179dFqaMQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFFRfG30IOsNGrL+pZtJ1Su2AZBfbMB8GA1UdIwQY
MBaAFKynfHCK8LofgVScn4cIlVk5AWelMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktkOGNJcnd1aC1CVkp5Zmh3aVZXVGtCWjZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84ZmU3ZDgtMDE3Yi00MWFhLWE5MWYt
MjhiMTllM2ZkNGE2LzEvVkY4YmZRZzZ3MGFzdjZsbTBuVks3WUJrRjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84ZmU3ZDgtMDE3Yi00MWFhLWE5MWYtMjhiMTllM2ZkNGE2
LzEvcktkOGNJcnd1aC1CVkp5Zmh3aVZXVGtCWjZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDWFSIAwQH
WcoAAwQCwW50AwQE2USQAwQE2U/QMBQEAgACMA4DBQAgAUxoAwUAKgIgqDANBgkq
hkiG9w0BAQsFAAOCAQEAUwy7VzrlKLs0wmjiNCg3HMq2/bsIwLLVTqwh9ee+SbNV
BI9uuPeBGYcbuLA4++nCr80FN5tiVw3ixHc6Q2BqC1FSZh4sasGtBfvNVH5rGdUM
uTLLpiAJVIWmmM5W4G1x55PtLT7yrY2aX176L0l4yAyHKuq/Y2k+xfot0NsOjAjQ
xl+99xetMAjBv9dAVwbtrZvqziYTv5RFpdzGMVoAlWrachJoFNGESFIBK0fuDRKd
o015zEgk/CyyAV5AANhTEKFwz0eUn9GMZmTe/J57c4l1WoUFdB8waFzo22qROykZ
0dHKhaMyhJrEnVYKZZssvwAeZUFYFrlH3YjFi9VhrA==
-----END CERTIFICATE-----
Generated at Mon May 20 05:27:31 2024 by rpki-client on console-fra.rpki-client.org