Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/23e16e-943e-4595-9530-a82f658a2aa1/1/i0F4KlbSSU6rw6vcDyMO1qm5wYo.roa
File: i0F4KlbSSU6rw6vcDyMO1qm5wYo.roa (raw, json)
Hash identifier: 3OAvRLeHMrzZ2E6ssjVSxFSqHC9n8ch1SP2wQIMj8og=
Subject key identifier: 8B:41:78:2A:56:D2:49:4E:AB:C3:AB:DC:0F:23:0E:D6:A9:B9:C1:8A
Certificate issuer: /CN=940ff880330af762ae6cc050de5f34b5f57b0b09
Certificate serial: 018CC42515CFD06429990B9A9CD2782867DD
Authority key identifier: 94:0F:F8:80:33:0A:F7:62:AE:6C:C0:50:DE:5F:34:B5:F5:7B:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lA_4gDMK92KubMBQ3l80tfV7Cwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/23e16e-943e-4595-9530-a82f658a2aa1/1/i0F4KlbSSU6rw6vcDyMO1qm5wYo.roa
Signing time: Mon 01 Jan 2024 08:30:13 +0000
ROA not before: Mon 01 Jan 2024 08:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20723
IP address blocks: 217.112.160.0/20 maxlen: 20
185.84.232.0/22 maxlen: 22
178.20.136.0/21 maxlen: 21
131.117.208.0/21 maxlen: 21
79.170.248.0/21 maxlen: 21
217.115.240.0/20 maxlen: 20
2a00:6500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/23e16e-943e-4595-9530-a82f658a2aa1/1/lA_4gDMK92KubMBQ3l80tfV7Cwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/23e16e-943e-4595-9530-a82f658a2aa1/1/lA_4gDMK92KubMBQ3l80tfV7Cwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/lA_4gDMK92KubMBQ3l80tfV7Cwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:15:cf:d0:64:29:99:0b:9a:9c:d2:78:28:67:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=940ff880330af762ae6cc050de5f34b5f57b0b09
Validity
Not Before: Jan 1 08:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b41782a56d2494eabc3abdc0f230ed6a9b9c18a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0a:f2:de:35:56:13:f7:59:28:1c:db:6a:a7:
8e:2d:10:05:6f:07:14:ac:e2:d1:ee:97:72:8d:51:
31:6e:eb:b9:a8:8b:cb:be:22:74:5d:10:6e:14:31:
75:d5:31:71:93:52:e0:0b:74:5d:9d:99:d9:5e:6c:
2c:83:0b:4a:3d:ce:55:20:c2:55:16:ec:e1:5f:ce:
06:5a:5a:6e:40:66:87:80:42:40:ff:86:7c:cf:a8:
20:14:ff:4d:28:04:6e:93:29:41:45:84:58:f7:06:
98:14:9f:05:a0:7b:be:6d:3d:08:b9:ee:b3:6f:bc:
92:cc:cc:f8:12:21:53:02:c8:38:78:f6:78:e2:44:
65:16:40:46:d7:9c:62:b6:20:85:34:56:74:9d:33:
a2:c3:0f:38:05:4a:90:76:f8:1d:36:74:84:3e:3f:
ce:5e:b3:2d:b3:b6:4c:5a:ec:3c:a7:ec:41:12:31:
01:ce:1a:48:73:27:f1:d3:f4:20:7f:43:7b:20:0d:
8f:bc:70:c2:f3:08:6e:cb:af:eb:f7:6f:b7:0a:7f:
ea:48:4d:65:e3:4c:1d:96:c7:80:f2:25:e9:b3:30:
51:62:2e:7c:f8:63:e7:bb:9a:b7:7a:17:09:72:8d:
8f:f1:52:7b:59:5a:d9:a7:7c:6f:a4:0e:eb:fa:36:
4d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:41:78:2A:56:D2:49:4E:AB:C3:AB:DC:0F:23:0E:D6:A9:B9:C1:8A
X509v3 Authority Key Identifier:
keyid:94:0F:F8:80:33:0A:F7:62:AE:6C:C0:50:DE:5F:34:B5:F5:7B:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lA_4gDMK92KubMBQ3l80tfV7Cwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/23e16e-943e-4595-9530-a82f658a2aa1/1/i0F4KlbSSU6rw6vcDyMO1qm5wYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/23e16e-943e-4595-9530-a82f658a2aa1/1/lA_4gDMK92KubMBQ3l80tfV7Cwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.248.0/21
131.117.208.0/21
178.20.136.0/21
185.84.232.0/22
217.112.160.0/20
217.115.240.0/20
IPv6:
2a00:6500::/29
Signature Algorithm: sha256WithRSAEncryption
b4:e6:75:02:18:2d:bd:e5:3b:2f:78:d2:44:3f:0f:d7:48:a3:
56:5f:34:6f:33:ad:c4:89:d9:31:d6:2c:5f:db:f5:97:14:5c:
7d:08:43:6e:ab:43:31:e6:30:c2:4a:21:18:67:14:70:b4:70:
33:45:88:f3:7a:d0:cf:d2:55:04:9c:34:cb:f1:57:d8:d8:5b:
ea:a2:4c:cf:97:be:b8:22:e1:ab:89:80:70:f7:28:53:19:68:
0d:d6:e2:78:86:64:3f:76:35:f2:e4:dd:1d:fd:ce:30:24:f4:
13:88:78:64:32:dd:f3:f1:d1:c7:47:b3:58:bf:b3:25:df:c6:
23:ca:d5:fe:c6:6f:16:db:a2:c7:87:35:d0:f5:55:9e:b3:31:
e4:d8:d4:25:6f:85:d5:e6:34:03:13:f5:7b:86:08:38:72:bb:
b0:7f:11:d0:3a:ee:b4:58:57:be:e6:e8:ee:9a:ad:0b:76:fc:
8c:ad:3f:74:1f:92:f9:15:a5:7d:65:01:de:2c:ab:75:74:e2:
c9:fe:dc:ee:08:28:2f:74:fc:ff:13:fc:a0:ba:ad:14:da:85:
41:30:d4:59:8b:3b:f2:e0:4e:85:be:2a:96:19:fc:83:ba:95:
ec:69:f4:fe:8a:93:b7:c6:b3:11:de:f8:41:29:fe:89:e4:2f:
8e:36:48:38
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzEJRXP0GQpmQuanNJ4KGfdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MGZmODgwMzMwYWY3NjJhZTZjYzA1MGRlNWYzNGI1ZjU3
YjBiMDkwHhcNMjQwMTAxMDgzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjQxNzgyYTU2ZDI0OTRlYWJjM2FiZGMwZjIzMGVkNmE5YjljMThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQry3jVWE/dZKBzbaqeOLRAFbwcU
rOLR7pdyjVExbuu5qIvLviJ0XRBuFDF11TFxk1LgC3RdnZnZXmwsgwtKPc5VIMJV
FuzhX84GWlpuQGaHgEJA/4Z8z6ggFP9NKARukylBRYRY9waYFJ8FoHu+bT0Iue6z
b7ySzMz4EiFTAsg4ePZ44kRlFkBG15xitiCFNFZ0nTOiww84BUqQdvgdNnSEPj/O
XrMts7ZMWuw8p+xBEjEBzhpIcyfx0/Qgf0N7IA2PvHDC8whuy6/r92+3Cn/qSE1l
40wdlseA8iXpszBRYi58+GPnu5q3ehcJco2P8VJ7WVrZp3xvpA7r+jZNowIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFItBeCpW0klOq8Or3A8jDtapucGKMB8GA1UdIwQY
MBaAFJQP+IAzCvdirmzAUN5fNLX1ewsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEFfNGdETUs5Mkt1Yk1CUTNsODB0ZlY3Q3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8yM2UxNmUtOTQzZS00NTk1LTk1MzAt
YTgyZjY1OGEyYWExLzEvaTBGNEtsYlNTVTZydzZ2Y0R5TU8xcW01d1lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8yM2UxNmUtOTQzZS00NTk1LTk1MzAtYTgyZjY1OGEyYWEx
LzEvbEFfNGdETUs5Mkt1Yk1CUTNsODB0ZlY3Q3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDT6r4AwQD
g3XQAwQDshSIAwQCuVToAwQE2XCgAwQE2XPwMA0EAgACMAcDBQMqAGUAMA0GCSqG
SIb3DQEBCwUAA4IBAQC05nUCGC295TsveNJEPw/XSKNWXzRvM63Eidkx1ixf2/WX
FFx9CENuq0Mx5jDCSiEYZxRwtHAzRYjzetDP0lUEnDTL8VfY2FvqokzPl764IuGr
iYBw9yhTGWgN1uJ4hmQ/djXy5N0d/c4wJPQTiHhkMt3z8dHHR7NYv7Ml38YjytX+
xm8W26LHhzXQ9VWeszHk2NQlb4XV5jQDE/V7hgg4cruwfxHQOu60WFe+5ujumq0L
dvyMrT90H5L5FaV9ZQHeLKt1dOLJ/tzuCCgvdPz/E/yguq0U2oVBMNRZizvy4E6F
viqWGfyDupXsafT+ipO3xrMR3vhBKf6J5C+ONkg4
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:36:20 2024 by rpki-client on console-ams.rpki-client.org