Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/ca2ace-94ad-44cb-9809-f48d4babd50f/1/asG9LOEQ9a_qM7TR1c0zxytPaKU.roa
File: asG9LOEQ9a_qM7TR1c0zxytPaKU.roa (raw, json)
Hash identifier: JKWvYwMg0EwxnlqCZRiPYBWRVe3dH1jUdws6l+ECsWk=
Subject key identifier: 6A:C1:BD:2C:E1:10:F5:AF:EA:33:B4:D1:D5:CD:33:C7:2B:4F:68:A5
Certificate issuer: /CN=1fc8ed466de2e6ca5964d1eed0f240ddd251de48
Certificate serial: 018CC49304DB359BEAB008929BBEB15B9BA4
Authority key identifier: 1F:C8:ED:46:6D:E2:E6:CA:59:64:D1:EE:D0:F2:40:DD:D2:51:DE:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H8jtRm3i5spZZNHu0PJA3dJR3kg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/ca2ace-94ad-44cb-9809-f48d4babd50f/1/asG9LOEQ9a_qM7TR1c0zxytPaKU.roa
Signing time: Mon 01 Jan 2024 10:30:18 +0000
ROA not before: Mon 01 Jan 2024 10:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51948
IP address blocks: 185.240.8.0/22 maxlen: 22
91.219.104.0/22 maxlen: 22
195.242.64.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/ca2ace-94ad-44cb-9809-f48d4babd50f/1/H8jtRm3i5spZZNHu0PJA3dJR3kg.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/ca2ace-94ad-44cb-9809-f48d4babd50f/1/H8jtRm3i5spZZNHu0PJA3dJR3kg.mft
rsync://rpki.ripe.net/repository/DEFAULT/H8jtRm3i5spZZNHu0PJA3dJR3kg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:04:db:35:9b:ea:b0:08:92:9b:be:b1:5b:9b:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fc8ed466de2e6ca5964d1eed0f240ddd251de48
Validity
Not Before: Jan 1 10:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ac1bd2ce110f5afea33b4d1d5cd33c72b4f68a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:67:3d:2c:6d:7c:4e:be:e4:18:de:54:f0:20:
b7:89:08:5e:57:ef:03:66:73:cd:83:b8:db:e9:d3:
8c:0d:62:db:ff:fb:fe:b8:da:74:29:9d:8c:f3:0c:
b8:c2:39:9a:eb:5e:73:11:9e:b6:98:eb:7b:7b:d7:
3e:83:96:c8:20:9e:49:24:d0:9b:67:77:55:52:65:
0c:62:b0:6f:3b:6f:75:70:0d:c5:21:ec:b5:3a:94:
1e:60:93:ed:22:15:c2:34:f6:e3:45:64:3d:ba:78:
83:b4:1e:ea:60:e1:d4:3e:6d:c1:d1:57:ed:63:83:
da:e4:b7:b4:57:5b:ae:0c:6e:60:cf:43:3c:2a:18:
e7:3b:e1:1e:66:33:08:c7:27:69:bf:d3:2b:8e:d7:
88:fc:85:e0:f6:c7:f0:00:9d:ac:ab:1c:a4:69:fd:
09:67:72:f0:d1:23:2d:8f:36:1d:25:d1:dc:0f:7b:
8b:aa:46:e1:0c:5b:47:2d:4e:b8:28:c7:4c:04:36:
fe:f7:91:cc:3c:9d:fa:5d:ae:6e:fd:e7:95:d8:a7:
22:c3:11:4e:b8:34:70:2f:a5:d8:bf:22:6d:08:39:
7a:cd:bf:b6:6f:39:01:0a:26:48:70:36:92:7c:32:
6c:32:b0:da:da:7d:01:80:ed:da:6e:39:79:fa:35:
97:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:C1:BD:2C:E1:10:F5:AF:EA:33:B4:D1:D5:CD:33:C7:2B:4F:68:A5
X509v3 Authority Key Identifier:
keyid:1F:C8:ED:46:6D:E2:E6:CA:59:64:D1:EE:D0:F2:40:DD:D2:51:DE:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H8jtRm3i5spZZNHu0PJA3dJR3kg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ca2ace-94ad-44cb-9809-f48d4babd50f/1/asG9LOEQ9a_qM7TR1c0zxytPaKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ca2ace-94ad-44cb-9809-f48d4babd50f/1/H8jtRm3i5spZZNHu0PJA3dJR3kg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.104.0/22
185.240.8.0/22
195.242.64.0/23
Signature Algorithm: sha256WithRSAEncryption
67:d9:8d:a8:5c:68:65:fd:5d:e3:23:f7:77:01:a5:22:3c:41:
d6:90:3c:9e:d6:c8:99:69:ea:99:35:12:eb:f8:16:52:a9:45:
3b:a9:2e:c3:27:b3:9b:71:3c:d6:ef:22:fd:54:aa:c5:9c:c8:
18:8c:04:4a:10:68:11:4d:35:c8:54:26:68:7a:a3:df:ff:4b:
43:85:89:26:3f:bd:3a:cd:3b:26:b3:4e:4b:60:fb:78:c7:ec:
79:18:d5:c3:8f:82:a4:0c:c7:4b:63:18:8d:b7:38:44:e6:b4:
7e:c8:76:c5:ac:db:c3:25:ba:be:3f:5f:de:90:f4:30:1e:15:
90:19:8b:db:41:d8:68:04:01:18:30:55:e0:3d:d5:ff:c8:d3:
f2:a6:1a:51:48:59:30:ed:93:b5:d0:98:d5:51:38:18:21:93:
51:de:99:2e:56:b1:bb:c6:ff:47:b1:16:88:78:dd:05:cc:e1:
a3:d7:d9:fa:61:81:3b:2d:b7:41:ac:42:37:96:5c:90:51:8d:
13:2d:f1:7c:9e:4a:44:77:51:ce:30:9a:12:59:d3:1e:d9:d1:
12:25:e7:c8:81:a9:fb:c3:df:e3:1a:9b:57:36:2d:84:b7:e3:
1b:ba:a7:4e:d6:4a:46:27:74:3b:0b:24:ed:0c:8b:9e:43:6e:
60:f9:64:3b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEkwTbNZvqsAiSm76xW5ukMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYzhlZDQ2NmRlMmU2Y2E1OTY0ZDFlZWQwZjI0MGRkZDI1
MWRlNDgwHhcNMjQwMTAxMTAzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWMxYmQyY2UxMTBmNWFmZWEzM2I0ZDFkNWNkMzNjNzJiNGY2OGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Gc9LG18Tr7kGN5U8CC3iQheV+8D
ZnPNg7jb6dOMDWLb//v+uNp0KZ2M8wy4wjma615zEZ62mOt7e9c+g5bIIJ5JJNCb
Z3dVUmUMYrBvO291cA3FIey1OpQeYJPtIhXCNPbjRWQ9uniDtB7qYOHUPm3B0Vft
Y4Pa5Le0V1uuDG5gz0M8KhjnO+EeZjMIxydpv9MrjteI/IXg9sfwAJ2sqxykaf0J
Z3Lw0SMtjzYdJdHcD3uLqkbhDFtHLU64KMdMBDb+95HMPJ36Xa5u/eeV2KciwxFO
uDRwL6XYvyJtCDl6zb+2bzkBCiZIcDaSfDJsMrDa2n0BgO3abjl5+jWXMQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGrBvSzhEPWv6jO00dXNM8crT2ilMB8GA1UdIwQY
MBaAFB/I7UZt4ubKWWTR7tDyQN3SUd5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDhqdFJtM2k1c3BaWk5IdTBQSkEzZEpSM2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jYTJhY2UtOTRhZC00NGNiLTk4MDkt
ZjQ4ZDRiYWJkNTBmLzEvYXNHOUxPRVE5YV9xTTdUUjFjMHp4eXRQYUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jYTJhY2UtOTRhZC00NGNiLTk4MDktZjQ4ZDRiYWJkNTBm
LzEvSDhqdFJtM2k1c3BaWk5IdTBQSkEzZEpSM2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW9toAwQC
ufAIAwQBw/JAMA0GCSqGSIb3DQEBCwUAA4IBAQBn2Y2oXGhl/V3jI/d3AaUiPEHW
kDye1siZaeqZNRLr+BZSqUU7qS7DJ7ObcTzW7yL9VKrFnMgYjARKEGgRTTXIVCZo
eqPf/0tDhYkmP706zTsms05LYPt4x+x5GNXDj4KkDMdLYxiNtzhE5rR+yHbFrNvD
Jbq+P1/ekPQwHhWQGYvbQdhoBAEYMFXgPdX/yNPyphpRSFkw7ZO10JjVUTgYIZNR
3pkuVrG7xv9HsRaIeN0FzOGj19n6YYE7LbdBrEI3llyQUY0TLfF8nkpEd1HOMJoS
WdMe2dESJefIgan7w9/jGptXNi2Et+MbuqdO1kpGJ3Q7CyTtDIueQ25g+WQ7
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:05:15 2024 by rpki-client on console-fra.rpki-client.org