Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/F6rykQHfWJ8H_dHUuSOZ9MJut9M.roa
File: F6rykQHfWJ8H_dHUuSOZ9MJut9M.roa (raw, json)
Hash identifier: zNeaMUxHNhmSp3NY9PPZkWRcu9LYouvsB+Dvlz4H1Fs=
Subject key identifier: 17:AA:F2:91:01:DF:58:9F:07:FD:D1:D4:B9:23:99:F4:C2:6E:B7:D3
Certificate issuer: /CN=8c856557c4146a8b50dc4d94424b06680cef755b
Certificate serial: 018CC26D46CBC695AEA6E34F80DAA6E2D457
Authority key identifier: 8C:85:65:57:C4:14:6A:8B:50:DC:4D:94:42:4B:06:68:0C:EF:75:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jIVlV8QUaotQ3E2UQksGaAzvdVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/F6rykQHfWJ8H_dHUuSOZ9MJut9M.roa
Signing time: Mon 01 Jan 2024 00:29:50 +0000
ROA not before: Mon 01 Jan 2024 00:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39326
IP address blocks: 80.71.0.0/19 maxlen: 24
194.0.77.0/24 maxlen: 24
194.0.78.0/23 maxlen: 24
46.17.56.0/21 maxlen: 24
195.90.121.0/24 maxlen: 24
80.71.27.0/24 maxlen: 24
195.90.120.0/23 maxlen: 24
93.89.80.0/20 maxlen: 24
185.75.28.0/22 maxlen: 24
185.75.30.0/24 maxlen: 24
217.196.224.0/19 maxlen: 24
77.75.104.0/21 maxlen: 24
89.248.16.0/20 maxlen: 24
37.46.200.0/21 maxlen: 24
195.238.232.0/24 maxlen: 24
2a01:348:62::/48 maxlen: 48
2a01:348::/32 maxlen: 32
2a01:348:fab::/48 maxlen: 48
2001:a08::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/jIVlV8QUaotQ3E2UQksGaAzvdVs.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/jIVlV8QUaotQ3E2UQksGaAzvdVs.mft
rsync://rpki.ripe.net/repository/DEFAULT/jIVlV8QUaotQ3E2UQksGaAzvdVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:46:cb:c6:95:ae:a6:e3:4f:80:da:a6:e2:d4:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c856557c4146a8b50dc4d94424b06680cef755b
Validity
Not Before: Jan 1 00:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17aaf29101df589f07fdd1d4b92399f4c26eb7d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:87:2e:c7:7e:26:1f:dd:f2:91:1e:5d:ee:bf:
67:85:40:6c:f3:4d:15:be:0c:c9:2f:c8:b0:03:45:
18:ec:23:50:d8:4d:78:2b:31:af:ae:a3:82:4c:20:
bd:aa:46:e3:08:06:11:08:f8:9c:84:ab:24:77:e5:
39:2f:67:9e:f2:df:a9:e1:33:34:33:28:25:9b:e8:
e9:23:3d:39:94:e4:1c:12:87:64:6b:a7:14:56:46:
ad:67:72:6d:77:0d:d4:26:69:78:d2:e9:e2:90:56:
51:63:1b:da:bc:84:fd:c0:3b:73:c5:49:33:7a:61:
d9:50:98:47:b4:ff:35:c8:a6:e7:5c:2e:64:d8:73:
1c:75:bd:1f:80:b7:c8:68:db:9d:1c:13:0f:c9:f7:
48:4e:76:18:d2:2f:94:d2:4a:31:29:d4:f5:79:d3:
a9:5a:ec:b0:a5:58:bf:81:c0:fe:5b:0b:4e:de:78:
fe:a5:f6:d9:cf:0f:3a:e4:20:41:b0:ec:ce:e7:db:
08:07:bd:fe:6d:28:8c:d0:12:8f:a1:11:62:d7:bd:
e9:a7:90:68:0f:e2:31:f4:8d:92:20:00:da:47:93:
d8:e0:22:2f:b3:95:92:81:32:f4:b7:16:4e:62:a1:
bf:07:84:81:03:76:56:22:09:26:f8:8b:af:5c:01:
db:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:AA:F2:91:01:DF:58:9F:07:FD:D1:D4:B9:23:99:F4:C2:6E:B7:D3
X509v3 Authority Key Identifier:
keyid:8C:85:65:57:C4:14:6A:8B:50:DC:4D:94:42:4B:06:68:0C:EF:75:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jIVlV8QUaotQ3E2UQksGaAzvdVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/F6rykQHfWJ8H_dHUuSOZ9MJut9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/jIVlV8QUaotQ3E2UQksGaAzvdVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.200.0/21
46.17.56.0/21
77.75.104.0/21
80.71.0.0/19
89.248.16.0/20
93.89.80.0/20
185.75.28.0/22
194.0.77.0-194.0.79.255
195.90.120.0/23
195.238.232.0/24
217.196.224.0/19
IPv6:
2001:a08::/32
2a01:348::/32
Signature Algorithm: sha256WithRSAEncryption
5a:d5:d4:b3:e7:2d:98:f8:26:54:5c:3e:af:90:90:2f:c5:4d:
27:67:ab:80:02:8f:8d:99:9a:c8:2f:e3:48:88:07:49:8e:9e:
0c:63:c2:2f:f7:28:65:7b:42:13:fd:91:0b:1a:ef:0d:ea:a9:
93:0a:53:de:e2:7f:82:90:8d:1e:09:8b:f9:ac:ab:94:a9:19:
06:92:b4:62:65:db:1d:76:a2:ed:6f:f4:68:c4:f8:e1:56:0b:
11:10:d0:9d:73:aa:b1:20:81:15:22:31:6b:1c:d6:2f:25:4e:
46:04:b1:56:4e:81:43:51:37:bd:1a:a3:1b:84:d2:58:c9:38:
9f:51:0c:e5:cd:19:c6:c5:f6:22:96:4e:ca:b4:34:86:e8:75:
ff:47:ff:98:70:36:64:04:39:fc:f4:07:e7:19:74:3a:29:87:
29:1e:cc:f6:ba:a3:b7:53:c1:3f:ac:5f:6c:6b:05:fb:60:e0:
c0:93:70:0a:32:de:c3:6c:e6:6b:8e:b5:8c:03:22:b3:5f:d7:
8d:48:56:47:ac:42:20:14:f2:6e:da:a9:a3:9f:03:cf:3d:e7:
bb:2b:96:49:86:04:7c:b8:c9:a5:02:4a:12:33:aa:c6:41:4a:
1e:69:f2:b9:80:9d:67:06:39:d7:59:48:3f:40:be:d9:90:07:
44:d1:8e:62
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYzCbUbLxpWupuNPgNqm4tRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjODU2NTU3YzQxNDZhOGI1MGRjNGQ5NDQyNGIwNjY4MGNl
Zjc1NWIwHhcNMjQwMTAxMDAyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2FhZjI5MTAxZGY1ODlmMDdmZGQxZDRiOTIzOTlmNGMyNmViN2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4cux34mH93ykR5d7r9nhUBs800V
vgzJL8iwA0UY7CNQ2E14KzGvrqOCTCC9qkbjCAYRCPichKskd+U5L2ee8t+p4TM0
Myglm+jpIz05lOQcEodka6cUVkatZ3Jtdw3UJml40unikFZRYxvavIT9wDtzxUkz
emHZUJhHtP81yKbnXC5k2HMcdb0fgLfIaNudHBMPyfdITnYY0i+U0koxKdT1edOp
WuywpVi/gcD+WwtO3nj+pfbZzw865CBBsOzO59sIB73+bSiM0BKPoRFi173pp5Bo
D+Ix9I2SIADaR5PY4CIvs5WSgTL0txZOYqG/B4SBA3ZWIgkm+IuvXAHb6wIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFBeq8pEB31ifB/3R1LkjmfTCbrfTMB8GA1UdIwQY
MBaAFIyFZVfEFGqLUNxNlEJLBmgM73VbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaklWbFY4UVVhb3RRM0UyVVFrc0dhQXp2ZFZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8zMDZhZGItN2FhNy00YjgyLWIwNWEt
MmE2YjlhMGNjYWJkLzEvRjZyeWtRSGZXSjhIX2RIVXVTT1o5TUp1dDlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8zMDZhZGItN2FhNy00YjgyLWIwNWEtMmE2YjlhMGNjYWJk
LzEvaklWbFY4UVVhb3RRM0UyVVFrc0dhQXp2ZFZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBQBAIAATBKAwQDJS7IAwQD
LhE4AwQDTUtoAwQFUEcAAwQEWfgQAwQEXVlQAwQCuUscMAwDBADCAE0DBATCAEAD
BAHDWngDBADD7ugDBAXZxOAwFAQCAAIwDgMFACABCggDBQAqAQNIMA0GCSqGSIb3
DQEBCwUAA4IBAQBa1dSz5y2Y+CZUXD6vkJAvxU0nZ6uAAo+NmZrIL+NIiAdJjp4M
Y8Iv9yhle0IT/ZELGu8N6qmTClPe4n+CkI0eCYv5rKuUqRkGkrRiZdsddqLtb/Ro
xPjhVgsRENCdc6qxIIEVIjFrHNYvJU5GBLFWToFDUTe9GqMbhNJYyTifUQzlzRnG
xfYilk7KtDSG6HX/R/+YcDZkBDn89AfnGXQ6KYcpHsz2uqO3U8E/rF9sawX7YODA
k3AKMt7DbOZrjrWMAyKzX9eNSFZHrEIgFPJu2qmjnwPPPee7K5ZJhgR8uMmlAkoS
M6rGQUoeafK5gJ1nBjnXWUg/QL7ZkAdE0Y5i
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:26:17 2024 by rpki-client on console-fra.rpki-client.org