Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/8Mcq-zl4dkvfFvsT7cZ47w4xd-A.roa
File: 8Mcq-zl4dkvfFvsT7cZ47w4xd-A.roa (raw, json)
Hash identifier: eZOdsLsNSiBLDVudHyPUNQ6UbOIPbSjAhg2agmaOnRI=
Subject key identifier: F0:C7:2A:FB:39:78:76:4B:DF:16:FB:13:ED:C6:78:EF:0E:31:77:E0
Certificate issuer: /CN=925069a5d764da255954db2ee9d1243de16b9101
Certificate serial: 018DAC3307EE4AD06CF87CA60E6E4B5D8DD2
Authority key identifier: 92:50:69:A5:D7:64:DA:25:59:54:DB:2E:E9:D1:24:3D:E1:6B:91:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klBppddk2iVZVNsu6dEkPeFrkQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/8Mcq-zl4dkvfFvsT7cZ47w4xd-A.roa
Signing time: Thu 15 Feb 2024 09:57:21 +0000
ROA not before: Thu 15 Feb 2024 09:57:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39622
IP address blocks: 193.168.140.0/24 maxlen: 24
193.168.141.0/24 maxlen: 24
193.168.142.0/24 maxlen: 24
193.168.143.0/24 maxlen: 24
194.5.248.0/24 maxlen: 24
194.5.249.0/24 maxlen: 24
194.5.250.0/24 maxlen: 24
194.5.251.0/24 maxlen: 24
2a0c:b0c0::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/klBppddk2iVZVNsu6dEkPeFrkQE.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/klBppddk2iVZVNsu6dEkPeFrkQE.mft
rsync://rpki.ripe.net/repository/DEFAULT/klBppddk2iVZVNsu6dEkPeFrkQE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ac:33:07:ee:4a:d0:6c:f8:7c:a6:0e:6e:4b:5d:8d:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=925069a5d764da255954db2ee9d1243de16b9101
Validity
Not Before: Feb 15 09:57:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0c72afb3978764bdf16fb13edc678ef0e3177e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:25:b5:ab:f7:48:4e:01:39:73:0a:8a:30:7d:
b1:09:41:2f:fd:87:20:d8:cd:dd:b6:48:9e:1e:8c:
6b:84:63:ff:2f:b7:a2:60:a8:ef:a7:22:f2:c7:a2:
83:9e:cd:8b:72:dc:a5:6d:f9:8b:b2:be:c9:1d:e1:
ab:46:a1:be:0d:3d:56:a0:fc:64:37:86:62:cd:04:
d6:ab:41:b3:65:1e:80:c6:15:90:17:ed:5e:d0:3e:
c1:2f:5c:41:95:43:1e:e2:a9:74:76:04:6c:6d:d6:
57:dc:c7:98:a2:49:cb:b8:91:4b:0e:e3:99:f3:7e:
a4:58:74:81:3d:16:bf:c3:2e:25:fd:3a:a0:f0:4c:
90:3a:eb:11:be:47:a0:9d:e6:9e:cd:d9:a4:2d:21:
93:9f:0d:71:0a:e1:f5:fa:7b:9f:ca:cc:d8:ed:80:
9b:37:ff:da:3e:5c:49:0b:48:2d:a0:08:29:ea:d4:
fb:eb:a8:d6:46:cb:2a:04:99:61:48:b2:c7:2d:01:
a5:a2:9b:61:18:4d:5c:17:49:54:fa:f8:98:ca:b6:
fc:ae:64:e8:e0:26:43:0e:f7:98:85:96:11:9c:de:
67:b1:1d:af:a8:8c:ac:af:f5:89:72:32:73:78:e8:
e8:d9:ee:18:df:bb:85:28:85:18:d3:34:93:3a:11:
0f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:C7:2A:FB:39:78:76:4B:DF:16:FB:13:ED:C6:78:EF:0E:31:77:E0
X509v3 Authority Key Identifier:
keyid:92:50:69:A5:D7:64:DA:25:59:54:DB:2E:E9:D1:24:3D:E1:6B:91:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klBppddk2iVZVNsu6dEkPeFrkQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/8Mcq-zl4dkvfFvsT7cZ47w4xd-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/klBppddk2iVZVNsu6dEkPeFrkQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.140.0/22
194.5.248.0/22
IPv6:
2a0c:b0c0::/31
Signature Algorithm: sha256WithRSAEncryption
a2:4e:bc:ff:3b:44:95:8a:71:a4:3e:5c:8d:c9:74:90:be:da:
07:f4:0a:ae:be:14:60:f0:ea:15:3a:45:20:46:ca:dc:38:04:
3e:f9:f8:b9:b0:1e:43:54:3c:61:61:89:5a:ef:4a:e5:cf:2a:
13:cd:e6:7d:fa:d7:79:5e:f7:1a:ff:c6:a2:be:65:8b:b0:af:
50:c1:f8:60:2c:62:df:9c:e3:a6:b6:35:c1:76:f7:f5:12:37:
bb:ec:0f:6d:38:88:93:d0:8d:e4:35:36:3d:00:ee:40:dc:a3:
c7:a4:55:2f:c2:fc:b3:e3:86:c6:3b:46:19:92:d6:73:63:b4:
3e:14:0b:c3:96:57:70:2d:25:8c:e8:d7:bb:83:94:5c:08:21:
4d:92:3c:67:dd:73:91:e2:bb:84:f1:49:78:5a:49:5d:e9:c7:
c8:93:41:01:a1:48:15:78:e4:7c:d8:cc:71:2c:9a:fa:97:1f:
31:d7:27:37:e3:78:45:3d:99:83:fa:3b:c6:bf:01:f0:5f:62:
15:19:29:63:43:d8:00:78:26:af:ee:21:24:88:eb:9d:8f:ec:
ec:17:f7:cd:f0:37:22:28:58:30:20:0a:bc:6b:1e:0d:05:80:
be:a7:64:f8:3f:65:ac:52:23:65:c0:f7:8d:55:ba:0d:f2:1d:
91:29:e6:fa
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY2sMwfuStBs+HymDm5LXY3SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNTA2OWE1ZDc2NGRhMjU1OTU0ZGIyZWU5ZDEyNDNkZTE2
YjkxMDEwHhcNMjQwMjE1MDk1NzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGM3MmFmYjM5Nzg3NjRiZGYxNmZiMTNlZGM2NzhlZjBlMzE3N2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSW1q/dITgE5cwqKMH2xCUEv/Ycg
2M3dtkieHoxrhGP/L7eiYKjvpyLyx6KDns2LctylbfmLsr7JHeGrRqG+DT1WoPxk
N4ZizQTWq0GzZR6AxhWQF+1e0D7BL1xBlUMe4ql0dgRsbdZX3MeYoknLuJFLDuOZ
836kWHSBPRa/wy4l/Tqg8EyQOusRvkegneaezdmkLSGTnw1xCuH1+nufyszY7YCb
N//aPlxJC0gtoAgp6tT766jWRssqBJlhSLLHLQGlopthGE1cF0lU+viYyrb8rmTo
4CZDDveYhZYRnN5nsR2vqIysr/WJcjJzeOjo2e4Y37uFKIUY0zSTOhEPXQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPDHKvs5eHZL3xb7E+3GeO8OMXfgMB8GA1UdIwQY
MBaAFJJQaaXXZNolWVTbLunRJD3ha5EBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xCcHBkZGsyaVZaVk5zdTZkRWtQZUZya1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS82Nzg4ZjUtNDg4OS00YmU3LWJiMTkt
YTliOGRlNjExYTk2LzEvOE1jcS16bDRka3ZmRnZzVDdjWjQ3dzR4ZC1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS82Nzg4ZjUtNDg4OS00YmU3LWJiMTktYTliOGRlNjExYTk2
LzEva2xCcHBkZGsyaVZaVk5zdTZkRWtQZUZya1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCwaiMAwQC
wgX4MA0EAgACMAcDBQEqDLDAMA0GCSqGSIb3DQEBCwUAA4IBAQCiTrz/O0SVinGk
PlyNyXSQvtoH9AquvhRg8OoVOkUgRsrcOAQ++fi5sB5DVDxhYYla70rlzyoTzeZ9
+td5Xvca/8aivmWLsK9QwfhgLGLfnOOmtjXBdvf1Eje77A9tOIiT0I3kNTY9AO5A
3KPHpFUvwvyz44bGO0YZktZzY7Q+FAvDlldwLSWM6Ne7g5RcCCFNkjxn3XOR4ruE
8Ul4Wkld6cfIk0EBoUgVeOR82MxxLJr6lx8x1yc343hFPZmD+jvGvwHwX2IVGSlj
Q9gAeCav7iEkiOudj+zsF/fN8DciKFgwIAq8ax4NBYC+p2T4P2WsUiNlwPeNVboN
8h2RKeb6
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:16:27 2024 by rpki-client on console-fra.rpki-client.org