Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/b9f905-cd6b-4c7e-9f4e-bc29b21d3ce7/1/8LJGiI5kv_sZzjrLRU5PK9RdvhM.roa
File: 8LJGiI5kv_sZzjrLRU5PK9RdvhM.roa (raw, json)
Hash identifier: YC2BrzWA0CyES45w+TmOlv2ONvQTBN32FivXu3P0SCk=
Subject key identifier: F0:B2:46:88:8E:64:BF:FB:19:CE:3A:CB:45:4E:4F:2B:D4:5D:BE:13
Certificate issuer: /CN=01d02680691389402b3eb335e5c9c8be3e9930a0
Certificate serial: 018CCA9904AB86374C3B9CFECF4EE6DEE1D6
Authority key identifier: 01:D0:26:80:69:13:89:40:2B:3E:B3:35:E5:C9:C8:BE:3E:99:30:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AdAmgGkTiUArPrM15cnIvj6ZMKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/b9f905-cd6b-4c7e-9f4e-bc29b21d3ce7/1/8LJGiI5kv_sZzjrLRU5PK9RdvhM.roa
Signing time: Tue 02 Jan 2024 14:34:34 +0000
ROA not before: Tue 02 Jan 2024 14:34:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209608
IP address blocks: 193.186.203.0/24 maxlen: 24
193.186.202.0/24 maxlen: 24
193.186.201.0/24 maxlen: 24
193.186.200.0/22 maxlen: 22
193.186.200.0/24 maxlen: 24
2a0d:76c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/b9f905-cd6b-4c7e-9f4e-bc29b21d3ce7/1/AdAmgGkTiUArPrM15cnIvj6ZMKA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/b9f905-cd6b-4c7e-9f4e-bc29b21d3ce7/1/AdAmgGkTiUArPrM15cnIvj6ZMKA.mft
rsync://rpki.ripe.net/repository/DEFAULT/AdAmgGkTiUArPrM15cnIvj6ZMKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:04:ab:86:37:4c:3b:9c:fe:cf:4e:e6:de:e1:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01d02680691389402b3eb335e5c9c8be3e9930a0
Validity
Not Before: Jan 2 14:34:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0b246888e64bffb19ce3acb454e4f2bd45dbe13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a5:49:e3:b0:90:d4:a8:ef:d0:5f:44:8c:f7:
4f:da:eb:e0:0b:87:9a:c2:fb:70:eb:f0:82:d4:ee:
39:db:13:27:e9:95:50:e6:48:38:81:8b:05:fd:5b:
14:b8:68:a9:83:17:c1:4f:ba:d5:b3:74:ff:af:a7:
bb:9e:ec:7b:e1:5a:aa:c3:02:41:9a:44:f6:d2:6b:
58:24:1a:c3:bb:d9:6c:f8:22:d9:4e:c2:c7:52:1c:
a7:10:1b:6f:20:e2:b1:d8:5c:c1:27:59:18:b3:97:
c7:08:b0:b5:24:3b:22:65:c0:78:06:e2:6e:9f:db:
b6:64:fe:42:05:c0:c4:d3:0a:6b:51:47:8c:4e:ca:
09:0c:92:06:18:7f:90:14:59:c1:ee:32:88:d2:05:
aa:e8:15:ec:9c:e6:67:c2:2c:5e:e2:78:c6:f0:c9:
b2:9c:0a:81:1b:d4:66:b6:6f:89:f1:71:37:be:8b:
4e:c0:bb:1e:53:0f:30:86:12:de:bd:4a:47:fe:23:
68:3d:7f:09:11:41:5f:8a:fa:cd:84:85:76:3f:16:
67:f4:45:52:2d:6e:6d:ac:e6:3e:c7:0e:04:2b:2c:
64:70:83:49:d8:3b:d2:ca:8a:bc:72:7a:51:80:66:
e1:06:a8:b0:37:f6:2f:b5:47:2e:73:e7:6e:5e:a1:
37:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:B2:46:88:8E:64:BF:FB:19:CE:3A:CB:45:4E:4F:2B:D4:5D:BE:13
X509v3 Authority Key Identifier:
keyid:01:D0:26:80:69:13:89:40:2B:3E:B3:35:E5:C9:C8:BE:3E:99:30:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AdAmgGkTiUArPrM15cnIvj6ZMKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/b9f905-cd6b-4c7e-9f4e-bc29b21d3ce7/1/8LJGiI5kv_sZzjrLRU5PK9RdvhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/b9f905-cd6b-4c7e-9f4e-bc29b21d3ce7/1/AdAmgGkTiUArPrM15cnIvj6ZMKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.186.200.0/22
IPv6:
2a0d:76c0::/48
Signature Algorithm: sha256WithRSAEncryption
4a:7c:a7:37:ce:1a:dc:5a:b6:e6:f9:78:5e:a7:46:d4:18:29:
52:a4:c5:07:dc:7c:9b:14:88:27:49:67:20:dd:25:59:e8:d9:
67:cb:cd:cd:70:40:42:f2:04:e9:1d:fa:13:63:41:c4:21:ba:
ad:9e:2d:ec:93:dd:d8:d1:a9:3c:99:1c:c0:55:12:dc:c1:b4:
80:24:fc:a5:65:43:eb:d4:de:8b:55:9c:30:d9:41:59:c0:06:
7b:28:00:7c:2d:75:d8:25:e6:37:33:cd:a9:22:ed:58:34:79:
7c:8f:7e:15:64:8d:e2:12:d5:f6:b3:ee:09:39:d4:c9:34:ff:
92:00:9b:f1:19:f1:d4:18:2c:f8:63:89:c3:94:b9:0e:9d:92:
9e:d7:1b:96:32:5a:cd:23:7c:ba:46:0b:26:d3:4f:e4:c2:02:
be:be:d1:36:1f:c6:54:b1:27:53:08:56:05:12:7a:d7:ce:27:
d6:a8:79:df:6f:f2:f7:d1:2f:fb:ec:10:e4:9a:ca:d8:31:5d:
56:98:57:91:78:10:f0:0e:98:6f:39:d0:28:5e:43:97:33:93:
7b:e0:79:66:d2:da:4a:88:f7:6a:50:3c:9c:76:73:38:be:44:
96:12:2c:21:f3:d7:28:e4:ea:8c:83:58:2f:1e:da:b5:ca:47:
59:74:c1:57
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzKmQSrhjdMO5z+z07m3uHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZDAyNjgwNjkxMzg5NDAyYjNlYjMzNWU1YzljOGJlM2U5
OTMwYTAwHhcNMjQwMTAyMTQzNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGIyNDY4ODhlNjRiZmZiMTljZTNhY2I0NTRlNGYyYmQ0NWRiZTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqVJ47CQ1Kjv0F9EjPdP2uvgC4ea
wvtw6/CC1O452xMn6ZVQ5kg4gYsF/VsUuGipgxfBT7rVs3T/r6e7nux74VqqwwJB
mkT20mtYJBrDu9ls+CLZTsLHUhynEBtvIOKx2FzBJ1kYs5fHCLC1JDsiZcB4BuJu
n9u2ZP5CBcDE0wprUUeMTsoJDJIGGH+QFFnB7jKI0gWq6BXsnOZnwixe4njG8Mmy
nAqBG9Rmtm+J8XE3votOwLseUw8whhLevUpH/iNoPX8JEUFfivrNhIV2PxZn9EVS
LW5trOY+xw4EKyxkcINJ2DvSyoq8cnpRgGbhBqiwN/YvtUcuc+duXqE3dQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPCyRoiOZL/7Gc46y0VOTyvUXb4TMB8GA1UdIwQY
MBaAFAHQJoBpE4lAKz6zNeXJyL4+mTCgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWRBbWdHa1RpVUFyUHJNMTVjbkl2ajZaTUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9iOWY5MDUtY2Q2Yi00YzdlLTlmNGUt
YmMyOWIyMWQzY2U3LzEvOExKR2lJNWt2X3NaempyTFJVNVBLOVJkdmhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9iOWY5MDUtY2Q2Yi00YzdlLTlmNGUtYmMyOWIyMWQzY2U3
LzEvQWRBbWdHa1RpVUFyUHJNMTVjbkl2ajZaTUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwbrIMA8E
AgACMAkDBwAqDXbAAAAwDQYJKoZIhvcNAQELBQADggEBAEp8pzfOGtxatub5eF6n
RtQYKVKkxQfcfJsUiCdJZyDdJVno2WfLzc1wQELyBOkd+hNjQcQhuq2eLeyT3djR
qTyZHMBVEtzBtIAk/KVlQ+vU3otVnDDZQVnABnsoAHwtddgl5jczzaki7Vg0eXyP
fhVkjeIS1faz7gk51Mk0/5IAm/EZ8dQYLPhjicOUuQ6dkp7XG5YyWs0jfLpGCybT
T+TCAr6+0TYfxlSxJ1MIVgUSetfOJ9aoed9v8vfRL/vsEOSaytgxXVaYV5F4EPAO
mG850CheQ5czk3vgeWbS2kqI92pQPJx2czi+RJYSLCHz1yjk6oyDWC8e2rXKR1l0
wVc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:59:00 2024 by rpki-client on console-ams.rpki-client.org