Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/f4ca79-384f-47f2-aed8-a8d00383bcdd/1/v0S8scgTHiX46HbSMnUehC6TDOA.roa
File: v0S8scgTHiX46HbSMnUehC6TDOA.roa (raw, json)
Hash identifier: Yty/gkJZGnPVv38cykygNJxBkFZdmoL5tuJQxsvTakc=
Subject key identifier: BF:44:BC:B1:C8:13:1E:25:F8:E8:76:D2:32:75:1E:84:2E:93:0C:E0
Certificate issuer: /CN=9ec448e1b1e0ebe4e976b120d398fe74d5e135f8
Certificate serial: 018E092459ED9C43C8E8A18C4C955299A2C7
Authority key identifier: 9E:C4:48:E1:B1:E0:EB:E4:E9:76:B1:20:D3:98:FE:74:D5:E1:35:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nsRI4bHg6-TpdrEg05j-dNXhNfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/f4ca79-384f-47f2-aed8-a8d00383bcdd/1/v0S8scgTHiX46HbSMnUehC6TDOA.roa
Signing time: Mon 04 Mar 2024 11:06:01 +0000
ROA not before: Mon 04 Mar 2024 11:06:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50231
IP address blocks: 80.65.212.0/22 maxlen: 24
81.30.136.0/23 maxlen: 23
81.30.140.0/22 maxlen: 22
89.200.160.0/21 maxlen: 21
91.123.208.0/20 maxlen: 20
91.205.244.0/22 maxlen: 22
91.233.69.0/24 maxlen: 24
91.233.70.0/23 maxlen: 23
91.233.72.0/22 maxlen: 22
94.232.32.0/21 maxlen: 21
109.95.232.0/21 maxlen: 21
109.196.48.0/20 maxlen: 20
193.17.54.0/24 maxlen: 24
193.27.210.0/23 maxlen: 23
193.34.220.0/22 maxlen: 22
193.150.42.0/23 maxlen: 23
193.150.44.0/22 maxlen: 22
195.14.116.0/23 maxlen: 23
195.189.40.0/22 maxlen: 22
213.5.136.0/21 maxlen: 21
2a0d:1d40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/f4ca79-384f-47f2-aed8-a8d00383bcdd/1/nsRI4bHg6-TpdrEg05j-dNXhNfg.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/f4ca79-384f-47f2-aed8-a8d00383bcdd/1/nsRI4bHg6-TpdrEg05j-dNXhNfg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nsRI4bHg6-TpdrEg05j-dNXhNfg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 13:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:09:24:59:ed:9c:43:c8:e8:a1:8c:4c:95:52:99:a2:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ec448e1b1e0ebe4e976b120d398fe74d5e135f8
Validity
Not Before: Mar 4 11:06:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf44bcb1c8131e25f8e876d232751e842e930ce0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:84:7d:95:2b:7e:d6:49:0f:be:c2:d6:ac:80:
86:a7:a0:ae:d1:b4:60:8c:9a:21:cb:23:12:38:4a:
aa:12:5a:70:d3:13:d4:36:6d:4d:c3:70:c8:bd:ac:
57:37:87:2d:50:2b:17:cd:10:28:c6:26:08:ea:ce:
bd:fe:34:e5:9e:7b:9e:3d:54:19:e4:1c:23:79:27:
d2:fc:73:90:08:24:6d:3f:21:a1:ed:48:35:d9:78:
19:d0:f4:47:bb:f8:d6:fa:14:f0:f4:04:7d:5b:36:
4d:63:4f:b6:60:bd:f3:df:4d:93:b2:dd:4f:c0:d1:
26:42:2c:ef:7c:9c:46:ba:b7:dc:49:4a:a8:5b:a1:
b3:93:94:73:b6:1d:98:74:7c:f1:a8:56:76:4f:df:
3d:10:ce:95:4d:1c:50:39:3f:b7:04:a7:65:b1:1c:
47:4a:1e:89:de:a0:25:b9:e6:75:8e:4d:81:aa:9e:
f8:57:fb:fa:e4:d4:6c:c5:7b:86:c2:6d:9e:72:df:
b3:8e:f9:8e:89:02:30:87:94:16:96:b7:cc:6c:36:
ed:d0:fb:53:67:47:8f:eb:4f:f9:53:10:c0:59:16:
81:1a:90:bd:57:e3:7d:ec:5f:ad:da:5f:e4:2e:b6:
57:ba:89:6d:a9:59:35:9c:e0:9a:f8:17:92:53:ec:
1d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:44:BC:B1:C8:13:1E:25:F8:E8:76:D2:32:75:1E:84:2E:93:0C:E0
X509v3 Authority Key Identifier:
keyid:9E:C4:48:E1:B1:E0:EB:E4:E9:76:B1:20:D3:98:FE:74:D5:E1:35:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nsRI4bHg6-TpdrEg05j-dNXhNfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f4ca79-384f-47f2-aed8-a8d00383bcdd/1/v0S8scgTHiX46HbSMnUehC6TDOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f4ca79-384f-47f2-aed8-a8d00383bcdd/1/nsRI4bHg6-TpdrEg05j-dNXhNfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.65.212.0/22
81.30.136.0/23
81.30.140.0/22
89.200.160.0/21
91.123.208.0/20
91.205.244.0/22
91.233.69.0-91.233.75.255
94.232.32.0/21
109.95.232.0/21
109.196.48.0/20
193.17.54.0/24
193.27.210.0/23
193.34.220.0/22
193.150.42.0-193.150.47.255
195.14.116.0/23
195.189.40.0/22
213.5.136.0/21
IPv6:
2a0d:1d40::/29
Signature Algorithm: sha256WithRSAEncryption
b5:04:d2:6b:c7:d0:c6:70:d9:d6:34:fc:98:28:f7:8b:af:e4:
09:02:a0:df:d6:8b:00:83:f8:94:e1:d9:66:9e:05:c4:5e:93:
c6:52:d6:77:bf:6d:fe:22:17:12:85:33:c3:3e:fa:e6:6a:44:
70:2d:d3:9e:00:52:8a:e5:39:3f:22:ff:a7:0c:fb:71:01:85:
35:6a:ca:71:6a:01:c7:4d:47:17:3a:e4:dd:dd:49:b6:56:e9:
07:38:9b:4e:e2:7e:6f:4d:aa:75:5a:94:f2:92:4c:ae:5e:c3:
ff:1a:dc:d4:e0:4d:33:91:fa:d0:07:82:36:b2:28:fa:ce:75:
58:26:c4:a0:d8:1e:f3:79:e7:da:0e:47:c4:16:24:3f:3b:1d:
9e:1a:56:2d:80:19:02:80:cf:24:b4:28:a2:07:62:a1:11:d1:
4b:bb:ff:f7:e9:39:9f:6e:93:b5:33:88:f3:01:58:6a:42:72:
4e:8d:03:05:83:1a:bc:4d:13:46:17:af:70:18:e5:61:cc:c4:
22:ed:dd:5a:ce:b2:bb:ee:90:93:66:f6:10:dd:70:91:34:88:
78:83:0e:77:e7:d9:e8:6f:99:be:f8:d0:17:24:96:99:b8:8e:
37:c9:9f:e2:00:a9:6c:c4:b8:da:c3:68:5a:ff:38:10:97:04:
4b:71:55:15
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAY4JJFntnEPI6KGMTJVSmaLHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYzQ0OGUxYjFlMGViZTRlOTc2YjEyMGQzOThmZTc0ZDVl
MTM1ZjgwHhcNMjQwMzA0MTEwNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjQ0YmNiMWM4MTMxZTI1ZjhlODc2ZDIzMjc1MWU4NDJlOTMwY2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIR9lSt+1kkPvsLWrICGp6Cu0bRg
jJohyyMSOEqqElpw0xPUNm1Nw3DIvaxXN4ctUCsXzRAoxiYI6s69/jTlnnuePVQZ
5BwjeSfS/HOQCCRtPyGh7Ug12XgZ0PRHu/jW+hTw9AR9WzZNY0+2YL3z302Tst1P
wNEmQizvfJxGurfcSUqoW6Gzk5Rzth2YdHzxqFZ2T989EM6VTRxQOT+3BKdlsRxH
Sh6J3qAlueZ1jk2Bqp74V/v65NRsxXuGwm2ect+zjvmOiQIwh5QWlrfMbDbt0PtT
Z0eP60/5UxDAWRaBGpC9V+N97F+t2l/kLrZXuoltqVk1nOCa+BeSU+wdKwIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFL9EvLHIEx4l+Oh20jJ1HoQukwzgMB8GA1UdIwQY
MBaAFJ7ESOGx4Ovk6XaxINOY/nTV4TX4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnNSSTRiSGc2LVRwZHJFZzA1ai1kTlhoTmZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9mNGNhNzktMzg0Zi00N2YyLWFlZDgt
YThkMDAzODNiY2RkLzEvdjBTOHNjZ1RIaVg0NkhiU01uVWVoQzZURE9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9mNGNhNzktMzg0Zi00N2YyLWFlZDgtYThkMDAzODNiY2Rk
LzEvbnNSSTRiSGc2LVRwZHJFZzA1ai1kTlhoTmZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2AwQCUEHU
AwQBUR6IAwQCUR6MAwQDWcigAwQEW3vQAwQCW830MAwDBABb6UUDBAJb6UgDBANe
6CADBANtX+gDBARtxDADBADBETYDBAHBG9IDBALBItwwDAMEAcGWKgMEBMGWIAME
AcMOdAMEAsO9KAMEA9UFiDANBAIAAjAHAwUDKg0dQDANBgkqhkiG9w0BAQsFAAOC
AQEAtQTSa8fQxnDZ1jT8mCj3i6/kCQKg39aLAIP4lOHZZp4FxF6TxlLWd79t/iIX
EoUzwz765mpEcC3TngBSiuU5PyL/pwz7cQGFNWrKcWoBx01HFzrk3d1JtlbpBzib
TuJ+b02qdVqU8pJMrl7D/xrc1OBNM5H60AeCNrIo+s51WCbEoNge83nn2g5HxBYk
PzsdnhpWLYAZAoDPJLQoogdioRHRS7v/9+k5n26TtTOI8wFYakJyTo0DBYMavE0T
RhevcBjlYczEIu3dWs6yu+6Qk2b2EN1wkTSIeIMOd+fZ6G+ZvvjQFySWmbiON8mf
4gCpbMS42sNoWv84EJcES3FVFQ==
-----END CERTIFICATE-----
Generated at Fri Sep 27 22:15:14 2024 by rpki-client on console-ams.rpki-client.org