Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/8QkjgzgeVZegs7M6TQbWRJpXI4o.roa
File: 8QkjgzgeVZegs7M6TQbWRJpXI4o.roa (raw, json)
Hash identifier: pM8vKnjaY6FWpRIQ2pxqzvLwmG8U81Y80Cb7Tqcvm0o=
Subject key identifier: F1:09:23:83:38:1E:55:97:A0:B3:B3:3A:4D:06:D6:44:9A:57:23:8A
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 018CC6B78B29A6FC19062A2F03901B952A04
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/8QkjgzgeVZegs7M6TQbWRJpXI4o.roa
Signing time: Mon 01 Jan 2024 20:29:26 +0000
ROA not before: Mon 01 Jan 2024 20:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201206
IP address blocks: 185.82.21.0/24 maxlen: 24
185.82.20.0/24 maxlen: 24
185.82.23.0/24 maxlen: 24
185.82.22.0/24 maxlen: 24
83.171.236.0/24 maxlen: 24
83.171.238.0/24 maxlen: 24
83.171.237.0/24 maxlen: 24
83.171.239.0/24 maxlen: 24
185.185.24.0/24 maxlen: 24
185.185.25.0/24 maxlen: 24
185.185.26.0/24 maxlen: 24
185.185.27.0/24 maxlen: 24
193.57.61.0/24 maxlen: 24
193.57.60.0/24 maxlen: 24
193.57.63.0/24 maxlen: 24
193.57.62.0/24 maxlen: 24
2a05:8b80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.mft
rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:8b:29:a6:fc:19:06:2a:2f:03:90:1b:95:2a:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Jan 1 20:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1092383381e5597a0b3b33a4d06d6449a57238a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0d:04:f3:87:f2:f0:b9:f1:03:bb:e7:21:03:
a8:39:fa:75:57:40:cc:37:eb:93:97:bd:b2:49:d8:
fc:b5:08:48:25:95:b2:ce:98:94:dc:ca:43:a0:6d:
72:0d:8b:bb:f6:55:59:c4:06:f8:4d:8a:d3:be:78:
04:2f:65:e2:24:77:b9:dc:9f:14:30:80:ea:7e:4e:
eb:b5:75:32:5f:08:bf:a6:be:7c:c9:bd:60:f6:02:
e8:5e:30:59:cf:99:c0:1f:15:41:d2:0b:3f:72:f8:
ba:9b:09:e7:11:a8:f1:d3:34:11:2c:01:d0:74:e0:
78:bf:11:04:cc:30:0f:d4:f2:b3:71:34:5f:3e:a6:
c1:df:b0:31:35:dc:ab:3e:cd:43:b8:98:0a:d2:27:
ae:df:9e:69:36:1a:d7:1d:4e:f4:8a:81:48:05:aa:
c6:5a:d1:2d:d5:e9:fb:08:82:bb:77:79:41:19:83:
9e:66:d6:8d:3e:51:74:ff:0e:4d:c1:ba:e3:6a:81:
f0:9c:93:46:60:1e:97:1f:33:d2:e1:30:8a:02:cc:
7e:eb:a3:e9:72:0b:95:ee:db:10:8c:2a:1c:dd:dd:
3b:55:ee:09:f2:2d:42:99:95:01:a3:7e:ea:cb:79:
72:1b:e5:1e:4e:3a:50:ca:7f:01:03:be:c2:6f:cd:
8f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:09:23:83:38:1E:55:97:A0:B3:B3:3A:4D:06:D6:44:9A:57:23:8A
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/8QkjgzgeVZegs7M6TQbWRJpXI4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.236.0/22
185.82.20.0/22
185.185.24.0/22
193.57.60.0/22
IPv6:
2a05:8b80::/29
Signature Algorithm: sha256WithRSAEncryption
74:c3:8a:ad:69:ea:c5:81:95:6e:89:27:db:a6:9a:62:73:ed:
e7:0a:9f:b4:b1:23:f2:c9:fc:35:d8:9b:d3:07:29:77:e4:d1:
dc:41:9d:24:1c:95:bc:d9:45:a5:99:4c:8a:7d:8a:a7:bc:b0:
c1:95:7e:14:77:ab:99:31:e3:64:33:ab:9a:ce:bb:3a:01:53:
20:ea:c7:be:98:c9:42:32:67:ee:03:3d:28:70:2f:2d:ef:bb:
33:75:ee:e2:e1:09:a5:e9:fd:61:f8:ec:ed:0d:4e:a5:ce:ba:
10:c4:8d:5b:21:cc:91:0b:b4:49:7a:d3:0d:08:f9:4f:75:c4:
22:b0:a0:bb:df:20:a3:19:9c:f9:1e:df:71:c8:86:6a:a3:1d:
64:2c:d2:12:2e:ff:5d:ef:4a:65:f4:b3:78:f8:c2:2a:d0:11:
60:1a:66:65:80:b5:36:34:e6:dd:8c:f0:9a:05:40:74:38:31:
30:04:89:b4:8e:8d:6d:a2:1b:0b:ce:82:cc:d1:d6:2e:6e:e8:
34:0d:3e:d0:be:e2:b1:a2:35:36:0b:07:06:92:73:87:62:bf:
36:a7:96:ad:87:a0:a9:c2:9a:4c:69:0a:c8:99:13:b2:37:92:
9f:90:43:f1:9f:1d:2a:0c:af:e2:51:97:8f:fa:ce:3c:0a:bc:
48:cd:50:fc
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzGt4sppvwZBiovA5AblSoEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjQwMTAxMjAyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTA5MjM4MzM4MWU1NTk3YTBiM2IzM2E0ZDA2ZDY0NDlhNTcyMzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjA0E84fy8LnxA7vnIQOoOfp1V0DM
N+uTl72ySdj8tQhIJZWyzpiU3MpDoG1yDYu79lVZxAb4TYrTvngEL2XiJHe53J8U
MIDqfk7rtXUyXwi/pr58yb1g9gLoXjBZz5nAHxVB0gs/cvi6mwnnEajx0zQRLAHQ
dOB4vxEEzDAP1PKzcTRfPqbB37AxNdyrPs1DuJgK0ieu355pNhrXHU70ioFIBarG
WtEt1en7CIK7d3lBGYOeZtaNPlF0/w5NwbrjaoHwnJNGYB6XHzPS4TCKAsx+66Pp
cguV7tsQjCoc3d07Ve4J8i1CmZUBo37qy3lyG+UeTjpQyn8BA77Cb82P5QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPEJI4M4HlWXoLOzOk0G1kSaVyOKMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvOFFramd6Z2VWWmVnczdNNlRRYldSSnBYSTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCU6vsAwQC
uVIUAwQCubkYAwQCwTk8MA0EAgACMAcDBQMqBYuAMA0GCSqGSIb3DQEBCwUAA4IB
AQB0w4qtaerFgZVuiSfbpppic+3nCp+0sSPyyfw12JvTByl35NHcQZ0kHJW82UWl
mUyKfYqnvLDBlX4Ud6uZMeNkM6uazrs6AVMg6se+mMlCMmfuAz0ocC8t77szde7i
4Qml6f1h+OztDU6lzroQxI1bIcyRC7RJetMNCPlPdcQisKC73yCjGZz5Ht9xyIZq
ox1kLNISLv9d70pl9LN4+MIq0BFgGmZlgLU2NObdjPCaBUB0ODEwBIm0jo1tohsL
zoLM0dYubug0DT7QvuKxojU2CwcGknOHYr82p5ath6CpwppMaQrImROyN5KfkEPx
nx0qDK/iUZeP+s48CrxIzVD8
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:44:55 2024 by rpki-client on console-ams.rpki-client.org