Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/8wF8_wg0Tq5tndE83lWlP_LMGqs.roa
File: 8wF8_wg0Tq5tndE83lWlP_LMGqs.roa (raw, json)
Hash identifier: NPM8whIcqNxIr3ztnzkGxrzn0S7N5miHE3puP6cyghs=
Subject key identifier: F3:01:7C:FF:08:34:4E:AE:6D:9D:D1:3C:DE:55:A5:3F:F2:CC:1A:AB
Certificate issuer: /CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Certificate serial: 018FE924177482675AF81A54D942337CC1AA
Authority key identifier: 42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/8wF8_wg0Tq5tndE83lWlP_LMGqs.roa
Signing time: Wed 05 Jun 2024 16:03:27 +0000
ROA not before: Wed 05 Jun 2024 16:03:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 45.13.171.0/24 maxlen: 24
185.189.224.0/24 maxlen: 24
185.198.51.0/24 maxlen: 24
195.245.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 13:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e9:24:17:74:82:67:5a:f8:1a:54:d9:42:33:7c:c1:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Validity
Not Before: Jun 5 16:03:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3017cff08344eae6d9dd13cde55a53ff2cc1aab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:43:c6:f2:f4:5d:ef:17:61:66:d3:05:73:30:
da:66:21:0a:e3:79:e3:cb:b7:79:e2:44:8c:b8:77:
67:fc:04:9f:2a:91:8a:a3:17:48:60:f0:56:19:c7:
ab:f2:33:0e:e9:e0:be:a4:7e:84:2e:3b:a7:8b:82:
b9:ee:85:33:a2:f9:b1:ab:3a:71:0b:f5:c0:64:86:
57:52:b1:e8:ff:0c:42:e9:c9:9b:ee:4e:66:40:18:
c3:e8:85:f0:9d:13:4f:d0:a3:e6:0d:47:b3:0c:aa:
55:2e:04:65:c8:3e:58:b1:10:4d:e6:6b:6b:6c:da:
56:37:02:4e:a7:98:6d:ff:73:e0:be:90:a5:e1:5a:
6f:62:e8:b4:15:da:8e:dc:59:ef:84:e3:52:9f:ed:
18:b7:c5:5a:08:f8:e6:e3:be:5d:57:55:18:eb:6f:
6a:ea:7d:85:a5:f9:48:39:cd:68:38:19:aa:37:9d:
bd:5d:18:b6:dd:1a:d2:12:e1:b3:53:5a:bd:0e:69:
cc:f0:39:d8:25:3f:6b:4c:9b:7a:f8:e7:69:11:80:
e7:dd:d1:84:65:5d:4f:db:b2:18:e9:99:dc:03:62:
44:05:1c:df:de:dc:62:12:e4:fb:bb:c4:98:03:53:
cc:02:26:ef:4d:56:34:9c:0b:da:08:58:ea:2e:79:
df:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:01:7C:FF:08:34:4E:AE:6D:9D:D1:3C:DE:55:A5:3F:F2:CC:1A:AB
X509v3 Authority Key Identifier:
keyid:42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/8wF8_wg0Tq5tndE83lWlP_LMGqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.171.0/24
185.189.224.0/24
185.198.51.0/24
195.245.89.0/24
Signature Algorithm: sha256WithRSAEncryption
59:fa:2f:ab:74:fc:9b:88:4c:35:3e:d9:c9:06:39:4e:9c:92:
54:b0:8f:f9:a4:fe:6b:29:bc:cf:2e:e3:7c:3e:32:00:e4:92:
ad:1f:9c:a7:59:0d:f6:e2:b0:f8:e7:5a:d0:51:e5:a6:a6:9d:
bd:0a:f5:01:65:c6:fd:6d:d6:57:fa:a1:d4:4e:c7:de:bb:67:
cc:a8:eb:7c:db:eb:eb:1f:53:0f:0b:38:bb:15:d5:fa:2d:44:
3d:dd:5f:bb:59:2e:6a:68:6c:4e:ed:57:3e:01:f8:95:25:a4:
52:76:0c:ce:e3:23:72:16:e7:43:2d:9b:22:0a:59:8b:54:32:
e6:9a:38:d6:cd:56:b4:92:9b:1b:6a:79:f9:b2:17:a0:57:fc:
ce:53:8f:07:1b:ee:5e:18:18:8a:2a:1f:8c:20:34:0d:48:ec:
82:ea:b9:4d:fb:8a:ae:dd:21:8c:11:b9:39:56:b6:b7:be:03:
94:cf:84:7e:8a:84:6b:a9:72:fc:46:03:4f:f2:58:97:fa:dc:
d5:5a:04:9a:47:a3:e0:91:de:df:57:78:9a:43:c2:13:96:bc:
8b:33:ff:da:19:9a:d6:a3:78:f8:1d:80:7d:73:5a:4b:4e:c6:
03:ab:21:11:1c:10:38:47:7c:b0:8d:71:05:9a:d1:98:29:c4:
40:64:58:c2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY/pJBd0gmda+BpU2UIzfMGqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTM2MWNkMTgxZDg2ZWY1NGViZTJmYzkxYTgwZWM1MzRj
ZWFjNzgwHhcNMjQwNjA1MTYwMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzAxN2NmZjA4MzQ0ZWFlNmQ5ZGQxM2NkZTU1YTUzZmYyY2MxYWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0PG8vRd7xdhZtMFczDaZiEK43nj
y7d54kSMuHdn/ASfKpGKoxdIYPBWGcer8jMO6eC+pH6ELjuni4K57oUzovmxqzpx
C/XAZIZXUrHo/wxC6cmb7k5mQBjD6IXwnRNP0KPmDUezDKpVLgRlyD5YsRBN5mtr
bNpWNwJOp5ht/3PgvpCl4VpvYui0FdqO3FnvhONSn+0Yt8VaCPjm475dV1UY629q
6n2FpflIOc1oOBmqN529XRi23RrSEuGzU1q9DmnM8DnYJT9rTJt6+OdpEYDn3dGE
ZV1P27IY6ZncA2JEBRzf3txiEuT7u8SYA1PMAibvTVY0nAvaCFjqLnnfyQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPMBfP8INE6ubZ3RPN5VpT/yzBqrMB8GA1UdIwQY
MBaAFEKTYc0YHYbvVOvi/JGoDsU0zqx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjkt
OWJiYjQyZmE4Y2VkLzEvOHdGOF93ZzBUcTV0bmRFODNsV2xQX0xNR3FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjktOWJiYjQyZmE4Y2Vk
LzEvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQ2rAwQA
ub3gAwQAucYzAwQAw/VZMA0GCSqGSIb3DQEBCwUAA4IBAQBZ+i+rdPybiEw1PtnJ
BjlOnJJUsI/5pP5rKbzPLuN8PjIA5JKtH5ynWQ324rD451rQUeWmpp29CvUBZcb9
bdZX+qHUTsfeu2fMqOt82+vrH1MPCzi7FdX6LUQ93V+7WS5qaGxO7Vc+AfiVJaRS
dgzO4yNyFudDLZsiClmLVDLmmjjWzVa0kpsbann5shegV/zOU48HG+5eGBiKKh+M
IDQNSOyC6rlN+4qu3SGMEbk5Vra3vgOUz4R+ioRrqXL8RgNP8liX+tzVWgSaR6Pg
kd7fV3iaQ8ITlryLM//aGZrWo3j4HYB9c1pLTsYDqyERHBA4R3ywjXEFmtGYKcRA
ZFjC
-----END CERTIFICATE-----
Generated at Fri Jun 28 22:44:08 2024 by rpki-client on console-ams.rpki-client.org