Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/869214-16d4-45e0-b87e-32e932d6fd0e/1/8EXnwxmmWDWJmunDjGIOKugKD2Y.roa
File: 8EXnwxmmWDWJmunDjGIOKugKD2Y.roa (raw, json)
Hash identifier: W3lKm1qQOO7AUyLoI2kY0HIukxsrWUiLhI8phYU+V8M=
Subject key identifier: F0:45:E7:C3:19:A6:58:35:89:9A:E9:C3:8C:62:0E:2A:E8:0A:0F:66
Certificate issuer: /CN=b4f115424c181c67966ccc2467ede69d060ccf53
Certificate serial: 018CC6B799C85075D24624E2CD7D55EF01F2
Authority key identifier: B4:F1:15:42:4C:18:1C:67:96:6C:CC:24:67:ED:E6:9D:06:0C:CF:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPEVQkwYHGeWbMwkZ-3mnQYMz1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/869214-16d4-45e0-b87e-32e932d6fd0e/1/8EXnwxmmWDWJmunDjGIOKugKD2Y.roa
Signing time: Mon 01 Jan 2024 20:29:30 +0000
ROA not before: Mon 01 Jan 2024 20:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202269
IP address blocks: 195.248.240.0/24 maxlen: 24
195.248.243.0/24 maxlen: 24
195.248.242.0/24 maxlen: 24
195.248.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/869214-16d4-45e0-b87e-32e932d6fd0e/1/tPEVQkwYHGeWbMwkZ-3mnQYMz1M.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/869214-16d4-45e0-b87e-32e932d6fd0e/1/tPEVQkwYHGeWbMwkZ-3mnQYMz1M.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPEVQkwYHGeWbMwkZ-3mnQYMz1M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:99:c8:50:75:d2:46:24:e2:cd:7d:55:ef:01:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f115424c181c67966ccc2467ede69d060ccf53
Validity
Not Before: Jan 1 20:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f045e7c319a65835899ae9c38c620e2ae80a0f66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:11:64:bd:a1:55:92:84:c4:33:17:ff:1b:ca:
0e:4d:75:d7:2a:63:df:13:ff:d8:f4:ef:ba:2c:5d:
4c:af:6d:fc:fc:3f:a5:2d:c4:e8:52:b2:0d:74:c8:
4f:a6:55:90:38:b3:54:20:c0:02:ca:0b:4a:b1:23:
96:9d:d2:cf:be:26:8c:38:8c:75:c7:02:2c:ae:06:
af:12:84:77:3d:f2:1e:81:05:fe:0d:ea:e0:05:96:
33:b3:1a:e7:f0:9a:fc:ee:2a:7f:e7:3d:67:01:aa:
d2:cd:1c:13:a9:3a:4d:b2:7f:31:4c:a3:71:5d:1a:
c4:d6:e4:03:85:27:69:81:a2:f9:43:f8:cb:f9:4e:
4b:1b:a3:db:b4:01:c6:3a:1e:41:54:69:6f:56:86:
cc:47:20:7c:2d:7d:79:4a:d9:4c:1d:52:cc:8c:7f:
a2:43:42:73:03:b9:8c:b1:01:f8:ae:49:c1:b5:c2:
dd:95:e7:58:c3:d7:3b:9c:0b:f8:51:49:31:e9:f3:
94:44:49:db:42:7f:52:39:48:3c:d8:f3:af:4b:43:
ab:ae:76:b2:9d:70:7e:6d:56:64:70:f2:13:74:24:
80:98:fb:42:eb:03:d7:47:a5:49:2f:4b:81:39:4a:
a7:94:34:28:52:f5:4b:be:a5:4c:9c:e1:4c:7a:4d:
ce:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:45:E7:C3:19:A6:58:35:89:9A:E9:C3:8C:62:0E:2A:E8:0A:0F:66
X509v3 Authority Key Identifier:
keyid:B4:F1:15:42:4C:18:1C:67:96:6C:CC:24:67:ED:E6:9D:06:0C:CF:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPEVQkwYHGeWbMwkZ-3mnQYMz1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/869214-16d4-45e0-b87e-32e932d6fd0e/1/8EXnwxmmWDWJmunDjGIOKugKD2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/869214-16d4-45e0-b87e-32e932d6fd0e/1/tPEVQkwYHGeWbMwkZ-3mnQYMz1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.248.240.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:d6:c4:48:33:f9:2c:7a:7c:66:b2:d3:43:13:2d:a3:16:00:
eb:40:00:47:37:99:86:22:28:b2:1c:d1:92:0c:be:ab:39:22:
07:50:6b:0b:99:27:f9:1a:96:fb:dc:be:fb:f3:ab:54:9a:e8:
8c:e0:f2:ca:5f:26:68:3a:19:da:a2:f2:36:ed:7e:9d:28:b5:
46:c4:c4:a9:5a:c1:84:1e:a7:d3:3a:ae:ad:ee:f0:ef:83:86:
87:93:de:9a:95:39:8e:b9:a9:c1:df:70:b3:ad:26:62:5d:41:
af:8b:56:a9:57:e0:81:60:86:ba:4f:9d:17:71:a6:a4:05:ea:
81:d1:05:73:0d:cd:8e:b8:83:26:b3:d5:86:28:c6:6f:36:9a:
02:86:e9:b2:b7:37:af:2e:6e:45:7a:2c:63:ca:fb:db:1a:e8:
7e:ef:d9:75:c2:5e:f3:a3:5c:6d:84:8c:87:11:d0:60:35:c1:
7d:bb:fa:d2:07:55:b6:a5:20:38:fb:12:8c:a1:d2:e2:d4:ab:
db:e5:77:b0:0a:4e:81:31:7d:a3:4f:35:cc:f3:bd:47:94:e8:
c9:8e:c4:c8:20:15:d0:d0:4b:9e:06:85:b2:9c:48:e7:c0:4b:
f2:e1:6d:fa:8d:53:18:20:48:cf:78:11:62:39:8e:18:01:0a:
08:a7:4b:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt5nIUHXSRiTizX1V7wHyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZjExNTQyNGMxODFjNjc5NjZjY2MyNDY3ZWRlNjlkMDYw
Y2NmNTMwHhcNMjQwMTAxMjAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDQ1ZTdjMzE5YTY1ODM1ODk5YWU5YzM4YzYyMGUyYWU4MGEwZjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhFkvaFVkoTEMxf/G8oOTXXXKmPf
E//Y9O+6LF1Mr238/D+lLcToUrINdMhPplWQOLNUIMACygtKsSOWndLPviaMOIx1
xwIsrgavEoR3PfIegQX+DergBZYzsxrn8Jr87ip/5z1nAarSzRwTqTpNsn8xTKNx
XRrE1uQDhSdpgaL5Q/jL+U5LG6PbtAHGOh5BVGlvVobMRyB8LX15StlMHVLMjH+i
Q0JzA7mMsQH4rknBtcLdledYw9c7nAv4UUkx6fOUREnbQn9SOUg82POvS0Orrnay
nXB+bVZkcPITdCSAmPtC6wPXR6VJL0uBOUqnlDQoUvVLvqVMnOFMek3OzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPBF58MZplg1iZrpw4xiDiroCg9mMB8GA1UdIwQY
MBaAFLTxFUJMGBxnlmzMJGft5p0GDM9TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBFVlFrd1lIR2VXYk13a1otM21uUVlNejFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS84NjkyMTQtMTZkNC00NWUwLWI4N2Ut
MzJlOTMyZDZmZDBlLzEvOEVYbnd4bW1XRFdKbXVuRGpHSU9LdWdLRDJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS84NjkyMTQtMTZkNC00NWUwLWI4N2UtMzJlOTMyZDZmZDBl
LzEvdFBFVlFrd1lIR2VXYk13a1otM21uUVlNejFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw/jwMA0G
CSqGSIb3DQEBCwUAA4IBAQB91sRIM/ksenxmstNDEy2jFgDrQABHN5mGIiiyHNGS
DL6rOSIHUGsLmSf5Gpb73L7786tUmuiM4PLKXyZoOhnaovI27X6dKLVGxMSpWsGE
HqfTOq6t7vDvg4aHk96alTmOuanB33CzrSZiXUGvi1apV+CBYIa6T50XcaakBeqB
0QVzDc2OuIMms9WGKMZvNpoChumytzevLm5FeixjyvvbGuh+79l1wl7zo1xthIyH
EdBgNcF9u/rSB1W2pSA4+xKModLi1Kvb5XewCk6BMX2jTzXM871HlOjJjsTIIBXQ
0EueBoWynEjnwEvy4W36jVMYIEjPeBFiOY4YAQoIp0uE
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:41:09 2024 by rpki-client on console-fra.rpki-client.org