Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/x8CiyGnfiqzBE7ztMS8Fdn6fX84.roa
File: x8CiyGnfiqzBE7ztMS8Fdn6fX84.roa (raw, json)
Hash identifier: qMnwUcdAiKbCR7H5qgs2oovOguFYrKej8qsDdOeJWXw=
Subject key identifier: C7:C0:A2:C8:69:DF:8A:AC:C1:13:BC:ED:31:2F:05:76:7E:9F:5F:CE
Certificate issuer: /CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Certificate serial: 018CC56E21BC9005212A9A73D0979CF87BE7
Authority key identifier: 58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/x8CiyGnfiqzBE7ztMS8Fdn6fX84.roa
Signing time: Mon 01 Jan 2024 14:29:38 +0000
ROA not before: Mon 01 Jan 2024 14:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15576
IP address blocks: 77.95.120.0/21 maxlen: 21
194.187.88.0/22 maxlen: 24
194.187.88.0/24 maxlen: 24
185.63.148.0/22 maxlen: 22
217.11.208.0/20 maxlen: 20
212.103.64.0/24 maxlen: 24
212.103.64.0/19 maxlen: 19
217.146.160.0/20 maxlen: 20
212.103.65.0/24 maxlen: 24
217.146.165.0/24 maxlen: 24
2a00:c38:1a5::/48 maxlen: 48
2a00:c38::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/WAFcyNofG780PiarII34uyb9U64.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/WAFcyNofG780PiarII34uyb9U64.mft
rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:21:bc:90:05:21:2a:9a:73:d0:97:9c:f8:7b:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Validity
Not Before: Jan 1 14:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7c0a2c869df8aacc113bced312f05767e9f5fce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:92:27:2d:51:20:48:28:87:f4:e2:d9:ea:13:
57:42:84:59:c8:14:99:bb:ee:83:5f:70:37:fd:4f:
27:cb:a1:32:de:ff:8b:c8:8b:d4:29:9f:f4:7b:a3:
37:f2:63:6a:b4:0f:6d:af:54:d3:7f:02:b7:f6:92:
ad:77:b0:d2:97:0d:d6:19:0d:0b:a8:7e:41:f8:f7:
89:81:8c:60:0c:c8:58:65:bd:1f:5b:8e:53:bb:49:
96:1f:66:15:24:d8:1a:02:a2:ef:d0:01:2a:3b:2e:
ef:1f:82:51:15:00:f6:29:c5:93:bb:d0:1b:38:5e:
73:c6:35:b0:6a:4e:23:8a:c1:f1:ba:9d:16:a7:9f:
99:18:72:d5:6a:4f:e6:f3:d6:2b:64:73:5a:d3:5f:
9c:10:57:81:ff:a5:96:37:1f:89:b6:da:9f:18:dd:
e0:28:ba:05:51:dd:28:de:19:09:37:09:b9:d5:6e:
d2:35:b3:d3:4a:2e:19:f9:0e:52:1b:32:0d:34:cd:
72:10:d2:b5:ad:a7:fd:f6:c8:b4:1a:b5:7c:79:fd:
00:eb:3e:3a:30:6b:c8:25:a2:1b:c1:23:ce:f5:d7:
09:75:bb:a4:f1:47:9a:5d:75:70:37:a9:6f:a6:cb:
e0:de:ab:07:ec:cf:d2:fb:cb:1d:bb:85:63:ce:a7:
c2:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:C0:A2:C8:69:DF:8A:AC:C1:13:BC:ED:31:2F:05:76:7E:9F:5F:CE
X509v3 Authority Key Identifier:
keyid:58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/x8CiyGnfiqzBE7ztMS8Fdn6fX84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/WAFcyNofG780PiarII34uyb9U64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.120.0/21
185.63.148.0/22
194.187.88.0/22
212.103.64.0/19
217.11.208.0/20
217.146.160.0/20
IPv6:
2a00:c38::/32
Signature Algorithm: sha256WithRSAEncryption
18:a3:cf:f1:9c:a7:aa:56:61:2b:cb:20:48:c5:1f:14:83:75:
07:54:7d:1d:35:eb:62:22:c4:90:5b:3b:95:74:6e:68:40:7c:
fc:41:70:0e:a3:5f:6e:4f:36:9b:84:09:6e:3b:86:47:40:5f:
8e:99:20:10:38:70:34:6e:d6:b0:31:33:14:e0:8b:f2:86:75:
db:43:b3:a3:45:71:e5:1b:0f:8c:12:71:93:bf:3b:54:87:93:
d3:db:f6:58:e1:05:e2:cc:30:4d:e6:dd:f7:6b:aa:1a:34:14:
1d:75:52:77:cd:e8:98:92:21:cf:35:73:05:1f:b3:8b:35:eb:
96:cf:af:2f:20:5b:99:a6:e2:96:9f:6f:d0:44:b2:2b:3d:ff:
6d:65:81:94:6f:b7:f4:1b:1f:e6:e9:33:00:17:7e:d7:aa:61:
26:dd:cb:99:f0:fe:80:4c:08:4c:89:82:be:86:62:86:8b:de:
53:ec:79:88:3e:37:fc:3f:a2:3b:3e:86:24:22:b5:f5:d7:c7:
77:e6:e7:cd:5f:6f:97:11:4d:5c:93:65:55:0d:b8:ab:4a:c1:
18:0e:9e:79:a1:54:d4:e7:1a:9a:04:91:90:e9:36:4f:22:01:
d6:c7:e2:60:da:67:8d:20:a1:be:dd:bc:6f:24:7e:eb:ab:2b:
9d:e1:50:8d
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzFbiG8kAUhKppz0Jec+HvnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDE1Y2M4ZGExZjFiYmYzNDNlMjZhYjIwOGRmOGJiMjZm
ZDUzYWUwHhcNMjQwMTAxMTQyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2MwYTJjODY5ZGY4YWFjYzExM2JjZWQzMTJmMDU3NjdlOWY1ZmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3pInLVEgSCiH9OLZ6hNXQoRZyBSZ
u+6DX3A3/U8ny6Ey3v+LyIvUKZ/0e6M38mNqtA9tr1TTfwK39pKtd7DSlw3WGQ0L
qH5B+PeJgYxgDMhYZb0fW45Tu0mWH2YVJNgaAqLv0AEqOy7vH4JRFQD2KcWTu9Ab
OF5zxjWwak4jisHxup0Wp5+ZGHLVak/m89YrZHNa01+cEFeB/6WWNx+JttqfGN3g
KLoFUd0o3hkJNwm51W7SNbPTSi4Z+Q5SGzINNM1yENK1raf99si0GrV8ef0A6z46
MGvIJaIbwSPO9dcJdbuk8UeaXXVwN6lvpsvg3qsH7M/S+8sdu4VjzqfCbQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFMfAoshp34qswRO87TEvBXZ+n1/OMB8GA1UdIwQY
MBaAFFgBXMjaHxu/ND4mqyCN+Lsm/VOuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYt
OGVlMjFiNzRkZDU2LzEveDhDaXlHbmZpcXpCRTd6dE1TOEZkbjZmWDg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYtOGVlMjFiNzRkZDU2
LzEvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDTV94AwQC
uT+UAwQCwrtYAwQF1GdAAwQE2QvQAwQE2ZKgMA0EAgACMAcDBQAqAAw4MA0GCSqG
SIb3DQEBCwUAA4IBAQAYo8/xnKeqVmEryyBIxR8Ug3UHVH0dNetiIsSQWzuVdG5o
QHz8QXAOo19uTzabhAluO4ZHQF+OmSAQOHA0btawMTMU4IvyhnXbQ7OjRXHlGw+M
EnGTvztUh5PT2/ZY4QXizDBN5t33a6oaNBQddVJ3zeiYkiHPNXMFH7OLNeuWz68v
IFuZpuKWn2/QRLIrPf9tZYGUb7f0Gx/m6TMAF37XqmEm3cuZ8P6ATAhMiYK+hmKG
i95T7HmIPjf8P6I7PoYkIrX118d35ufNX2+XEU1ck2VVDbirSsEYDp55oVTU5xqa
BJGQ6TZPIgHWx+Jg2meNIKG+3bxvJH7rqyud4VCN
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:01:49 2024 by rpki-client on console-fra.rpki-client.org