Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/1373a0-8c3d-4283-a5ce-822ea43dc18d/1/RCr_A3s5Cl3Ngw2mr_4-OSBiFvs.roa
File: RCr_A3s5Cl3Ngw2mr_4-OSBiFvs.roa (raw, json)
Hash identifier: F+y2KD9kmh00doqrk5LWPvY1FIS+M7/qIwwiVJTIs/s=
Subject key identifier: 44:2A:FF:03:7B:39:0A:5D:CD:83:0D:A6:AF:FE:3E:39:20:62:16:FB
Certificate issuer: /CN=dbbf37909ce17ba53ad90a8632377a5d938743e5
Certificate serial: 018F573EAE39F254A8F5E8013F98EA7F6F31
Authority key identifier: DB:BF:37:90:9C:E1:7B:A5:3A:D9:0A:86:32:37:7A:5D:93:87:43:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2783kJzhe6U62QqGMjd6XZOHQ-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/1373a0-8c3d-4283-a5ce-822ea43dc18d/1/RCr_A3s5Cl3Ngw2mr_4-OSBiFvs.roa
Signing time: Wed 08 May 2024 08:07:56 +0000
ROA not before: Wed 08 May 2024 08:07:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 271791
IP address blocks: 82.86.104.0/21 maxlen: 21
82.86.104.0/24 maxlen: 24
82.86.105.0/24 maxlen: 24
82.86.106.0/24 maxlen: 24
82.86.107.0/24 maxlen: 24
82.86.108.0/24 maxlen: 24
82.86.109.0/24 maxlen: 24
82.86.110.0/24 maxlen: 24
82.86.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/1373a0-8c3d-4283-a5ce-822ea43dc18d/1/2783kJzhe6U62QqGMjd6XZOHQ-U.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/1373a0-8c3d-4283-a5ce-822ea43dc18d/1/2783kJzhe6U62QqGMjd6XZOHQ-U.mft
rsync://rpki.ripe.net/repository/DEFAULT/2783kJzhe6U62QqGMjd6XZOHQ-U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:57:3e:ae:39:f2:54:a8:f5:e8:01:3f:98:ea:7f:6f:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbbf37909ce17ba53ad90a8632377a5d938743e5
Validity
Not Before: May 8 08:07:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=442aff037b390a5dcd830da6affe3e39206216fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7c:62:3e:34:68:e9:d4:af:0f:91:bb:7c:d1:
8c:79:94:a2:b0:7a:83:73:10:fa:d4:45:79:d9:53:
22:50:8e:9b:ff:80:8e:eb:70:5b:7b:4f:77:38:99:
1e:17:55:1d:fe:69:c6:18:10:b4:98:b8:04:e9:bf:
24:02:e5:7e:7c:8b:7e:dd:95:4c:84:eb:e9:d8:cd:
4b:25:ca:c2:f5:a3:da:c1:4a:90:22:8d:25:0c:7b:
31:13:09:df:32:aa:c9:3e:10:5b:80:de:3b:96:bc:
b1:ff:c4:65:f9:54:8b:0a:6b:db:dd:65:e3:c6:82:
8a:99:40:be:be:17:30:00:01:90:a7:eb:96:99:62:
43:6c:04:a7:b3:b4:85:34:47:ed:6a:32:74:30:2f:
ae:01:63:85:91:1b:eb:fc:03:55:f9:d5:35:ca:c0:
06:10:42:03:88:c0:09:8c:0a:e8:a5:57:5a:93:18:
a6:c3:00:60:12:70:89:89:d4:35:95:65:05:9a:93:
46:88:85:0f:fe:55:ae:21:62:08:25:70:08:44:e0:
92:58:bd:43:5e:c7:c1:d8:52:77:9c:f0:fb:7f:a5:
c9:6d:e1:b7:f9:3e:95:72:3b:7a:e6:ff:45:18:3f:
d5:ed:89:5f:41:96:6f:31:e4:8b:ef:36:de:7b:f8:
52:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:2A:FF:03:7B:39:0A:5D:CD:83:0D:A6:AF:FE:3E:39:20:62:16:FB
X509v3 Authority Key Identifier:
keyid:DB:BF:37:90:9C:E1:7B:A5:3A:D9:0A:86:32:37:7A:5D:93:87:43:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2783kJzhe6U62QqGMjd6XZOHQ-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1373a0-8c3d-4283-a5ce-822ea43dc18d/1/RCr_A3s5Cl3Ngw2mr_4-OSBiFvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1373a0-8c3d-4283-a5ce-822ea43dc18d/1/2783kJzhe6U62QqGMjd6XZOHQ-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.86.104.0/21
Signature Algorithm: sha256WithRSAEncryption
44:e2:0c:61:48:3e:3b:8d:1e:72:13:cf:2a:a7:44:79:e5:8e:
f6:51:31:00:70:f3:49:79:9f:54:a1:61:13:8a:36:64:00:67:
73:36:ab:89:7a:5d:ff:af:29:14:f8:bc:d6:29:a2:b8:a5:d8:
51:b9:71:8b:b5:90:f8:64:51:e5:41:e6:d2:e3:d9:9c:d9:b9:
92:a9:5f:23:da:45:31:f5:ba:f8:c5:4c:bf:53:73:16:90:c2:
24:b2:8a:82:0d:f1:4e:dd:bd:a2:72:aa:e8:4e:e3:51:d6:1d:
3c:d4:cd:f0:60:a7:a7:8e:cf:b9:ef:ad:ca:c4:7d:08:aa:e4:
bc:12:ee:eb:73:65:7a:24:b8:ff:68:53:11:86:04:7f:7a:82:
5c:75:fd:ce:74:f4:9b:60:0d:e7:88:cc:2a:c1:c5:d9:a1:ca:
db:c1:b1:64:af:16:4b:e0:69:f7:64:04:04:b8:30:28:99:84:
ce:af:76:4f:e4:12:a4:15:f3:7c:29:75:94:e5:17:a3:b6:3d:
a2:73:a1:95:37:b2:a9:b3:99:6e:70:fc:34:86:6f:74:0c:2d:
8c:60:06:eb:b4:4a:41:e2:8e:c1:3f:34:05:a2:ad:c7:09:d2:
06:fc:d7:e0:e7:d2:00:bc:cd:6b:90:b2:93:6e:20:e6:0f:13:
22:d9:cd:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9XPq458lSo9egBP5jqf28xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYmYzNzkwOWNlMTdiYTUzYWQ5MGE4NjMyMzc3YTVkOTM4
NzQzZTUwHhcNMjQwNTA4MDgwNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDJhZmYwMzdiMzkwYTVkY2Q4MzBkYTZhZmZlM2UzOTIwNjIxNmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnxiPjRo6dSvD5G7fNGMeZSisHqD
cxD61EV52VMiUI6b/4CO63Bbe093OJkeF1Ud/mnGGBC0mLgE6b8kAuV+fIt+3ZVM
hOvp2M1LJcrC9aPawUqQIo0lDHsxEwnfMqrJPhBbgN47lryx/8Rl+VSLCmvb3WXj
xoKKmUC+vhcwAAGQp+uWmWJDbASns7SFNEftajJ0MC+uAWOFkRvr/ANV+dU1ysAG
EEIDiMAJjAropVdakximwwBgEnCJidQ1lWUFmpNGiIUP/lWuIWIIJXAIROCSWL1D
XsfB2FJ3nPD7f6XJbeG3+T6Vcjt65v9FGD/V7YlfQZZvMeSL7zbee/hSrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEQq/wN7OQpdzYMNpq/+PjkgYhb7MB8GA1UdIwQY
MBaAFNu/N5Cc4XulOtkKhjI3el2Th0PlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjc4M2tKemhlNlU2MlFxR01qZDZYWk9IUS1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xMzczYTAtOGMzZC00MjgzLWE1Y2Ut
ODIyZWE0M2RjMThkLzEvUkNyX0EzczVDbDNOZ3cybXJfNC1PU0JpRnZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xMzczYTAtOGMzZC00MjgzLWE1Y2UtODIyZWE0M2RjMThk
LzEvMjc4M2tKemhlNlU2MlFxR01qZDZYWk9IUS1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUlZoMA0G
CSqGSIb3DQEBCwUAA4IBAQBE4gxhSD47jR5yE88qp0R55Y72UTEAcPNJeZ9UoWET
ijZkAGdzNquJel3/rykU+LzWKaK4pdhRuXGLtZD4ZFHlQebS49mc2bmSqV8j2kUx
9br4xUy/U3MWkMIksoqCDfFO3b2icqroTuNR1h081M3wYKenjs+5763KxH0IquS8
Eu7rc2V6JLj/aFMRhgR/eoJcdf3OdPSbYA3niMwqwcXZocrbwbFkrxZL4Gn3ZAQE
uDAomYTOr3ZP5BKkFfN8KXWU5Rejtj2ic6GVN7Kps5lucPw0hm90DC2MYAbrtEpB
4o7BPzQFoq3HCdIG/Nfg59IAvM1rkLKTbiDmDxMi2c3Z
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:12:33 2024 by rpki-client on console-fra.rpki-client.org