Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/8vDELfKPcvzvV3RNJWMSHDMVxSU.roa
File: 8vDELfKPcvzvV3RNJWMSHDMVxSU.roa (raw, json)
Hash identifier: sRHvCOhQKEWWdeJEjT/wzddRUrkbbjBWUo+xrYJeHEA=
Subject key identifier: F2:F0:C4:2D:F2:8F:72:FC:EF:57:74:4D:25:63:12:1C:33:15:C5:25
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 018CC94E6959ACE03A80ADDFFFA8930EA91F
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/8vDELfKPcvzvV3RNJWMSHDMVxSU.roa
Signing time: Tue 02 Jan 2024 08:33:28 +0000
ROA not before: Tue 02 Jan 2024 08:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49981
IP address blocks: 185.152.95.0/24 maxlen: 24
185.152.93.0/24 maxlen: 24
85.239.37.0/24 maxlen: 24
85.239.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:69:59:ac:e0:3a:80:ad:df:ff:a8:93:0e:a9:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Jan 2 08:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2f0c42df28f72fcef57744d2563121c3315c525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:82:dd:7a:cc:56:e9:d6:1d:d0:1c:9d:f6:56:
2b:70:e3:dd:b4:f2:b5:94:5f:0e:10:18:e2:33:9b:
07:f3:90:e3:f8:d7:a8:c5:aa:df:87:bc:0e:d9:f6:
aa:e9:95:76:9b:f9:d9:6d:db:02:35:49:64:12:c8:
bc:f2:b4:30:00:5a:b1:6d:a3:6d:89:ec:b9:35:0b:
5d:03:c1:4a:58:fc:35:9e:63:99:46:bb:bb:67:ab:
94:d2:75:21:2f:25:e7:f0:89:c5:35:22:96:f3:0f:
68:2d:3d:14:d5:6a:39:b2:24:77:ba:dc:d5:85:10:
26:04:8c:dd:72:9f:f3:37:f0:4d:00:ca:71:8f:eb:
fe:35:e3:3d:aa:e9:fe:e7:8f:64:90:9d:43:1f:00:
e1:61:64:99:09:50:fa:59:ac:25:d9:87:3a:d1:18:
d1:6a:9f:9f:4e:d3:36:9d:20:0b:e8:52:f8:c5:4c:
9f:48:28:32:1f:85:82:09:12:d7:6b:8b:cf:f8:a9:
e5:b9:f3:33:69:aa:72:a4:5f:6b:6d:05:ca:f2:3a:
41:da:75:ee:73:4c:f7:00:60:f3:63:cc:ae:e7:ec:
3c:f1:e7:11:04:e8:e5:0f:68:9a:31:0d:f1:b5:41:
62:80:22:5b:b7:c8:53:b9:27:66:b7:38:60:64:6d:
2f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:F0:C4:2D:F2:8F:72:FC:EF:57:74:4D:25:63:12:1C:33:15:C5:25
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/8vDELfKPcvzvV3RNJWMSHDMVxSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.37.0/24
85.239.39.0/24
185.152.93.0/24
185.152.95.0/24
Signature Algorithm: sha256WithRSAEncryption
91:26:49:e3:64:be:3d:75:d9:ff:0d:a3:d7:4e:1b:08:5c:68:
b9:62:af:cc:8e:b0:72:15:71:39:8e:75:32:d6:c4:28:7a:3d:
63:58:5a:4b:40:2b:7b:c7:de:c1:47:a6:5f:00:28:45:6c:e3:
6d:be:4d:dc:9d:11:4e:6c:b7:d2:1c:7c:d2:15:48:9c:76:e6:
6d:ee:c1:c8:cc:58:37:d6:1b:a8:b1:68:22:f5:74:ed:3d:52:
88:e0:f9:59:00:89:bb:ef:0d:12:b8:44:51:8a:c3:e9:63:8e:
1b:41:b3:84:74:3d:62:12:c2:cb:3e:d4:98:2c:ba:8e:5e:e0:
0b:63:a2:a3:8c:f2:f4:93:64:58:63:77:2d:1f:ca:ae:22:84:
86:1e:f7:6a:32:66:57:e2:1c:99:94:15:44:82:09:19:cc:1c:
b2:ce:b6:4f:ae:9e:7a:0f:bc:8b:63:c3:ba:c2:e5:73:e6:79:
d2:e1:6a:bf:d2:5d:7e:d5:0f:de:91:38:0b:2c:3f:86:dc:c8:
9d:7f:38:1b:58:6f:74:34:72:7a:26:e5:c7:d1:91:c3:6b:a3:
64:56:f5:ce:65:53:a7:21:fe:3a:81:c7:d4:78:f3:0e:d0:bb:
a9:2d:d6:50:6c:3a:82:87:67:f4:a3:06:44:16:24:c1:40:ed:
7a:0f:55:6c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJTmlZrOA6gK3f/6iTDqkfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjQwMTAyMDgzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmYwYzQyZGYyOGY3MmZjZWY1Nzc0NGQyNTYzMTIxYzMzMTVjNTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoLdesxW6dYd0Byd9lYrcOPdtPK1
lF8OEBjiM5sH85Dj+Neoxarfh7wO2faq6ZV2m/nZbdsCNUlkEsi88rQwAFqxbaNt
iey5NQtdA8FKWPw1nmOZRru7Z6uU0nUhLyXn8InFNSKW8w9oLT0U1Wo5siR3utzV
hRAmBIzdcp/zN/BNAMpxj+v+NeM9qun+549kkJ1DHwDhYWSZCVD6Wawl2Yc60RjR
ap+fTtM2nSAL6FL4xUyfSCgyH4WCCRLXa4vP+KnlufMzaapypF9rbQXK8jpB2nXu
c0z3AGDzY8yu5+w88ecRBOjlD2iaMQ3xtUFigCJbt8hTuSdmtzhgZG0vUwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPLwxC3yj3L871d0TSVjEhwzFcUlMB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvOHZERUxmS1Bjdnp2VjNSTkpXTVNIRE1WeFNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVe8lAwQA
Ve8nAwQAuZhdAwQAuZhfMA0GCSqGSIb3DQEBCwUAA4IBAQCRJknjZL49ddn/DaPX
ThsIXGi5Yq/MjrByFXE5jnUy1sQoej1jWFpLQCt7x97BR6ZfAChFbONtvk3cnRFO
bLfSHHzSFUicduZt7sHIzFg31huosWgi9XTtPVKI4PlZAIm77w0SuERRisPpY44b
QbOEdD1iEsLLPtSYLLqOXuALY6KjjPL0k2RYY3ctH8quIoSGHvdqMmZX4hyZlBVE
ggkZzByyzrZPrp56D7yLY8O6wuVz5nnS4Wq/0l1+1Q/ekTgLLD+G3MidfzgbWG90
NHJ6JuXH0ZHDa6NkVvXOZVOnIf46gcfUePMO0LupLdZQbDqCh2f0owZEFiTBQO16
D1Vs
-----END CERTIFICATE-----
Generated at Tue May 7 19:46:49 2024 by rpki-client on console-fra.rpki-client.org