Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/8x5L90kCkESv5KlAwqJb8ye9k2o.roa
File: 8x5L90kCkESv5KlAwqJb8ye9k2o.roa (raw, json)
Hash identifier: CVknCGQwNJLlnZDAIh23H/ekkDG9kYIdmBaKzSHyHn8=
Subject key identifier: F3:1E:4B:F7:49:02:90:44:AF:E4:A9:40:C2:A2:5B:F3:27:BD:93:6A
Certificate issuer: /CN=92686c852f36fbe9fc8be77c409b5226a6ee54d5
Certificate serial: 018CC50057BE42400BC762577808804F1ABF
Authority key identifier: 92:68:6C:85:2F:36:FB:E9:FC:8B:E7:7C:40:9B:52:26:A6:EE:54:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmhshS82--n8i-d8QJtSJqbuVNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/8x5L90kCkESv5KlAwqJb8ye9k2o.roa
Signing time: Mon 01 Jan 2024 12:29:42 +0000
ROA not before: Mon 01 Jan 2024 12:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33848
IP address blocks: 141.36.0.0/16 maxlen: 27
192.109.218.0/24 maxlen: 27
185.152.96.0/22 maxlen: 27
84.21.32.0/19 maxlen: 27
147.12.96.0/19 maxlen: 27
2a00:4980::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/kmhshS82--n8i-d8QJtSJqbuVNU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/kmhshS82--n8i-d8QJtSJqbuVNU.mft
rsync://rpki.ripe.net/repository/DEFAULT/kmhshS82--n8i-d8QJtSJqbuVNU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 28 Jun 2024 14:20:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:57:be:42:40:0b:c7:62:57:78:08:80:4f:1a:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92686c852f36fbe9fc8be77c409b5226a6ee54d5
Validity
Not Before: Jan 1 12:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f31e4bf749029044afe4a940c2a25bf327bd936a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ba:93:d6:7a:63:fa:87:ce:f7:51:01:ac:dd:
a8:07:be:c5:0a:d7:65:1b:0b:0a:f1:a0:09:71:dc:
5a:fa:59:34:37:99:95:4d:f5:46:9a:07:01:92:91:
3d:ae:ba:c6:59:3d:99:7a:94:12:a3:6d:da:4d:7e:
fc:6c:95:3f:27:8a:b9:58:08:c3:20:e0:17:38:b1:
27:f6:c7:71:4e:70:c0:92:d6:4f:4f:7c:5b:a3:18:
63:5e:e9:12:fc:b4:7b:95:bc:68:72:ff:67:0d:9f:
3e:15:21:24:7c:fb:48:c9:73:99:c0:be:a9:85:5f:
69:b2:35:c3:eb:06:64:ec:d2:63:7a:ca:73:07:fc:
71:6e:f6:db:ac:f4:ff:44:3c:6d:69:cc:6f:2b:49:
d1:67:5f:6b:b6:78:df:6b:4d:14:69:c9:aa:c8:70:
fc:00:49:4a:70:68:a8:6d:14:f0:bf:51:dc:03:f4:
ae:7c:c2:53:11:67:37:69:fc:8a:2b:fc:b2:a9:e0:
e1:2c:74:87:8a:c1:e5:e8:01:09:1d:ab:9b:dc:c4:
6c:ac:89:15:c4:79:6e:91:83:4e:52:0b:a8:50:93:
48:0c:2c:dc:5b:ec:3f:8e:fc:6a:a1:83:3e:2f:82:
b7:79:a6:80:f2:88:43:e2:11:d6:35:9b:76:b7:f3:
52:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:1E:4B:F7:49:02:90:44:AF:E4:A9:40:C2:A2:5B:F3:27:BD:93:6A
X509v3 Authority Key Identifier:
keyid:92:68:6C:85:2F:36:FB:E9:FC:8B:E7:7C:40:9B:52:26:A6:EE:54:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmhshS82--n8i-d8QJtSJqbuVNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/8x5L90kCkESv5KlAwqJb8ye9k2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/kmhshS82--n8i-d8QJtSJqbuVNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.32.0/19
141.36.0.0/16
147.12.96.0/19
185.152.96.0/22
192.109.218.0/24
IPv6:
2a00:4980::/29
Signature Algorithm: sha256WithRSAEncryption
2f:67:35:e4:12:0b:c1:77:f2:f2:b1:3e:99:2d:88:e2:74:47:
4c:31:8e:2b:d5:2f:9e:50:86:a3:5f:1f:cd:4d:2b:49:b7:71:
80:20:6c:21:a1:e1:dc:f9:93:77:66:db:97:c9:f6:f4:50:a3:
92:43:55:7e:97:dc:3d:8c:f0:25:47:95:76:93:8c:77:29:b0:
fe:d5:4a:d9:0f:d5:e8:1f:d9:b2:b8:6a:15:fc:b3:40:6a:45:
37:12:83:56:c4:74:5b:94:84:2d:5e:14:5e:89:89:43:39:4b:
13:15:a9:30:9b:e8:7f:f3:7b:a2:b0:8b:3c:bc:30:6a:63:a8:
f5:c5:82:6b:2f:eb:74:36:45:01:91:54:21:15:53:f3:25:d7:
81:37:e2:ea:4e:fc:78:1c:3d:ab:88:9b:95:f6:36:81:e3:a2:
85:ab:a5:62:a2:d0:0c:b2:3b:ff:50:fe:5a:93:e4:fb:c6:35:
0a:1d:5a:45:bd:7e:5b:00:2e:81:c2:5c:b7:5e:3a:64:88:b6:
6c:42:52:8a:ac:ee:3a:f2:a5:91:30:18:fc:61:85:7b:3a:78:
34:d3:d3:87:2d:b7:30:bb:1c:f1:de:01:56:71:0b:fb:01:e6:
43:64:73:a9:ee:e7:b6:87:11:47:4d:71:64:81:e0:97:9d:e9:
f7:f1:c1:59
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzFAFe+QkALx2JXeAiATxq/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNjg2Yzg1MmYzNmZiZTlmYzhiZTc3YzQwOWI1MjI2YTZl
ZTU0ZDUwHhcNMjQwMTAxMTIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzFlNGJmNzQ5MDI5MDQ0YWZlNGE5NDBjMmEyNWJmMzI3YmQ5MzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbqT1npj+ofO91EBrN2oB77FCtdl
GwsK8aAJcdxa+lk0N5mVTfVGmgcBkpE9rrrGWT2ZepQSo23aTX78bJU/J4q5WAjD
IOAXOLEn9sdxTnDAktZPT3xboxhjXukS/LR7lbxocv9nDZ8+FSEkfPtIyXOZwL6p
hV9psjXD6wZk7NJjespzB/xxbvbbrPT/RDxtacxvK0nRZ19rtnjfa00UacmqyHD8
AElKcGiobRTwv1HcA/SufMJTEWc3afyKK/yyqeDhLHSHisHl6AEJHaub3MRsrIkV
xHlukYNOUguoUJNIDCzcW+w/jvxqoYM+L4K3eaaA8ohD4hHWNZt2t/NSCQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFPMeS/dJApBEr+SpQMKiW/MnvZNqMB8GA1UdIwQY
MBaAFJJobIUvNvvp/IvnfECbUiam7lTVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva21oc2hTODItLW44aS1kOFFKdFNKcWJ1Vk5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9kNTU5YjItNGIzMy00ZjhkLTlkMjEt
YmE3MWZiZGIwMzc0LzEvOHg1TDkwa0NrRVN2NUtsQXdxSmI4eWU5azJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9kNTU5YjItNGIzMy00ZjhkLTlkMjEtYmE3MWZiZGIwMzc0
LzEva21oc2hTODItLW44aS1kOFFKdFNKcWJ1Vk5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwQFVBUgAwMA
jSQDBAWTDGADBAK5mGADBADAbdowDQQCAAIwBwMFAyoASYAwDQYJKoZIhvcNAQEL
BQADggEBAC9nNeQSC8F38vKxPpktiOJ0R0wxjivVL55QhqNfH81NK0m3cYAgbCGh
4dz5k3dm25fJ9vRQo5JDVX6X3D2M8CVHlXaTjHcpsP7VStkP1egf2bK4ahX8s0Bq
RTcSg1bEdFuUhC1eFF6JiUM5SxMVqTCb6H/ze6Kwizy8MGpjqPXFgmsv63Q2RQGR
VCEVU/Ml14E34upO/HgcPauIm5X2NoHjooWrpWKi0AyyO/9Q/lqT5PvGNQodWkW9
flsALoHCXLdeOmSItmxCUoqs7jrypZEwGPxhhXs6eDTT04cttzC7HPHeAVZxC/sB
5kNkc6nu57aHEUdNcWSB4Jed6ffxwVk=
-----END CERTIFICATE-----
Generated at Thu Jun 27 23:39:06 2024 by rpki-client on console-fra.rpki-client.org