Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/8zY5kq-x0c0Dbl-Nw3VfrEQC9bo.roa
File: 8zY5kq-x0c0Dbl-Nw3VfrEQC9bo.roa (raw, json)
Hash identifier: WTS5EjqZjG2KxRL9l0rsG0uUNodfXGxr+wBoX9COT8E=
Subject key identifier: F3:36:39:92:AF:B1:D1:CD:03:6E:5F:8D:C3:75:5F:AC:44:02:F5:BA
Certificate issuer: /CN=a6a0434bebe5dfa63dda78c24a4ebc1d2cd7369d
Certificate serial: 018CC56EC7CBD4562522E930CB73FCC7AD80
Authority key identifier: A6:A0:43:4B:EB:E5:DF:A6:3D:DA:78:C2:4A:4E:BC:1D:2C:D7:36:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pqBDS-vl36Y92njCSk68HSzXNp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/8zY5kq-x0c0Dbl-Nw3VfrEQC9bo.roa
Signing time: Mon 01 Jan 2024 14:30:20 +0000
ROA not before: Mon 01 Jan 2024 14:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42649
IP address blocks: 185.195.94.0/24 maxlen: 24
185.195.95.0/24 maxlen: 24
185.195.92.0/24 maxlen: 24
185.195.93.0/24 maxlen: 24
178.239.48.0/20 maxlen: 20
185.24.248.0/22 maxlen: 22
185.149.56.0/22 maxlen: 22
2a0a:56c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/pqBDS-vl36Y92njCSk68HSzXNp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/pqBDS-vl36Y92njCSk68HSzXNp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/pqBDS-vl36Y92njCSk68HSzXNp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:c7:cb:d4:56:25:22:e9:30:cb:73:fc:c7:ad:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6a0434bebe5dfa63dda78c24a4ebc1d2cd7369d
Validity
Not Before: Jan 1 14:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3363992afb1d1cd036e5f8dc3755fac4402f5ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:dd:48:a9:2e:ea:0d:40:54:a0:90:91:84:ba:
c8:7f:ed:3b:74:e1:51:6d:2e:ad:c6:8a:16:71:ec:
2e:aa:73:72:4b:d7:20:c1:52:97:c3:62:76:21:2c:
18:4f:74:97:08:ca:f0:a7:59:7a:d2:78:49:ee:ed:
89:01:d5:83:67:d3:38:ad:13:1a:b9:ba:e4:fa:b0:
2a:1b:37:6b:37:2f:5e:41:74:2b:29:a8:40:08:35:
a6:92:5d:29:46:3a:ec:1a:7d:09:da:96:68:ea:37:
15:fc:6d:35:25:aa:44:c2:e7:f8:6d:4d:df:4f:cd:
b3:41:a1:d3:31:12:49:8a:7c:1b:fd:41:49:03:b9:
b6:74:60:91:20:67:ee:fa:bc:50:dc:3d:31:e9:32:
a5:90:2a:41:60:21:ce:8f:af:fa:0a:1c:1a:ed:e5:
2c:80:88:88:e9:e5:d8:1b:fa:90:7b:f9:4d:8e:fb:
a5:ff:e9:44:f6:d7:14:df:a6:4b:20:d8:02:63:a0:
aa:e3:0d:87:16:d7:82:eb:24:ec:50:07:ad:37:f7:
ff:d5:9a:48:82:86:a4:0f:dc:29:10:0f:84:d6:94:
57:36:a5:b5:d8:00:a7:60:2b:79:d5:25:77:5e:08:
5e:b6:4e:ff:26:12:29:eb:61:77:00:3e:f6:01:a9:
a0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:36:39:92:AF:B1:D1:CD:03:6E:5F:8D:C3:75:5F:AC:44:02:F5:BA
X509v3 Authority Key Identifier:
keyid:A6:A0:43:4B:EB:E5:DF:A6:3D:DA:78:C2:4A:4E:BC:1D:2C:D7:36:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pqBDS-vl36Y92njCSk68HSzXNp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/8zY5kq-x0c0Dbl-Nw3VfrEQC9bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/pqBDS-vl36Y92njCSk68HSzXNp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.48.0/20
185.24.248.0/22
185.149.56.0/22
185.195.92.0/22
IPv6:
2a0a:56c0::/29
Signature Algorithm: sha256WithRSAEncryption
af:6e:d5:da:d9:8d:09:e8:e7:f5:39:b3:e8:d9:bc:07:f0:9e:
5e:08:ab:0d:5d:8f:9c:7b:88:b4:f3:d5:84:a0:bf:ca:ba:87:
54:41:dd:cd:80:15:70:5b:1d:ff:8e:13:6e:e7:ab:1f:af:c7:
bd:f7:b0:b2:25:87:b8:d3:1b:9a:0a:3d:5b:16:08:4c:cd:3d:
54:67:39:6c:17:8c:63:55:22:e1:58:3b:b2:37:f6:19:c8:07:
48:8d:4b:a9:7d:46:4e:0f:d3:31:8f:7e:4b:a7:72:24:8e:46:
0f:01:7e:49:b3:c2:cb:5e:56:43:07:6c:c3:eb:60:fa:33:82:
b7:fa:ea:2f:85:24:a5:5b:b0:05:09:c5:09:cc:e8:72:60:20:
0e:f9:f1:d0:fa:fb:8d:cf:22:78:2a:9d:67:b5:8b:72:e6:ba:
d8:eb:ad:c2:fa:89:33:e2:89:1d:8f:cf:52:00:c8:41:ae:9f:
ab:01:23:61:d5:ae:be:16:ae:8e:ae:b7:38:06:ff:cc:a7:cd:
94:e7:ab:41:d2:0d:ea:f0:13:55:62:a6:01:91:f4:7c:a2:8b:
62:c1:b8:a0:4c:3e:55:9c:55:20:10:ac:70:46:1e:8c:9e:1b:
34:96:d5:67:d4:f6:d2:71:82:9a:b7:c3:14:4c:f8:07:c2:69:
27:97:81:0f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFbsfL1FYlIukwy3P8x62AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YTA0MzRiZWJlNWRmYTYzZGRhNzhjMjRhNGViYzFkMmNk
NzM2OWQwHhcNMjQwMTAxMTQzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzM2Mzk5MmFmYjFkMWNkMDM2ZTVmOGRjMzc1NWZhYzQ0MDJmNWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxN1IqS7qDUBUoJCRhLrIf+07dOFR
bS6txooWcewuqnNyS9cgwVKXw2J2ISwYT3SXCMrwp1l60nhJ7u2JAdWDZ9M4rRMa
ubrk+rAqGzdrNy9eQXQrKahACDWmkl0pRjrsGn0J2pZo6jcV/G01JapEwuf4bU3f
T82zQaHTMRJJinwb/UFJA7m2dGCRIGfu+rxQ3D0x6TKlkCpBYCHOj6/6Chwa7eUs
gIiI6eXYG/qQe/lNjvul/+lE9tcU36ZLINgCY6Cq4w2HFteC6yTsUAetN/f/1ZpI
goakD9wpEA+E1pRXNqW12ACnYCt51SV3Xghetk7/JhIp62F3AD72AamgjQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPM2OZKvsdHNA25fjcN1X6xEAvW6MB8GA1UdIwQY
MBaAFKagQ0vr5d+mPdp4wkpOvB0s1zadMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHFCRFMtdmwzNlk5Mm5qQ1NrNjhIU3pYTnAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9kODM5OGUtMjMyYy00NWMyLWI4ZTAt
OWNlNDc2N2RhMmMxLzEvOHpZNWtxLXgwYzBEYmwtTnczVmZyRVFDOWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9kODM5OGUtMjMyYy00NWMyLWI4ZTAtOWNlNDc2N2RhMmMx
LzEvcHFCRFMtdmwzNlk5Mm5qQ1NrNjhIU3pYTnAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEsu8wAwQC
uRj4AwQCuZU4AwQCucNcMA0EAgACMAcDBQMqClbAMA0GCSqGSIb3DQEBCwUAA4IB
AQCvbtXa2Y0J6Of1ObPo2bwH8J5eCKsNXY+ce4i089WEoL/KuodUQd3NgBVwWx3/
jhNu56sfr8e997CyJYe40xuaCj1bFghMzT1UZzlsF4xjVSLhWDuyN/YZyAdIjUup
fUZOD9Mxj35Lp3IkjkYPAX5Js8LLXlZDB2zD62D6M4K3+uovhSSlW7AFCcUJzOhy
YCAO+fHQ+vuNzyJ4Kp1ntYty5rrY663C+okz4okdj89SAMhBrp+rASNh1a6+Fq6O
rrc4Bv/Mp82U56tB0g3q8BNVYqYBkfR8ootiwbigTD5VnFUgEKxwRh6Mnhs0ltVn
1PbScYKat8MUTPgHwmknl4EP
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:35:21 2024 by rpki-client on console-ams.rpki-client.org