Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/5915c8-003c-4d98-8243-cfdadbdc48ec/1/b8gHUmrcm4izpyFQM4DSo-0CJ1Q.roa
File: b8gHUmrcm4izpyFQM4DSo-0CJ1Q.roa (raw, json)
Hash identifier: Lft91VleUE7idauDrPFswHZb+lMr7g3y7KH+++lCWYU=
Subject key identifier: 6F:C8:07:52:6A:DC:9B:88:B3:A7:21:50:33:80:D2:A3:ED:02:27:54
Certificate issuer: /CN=d5dcde2125f04058ad4f478e178884142cf2dad0
Certificate serial: 018CC64B73ED6B979221F959338D52EFCC60
Authority key identifier: D5:DC:DE:21:25:F0:40:58:AD:4F:47:8E:17:88:84:14:2C:F2:DA:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1dzeISXwQFitT0eOF4iEFCzy2tA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/5915c8-003c-4d98-8243-cfdadbdc48ec/1/b8gHUmrcm4izpyFQM4DSo-0CJ1Q.roa
Signing time: Mon 01 Jan 2024 18:31:22 +0000
ROA not before: Mon 01 Jan 2024 18:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31543
IP address blocks: 94.198.136.0/21 maxlen: 24
176.121.56.0/22 maxlen: 24
176.104.224.0/20 maxlen: 24
83.218.160.0/19 maxlen: 24
185.199.80.0/22 maxlen: 24
2a00:15c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/5915c8-003c-4d98-8243-cfdadbdc48ec/1/1dzeISXwQFitT0eOF4iEFCzy2tA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/5915c8-003c-4d98-8243-cfdadbdc48ec/1/1dzeISXwQFitT0eOF4iEFCzy2tA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1dzeISXwQFitT0eOF4iEFCzy2tA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:73:ed:6b:97:92:21:f9:59:33:8d:52:ef:cc:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5dcde2125f04058ad4f478e178884142cf2dad0
Validity
Not Before: Jan 1 18:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fc807526adc9b88b3a721503380d2a3ed022754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:df:06:8d:4c:26:e4:a8:c1:e1:7c:77:af:3b:
01:39:00:11:a4:3e:85:5a:10:08:b9:86:82:5a:0d:
7e:60:0d:0d:d8:11:25:0d:6a:15:0e:ea:12:f1:88:
7a:17:64:07:79:61:9a:a6:12:09:d4:10:a2:48:cb:
cb:00:fa:05:0c:a9:14:f1:47:27:30:19:ca:74:61:
51:c9:ba:da:ac:e0:77:06:01:33:ed:39:ef:ee:d3:
e1:1a:0a:44:67:24:0a:95:bb:26:d6:06:d8:e1:c0:
6b:e9:a8:a0:15:55:64:d2:98:53:9c:04:88:0f:37:
18:fa:ce:d6:0b:7e:dd:b3:e9:84:69:23:3b:43:cf:
92:21:1d:55:22:ec:28:79:3e:ad:5a:8d:cc:b4:28:
e4:db:24:7e:e9:28:4a:3d:e0:62:ff:21:29:0d:51:
e4:5c:a3:a9:75:be:fd:fa:c1:17:f1:19:66:d6:41:
17:c3:48:6e:ab:43:b8:d7:58:be:2b:d3:7e:6e:ec:
1c:4f:f3:85:a4:1f:ab:c2:e0:f1:3d:a9:02:bb:5c:
70:1a:a0:a2:0d:e8:82:35:b5:e0:01:f5:63:09:a1:
78:d3:ee:5d:4b:dc:91:64:1e:92:4c:46:c0:8a:d4:
63:db:11:a0:a5:1f:c2:8b:5a:50:65:8d:28:6a:20:
1f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:C8:07:52:6A:DC:9B:88:B3:A7:21:50:33:80:D2:A3:ED:02:27:54
X509v3 Authority Key Identifier:
keyid:D5:DC:DE:21:25:F0:40:58:AD:4F:47:8E:17:88:84:14:2C:F2:DA:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1dzeISXwQFitT0eOF4iEFCzy2tA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/5915c8-003c-4d98-8243-cfdadbdc48ec/1/b8gHUmrcm4izpyFQM4DSo-0CJ1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/5915c8-003c-4d98-8243-cfdadbdc48ec/1/1dzeISXwQFitT0eOF4iEFCzy2tA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.218.160.0/19
94.198.136.0/21
176.104.224.0/20
176.121.56.0/22
185.199.80.0/22
IPv6:
2a00:15c0::/29
Signature Algorithm: sha256WithRSAEncryption
14:93:87:3a:47:bd:d6:70:f8:e1:f3:d6:72:17:89:14:b4:f3:
de:cb:e5:3f:5b:1f:23:5a:c5:49:b9:69:d8:b5:81:7a:37:5a:
a7:1a:10:b1:98:0d:e7:6b:38:9c:e9:86:21:19:70:a5:b5:b6:
2f:aa:78:b4:be:2c:7b:ce:07:5b:e8:f5:92:16:ac:08:e8:58:
71:5d:fb:a4:e5:a8:2a:f7:2f:4b:d6:02:b6:48:e6:d0:39:03:
26:15:ff:8e:0b:9c:af:3d:c5:2e:7c:15:4a:ad:df:f6:2d:75:
5b:48:a2:8a:e5:81:4d:4d:4a:9e:7f:17:35:8b:fe:8e:ad:1a:
54:d4:77:05:91:ce:c8:19:68:31:a7:b7:50:b9:2d:2b:db:58:
83:3b:97:b8:3a:c2:7c:ba:4d:69:b7:6e:86:3a:ad:7f:31:05:
5b:01:39:26:26:2a:b2:3d:aa:d1:66:b1:66:ec:1d:09:40:a3:
9b:f1:6b:77:e3:c8:47:34:52:6b:1a:e1:86:69:74:fc:2c:e4:
7b:86:a5:dd:8c:c2:b5:82:c3:d8:f4:3d:af:f7:af:49:d1:60:
cc:9a:e0:96:06:92:95:5a:64:e2:fa:cb:cd:8a:74:77:71:58:
cc:85:2d:e1:c3:ff:c5:a6:20:6b:7c:8a:57:09:94:af:b0:ff:
ce:b5:57:b7
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzGS3Pta5eSIflZM41S78xgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZGNkZTIxMjVmMDQwNThhZDRmNDc4ZTE3ODg4NDE0MmNm
MmRhZDAwHhcNMjQwMTAxMTgzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmM4MDc1MjZhZGM5Yjg4YjNhNzIxNTAzMzgwZDJhM2VkMDIyNzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhN8GjUwm5KjB4Xx3rzsBOQARpD6F
WhAIuYaCWg1+YA0N2BElDWoVDuoS8Yh6F2QHeWGaphIJ1BCiSMvLAPoFDKkU8Ucn
MBnKdGFRybrarOB3BgEz7Tnv7tPhGgpEZyQKlbsm1gbY4cBr6aigFVVk0phTnASI
DzcY+s7WC37ds+mEaSM7Q8+SIR1VIuwoeT6tWo3MtCjk2yR+6ShKPeBi/yEpDVHk
XKOpdb79+sEX8Rlm1kEXw0huq0O411i+K9N+buwcT/OFpB+rwuDxPakCu1xwGqCi
DeiCNbXgAfVjCaF40+5dS9yRZB6STEbAitRj2xGgpR/Ci1pQZY0oaiAfHwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFG/IB1Jq3JuIs6chUDOA0qPtAidUMB8GA1UdIwQY
MBaAFNXc3iEl8EBYrU9HjheIhBQs8trQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWR6ZUlTWHdRRml0VDBlT0Y0aUVGQ3p5MnRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy81OTE1YzgtMDAzYy00ZDk4LTgyNDMt
Y2ZkYWRiZGM0OGVjLzEvYjhnSFVtcmNtNGl6cHlGUU00RFNvLTBDSjFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy81OTE1YzgtMDAzYy00ZDk4LTgyNDMtY2ZkYWRiZGM0OGVj
LzEvMWR6ZUlTWHdRRml0VDBlT0Y0aUVGQ3p5MnRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFU9qgAwQD
XsaIAwQEsGjgAwQCsHk4AwQCucdQMA0EAgACMAcDBQMqABXAMA0GCSqGSIb3DQEB
CwUAA4IBAQAUk4c6R73WcPjh89ZyF4kUtPPey+U/Wx8jWsVJuWnYtYF6N1qnGhCx
mA3nazic6YYhGXCltbYvqni0vix7zgdb6PWSFqwI6FhxXfuk5agq9y9L1gK2SObQ
OQMmFf+OC5yvPcUufBVKrd/2LXVbSKKK5YFNTUqefxc1i/6OrRpU1HcFkc7IGWgx
p7dQuS0r21iDO5e4OsJ8uk1pt26GOq1/MQVbATkmJiqyParRZrFm7B0JQKOb8Wt3
48hHNFJrGuGGaXT8LOR7hqXdjMK1gsPY9D2v969J0WDMmuCWBpKVWmTi+svNinR3
cVjMhS3hw//FpiBrfIpXCZSvsP/OtVe3
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:42:50 2024 by rpki-client on console-fra.rpki-client.org