Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/f75596-7790-432c-88cd-333e53cfa021/1/8TqGI3ML_nY32IdG6_Ipq1Qhmyo.roa
File: 8TqGI3ML_nY32IdG6_Ipq1Qhmyo.roa (raw, json)
Hash identifier: XSpfKNYRopCHs+MvWES0J/9LZmssoZ+76mIbLhSOMgg=
Subject key identifier: F1:3A:86:23:73:0B:FE:76:37:D8:87:46:EB:F2:29:AB:54:21:9B:2A
Certificate issuer: /CN=b44f8539174d00bfa8bfde49043f485c3a587525
Certificate serial: 018CC8DE45678CE4213F6F3717BF2247FAC1
Authority key identifier: B4:4F:85:39:17:4D:00:BF:A8:BF:DE:49:04:3F:48:5C:3A:58:75:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tE-FORdNAL-ov95JBD9IXDpYdSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/f75596-7790-432c-88cd-333e53cfa021/1/8TqGI3ML_nY32IdG6_Ipq1Qhmyo.roa
Signing time: Tue 02 Jan 2024 06:30:59 +0000
ROA not before: Tue 02 Jan 2024 06:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48972
IP address blocks: 185.100.140.0/22 maxlen: 22
95.130.232.0/21 maxlen: 21
2a02:b70::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/f75596-7790-432c-88cd-333e53cfa021/1/tE-FORdNAL-ov95JBD9IXDpYdSU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/f75596-7790-432c-88cd-333e53cfa021/1/tE-FORdNAL-ov95JBD9IXDpYdSU.mft
rsync://rpki.ripe.net/repository/DEFAULT/tE-FORdNAL-ov95JBD9IXDpYdSU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:45:67:8c:e4:21:3f:6f:37:17:bf:22:47:fa:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b44f8539174d00bfa8bfde49043f485c3a587525
Validity
Not Before: Jan 2 06:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f13a8623730bfe7637d88746ebf229ab54219b2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a3:93:6c:e9:27:b6:8e:5e:34:df:b3:db:f2:
ed:29:7a:59:51:94:fd:87:13:a2:a4:6b:55:0a:0d:
7c:51:8a:93:bb:15:6c:00:a8:5e:d7:40:98:84:e4:
d6:49:7c:5c:77:2c:32:b5:1e:46:e3:89:07:b2:d9:
a6:06:4f:62:e9:6a:a3:57:38:df:b0:bc:81:f3:62:
64:70:db:6d:dc:dc:7a:81:1f:ff:02:d6:89:80:ec:
7a:60:45:cc:8e:48:ec:b0:e5:ec:b5:19:61:94:e7:
b3:d5:08:d2:9e:9b:47:21:6f:99:74:d8:ee:d5:59:
37:9a:94:5f:f2:6b:1b:76:24:1f:16:c9:06:72:8e:
71:82:7f:9d:df:7d:9d:4c:c4:f2:01:48:92:3b:69:
35:eb:a4:f6:db:b0:07:f2:dd:21:f7:47:3d:7a:18:
11:5b:26:1d:4f:3f:86:bf:a8:c6:a8:ab:f1:a3:72:
22:49:ba:b8:12:86:7a:a1:8e:41:24:cc:73:95:85:
bc:77:2d:79:75:36:a9:0b:bf:67:0c:a0:fc:99:8d:
27:ff:ac:88:45:2b:98:3f:60:e5:93:88:b9:77:58:
f6:25:49:69:9b:14:d0:62:41:f7:b3:ae:2a:c4:0e:
60:c7:de:05:c2:da:88:d0:0c:f2:8c:9a:71:ee:85:
9b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:3A:86:23:73:0B:FE:76:37:D8:87:46:EB:F2:29:AB:54:21:9B:2A
X509v3 Authority Key Identifier:
keyid:B4:4F:85:39:17:4D:00:BF:A8:BF:DE:49:04:3F:48:5C:3A:58:75:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tE-FORdNAL-ov95JBD9IXDpYdSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/f75596-7790-432c-88cd-333e53cfa021/1/8TqGI3ML_nY32IdG6_Ipq1Qhmyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/f75596-7790-432c-88cd-333e53cfa021/1/tE-FORdNAL-ov95JBD9IXDpYdSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.130.232.0/21
185.100.140.0/22
IPv6:
2a02:b70::/32
Signature Algorithm: sha256WithRSAEncryption
36:ea:7c:b7:e7:2c:76:34:bf:1a:fb:ac:82:7b:56:4f:65:92:
a5:0d:e1:21:8f:ce:10:59:58:7a:25:81:fd:36:9a:0e:fd:4b:
29:e6:29:d0:dd:6d:da:c0:0f:72:67:4b:9d:42:87:19:ef:5a:
e3:e7:01:41:74:4a:17:5e:da:fc:a8:f5:42:c5:62:21:59:4e:
ec:de:3d:32:f2:13:83:dd:20:5d:32:bb:7d:4b:63:30:76:40:
f2:63:c4:7f:eb:73:ef:04:78:1f:49:2a:6a:e7:33:ff:20:1c:
f3:a2:f6:20:60:3d:74:da:52:57:c1:65:ab:ed:bb:90:0e:1d:
75:f6:03:2a:6f:a5:63:26:72:3c:a0:84:c2:b8:05:57:3f:24:
cb:b4:2a:46:10:87:49:46:8c:a7:51:03:64:f6:0b:4e:35:78:
15:4e:e3:76:25:ac:9f:05:d3:95:d8:bd:92:87:c8:90:d8:1a:
a7:83:95:e6:7b:87:cc:61:35:64:4a:60:38:7d:81:f6:7b:15:
c9:4f:13:73:ea:0c:34:78:c0:18:9a:b4:cc:d9:5c:bf:11:6f:
bb:02:73:76:28:1e:0a:b6:c6:e1:88:bb:95:95:e2:77:a2:3f:
a8:23:18:d3:6e:2d:a1:81:39:1f:79:93:9e:02:43:0c:3f:40:
f4:8d:9f:57
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzI3kVnjOQhP283F78iR/rBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NGY4NTM5MTc0ZDAwYmZhOGJmZGU0OTA0M2Y0ODVjM2E1
ODc1MjUwHhcNMjQwMTAyMDYzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTNhODYyMzczMGJmZTc2MzdkODg3NDZlYmYyMjlhYjU0MjE5YjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaOTbOknto5eNN+z2/LtKXpZUZT9
hxOipGtVCg18UYqTuxVsAKhe10CYhOTWSXxcdywytR5G44kHstmmBk9i6WqjVzjf
sLyB82JkcNtt3Nx6gR//AtaJgOx6YEXMjkjssOXstRlhlOez1QjSnptHIW+ZdNju
1Vk3mpRf8msbdiQfFskGco5xgn+d332dTMTyAUiSO2k166T227AH8t0h90c9ehgR
WyYdTz+Gv6jGqKvxo3IiSbq4EoZ6oY5BJMxzlYW8dy15dTapC79nDKD8mY0n/6yI
RSuYP2Dlk4i5d1j2JUlpmxTQYkH3s64qxA5gx94FwtqI0AzyjJpx7oWblwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPE6hiNzC/52N9iHRuvyKatUIZsqMB8GA1UdIwQY
MBaAFLRPhTkXTQC/qL/eSQQ/SFw6WHUlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEUtRk9SZE5BTC1vdjk1SkJEOUlYRHBZZFNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9mNzU1OTYtNzc5MC00MzJjLTg4Y2Qt
MzMzZTUzY2ZhMDIxLzEvOFRxR0kzTUxfblkzMklkRzZfSXBxMVFobXlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9mNzU1OTYtNzc5MC00MzJjLTg4Y2QtMzMzZTUzY2ZhMDIx
LzEvdEUtRk9SZE5BTC1vdjk1SkJEOUlYRHBZZFNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDX4LoAwQC
uWSMMA0EAgACMAcDBQAqAgtwMA0GCSqGSIb3DQEBCwUAA4IBAQA26ny35yx2NL8a
+6yCe1ZPZZKlDeEhj84QWVh6JYH9NpoO/Usp5inQ3W3awA9yZ0udQocZ71rj5wFB
dEoXXtr8qPVCxWIhWU7s3j0y8hOD3SBdMrt9S2MwdkDyY8R/63PvBHgfSSpq5zP/
IBzzovYgYD102lJXwWWr7buQDh119gMqb6VjJnI8oITCuAVXPyTLtCpGEIdJRoyn
UQNk9gtONXgVTuN2JayfBdOV2L2Sh8iQ2Bqng5Xme4fMYTVkSmA4fYH2exXJTxNz
6gw0eMAYmrTM2Vy/EW+7AnN2KB4KtsbhiLuVleJ3oj+oIxjTbi2hgTkfeZOeAkMM
P0D0jZ9X
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:08:10 2024 by rpki-client on console-ams.rpki-client.org