Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/8JrTQMpJCRrzpalxxKIv1mLFo7s.roa
File: 8JrTQMpJCRrzpalxxKIv1mLFo7s.roa (raw, json)
Hash identifier: PBCammOXj4D/jY0brD3SBncsQQAU2Nbpap81pMxLA8w=
Subject key identifier: F0:9A:D3:40:CA:49:09:1A:F3:A5:A9:71:C4:A2:2F:D6:62:C5:A3:BB
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0191935F7857A946B95EB99DD5E7C0E34CC8
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/8JrTQMpJCRrzpalxxKIv1mLFo7s.roa
Signing time: Tue 27 Aug 2024 10:26:33 +0000
ROA not before: Tue 27 Aug 2024 10:26:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21479
IP address blocks: 80.68.0.0/21 maxlen: 21
80.68.8.0/22 maxlen: 22
80.68.12.0/24 maxlen: 24
80.68.13.0/24 maxlen: 24
80.254.96.0/19 maxlen: 19
83.221.192.0/19 maxlen: 19
87.117.0.0/18 maxlen: 18
87.117.0.0/19 maxlen: 19
87.117.36.0/22 maxlen: 22
87.117.40.0/21 maxlen: 21
93.178.96.0/22 maxlen: 22
93.178.104.0/22 maxlen: 22
93.178.126.0/23 maxlen: 23
109.165.0.0/17 maxlen: 17
109.172.64.0/24 maxlen: 24
109.172.65.0/24 maxlen: 24
109.172.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:93:5f:78:57:a9:46:b9:5e:b9:9d:d5:e7:c0:e3:4c:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Aug 27 10:26:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f09ad340ca49091af3a5a971c4a22fd662c5a3bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f5:88:1a:9e:b3:e4:8a:38:1b:55:40:64:a2:
a4:8c:63:a8:3a:1a:dd:2c:1e:df:a9:6e:bc:1d:d0:
0a:eb:c5:5b:53:aa:ab:45:28:21:da:d9:2b:f7:bf:
68:af:a7:37:c8:39:09:38:de:0e:8a:d2:1e:3a:37:
bf:56:2a:01:11:f6:a4:b2:cc:44:40:49:df:e1:51:
5b:f8:1f:43:17:20:a8:ca:8c:9a:53:f3:fc:33:73:
13:58:6d:62:c0:a8:60:a6:27:ff:d7:3a:8b:27:8a:
89:92:c1:73:96:61:cc:e6:af:f9:53:21:48:ce:24:
31:ce:ab:87:57:d6:09:db:71:ae:08:20:d6:eb:93:
c8:83:89:5f:ce:38:7b:0e:20:e2:76:32:09:13:be:
be:ba:ae:98:6a:97:80:fd:4d:71:3a:b7:5e:c4:79:
ca:de:81:28:18:1f:6c:29:a5:0a:5e:75:6b:ea:01:
a9:c5:23:fa:73:d2:9d:85:32:5a:c2:1e:aa:e5:34:
31:0e:7b:89:fe:d4:1f:89:54:68:0d:fd:13:3c:31:
97:bb:5e:cd:4f:81:e9:80:27:35:8f:b1:24:5a:f9:
78:51:61:41:aa:ee:02:df:0c:b2:71:86:41:db:e2:
ae:32:92:19:56:83:70:81:5a:b5:f8:2b:8f:6b:37:
02:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:9A:D3:40:CA:49:09:1A:F3:A5:A9:71:C4:A2:2F:D6:62:C5:A3:BB
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/8JrTQMpJCRrzpalxxKIv1mLFo7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.68.0.0-80.68.13.255
80.254.96.0/19
83.221.192.0/19
87.117.0.0/18
93.178.96.0/22
93.178.104.0/22
93.178.126.0/23
109.165.0.0/17
109.172.64.0-109.172.66.255
Signature Algorithm: sha256WithRSAEncryption
3f:80:b9:9a:ec:65:a7:07:4a:dc:46:6a:23:a7:01:65:11:07:
c1:1c:4c:e1:40:a3:d2:e9:0a:fc:82:95:e4:6d:a6:76:9d:c4:
24:5b:6a:36:8e:58:44:56:69:a5:a4:2c:cf:0b:a5:2a:de:b2:
14:cd:f6:a1:f3:98:8b:de:ef:53:76:86:43:5b:e4:f5:d1:d2:
aa:db:da:2c:6b:98:6b:f2:0d:9f:8e:3c:7f:35:34:4d:04:3f:
3d:91:45:72:b8:3c:75:26:d9:60:1b:de:1a:80:c3:b1:47:f0:
3e:27:90:f2:56:af:e1:e8:ca:12:9a:ec:25:d7:79:54:7e:54:
54:93:28:3f:c4:53:cd:25:f1:e3:24:f0:8c:3b:28:86:41:0e:
bd:a3:ca:44:7c:e7:22:14:30:39:52:7a:34:4c:83:fb:38:cc:
58:80:a3:b3:76:06:14:59:a1:13:39:5b:08:50:50:2d:e7:33:
e8:7c:e1:0c:7a:a6:93:c3:68:33:98:54:81:e3:84:fd:78:53:
c0:a5:8e:4f:a9:2c:61:dc:5e:18:3b:db:51:41:dd:3d:4a:b3:
fd:7d:72:60:42:3c:c0:f8:05:0d:92:8a:ce:f2:30:66:6d:33:
86:ab:1b:fb:0b:55:03:f8:70:9f:c6:21:7f:72:43:25:b6:e7:
a0:72:4b:83
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZGTX3hXqUa5Xrmd1efA40zIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwODI3MTAyNjMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDlhZDM0MGNhNDkwOTFhZjNhNWE5NzFjNGEyMmZkNjYyYzVhM2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvWIGp6z5Io4G1VAZKKkjGOoOhrd
LB7fqW68HdAK68VbU6qrRSgh2tkr979or6c3yDkJON4OitIeOje/VioBEfakssxE
QEnf4VFb+B9DFyCoyoyaU/P8M3MTWG1iwKhgpif/1zqLJ4qJksFzlmHM5q/5UyFI
ziQxzquHV9YJ23GuCCDW65PIg4lfzjh7DiDidjIJE76+uq6YapeA/U1xOrdexHnK
3oEoGB9sKaUKXnVr6gGpxSP6c9KdhTJawh6q5TQxDnuJ/tQfiVRoDf0TPDGXu17N
T4HpgCc1j7EkWvl4UWFBqu4C3wyycYZB2+KuMpIZVoNwgVq1+CuPazcCFwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFPCa00DKSQka86WpccSiL9ZixaO7MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvOEpyVFFNcEpDUnJ6cGFseHhLSXYxbUxGbzdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTBLBAIAATBFMAsDAwJQRAME
AVBEDAMEBVD+YAMEBVPdwAMEBld1AAMEAl2yYAMEAl2yaAMEAV2yfgMEB22lADAM
AwQGbaxAAwQAbaxCMA0GCSqGSIb3DQEBCwUAA4IBAQA/gLma7GWnB0rcRmojpwFl
EQfBHEzhQKPS6Qr8gpXkbaZ2ncQkW2o2jlhEVmmlpCzPC6Uq3rIUzfah85iL3u9T
doZDW+T10dKq29osa5hr8g2fjjx/NTRNBD89kUVyuDx1JtlgG94agMOxR/A+J5Dy
Vq/h6MoSmuwl13lUflRUkyg/xFPNJfHjJPCMOyiGQQ69o8pEfOciFDA5Uno0TIP7
OMxYgKOzdgYUWaETOVsIUFAt5zPofOEMeqaTw2gzmFSB44T9eFPApY5PqSxh3F4Y
O9tRQd09SrP9fXJgQjzA+AUNkorO8jBmbTOGqxv7C1UD+HCfxiF/ckMltuegckuD
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:27:56 2024 by rpki-client on console-ams.rpki-client.org