Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/b8D2gfkJBD67VX7mQztlyBtaZbY.roa
File: b8D2gfkJBD67VX7mQztlyBtaZbY.roa (raw, json)
Hash identifier: unCoS1wqNhhJRTVJ6bLCLDXVLUOtTcNsAmmvkB6iFFk=
Subject key identifier: 6F:C0:F6:81:F9:09:04:3E:BB:55:7E:E6:43:3B:65:C8:1B:5A:65:B6
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 018CC8DEDD7B662BE4123D22E47712C9933A
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/b8D2gfkJBD67VX7mQztlyBtaZbY.roa
Signing time: Tue 02 Jan 2024 06:31:38 +0000
ROA not before: Tue 02 Jan 2024 06:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196665
IP address blocks: 195.88.52.0/23 maxlen: 23
91.232.117.0/24 maxlen: 24
91.232.118.0/23 maxlen: 23
91.232.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 17:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:dd:7b:66:2b:e4:12:3d:22:e4:77:12:c9:93:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 2 06:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fc0f681f909043ebb557ee6433b65c81b5a65b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:36:56:d2:94:aa:5e:24:30:55:f9:33:28:e3:
c6:f7:18:f1:9e:d3:0a:49:8b:b7:11:67:84:6b:6d:
86:ec:ba:3a:d0:6a:74:d5:84:71:cd:f7:5c:4f:72:
6b:79:e2:75:de:eb:a0:2e:a1:d8:cd:c6:dc:ea:3a:
12:f2:2c:f2:3e:d0:68:c0:54:81:5a:3b:96:69:36:
90:05:a5:ff:11:30:b0:a8:5f:1f:c5:36:a2:e5:4b:
b4:96:77:1d:62:02:66:e7:2a:f1:c9:fc:8e:4b:fc:
07:b3:45:d6:a4:87:91:36:c3:a0:50:9b:8b:9a:49:
45:3b:82:a7:ef:59:7a:78:2e:4a:96:6e:45:96:4e:
0a:4e:da:e3:e5:f3:97:19:df:d9:05:cc:51:2c:3c:
46:d5:fd:d1:25:b5:36:29:1c:c1:9c:de:7e:f1:82:
b0:ca:09:27:65:77:1f:63:30:51:52:c6:64:83:2a:
15:23:5a:14:a1:a6:e3:da:f9:dd:48:a6:8c:ad:13:
9c:98:ef:16:7a:f0:ea:94:8c:b6:d6:77:48:a9:09:
e0:ec:37:3c:78:1f:07:fd:04:96:d0:37:41:8a:10:
98:4b:ae:e5:e8:6f:08:34:b8:25:7e:b1:3a:0b:01:
53:96:39:4d:6a:f2:0a:83:25:a7:ee:4b:2a:91:1a:
95:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:C0:F6:81:F9:09:04:3E:BB:55:7E:E6:43:3B:65:C8:1B:5A:65:B6
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/b8D2gfkJBD67VX7mQztlyBtaZbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.116.0/22
195.88.52.0/23
Signature Algorithm: sha256WithRSAEncryption
10:e7:7d:03:20:bd:36:65:a3:9e:7e:98:64:9e:77:3f:6b:fb:
fd:93:26:5b:58:6e:66:19:16:a8:0a:70:59:61:29:dd:a0:9d:
3d:c7:33:97:ef:5c:2d:08:b6:09:7c:6a:77:a4:6e:49:0d:8c:
2d:0c:53:34:25:e0:5c:a1:ec:c8:8c:39:7d:45:ff:da:c8:49:
dd:3d:25:10:87:d1:93:21:31:05:73:63:f4:dc:28:5e:1b:df:
af:7e:bf:98:03:96:06:3e:ee:89:48:7b:48:bf:15:a5:ec:5a:
da:69:db:13:07:10:e6:56:91:f2:06:4f:40:a8:a3:c8:88:19:
99:b3:a0:f1:71:d9:85:79:b8:2c:4f:6c:06:9c:3a:e6:e3:a2:
4a:b7:45:30:b5:ff:24:9f:ce:9d:a8:f9:8c:7d:7b:28:fa:ab:
38:a6:09:39:0f:60:48:fa:5b:03:5f:73:8e:c6:3b:11:f6:83:
96:7b:4b:b8:82:3f:81:16:f2:40:08:3c:76:0e:64:51:db:a2:
58:db:98:89:d8:db:85:84:1b:ff:fa:d8:99:12:25:bc:37:0b:
24:87:e5:e3:30:b7:0e:ed:d5:9b:f6:a1:ee:68:cd:8e:12:73:
b8:b0:3f:24:dc:0e:71:2a:b7:c6:d5:60:2c:92:51:eb:23:f3:
9e:65:f9:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3t17ZivkEj0i5HcSyZM6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjQwMTAyMDYzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmMwZjY4MWY5MDkwNDNlYmI1NTdlZTY0MzNiNjVjODFiNWE2NWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDZW0pSqXiQwVfkzKOPG9xjxntMK
SYu3EWeEa22G7Lo60Gp01YRxzfdcT3JreeJ13uugLqHYzcbc6joS8izyPtBowFSB
WjuWaTaQBaX/ETCwqF8fxTai5Uu0lncdYgJm5yrxyfyOS/wHs0XWpIeRNsOgUJuL
mklFO4Kn71l6eC5Klm5Flk4KTtrj5fOXGd/ZBcxRLDxG1f3RJbU2KRzBnN5+8YKw
ygknZXcfYzBRUsZkgyoVI1oUoabj2vndSKaMrROcmO8WevDqlIy21ndIqQng7Dc8
eB8H/QSW0DdBihCYS67l6G8INLglfrE6CwFTljlNavIKgyWn7ksqkRqVXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG/A9oH5CQQ+u1V+5kM7ZcgbWmW2MB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvYjhEMmdma0pCRDY3Vlg3bVF6dGx5QnRhWmJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+h0AwQB
w1g0MA0GCSqGSIb3DQEBCwUAA4IBAQAQ530DIL02ZaOefphknnc/a/v9kyZbWG5m
GRaoCnBZYSndoJ09xzOX71wtCLYJfGp3pG5JDYwtDFM0JeBcoezIjDl9Rf/ayEnd
PSUQh9GTITEFc2P03CheG9+vfr+YA5YGPu6JSHtIvxWl7FraadsTBxDmVpHyBk9A
qKPIiBmZs6DxcdmFebgsT2wGnDrm46JKt0Uwtf8kn86dqPmMfXso+qs4pgk5D2BI
+lsDX3OOxjsR9oOWe0u4gj+BFvJACDx2DmRR26JY25iJ2NuFhBv/+tiZEiW8Nwsk
h+XjMLcO7dWb9qHuaM2OEnO4sD8k3A5xKrfG1WAsklHrI/OeZfnD
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:43:32 2024 by rpki-client on console-ams.rpki-client.org