Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/983YTwfomFvW8Wo-Ca4dHlos1fw.roa
File: 983YTwfomFvW8Wo-Ca4dHlos1fw.roa (raw, json)
Hash identifier: d6JMS2l5pllG2Nm7Kyjl+Xi5QIqxlerZc4fcl9M7CPc=
Subject key identifier: F7:CD:D8:4F:07:E8:98:5B:D6:F1:6A:3E:09:AE:1D:1E:5A:2C:D5:FC
Certificate issuer: /CN=86afaae2e3e054073a38aab635dc96460eef487e
Certificate serial: 018CC725803FD366B6E3E4B4AF67BB005AFD
Authority key identifier: 86:AF:AA:E2:E3:E0:54:07:3A:38:AA:B6:35:DC:96:46:0E:EF:48:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/983YTwfomFvW8Wo-Ca4dHlos1fw.roa
Signing time: Mon 01 Jan 2024 22:29:32 +0000
ROA not before: Mon 01 Jan 2024 22:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212216
IP address blocks: 195.28.10.0/24 maxlen: 24
195.28.169.0/24 maxlen: 24
195.28.168.0/24 maxlen: 24
185.73.226.0/24 maxlen: 32
80.249.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 03:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:80:3f:d3:66:b6:e3:e4:b4:af:67:bb:00:5a:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86afaae2e3e054073a38aab635dc96460eef487e
Validity
Not Before: Jan 1 22:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7cdd84f07e8985bd6f16a3e09ae1d1e5a2cd5fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:8d:c5:8e:43:46:6b:24:e0:a9:11:3a:be:3c:
76:a5:00:ef:9a:7c:cd:9a:03:64:f7:79:44:33:80:
4f:d3:48:4e:e4:f6:66:b4:ec:36:3e:92:85:ed:b8:
4b:2b:5e:a9:e1:d0:48:83:2c:4e:db:b8:07:62:6e:
a8:9c:a2:45:f9:61:dd:ff:6f:0d:97:2c:7b:ed:59:
07:15:fc:35:9b:21:8d:07:0d:59:80:e5:6d:d6:ce:
d2:2e:63:a3:cf:43:7e:cd:0d:dc:5e:ba:c4:a2:84:
aa:a4:69:2c:98:a5:de:1b:c5:38:c0:86:2c:33:d3:
e2:d6:e0:9e:fb:eb:6e:4a:23:4a:bb:a8:6b:2e:12:
58:ed:aa:73:5e:3a:5c:32:cf:67:4c:76:92:24:a9:
df:ef:f0:1c:14:ee:81:c8:48:a9:60:52:ac:35:69:
c2:15:36:ea:87:d3:3c:7d:af:f9:4f:81:58:b7:2c:
44:19:d1:82:90:71:bf:5c:d1:5b:7f:75:61:3c:53:
37:1b:b0:bb:d4:94:14:40:bc:ad:cf:d6:05:25:40:
d4:a2:61:47:4f:fb:66:de:86:eb:47:11:f9:cf:52:
84:81:ca:ea:5b:13:70:4a:ad:8d:3a:ac:f9:fd:e3:
15:f5:00:70:df:fa:75:8e:97:10:82:ce:02:8c:6e:
a9:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:CD:D8:4F:07:E8:98:5B:D6:F1:6A:3E:09:AE:1D:1E:5A:2C:D5:FC
X509v3 Authority Key Identifier:
keyid:86:AF:AA:E2:E3:E0:54:07:3A:38:AA:B6:35:DC:96:46:0E:EF:48:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/983YTwfomFvW8Wo-Ca4dHlos1fw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.249.115.0/24
185.73.226.0/24
195.28.10.0/24
195.28.168.0/23
Signature Algorithm: sha256WithRSAEncryption
37:6b:1e:14:11:e3:d9:c3:ad:5d:d8:58:fd:76:83:f8:e1:ba:
df:5a:a3:59:00:b1:65:85:2f:1c:47:be:38:4b:88:96:4f:58:
2a:12:76:90:f1:26:1d:44:83:ee:aa:ce:d9:f2:c2:b7:4f:25:
1f:62:12:6f:50:04:b2:2a:5c:26:f6:03:35:33:c9:64:87:0c:
08:32:db:c3:6e:91:bb:04:c8:2d:af:8b:d7:58:d9:65:7a:f7:
f8:a1:93:bf:32:16:09:e4:27:06:f4:4d:3d:22:03:a9:55:6c:
72:c0:66:84:6d:7c:cc:b7:1f:a6:63:c3:47:24:6b:38:78:40:
af:65:ac:15:e6:78:e5:2c:71:7e:35:09:f4:c3:87:73:67:54:
d0:6f:75:94:47:9e:b8:8f:e1:69:bf:7d:63:5f:6a:b7:c0:1f:
cc:8c:0a:c1:2d:da:45:2d:dd:22:cc:90:ce:e2:b9:cf:31:6b:
5e:eb:2c:ca:c0:70:72:14:c6:9f:2c:b1:20:66:d3:51:3d:e3:
80:e8:ba:0e:ce:df:7c:24:6f:50:f2:de:84:60:ea:88:04:61:
80:91:91:f9:c1:8b:aa:0c:c1:c4:44:e8:ff:02:58:87:5c:af:
b5:24:41:fa:fd:01:76:b9:54:32:6a:b4:18:31:10:c4:4d:48:
d7:ed:a6:ea
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHJYA/02a24+S0r2e7AFr9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YWZhYWUyZTNlMDU0MDczYTM4YWFiNjM1ZGM5NjQ2MGVl
ZjQ4N2UwHhcNMjQwMTAxMjIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2NkZDg0ZjA3ZTg5ODViZDZmMTZhM2UwOWFlMWQxZTVhMmNkNWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgI3FjkNGayTgqRE6vjx2pQDvmnzN
mgNk93lEM4BP00hO5PZmtOw2PpKF7bhLK16p4dBIgyxO27gHYm6onKJF+WHd/28N
lyx77VkHFfw1myGNBw1ZgOVt1s7SLmOjz0N+zQ3cXrrEooSqpGksmKXeG8U4wIYs
M9Pi1uCe++tuSiNKu6hrLhJY7apzXjpcMs9nTHaSJKnf7/AcFO6ByEipYFKsNWnC
FTbqh9M8fa/5T4FYtyxEGdGCkHG/XNFbf3VhPFM3G7C71JQUQLytz9YFJUDUomFH
T/tm3obrRxH5z1KEgcrqWxNwSq2NOqz5/eMV9QBw3/p1jpcQgs4CjG6p0wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPfN2E8H6Jhb1vFqPgmuHR5aLNX8MB8GA1UdIwQY
MBaAFIavquLj4FQHOjiqtjXclkYO70h+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHEtcTR1UGdWQWM2T0txMk5keVdSZzd2U0g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNzZhMWEtMzcyNC00OTViLWFjNzIt
NDcyMDQwYjI0N2Y2LzEvOTgzWVR3Zm9tRnZXOFdvLUNhNGRIbG9zMWZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNzZhMWEtMzcyNC00OTViLWFjNzItNDcyMDQwYjI0N2Y2
LzEvaHEtcTR1UGdWQWM2T0txMk5keVdSZzd2U0g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUPlzAwQA
uUniAwQAwxwKAwQBwxyoMA0GCSqGSIb3DQEBCwUAA4IBAQA3ax4UEePZw61d2Fj9
doP44brfWqNZALFlhS8cR744S4iWT1gqEnaQ8SYdRIPuqs7Z8sK3TyUfYhJvUASy
Klwm9gM1M8lkhwwIMtvDbpG7BMgtr4vXWNllevf4oZO/MhYJ5CcG9E09IgOpVWxy
wGaEbXzMtx+mY8NHJGs4eECvZawV5njlLHF+NQn0w4dzZ1TQb3WUR564j+Fpv31j
X2q3wB/MjArBLdpFLd0izJDO4rnPMWte6yzKwHByFMafLLEgZtNRPeOA6LoOzt98
JG9Q8t6EYOqIBGGAkZH5wYuqDMHEROj/AliHXK+1JEH6/QF2uVQyarQYMRDETUjX
7abq
-----END CERTIFICATE-----
Generated at Thu Jun 20 11:02:28 2024 by rpki-client on console-ams.rpki-client.org