Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/D8v8KpzlbbcMdGAUnyLWYOkf2Ck.roa
File: D8v8KpzlbbcMdGAUnyLWYOkf2Ck.roa (raw, json)
Hash identifier: eBoQIPCcdBfeHYwpzmWW2WvegaAhfGCNOT77uUXE5EQ=
Subject key identifier: 0F:CB:FC:2A:9C:E5:6D:B7:0C:74:60:14:9F:22:D6:60:E9:1F:D8:29
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802FCFC56A0E19D0EEA9058D266C035
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/D8v8KpzlbbcMdGAUnyLWYOkf2Ck.roa
Signing time: Tue 02 Jan 2024 02:31:28 +0000
ROA not before: Tue 02 Jan 2024 02:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200018
IP address blocks: 194.103.112.0/24 maxlen: 24
194.103.118.0/24 maxlen: 24
194.103.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 22:35:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:fc:fc:56:a0:e1:9d:0e:ea:90:58:d2:66:c0:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fcbfc2a9ce56db70c7460149f22d660e91fd829
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:56:a0:38:a2:cd:ac:b9:37:0c:7b:c0:ec:6d:
07:d4:80:84:12:d6:d9:fd:43:65:52:22:5a:6e:c8:
46:98:9e:de:5c:6e:72:39:9b:6d:a9:54:2b:a4:0c:
44:3f:32:f1:8a:02:b5:29:a2:b8:6b:b6:8e:25:13:
6c:b2:31:89:bd:d2:fe:cc:b0:cb:35:b4:16:3d:52:
84:d1:d8:0a:9a:8d:1f:49:2d:a7:7c:d9:2e:55:3b:
42:2a:86:b6:4a:b2:d7:fa:72:60:39:3a:ab:fc:39:
c9:68:69:89:2a:7b:ac:87:de:bd:ba:25:df:84:76:
7e:91:0e:fc:c0:cd:91:a6:b8:51:da:ab:aa:3b:1b:
8c:fd:e2:5a:5b:3a:2a:6b:ae:1f:e3:a9:e3:15:8f:
67:bf:93:42:9b:0d:27:dc:95:89:35:74:bd:71:ba:
04:81:d1:0a:f5:9c:93:92:d7:c6:5f:61:48:18:d1:
ef:4a:b4:40:b8:6b:13:1d:5f:36:b6:8f:ce:ad:a6:
a1:cf:a4:6d:6f:60:3b:53:33:ca:63:44:e7:2b:7b:
45:a3:74:6b:f1:a7:a1:84:68:0e:bc:1c:f5:8b:d6:
de:b9:bc:06:62:3f:ff:32:6f:54:fe:c1:bc:77:66:
65:bc:3b:44:7d:89:15:fc:0d:11:c7:25:75:06:81:
20:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:CB:FC:2A:9C:E5:6D:B7:0C:74:60:14:9F:22:D6:60:E9:1F:D8:29
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/D8v8KpzlbbcMdGAUnyLWYOkf2Ck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.103.112.0/24
194.103.118.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:cb:94:96:f1:ee:e4:48:b9:48:34:3f:7f:25:68:73:1b:31:
6d:38:0b:be:3f:25:12:bf:27:fd:55:a4:3a:ee:22:82:b3:49:
4b:ad:2d:19:41:43:ad:41:fa:4c:0e:42:c6:4f:80:64:91:07:
32:08:0b:28:fa:48:cf:0d:1d:4c:13:4f:84:02:16:f1:34:30:
90:61:5e:a2:be:cc:cd:c2:ac:4b:e7:eb:2e:e8:d3:ed:bf:2c:
ba:f6:3e:e9:47:ae:79:cc:e6:22:8e:fd:87:85:e4:06:13:f6:
5b:a6:2e:9b:a5:8c:73:0e:b7:83:36:a3:e5:ab:15:e6:63:b5:
8a:af:60:51:d3:90:2e:0e:4f:d8:2f:cb:16:34:c9:5f:22:0f:
33:33:26:6d:72:79:53:49:a7:53:e0:c9:4c:b4:4f:d7:85:5b:
cd:a1:94:fa:44:1e:56:55:2b:9b:1e:a0:c8:ac:c4:a6:bc:6c:
6e:7b:a6:30:10:ad:ea:c9:8e:6d:70:1f:ff:78:13:fd:8c:59:
f8:e4:6f:22:17:91:44:c1:16:c4:3a:02:3d:a7:c3:af:1f:f3:
22:8e:8c:91:b6:89:59:13:a3:09:c1:6f:33:e9:5c:1b:06:01:
32:f6:8b:ab:1c:76:4e:06:93:52:ed:d4:66:22:5f:45:97:c7:
f9:06:24:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAvz8VqDhnQ7qkFjSZsA1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmNiZmMyYTljZTU2ZGI3MGM3NDYwMTQ5ZjIyZDY2MGU5MWZkODI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1agOKLNrLk3DHvA7G0H1ICEEtbZ
/UNlUiJabshGmJ7eXG5yOZttqVQrpAxEPzLxigK1KaK4a7aOJRNssjGJvdL+zLDL
NbQWPVKE0dgKmo0fSS2nfNkuVTtCKoa2SrLX+nJgOTqr/DnJaGmJKnush969uiXf
hHZ+kQ78wM2RprhR2quqOxuM/eJaWzoqa64f46njFY9nv5NCmw0n3JWJNXS9cboE
gdEK9ZyTktfGX2FIGNHvSrRAuGsTHV82to/Oraahz6Rtb2A7UzPKY0TnK3tFo3Rr
8aehhGgOvBz1i9beubwGYj//Mm9U/sG8d2ZlvDtEfYkV/A0RxyV1BoEgfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA/L/Cqc5W23DHRgFJ8i1mDpH9gpMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvRDh2OEtwemxiYmNNZEdBVW55TFdZT2tmMkNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwmdwAwQB
wmd2MA0GCSqGSIb3DQEBCwUAA4IBAQCMy5SW8e7kSLlIND9/JWhzGzFtOAu+PyUS
vyf9VaQ67iKCs0lLrS0ZQUOtQfpMDkLGT4BkkQcyCAso+kjPDR1ME0+EAhbxNDCQ
YV6ivszNwqxL5+su6NPtvyy69j7pR655zOYijv2HheQGE/Zbpi6bpYxzDreDNqPl
qxXmY7WKr2BR05AuDk/YL8sWNMlfIg8zMyZtcnlTSadT4MlMtE/XhVvNoZT6RB5W
VSubHqDIrMSmvGxue6YwEK3qyY5tcB//eBP9jFn45G8iF5FEwRbEOgI9p8OvH/Mi
joyRtolZE6MJwW8z6VwbBgEy9ourHHZOBpNS7dRmIl9Fl8f5BiRA
-----END CERTIFICATE-----
Generated at Thu May 23 01:56:11 2024 by rpki-client on console-fra.rpki-client.org