Route Origin Authorization
$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: 0nhfvTV8YMLFQNjJf3CtJON2c7pLzDth4lk+POq2Qo8=
Subject key identifier: EC:F2:F4:AE:08:AF:46:0F:5C:0F:CC:44:B3:8D:CC:A1:24:FF:B9:82
Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9
Certificate serial: 7D92E4A8B2EE9FA441DDEBDC4FCF507AA0915B03
Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS0.roa
Signing time: Wed 30 Oct 2024 22:46:57 +0000
ROA not before: Wed 30 Oct 2024 22:41:57 +0000
ROA not after: Wed 29 Oct 2025 22:46:57 +0000
asID: 0
IP address blocks: 2a05:dfc1:300::/40 maxlen: 40
2a05:dfc1:800::/40 maxlen: 48
2a05:dfc1:2500::/40 maxlen: 40
2a05:dfc1:2600::/40 maxlen: 40
2a05:dfc1:2800::/40 maxlen: 40
2a05:dfc1:2900::/40 maxlen: 40
2a05:dfc1:2a00::/40 maxlen: 40
2a05:dfc1:3000::/40 maxlen: 40
2a05:dfc1:3100::/40 maxlen: 40
2a05:dfc1:3900::/40 maxlen: 40
2a05:dfc1:3a00::/40 maxlen: 40
2a05:dfc1:3b00::/40 maxlen: 40
2a05:dfc1:5000::/40 maxlen: 48
2a05:dfc1:6700::/40 maxlen: 40
2a05:dfc1:6c00::/40 maxlen: 40
2a05:dfc1:6d00::/40 maxlen: 40
2a05:dfc1:8600::/40 maxlen: 40
2a05:dfc1:8d00::/40 maxlen: 48
2a06:9f82::/32 maxlen: 48
2a06:9f83::/32 maxlen: 48
2a0a:6040:8b00::/40 maxlen: 48
2a0a:6040:8c00::/40 maxlen: 40
2a0a:6040:9b00::/40 maxlen: 40
2a0a:6040:ef00::/40 maxlen: 48
Validation: OK
Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl
rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 04:12:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:92:e4:a8:b2:ee:9f:a4:41:dd:eb:dc:4f:cf:50:7a:a0:91:5b:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9
Validity
Not Before: Oct 30 22:41:57 2024 GMT
Not After : Oct 29 22:46:57 2025 GMT
Subject: CN=ECF2F4AE08AF460F5C0FCC44B38DCCA124FFB982
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ca:cf:a1:9a:f4:8b:33:8c:a0:bc:50:ee:b9:
df:ef:b7:0a:21:e4:7b:54:72:1a:fc:76:b2:9e:e5:
83:b6:22:d5:87:36:54:e9:14:b0:43:94:9b:8e:ad:
de:73:d5:33:1a:7b:02:d5:34:25:3f:f1:47:98:15:
da:91:4a:d4:33:5a:ea:0c:95:b0:3a:90:95:be:d9:
2e:9a:cd:ce:e5:79:ee:f8:37:da:29:9d:15:e0:ac:
35:30:9d:54:92:d1:e5:f5:1c:42:21:f3:26:4c:0e:
ff:07:b8:11:2d:21:bd:7c:d8:fb:92:34:df:cc:d8:
4f:76:54:69:87:a0:a6:18:b2:9c:d5:f8:0e:4c:26:
57:7a:10:4d:8a:6e:23:eb:23:41:46:cf:11:7f:ae:
d1:32:2c:1c:ff:a9:22:77:85:5b:a0:40:1a:72:be:
f2:c9:eb:28:0a:b6:7c:a7:05:06:ae:a6:2a:1e:ac:
c2:63:10:81:c3:bf:68:ed:08:ef:a5:08:37:cf:e2:
95:60:1c:81:e2:17:34:77:db:91:d3:92:09:8d:24:
b8:52:d1:34:67:27:73:24:8d:46:45:df:0b:0f:48:
73:45:87:13:29:a5:0c:e8:27:64:26:6d:c2:55:b8:
4b:a2:22:1c:73:ff:21:ef:99:33:23:cd:91:62:03:
71:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:F2:F4:AE:08:AF:46:0F:5C:0F:CC:44:B3:8D:CC:A1:24:FF:B9:82
X509v3 Authority Key Identifier:
keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
Subject Information Access:
Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc1:300::/40
2a05:dfc1:800::/40
2a05:dfc1:2500::-2a05:dfc1:26ff:ffff:ffff:ffff:ffff:ffff
2a05:dfc1:2800::-2a05:dfc1:2aff:ffff:ffff:ffff:ffff:ffff
2a05:dfc1:3000::/39
2a05:dfc1:3900::-2a05:dfc1:3bff:ffff:ffff:ffff:ffff:ffff
2a05:dfc1:5000::/40
2a05:dfc1:6700::/40
2a05:dfc1:6c00::/39
2a05:dfc1:8600::/40
2a05:dfc1:8d00::/40
2a06:9f82::/31
2a0a:6040:8b00::-2a0a:6040:8cff:ffff:ffff:ffff:ffff:ffff
2a0a:6040:9b00::/40
2a0a:6040:ef00::/40
Signature Algorithm: sha256WithRSAEncryption
3c:82:12:21:5c:b5:6a:94:27:2f:79:68:56:8c:28:d8:05:29:
f4:1b:84:fd:35:35:d8:f0:fd:46:3f:c1:c7:18:e5:c1:1f:07:
e4:09:fa:b5:1a:c9:79:08:de:4b:03:12:1c:7d:cf:d0:27:7c:
7f:2c:be:2e:9f:46:88:92:58:34:df:92:ab:30:00:46:b2:63:
e8:4c:a5:f7:40:69:7e:b3:47:3a:db:3c:70:fb:9e:85:13:ea:
87:2d:a2:6f:df:a1:c1:a6:bb:eb:0d:58:26:db:7b:f0:33:44:
43:35:07:7d:c8:a9:c0:a1:b7:9d:98:29:58:92:04:ef:6f:17:
b9:9d:ad:2e:35:8f:8b:6f:54:7b:af:bc:7c:b2:23:6e:89:de:
9d:1d:5c:2c:d3:b7:88:b3:52:d4:63:59:b5:d5:34:77:fb:ed:
07:6a:c1:19:1c:c8:a7:49:c1:6f:f7:f2:60:3b:08:ef:0e:10:
53:b0:bc:d7:b9:c1:64:b0:ad:f9:22:c4:82:9b:49:9e:5f:48:
78:e9:74:fa:5d:4b:48:48:d5:fb:93:ff:23:8c:be:97:fc:4b:
e1:2d:99:b6:e4:ea:09:cb:41:f2:d0:b0:60:df:30:8b:fd:0a:
2d:11:a4:ca:25:f7:55:ad:d3:2c:05:0e:ff:75:ec:31:f7:0e:
25:c0:8a:31
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIUfZLkqLLun6RB3evcT89QeqCRWwMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3
NkQ4NUFGOTAeFw0yNDEwMzAyMjQxNTdaFw0yNTEwMjkyMjQ2NTdaMDMxMTAvBgNV
BAMTKEVDRjJGNEFFMDhBRjQ2MEY1QzBGQ0M0NEIzOERDQ0ExMjRGRkI5ODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWys+hmvSLM4ygvFDuud/vtwoh
5HtUchr8drKe5YO2ItWHNlTpFLBDlJuOrd5z1TMaewLVNCU/8UeYFdqRStQzWuoM
lbA6kJW+2S6azc7lee74N9opnRXgrDUwnVSS0eX1HEIh8yZMDv8HuBEtIb182PuS
NN/M2E92VGmHoKYYspzV+A5MJld6EE2KbiPrI0FGzxF/rtEyLBz/qSJ3hVugQBpy
vvLJ6ygKtnynBQaupioerMJjEIHDv2jtCO+lCDfP4pVgHIHiFzR325HTkgmNJLhS
0TRnJ3MkjUZF3wsPSHNFhxMppQzoJ2QmbcJVuEuiIhxz/yHvmTMjzZFiA3GZAgMB
AAGjggKLMIIChzAdBgNVHQ4EFgQU7PL0rgivRg9cD8xEs43MoST/uYIwHwYDVR0j
BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v
Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3
NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5
bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2
M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD
MjQzOUI3NkQ4NUFGOS5jZXIwVQYIKwYBBQUHAQsESTBHMEUGCCsGAQUFBzALhjly
c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w
L0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBvAYIKwYBBQUHAQcB
Af8EgawwgakwgaYEAgACMIGfAwYAKgXfwQMDBgAqBd/BCDAQAwYAKgXfwSUDBgAq
Bd/BJjAQAwYDKgXfwSgDBgAqBd/BKgMGASoF38EwMBADBgAqBd/BOQMGAioF38E4
AwYAKgXfwVADBgAqBd/BZwMGASoF38FsAwYAKgXfwYYDBgAqBd/BjQMFASoGn4Iw
EAMGACoKYECLAwYAKgpgQIwDBgAqCmBAmwMGACoKYEDvMA0GCSqGSIb3DQEBCwUA
A4IBAQA8ghIhXLVqlCcveWhWjCjYBSn0G4T9NTXY8P1GP8HHGOXBHwfkCfq1Gsl5
CN5LAxIcfc/QJ3x/LL4un0aIklg035KrMABGsmPoTKX3QGl+s0c62zxw+56FE+qH
LaJv36HBprvrDVgm23vwM0RDNQd9yKnAobedmClYkgTvbxe5na0uNY+Lb1R7r7x8
siNuid6dHVws07eIs1LUY1m11TR3++0HasEZHMinScFv9/JgOwjvDhBTsLzXucFk
sK35IsSCm0meX0h46XT6XUtISNX7k/8jjL6X/EvhLZm25OoJy0Hy0LBg3zCL/Qot
EaTKJfdVrdMsBQ7/dewx9w4lwIox
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:46:54 2024 by rpki-client on console-ams.rpki-client.org