Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/1-L7pZMDag3dyimEv8BdS8gvylFM.roa
File: 1-L7pZMDag3dyimEv8BdS8gvylFM.roa (raw, json)
Hash identifier: xXz9nWN3rEMwY+519IK0qxhla0outfosncLRwUHl828=
Subject key identifier: F8:BE:E9:64:C0:DA:83:77:72:8A:61:2F:F0:17:52:F2:0B:F2:94:53
Certificate issuer: /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial: 018CC6B93181723CEBED86DC1F07A8AB795E
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/1-L7pZMDag3dyimEv8BdS8gvylFM.roa
Signing time: Mon 01 Jan 2024 20:31:14 +0000
ROA not before: Mon 01 Jan 2024 20:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34684
IP address blocks: 195.87.49.0/24 maxlen: 24
195.87.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:31:81:72:3c:eb:ed:86:dc:1f:07:a8:ab:79:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Validity
Not Before: Jan 1 20:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8bee964c0da8377728a612ff01752f20bf29453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:19:88:3b:5e:57:93:0a:ac:62:fb:57:bb:10:
f4:23:fd:28:ff:1f:5c:23:7f:5b:3b:cc:99:4d:21:
bb:4a:aa:4b:ff:a4:57:75:18:65:9b:c3:f9:a7:01:
31:d3:aa:3c:a3:1c:26:c0:64:18:0a:e6:2e:e7:59:
6e:39:32:c1:de:26:a5:53:4a:26:2b:1c:0e:03:f9:
16:62:dc:ce:dd:38:56:16:76:ed:eb:25:af:d0:8f:
ea:42:70:b2:23:80:13:bc:36:0a:e7:dd:e0:b8:b9:
03:cd:52:5c:49:70:99:96:8f:0a:59:21:24:d4:81:
2f:9e:3c:8b:4e:6f:9e:68:ac:19:cc:fb:f4:8a:78:
6c:a4:43:58:8a:89:27:1f:4e:f7:ba:b5:1a:5b:94:
9a:dc:07:34:cf:5e:b6:1a:98:8d:c2:cf:01:46:fc:
ef:cd:34:ee:ba:79:f9:41:10:3b:93:8e:4d:ba:ba:
0c:83:36:94:b8:62:56:62:9e:4c:59:42:d7:52:20:
7d:1c:e2:10:0b:0f:c3:b1:bc:6b:21:e6:ee:4e:83:
74:da:ee:de:d7:66:5f:78:8e:22:15:d4:64:01:15:
86:18:95:ca:c9:5e:08:7b:c4:69:3b:55:da:98:4a:
f1:a1:26:2b:a0:a2:8f:9e:b3:df:6a:d1:75:77:97:
d8:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:BE:E9:64:C0:DA:83:77:72:8A:61:2F:F0:17:52:F2:0B:F2:94:53
X509v3 Authority Key Identifier:
keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/1-L7pZMDag3dyimEv8BdS8gvylFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.87.47.0/24
195.87.49.0/24
Signature Algorithm: sha256WithRSAEncryption
98:c2:50:fe:47:5e:aa:ba:b0:6d:c3:02:c4:60:b6:cf:62:44:
50:b8:e6:3c:0d:89:00:59:e6:73:e8:db:62:d8:7d:32:40:4f:
a2:4e:14:83:a7:84:8b:dc:ed:26:c2:fc:66:bd:42:b1:f8:e9:
4b:1a:75:ee:45:37:72:3d:0b:75:f6:7c:28:0d:15:89:b5:04:
75:2f:60:ef:c3:99:f5:4c:be:61:16:01:ca:6b:2e:14:ea:fa:
53:50:07:ae:1d:59:1a:e8:1b:54:b7:89:bf:9a:fa:c9:57:d1:
50:00:6e:c5:e3:79:11:90:e2:54:7e:43:61:72:0c:e4:b4:74:
94:09:89:4b:48:fb:50:87:be:56:49:74:7f:f2:7c:17:55:1e:
7c:28:fa:65:8c:d7:91:48:87:dc:7e:a6:2a:05:45:c1:68:6e:
c6:51:bd:b5:c6:4c:88:58:70:40:d9:e0:16:cb:13:29:39:8f:
03:4e:91:0a:fb:08:b5:fa:49:f3:87:4a:41:f2:ba:ba:61:71:
cf:fe:54:28:6c:45:f7:1e:dd:7b:95:22:df:25:5d:43:ff:5c:
b7:85:5e:00:1a:d1:b4:5a:e3:34:f8:09:90:10:e6:ef:bc:9e:
49:8d:3d:69:2e:bd:43:40:a8:49:66:c4:65:e8:ad:ec:31:83:
48:08:98:b8
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzGuTGBcjzr7YbcHweoq3leMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGZlMzVjYzk2MjYzM2EyNzU3YWYxMGEwZTZlOGFiNmQw
MWY0YzkwHhcNMjQwMTAxMjAzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGJlZTk2NGMwZGE4Mzc3NzI4YTYxMmZmMDE3NTJmMjBiZjI5NDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhmIO15XkwqsYvtXuxD0I/0o/x9c
I39bO8yZTSG7SqpL/6RXdRhlm8P5pwEx06o8oxwmwGQYCuYu51luOTLB3ialU0om
KxwOA/kWYtzO3ThWFnbt6yWv0I/qQnCyI4ATvDYK593guLkDzVJcSXCZlo8KWSEk
1IEvnjyLTm+eaKwZzPv0inhspENYioknH073urUaW5Sa3Ac0z162GpiNws8BRvzv
zTTuunn5QRA7k45NuroMgzaUuGJWYp5MWULXUiB9HOIQCw/DsbxrIebuToN02u7e
12ZfeI4iFdRkARWGGJXKyV4Ie8RpO1XamErxoSYroKKPnrPfatF1d5fY5QIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPi+6WTA2oN3cophL/AXUvIL8pRTMB8GA1UdIwQY
MBaAFFaP41zJYmM6J1evEKDm6KttAfTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMt
ODNkNjQ4Zjc5NzQ2LzEvMS1MN3BaTURhZzNkeWltRXY4QmRTOGd2eWxGTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDgvMzdlYmU2LThiZmUtNGMxZi1hMTgzLTgzZDY0OGY3OTc0
Ni8xL1ZvX2pYTWxpWXpvblY2OFFvT2JvcTIwQjlNay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMNXLwME
AMNXMTANBgkqhkiG9w0BAQsFAAOCAQEAmMJQ/kdeqrqwbcMCxGC2z2JEULjmPA2J
AFnmc+jbYth9MkBPok4Ug6eEi9ztJsL8Zr1CsfjpSxp17kU3cj0LdfZ8KA0VibUE
dS9g78OZ9Uy+YRYBymsuFOr6U1AHrh1ZGugbVLeJv5r6yVfRUABuxeN5EZDiVH5D
YXIM5LR0lAmJS0j7UIe+Vkl0f/J8F1UefCj6ZYzXkUiH3H6mKgVFwWhuxlG9tcZM
iFhwQNngFssTKTmPA06RCvsItfpJ84dKQfK6umFxz/5UKGxF9x7de5Ui3yVdQ/9c
t4VeABrRtFrjNPgJkBDm77yeSY09aS69Q0CoSWbEZeit7DGDSAiYuA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:31:42 2024 by rpki-client on console-ams.rpki-client.org