Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b19bd8-e1d8-4388-a3b6-12255e3612ec/1/8K-Dk9nDQwdChkEETkkV17gu04A.roa
File: 8K-Dk9nDQwdChkEETkkV17gu04A.roa (raw, json)
Hash identifier: vo9xMwNRBb0zQzlCz29+SzofyhN7BH2JxEX9AVrPkwI=
Subject key identifier: F0:AF:83:93:D9:C3:43:07:42:86:41:04:4E:49:15:D7:B8:2E:D3:80
Certificate issuer: /CN=bde2db8498ee8f7b3ab5caae83829596620702c1
Certificate serial: 019422FB900106771B5DAF4422E07582B7CB
Authority key identifier: BD:E2:DB:84:98:EE:8F:7B:3A:B5:CA:AE:83:82:95:96:62:07:02:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/veLbhJjuj3s6tcqug4KVlmIHAsE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/b19bd8-e1d8-4388-a3b6-12255e3612ec/1/8K-Dk9nDQwdChkEETkkV17gu04A.roa
Signing time: Wed 01 Jan 2025 17:48:19 +0000
ROA not before: Wed 01 Jan 2025 17:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 84.38.48.0/23 maxlen: 23
84.38.50.0/24 maxlen: 24
84.38.52.0/23 maxlen: 23
84.38.56.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/b19bd8-e1d8-4388-a3b6-12255e3612ec/1/veLbhJjuj3s6tcqug4KVlmIHAsE.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/b19bd8-e1d8-4388-a3b6-12255e3612ec/1/veLbhJjuj3s6tcqug4KVlmIHAsE.mft
rsync://rpki.ripe.net/repository/DEFAULT/veLbhJjuj3s6tcqug4KVlmIHAsE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:90:01:06:77:1b:5d:af:44:22:e0:75:82:b7:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bde2db8498ee8f7b3ab5caae83829596620702c1
Validity
Not Before: Jan 1 17:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0af8393d9c34307428641044e4915d7b82ed380
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:da:4b:8b:1f:64:13:29:84:2a:f2:92:40:23:
75:d1:03:5c:bb:ee:5f:35:e2:ed:45:a2:a9:6c:fe:
ff:05:9d:2c:f7:d6:a0:6d:1a:b6:ec:7b:91:83:31:
cb:0f:a3:1d:e7:3f:68:a4:57:fe:48:3c:59:66:8d:
61:b7:a9:6c:66:5d:1b:e2:d9:af:79:ed:7f:ce:e5:
e5:84:85:af:97:c5:a7:d5:a7:95:14:53:02:86:82:
5c:13:8e:6e:f1:0b:d7:06:90:a6:93:15:4f:f2:49:
d0:ff:7f:08:bc:69:eb:73:13:85:a9:ae:df:f9:69:
ec:f6:4d:a5:86:35:7f:95:de:e9:59:2f:54:c6:e2:
25:f8:32:83:58:4e:67:53:78:ab:50:93:92:07:1b:
ce:e3:5a:d4:21:ac:ba:c2:47:66:30:b8:7b:84:1b:
82:a7:b0:a9:8e:24:b7:23:d4:b1:3b:64:66:33:d4:
cd:db:58:93:5a:92:62:cf:43:6a:8b:a8:f4:a6:69:
4a:a2:4f:59:52:ba:0a:be:1f:33:4a:76:e6:01:e9:
e5:71:23:7d:67:16:36:96:15:45:be:22:d6:9f:72:
bc:bb:9c:45:bb:0f:6e:d4:a7:b4:b8:53:f1:26:f4:
23:db:ba:87:4e:be:88:be:ab:e0:34:b4:f9:d9:a3:
31:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:AF:83:93:D9:C3:43:07:42:86:41:04:4E:49:15:D7:B8:2E:D3:80
X509v3 Authority Key Identifier:
keyid:BD:E2:DB:84:98:EE:8F:7B:3A:B5:CA:AE:83:82:95:96:62:07:02:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veLbhJjuj3s6tcqug4KVlmIHAsE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b19bd8-e1d8-4388-a3b6-12255e3612ec/1/8K-Dk9nDQwdChkEETkkV17gu04A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b19bd8-e1d8-4388-a3b6-12255e3612ec/1/veLbhJjuj3s6tcqug4KVlmIHAsE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.48.0-84.38.50.255
84.38.52.0/23
84.38.56.0/23
Signature Algorithm: sha256WithRSAEncryption
49:e5:a0:b4:d5:6f:ea:5e:ae:a6:84:5a:17:a9:cf:39:47:3f:
a7:c6:c7:2d:46:36:f2:2c:d7:14:d4:66:92:80:08:a7:a0:59:
1c:bd:9a:1a:d4:01:58:0a:35:24:37:4c:41:f9:6b:d6:d1:a2:
70:26:75:6b:9a:4a:59:62:ab:a6:9e:40:7b:f0:1a:63:92:41:
71:79:98:98:d3:67:26:76:da:01:0e:e0:fe:be:0a:29:8b:8a:
2e:fc:01:13:ec:08:27:7e:da:3a:00:76:d0:3c:fb:29:81:1a:
1e:1c:8b:55:b1:33:4a:a1:d2:f6:b0:5e:a4:14:f9:f1:01:ad:
51:ec:99:0a:57:9e:d1:9f:bc:f0:44:bc:d9:76:c4:23:25:22:
90:95:19:14:71:3a:f3:14:81:46:6c:91:2b:5f:bd:71:19:da:
fe:62:44:63:4d:99:6a:00:e4:22:69:98:68:f7:b0:2b:f2:85:
ce:26:fb:ae:a6:15:9e:9f:10:13:4e:fe:d3:5c:48:fd:86:c8:
f1:d1:c7:7e:6e:0e:eb:05:09:d1:d5:66:17:d7:54:aa:3f:7a:
e0:0e:46:c7:ba:96:63:57:b1:99:83:92:ff:1c:55:a5:eb:8e:
1d:83:82:e6:82:24:28:cc:d5:d4:cf:de:7d:2b:26:7a:95:52:
60:c9:66:e9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQi+5ABBncbXa9EIuB1grfLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTJkYjg0OThlZThmN2IzYWI1Y2FhZTgzODI5NTk2NjIw
NzAyYzEwHhcNMjUwMTAxMTc0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGFmODM5M2Q5YzM0MzA3NDI4NjQxMDQ0ZTQ5MTVkN2I4MmVkMzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotpLix9kEymEKvKSQCN10QNcu+5f
NeLtRaKpbP7/BZ0s99agbRq27HuRgzHLD6Md5z9opFf+SDxZZo1ht6lsZl0b4tmv
ee1/zuXlhIWvl8Wn1aeVFFMChoJcE45u8QvXBpCmkxVP8knQ/38IvGnrcxOFqa7f
+Wns9k2lhjV/ld7pWS9UxuIl+DKDWE5nU3irUJOSBxvO41rUIay6wkdmMLh7hBuC
p7CpjiS3I9SxO2RmM9TN21iTWpJiz0Nqi6j0pmlKok9ZUroKvh8zSnbmAenlcSN9
ZxY2lhVFviLWn3K8u5xFuw9u1Ke0uFPxJvQj27qHTr6IvqvgNLT52aMxPQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPCvg5PZw0MHQoZBBE5JFde4LtOAMB8GA1UdIwQY
MBaAFL3i24SY7o97OrXKroOClZZiBwLBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVMYmhKanVqM3M2dGNxdWc0S1ZsbUlIQXNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iMTliZDgtZTFkOC00Mzg4LWEzYjYt
MTIyNTVlMzYxMmVjLzEvOEstRGs5bkRRd2RDaGtFRVRra1YxN2d1MDRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iMTliZDgtZTFkOC00Mzg4LWEzYjYtMTIyNTVlMzYxMmVj
LzEvdmVMYmhKanVqM3M2dGNxdWc0S1ZsbUlIQXNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBARUJjAD
BABUJjIDBAFUJjQDBAFUJjgwDQYJKoZIhvcNAQELBQADggEBAEnloLTVb+perqaE
WhepzzlHP6fGxy1GNvIs1xTUZpKACKegWRy9mhrUAVgKNSQ3TEH5a9bRonAmdWua
Slliq6aeQHvwGmOSQXF5mJjTZyZ22gEO4P6+CimLii78ARPsCCd+2joAdtA8+ymB
Gh4ci1WxM0qh0vawXqQU+fEBrVHsmQpXntGfvPBEvNl2xCMlIpCVGRRxOvMUgUZs
kStfvXEZ2v5iRGNNmWoA5CJpmGj3sCvyhc4m+66mFZ6fEBNO/tNcSP2GyPHRx35u
DusFCdHVZhfXVKo/euAORse6lmNXsZmDkv8cVaXrjh2DguaCJCjM1dTP3n0rJnqV
UmDJZuk=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:45 2025 by rpki-client