Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/8lMzDbqdQwM7xBJ2zHzJLuyHBSA.roa
File: 8lMzDbqdQwM7xBJ2zHzJLuyHBSA.roa (raw, json)
Hash identifier: X6E5ceN4oGs8oykGzSHXzs3vCEmCIRm4T8FL0LCBxfE=
Subject key identifier: F2:53:33:0D:BA:9D:43:03:3B:C4:12:76:CC:7C:C9:2E:EC:87:05:20
Certificate issuer: /CN=3befe50a40fb1732541e8a97450ab5de774771d8
Certificate serial: 01916FFC2A5582AD1580DB8324A3E2290AB2
Authority key identifier: 3B:EF:E5:0A:40:FB:17:32:54:1E:8A:97:45:0A:B5:DE:77:47:71:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-_lCkD7FzJUHoqXRQq13ndHcdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/8lMzDbqdQwM7xBJ2zHzJLuyHBSA.roa
Signing time: Tue 20 Aug 2024 13:31:22 +0000
ROA not before: Tue 20 Aug 2024 13:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210727
IP address blocks: 91.238.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/O-_lCkD7FzJUHoqXRQq13ndHcdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/O-_lCkD7FzJUHoqXRQq13ndHcdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/O-_lCkD7FzJUHoqXRQq13ndHcdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6f:fc:2a:55:82:ad:15:80:db:83:24:a3:e2:29:0a:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3befe50a40fb1732541e8a97450ab5de774771d8
Validity
Not Before: Aug 20 13:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f253330dba9d43033bc41276cc7cc92eec870520
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f9:31:47:14:dc:07:c7:7b:a2:b1:03:51:4a:
12:a9:de:44:25:ab:23:87:5d:d0:ac:5c:e4:d7:1a:
e5:a8:e0:2f:33:e4:94:a7:39:6a:e5:f1:ff:c5:73:
57:67:be:dc:44:87:3a:96:21:59:c6:2d:55:d3:15:
e6:f8:02:bf:ba:09:fb:30:e3:ce:9b:e6:8c:db:ef:
df:6f:27:1f:fc:c1:1f:09:2c:64:6e:27:a9:2d:23:
ce:a1:70:62:ba:4b:d8:07:14:45:f5:5f:63:54:7e:
97:ac:ee:09:d0:c3:f3:44:0b:7f:e9:a7:6d:17:13:
97:7c:08:9c:82:d1:a9:d3:4b:a8:ba:8f:04:c5:7e:
bf:c1:8d:25:08:81:ec:7f:b0:e5:5d:b8:bc:01:d0:
51:95:a1:8c:41:bf:f1:ec:34:44:5e:f5:45:71:f0:
ac:ec:b9:a4:26:5b:71:12:d4:23:7f:d1:f8:f4:32:
58:e7:ad:42:df:eb:a4:79:bb:69:f9:d2:4b:ba:4c:
b3:cc:8d:c9:86:e8:17:f3:b8:56:24:b6:f8:70:75:
26:e3:f2:9b:2b:50:e6:37:5d:2d:12:b3:c6:e4:30:
b9:39:05:80:ea:de:15:37:71:8d:9f:a5:d7:32:17:
cc:ff:2c:49:f4:b8:16:8f:e4:06:18:ca:d1:0e:3b:
ad:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:53:33:0D:BA:9D:43:03:3B:C4:12:76:CC:7C:C9:2E:EC:87:05:20
X509v3 Authority Key Identifier:
keyid:3B:EF:E5:0A:40:FB:17:32:54:1E:8A:97:45:0A:B5:DE:77:47:71:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-_lCkD7FzJUHoqXRQq13ndHcdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/8lMzDbqdQwM7xBJ2zHzJLuyHBSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/O-_lCkD7FzJUHoqXRQq13ndHcdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.194.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:45:bb:6c:d8:0d:db:a3:18:9e:0a:1c:12:2f:33:be:28:2c:
b2:ea:90:d7:d5:79:a8:c3:be:8f:f6:69:39:15:7c:1a:87:53:
58:5f:17:2f:16:80:af:c3:1a:f0:9d:ae:76:86:a1:eb:a1:7b:
fa:79:0e:20:b5:81:aa:b9:e4:8c:3d:89:a2:ff:2c:07:46:bf:
93:68:fc:d5:81:ac:ad:77:f7:76:8e:18:dc:aa:be:41:a9:eb:
54:7a:78:85:64:35:5d:34:49:8e:8c:67:7e:6c:b5:11:89:de:
b3:ec:ff:80:30:d9:be:9b:f8:40:95:ba:bf:4a:3e:12:79:7f:
73:9a:ae:21:2e:16:14:ed:0c:8c:e6:60:e7:27:a7:aa:09:47:
b3:80:ca:15:33:7a:59:7b:61:d2:3f:44:f6:c1:db:ad:73:81:
f8:32:da:7a:51:f3:d8:d8:3e:b7:20:ae:22:81:15:49:21:52:
95:ef:41:6f:45:ca:90:f9:79:74:68:41:58:36:98:71:55:82:
ad:c8:7f:ec:48:ba:33:d0:e6:08:1d:7d:72:5f:be:16:4c:25:
fe:37:72:07:2a:15:69:b1:d1:cb:50:81:ec:61:3c:b0:58:b8:
ca:08:f2:15:c6:65:45:81:a5:39:74:e6:7b:0f:d1:f5:59:2e:
6b:73:3a:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFv/CpVgq0VgNuDJKPiKQqyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZWZlNTBhNDBmYjE3MzI1NDFlOGE5NzQ1MGFiNWRlNzc0
NzcxZDgwHhcNMjQwODIwMTMzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjUzMzMwZGJhOWQ0MzAzM2JjNDEyNzZjYzdjYzkyZWVjODcwNTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPkxRxTcB8d7orEDUUoSqd5EJasj
h13QrFzk1xrlqOAvM+SUpzlq5fH/xXNXZ77cRIc6liFZxi1V0xXm+AK/ugn7MOPO
m+aM2+/fbycf/MEfCSxkbiepLSPOoXBiukvYBxRF9V9jVH6XrO4J0MPzRAt/6adt
FxOXfAicgtGp00uouo8ExX6/wY0lCIHsf7DlXbi8AdBRlaGMQb/x7DREXvVFcfCs
7LmkJltxEtQjf9H49DJY561C3+ukebtp+dJLukyzzI3JhugX87hWJLb4cHUm4/Kb
K1DmN10tErPG5DC5OQWA6t4VN3GNn6XXMhfM/yxJ9LgWj+QGGMrRDjutmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPJTMw26nUMDO8QSdsx8yS7shwUgMB8GA1UdIwQY
MBaAFDvv5QpA+xcyVB6Kl0UKtd53R3HYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTy1fbENrRDdGekpVSG9xWFJRcTEzbmRIY2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi84ZWY3NDAtMTA1Mi00OWVjLWE0MDkt
ZTYxNTQ5MzExN2QyLzEvOGxNekRicWRRd003eEJKMnpIekpMdXlIQlNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi84ZWY3NDAtMTA1Mi00OWVjLWE0MDktZTYxNTQ5MzExN2Qy
LzEvTy1fbENrRDdGekpVSG9xWFJRcTEzbmRIY2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+7CMA0G
CSqGSIb3DQEBCwUAA4IBAQBsRbts2A3boxieChwSLzO+KCyy6pDX1Xmow76P9mk5
FXwah1NYXxcvFoCvwxrwna52hqHroXv6eQ4gtYGqueSMPYmi/ywHRr+TaPzVgayt
d/d2jhjcqr5BqetUeniFZDVdNEmOjGd+bLURid6z7P+AMNm+m/hAlbq/Sj4SeX9z
mq4hLhYU7QyM5mDnJ6eqCUezgMoVM3pZe2HSP0T2wdutc4H4Mtp6UfPY2D63IK4i
gRVJIVKV70FvRcqQ+Xl0aEFYNphxVYKtyH/sSLoz0OYIHX1yX74WTCX+N3IHKhVp
sdHLUIHsYTywWLjKCPIVxmVFgaU5dOZ7D9H1WS5rczrM
-----END CERTIFICATE-----
Generated at Sat Nov 23 08:44:31 2024 by rpki-client on console-fra.rpki-client.org