Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/8jjHs2hfmPavLxBvxeBQQBKzyCo.roa
File: 8jjHs2hfmPavLxBvxeBQQBKzyCo.roa (raw, json)
Hash identifier: uWqJd3GkwkaDQ9ceeej0IfQuKYcNY2zZItZoBss/HE8=
Subject key identifier: F2:38:C7:B3:68:5F:98:F6:AF:2F:10:6F:C5:E0:50:40:12:B3:C8:2A
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CC86F4CA8B801E57134E29B8CDE8497AE
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/8jjHs2hfmPavLxBvxeBQQBKzyCo.roa
Signing time: Tue 02 Jan 2024 04:29:46 +0000
ROA not before: Tue 02 Jan 2024 04:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 393427
IP address blocks: 195.177.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:4c:a8:b8:01:e5:71:34:e2:9b:8c:de:84:97:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 2 04:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f238c7b3685f98f6af2f106fc5e0504012b3c82a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:35:f4:ce:e7:3b:93:1f:5f:ef:4a:2a:b8:89:
87:83:61:de:e0:75:6e:21:10:88:2a:ec:96:f9:ff:
a7:b1:e1:71:ef:a5:0d:c6:94:2a:d5:74:e1:1f:a0:
75:3b:e0:b3:63:20:a8:df:33:f6:81:db:4c:00:37:
54:89:fb:a0:59:f1:2e:72:d8:30:7c:51:55:b1:a5:
da:9d:50:69:41:c3:0c:81:d3:28:fc:6d:a5:e8:ee:
95:78:26:8d:1b:7a:c4:07:c0:63:22:06:e3:25:1f:
59:8d:76:dd:56:c6:aa:f5:f9:01:23:10:78:b7:5f:
fa:e8:bd:9f:a4:42:8d:f2:00:96:f5:93:ac:09:59:
ca:73:74:ab:24:1a:66:24:95:39:07:93:69:96:2b:
de:42:62:1b:91:f6:9c:18:e0:af:d9:98:ee:c8:f7:
b7:cc:06:2e:9b:cb:57:c8:20:55:e1:b0:82:3c:d3:
1c:05:f1:62:b7:83:63:b0:92:40:79:bc:72:9d:66:
d0:c8:42:90:58:7e:9b:75:d0:99:20:e6:c9:84:34:
05:c2:b0:95:0a:a5:54:07:0d:f1:ff:34:e7:58:7c:
b6:d8:70:4a:10:a9:59:1d:e3:7f:8d:23:f9:3d:ba:
23:35:70:06:08:1a:49:8a:6e:d2:17:59:05:6e:91:
eb:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:38:C7:B3:68:5F:98:F6:AF:2F:10:6F:C5:E0:50:40:12:B3:C8:2A
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/8jjHs2hfmPavLxBvxeBQQBKzyCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.177.94.0/24
Signature Algorithm: sha256WithRSAEncryption
72:72:5d:20:6d:d7:d2:5e:a2:12:20:09:a5:c2:7d:03:2c:f2:
a1:5b:b0:c3:8d:da:c1:a8:e3:bf:9d:7a:5e:63:4f:a8:5f:5d:
36:07:d5:9c:49:f3:60:7d:33:29:0d:ad:a4:e6:f5:38:fc:c5:
38:c4:1d:fd:f8:34:2c:92:a8:9c:da:6c:a6:bc:2a:ce:15:26:
3b:c7:d8:1f:39:4c:ba:23:cc:20:d0:42:4b:0c:12:fc:30:ae:
8d:7d:38:eb:de:33:0c:48:92:e4:f9:7b:b7:75:7e:cc:33:4d:
8f:ca:aa:7b:cf:e0:30:52:a0:8d:03:ca:10:02:a7:f0:29:28:
c1:ae:23:65:7c:ca:5c:5c:ee:94:fb:78:7e:3a:a5:ca:13:3c:
1b:67:9f:1d:73:82:c9:a6:01:a7:52:7f:7e:98:5f:ff:6e:9c:
61:5c:e2:b5:11:94:75:47:82:0a:60:c7:ca:ca:c4:c5:37:cd:
37:5c:7f:48:02:2b:27:62:f5:2e:8c:d0:c7:d1:86:af:84:e6:
32:eb:bd:6a:e5:08:ce:03:1d:35:3b:b5:9b:13:ff:ca:4c:15:
cc:d3:f0:91:fc:83:b9:02:28:27:3d:55:e2:8d:4c:bd:d2:5c:
e8:65:f2:27:9e:84:96:a2:b2:53:54:a4:a8:ee:aa:ae:4c:1a:
85:93:bf:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb0youAHlcTTim4zehJeuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTAyMDQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjM4YzdiMzY4NWY5OGY2YWYyZjEwNmZjNWUwNTA0MDEyYjNjODJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjX0zuc7kx9f70oquImHg2He4HVu
IRCIKuyW+f+nseFx76UNxpQq1XThH6B1O+CzYyCo3zP2gdtMADdUifugWfEuctgw
fFFVsaXanVBpQcMMgdMo/G2l6O6VeCaNG3rEB8BjIgbjJR9ZjXbdVsaq9fkBIxB4
t1/66L2fpEKN8gCW9ZOsCVnKc3SrJBpmJJU5B5NpliveQmIbkfacGOCv2ZjuyPe3
zAYum8tXyCBV4bCCPNMcBfFit4NjsJJAebxynWbQyEKQWH6bddCZIObJhDQFwrCV
CqVUBw3x/zTnWHy22HBKEKlZHeN/jSP5PbojNXAGCBpJim7SF1kFbpHrLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPI4x7NoX5j2ry8Qb8XgUEASs8gqMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvOGpqSHMyaGZtUGF2THhCdnhlQlFRQkt6eUNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7FeMA0G
CSqGSIb3DQEBCwUAA4IBAQBycl0gbdfSXqISIAmlwn0DLPKhW7DDjdrBqOO/nXpe
Y0+oX102B9WcSfNgfTMpDa2k5vU4/MU4xB39+DQskqic2mymvCrOFSY7x9gfOUy6
I8wg0EJLDBL8MK6NfTjr3jMMSJLk+Xu3dX7MM02Pyqp7z+AwUqCNA8oQAqfwKSjB
riNlfMpcXO6U+3h+OqXKEzwbZ58dc4LJpgGnUn9+mF//bpxhXOK1EZR1R4IKYMfK
ysTFN803XH9IAisnYvUujNDH0YavhOYy671q5QjOAx01O7WbE//KTBXM0/CR/IO5
AignPVXijUy90lzoZfInnoSWorJTVKSo7qquTBqFk7+D
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:33:26 2024 by rpki-client on console-ams.rpki-client.org