Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/J8dLljl_bsbsufnOhRDWomz6G0I.roa
File: J8dLljl_bsbsufnOhRDWomz6G0I.roa (raw, json)
Hash identifier: q2aOL0SgCO0ILmQpFDG7nQLv+lUg8XfvImaPKn6Sl/o=
Subject key identifier: 27:C7:4B:96:39:7F:6E:C6:EC:B9:F9:CE:85:10:D6:A2:6C:FA:1B:42
Certificate issuer: /CN=1f1293cbbe2f692540d3cc5a6e823660494c4063
Certificate serial: 018CC9BB1ADC9A067A15E83E2C9254B7CBA7
Authority key identifier: 1F:12:93:CB:BE:2F:69:25:40:D3:CC:5A:6E:82:36:60:49:4C:40:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HxKTy74vaSVA08xaboI2YElMQGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/J8dLljl_bsbsufnOhRDWomz6G0I.roa
Signing time: Tue 02 Jan 2024 10:32:11 +0000
ROA not before: Tue 02 Jan 2024 10:32:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8448
IP address blocks: 188.44.128.0/17 maxlen: 17
217.79.128.0/20 maxlen: 20
84.225.192.0/18 maxlen: 18
2a00:1878::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/HxKTy74vaSVA08xaboI2YElMQGM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/HxKTy74vaSVA08xaboI2YElMQGM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HxKTy74vaSVA08xaboI2YElMQGM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:1a:dc:9a:06:7a:15:e8:3e:2c:92:54:b7:cb:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f1293cbbe2f692540d3cc5a6e823660494c4063
Validity
Not Before: Jan 2 10:32:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27c74b96397f6ec6ecb9f9ce8510d6a26cfa1b42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:44:9c:b2:10:49:8a:9e:03:e7:cc:bf:fb:a4:
79:01:82:87:e9:1f:29:9a:c1:18:7d:3c:14:45:ac:
0d:92:1e:43:b1:10:ca:a8:e8:b6:ae:19:20:1f:40:
aa:dd:dc:d6:c5:97:b6:9d:2a:21:8f:22:3b:37:af:
2a:c6:7a:1e:c7:79:f4:58:e9:81:ec:3c:64:17:34:
f7:f7:5d:56:c8:48:b2:32:59:52:cf:66:63:98:dc:
59:55:e6:b9:26:cd:ef:82:92:90:ae:20:c6:64:05:
9a:45:67:c4:c8:df:47:f8:3b:e8:b9:bd:cc:f3:b7:
2b:07:dc:cb:80:9a:08:2d:a2:c6:cd:9a:64:a5:60:
56:bc:12:80:e3:98:0d:5f:6f:40:63:4f:84:dc:8c:
a0:4e:ac:51:17:10:d4:f6:fb:36:83:11:11:dc:a9:
7f:fc:55:30:92:80:53:a2:fd:16:67:24:6b:e3:ec:
16:8e:89:b6:23:41:d3:0f:eb:31:6d:35:af:2c:5f:
3c:87:9c:7d:11:ff:fe:a1:81:8a:20:56:10:6b:77:
33:22:ff:b7:d6:94:85:39:d5:ed:93:d5:1b:85:e3:
5d:a5:52:6d:25:ae:3f:ce:a9:9b:35:af:3c:2e:11:
a7:8c:7a:f9:d4:42:d5:df:88:9a:e1:b8:18:0d:71:
bd:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:C7:4B:96:39:7F:6E:C6:EC:B9:F9:CE:85:10:D6:A2:6C:FA:1B:42
X509v3 Authority Key Identifier:
keyid:1F:12:93:CB:BE:2F:69:25:40:D3:CC:5A:6E:82:36:60:49:4C:40:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HxKTy74vaSVA08xaboI2YElMQGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/J8dLljl_bsbsufnOhRDWomz6G0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/HxKTy74vaSVA08xaboI2YElMQGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.225.192.0/18
188.44.128.0/17
217.79.128.0/20
IPv6:
2a00:1878::/29
Signature Algorithm: sha256WithRSAEncryption
2f:1f:5a:ed:51:9c:ec:89:aa:39:9c:39:7d:9a:0f:e4:c8:14:
e4:30:ad:c6:fb:d8:6f:4b:a6:66:a3:38:76:de:bb:ed:f9:8b:
72:a7:57:79:41:5b:50:43:fb:2c:47:e8:ce:08:31:79:40:be:
8b:03:e4:9b:90:2c:04:bb:73:e8:ee:e0:56:7d:3d:bb:23:67:
54:f0:1b:92:04:6a:39:02:53:7e:ad:46:58:39:af:4e:fb:d1:
04:06:33:9d:01:55:e8:c3:58:50:15:ed:91:51:8f:de:8b:d9:
c9:25:2e:16:1f:45:7c:4d:37:69:ea:2a:74:19:28:d0:b8:d3:
8c:5c:e0:e0:16:6e:ea:e4:0d:b6:17:df:7a:bc:16:91:95:2e:
87:fd:f2:2b:6d:23:6d:d7:61:e3:e9:9e:09:34:e7:32:85:75:
b5:17:a1:42:7c:e2:a5:87:e7:f7:c2:ea:7a:87:24:6f:ce:ec:
e7:3f:c5:4e:05:21:b2:ed:a7:e3:2a:8b:65:ba:9d:d9:c3:12:
59:02:a7:69:df:be:7b:cd:fc:d3:6c:6b:75:71:6f:61:9b:2d:
e4:ac:02:4f:23:0c:53:ae:3d:7e:4d:c7:61:ee:68:9e:31:20:
50:86:d1:f3:d0:a1:d6:de:b7:3b:04:a6:fd:83:60:1a:3f:eb:
f5:73:c0:52
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzJuxrcmgZ6Feg+LJJUt8unMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMTI5M2NiYmUyZjY5MjU0MGQzY2M1YTZlODIzNjYwNDk0
YzQwNjMwHhcNMjQwMTAyMTAzMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2M3NGI5NjM5N2Y2ZWM2ZWNiOWY5Y2U4NTEwZDZhMjZjZmExYjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEScshBJip4D58y/+6R5AYKH6R8p
msEYfTwURawNkh5DsRDKqOi2rhkgH0Cq3dzWxZe2nSohjyI7N68qxnoex3n0WOmB
7DxkFzT3911WyEiyMllSz2ZjmNxZVea5Js3vgpKQriDGZAWaRWfEyN9H+Dvoub3M
87crB9zLgJoILaLGzZpkpWBWvBKA45gNX29AY0+E3IygTqxRFxDU9vs2gxER3Kl/
/FUwkoBTov0WZyRr4+wWjom2I0HTD+sxbTWvLF88h5x9Ef/+oYGKIFYQa3czIv+3
1pSFOdXtk9UbheNdpVJtJa4/zqmbNa88LhGnjHr51ELV34ia4bgYDXG99wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCfHS5Y5f27G7Ln5zoUQ1qJs+htCMB8GA1UdIwQY
MBaAFB8Sk8u+L2klQNPMWm6CNmBJTEBjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHhLVHk3NHZhU1ZBMDh4YWJvSTJZRWxNUUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zZjVlM2MtYWM3Yi00ZjBmLWE4NzQt
MjY5NzE1OTlhNTU0LzEvSjhkTGxqbF9ic2JzdWZuT2hSRFdvbXo2RzBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zZjVlM2MtYWM3Yi00ZjBmLWE4NzQtMjY5NzE1OTlhNTU0
LzEvSHhLVHk3NHZhU1ZBMDh4YWJvSTJZRWxNUUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGVOHAAwQH
vCyAAwQE2U+AMA0EAgACMAcDBQMqABh4MA0GCSqGSIb3DQEBCwUAA4IBAQAvH1rt
UZzsiao5nDl9mg/kyBTkMK3G+9hvS6Zmozh23rvt+Ytyp1d5QVtQQ/ssR+jOCDF5
QL6LA+SbkCwEu3Po7uBWfT27I2dU8BuSBGo5AlN+rUZYOa9O+9EEBjOdAVXow1hQ
Fe2RUY/ei9nJJS4WH0V8TTdp6ip0GSjQuNOMXODgFm7q5A22F996vBaRlS6H/fIr
bSNt12Hj6Z4JNOcyhXW1F6FCfOKlh+f3wup6hyRvzuznP8VOBSGy7afjKotlup3Z
wxJZAqdp3757zfzTbGt1cW9hmy3krAJPIwxTrj1+Tcdh7mieMSBQhtHz0KHW3rc7
BKb9g2AaP+v1c8BS
-----END CERTIFICATE-----
Generated at Sun May 12 08:29:10 2024 by rpki-client on console-ams.rpki-client.org