Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/8qgd-chfm4s94i4SALXscEgXU9k.roa
File: 8qgd-chfm4s94i4SALXscEgXU9k.roa (raw, json)
Hash identifier: Dqd39zUFT5KfY9XX3c/ZaJPGDUH7IRONDdZOBmDnc/c=
Subject key identifier: F2:A8:1D:F9:C8:5F:9B:8B:3D:E2:2E:12:00:B5:EC:70:48:17:53:D9
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01928A61B550B63C50E7062919FFF923A498
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/8qgd-chfm4s94i4SALXscEgXU9k.roa
Signing time: Mon 14 Oct 2024 09:35:11 +0000
ROA not before: Mon 14 Oct 2024 09:35:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 150770
IP address blocks: 212.23.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:38:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:61:b5:50:b6:3c:50:e7:06:29:19:ff:f9:23:a4:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Oct 14 09:35:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2a81df9c85f9b8b3de22e1200b5ec70481753d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:0a:aa:cb:15:a6:cc:f5:f3:41:9e:b0:24:22:
f1:0d:71:8a:00:ec:c3:8d:8d:e3:ab:77:41:af:6d:
0e:85:05:b2:d6:57:dc:b8:88:71:e9:11:9f:ab:2c:
c7:af:52:52:76:3f:4a:ea:da:c6:ea:b9:22:be:27:
26:9a:fa:8c:69:6b:20:a7:e0:3b:30:7e:fa:2c:57:
07:11:73:72:6d:b0:45:88:5e:2f:d8:c5:ac:96:bb:
a4:7b:59:d8:41:cb:0a:88:c3:73:ce:5c:f0:7c:7e:
9d:ac:2e:9d:99:9a:13:b0:8d:f0:f6:3a:45:47:08:
60:40:3e:39:44:fb:c8:65:8b:67:7d:00:33:f8:81:
f4:9e:ff:35:23:76:38:9d:7a:e7:9c:b6:a8:af:9a:
e7:c2:5c:18:ba:66:9a:ba:8e:f4:78:19:83:dd:19:
9f:28:41:b7:ea:99:b2:cd:6f:64:48:5a:c7:a4:1c:
33:ff:cd:d2:1d:c3:c3:2a:2f:03:91:71:de:71:bd:
ad:0d:7d:9c:98:fe:2f:e2:d3:e3:8e:0e:01:79:75:
35:37:6c:0b:42:7c:ab:ec:b1:30:5e:3a:5b:6a:ac:
eb:6f:14:79:12:de:21:4b:bb:36:ef:74:23:66:ec:
ea:e2:1b:e9:01:c3:0f:75:5e:df:b2:e9:2a:56:24:
4a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:A8:1D:F9:C8:5F:9B:8B:3D:E2:2E:12:00:B5:EC:70:48:17:53:D9
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/8qgd-chfm4s94i4SALXscEgXU9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.206.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:c0:b0:6d:37:66:4d:8a:2d:35:60:66:99:1b:74:b7:4a:78:
46:4b:e1:d8:9f:3a:48:55:40:96:9a:77:f0:d8:5d:19:13:9c:
2f:0a:11:4a:dd:4d:12:23:ee:5f:ea:5b:aa:4f:a5:c8:66:4d:
6d:a2:11:a7:d6:38:1b:18:42:4d:28:34:a5:c3:00:84:92:30:
f2:d2:d8:e1:fa:89:c5:85:41:4e:c0:74:aa:bb:19:cb:54:f5:
b5:77:f5:91:e9:1d:96:a6:63:10:00:68:be:9a:5f:05:d8:79:
8d:40:a6:9c:96:15:16:9b:39:43:a1:7c:9c:39:c6:d9:a0:9b:
77:19:ae:40:40:12:3d:e5:f8:7a:e5:30:a9:cb:04:ec:0e:7a:
1a:8f:33:ed:21:35:7c:63:1c:c2:f9:a3:70:e1:9b:02:94:2c:
ea:2a:26:d4:93:aa:94:50:26:81:64:d6:f1:f8:a9:36:3c:c8:
8b:b9:94:a1:7e:76:21:63:50:c3:13:d9:c2:d3:69:13:67:f7:
7b:d6:ba:2c:66:68:c8:25:f4:68:1e:b1:d6:30:47:40:4c:7b:
88:4d:eb:db:f4:9e:67:04:aa:ae:2a:0e:6c:ea:87:e4:0b:6a:
f5:34:31:a6:78:b3:07:7f:5d:d7:99:61:4b:94:cd:b9:34:54:
2c:70:8a:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKKYbVQtjxQ5wYpGf/5I6SYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQxMDE0MDkzNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmE4MWRmOWM4NWY5YjhiM2RlMjJlMTIwMGI1ZWM3MDQ4MTc1M2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7wqqyxWmzPXzQZ6wJCLxDXGKAOzD
jY3jq3dBr20OhQWy1lfcuIhx6RGfqyzHr1JSdj9K6trG6rkivicmmvqMaWsgp+A7
MH76LFcHEXNybbBFiF4v2MWslruke1nYQcsKiMNzzlzwfH6drC6dmZoTsI3w9jpF
RwhgQD45RPvIZYtnfQAz+IH0nv81I3Y4nXrnnLaor5rnwlwYumaauo70eBmD3Rmf
KEG36pmyzW9kSFrHpBwz/83SHcPDKi8DkXHecb2tDX2cmP4v4tPjjg4BeXU1N2wL
Qnyr7LEwXjpbaqzrbxR5Et4hS7s273QjZuzq4hvpAcMPdV7fsukqViRKLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPKoHfnIX5uLPeIuEgC17HBIF1PZMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvOHFnZC1jaGZtNHM5NGk0U0FMWHNjRWdYVTlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfOMA0G
CSqGSIb3DQEBCwUAA4IBAQBtwLBtN2ZNii01YGaZG3S3SnhGS+HYnzpIVUCWmnfw
2F0ZE5wvChFK3U0SI+5f6luqT6XIZk1tohGn1jgbGEJNKDSlwwCEkjDy0tjh+onF
hUFOwHSquxnLVPW1d/WR6R2WpmMQAGi+ml8F2HmNQKaclhUWmzlDoXycOcbZoJt3
Ga5AQBI95fh65TCpywTsDnoajzPtITV8YxzC+aNw4ZsClCzqKibUk6qUUCaBZNbx
+Kk2PMiLuZShfnYhY1DDE9nC02kTZ/d71rosZmjIJfRoHrHWMEdATHuITevb9J5n
BKquKg5s6ofkC2r1NDGmeLMHf13XmWFLlM25NFQscIp9
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:24:50 2024 by rpki-client on console-ams.rpki-client.org