Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/8e1204-4a03-4c97-a03f-97e080e2a910/1/Ls7ao08Q1H0G804fwEiRXOIpDXI.roa
File: Ls7ao08Q1H0G804fwEiRXOIpDXI.roa (raw, json)
Hash identifier: nbA0FgF9/oeKHXyw4r5fHr3r8qPxf5Qh7Dn41/PjH3M=
Subject key identifier: 2E:CE:DA:A3:4F:10:D4:7D:06:F3:4E:1F:C0:48:91:5C:E2:29:0D:72
Certificate issuer: /CN=a089c7211eb0cba0fd93ce316b389538ce1acb00
Certificate serial: 018CC64B092525D24701A7194501C037E391
Authority key identifier: A0:89:C7:21:1E:B0:CB:A0:FD:93:CE:31:6B:38:95:38:CE:1A:CB:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oInHIR6wy6D9k84xaziVOM4aywA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/8e1204-4a03-4c97-a03f-97e080e2a910/1/Ls7ao08Q1H0G804fwEiRXOIpDXI.roa
Signing time: Mon 01 Jan 2024 18:30:55 +0000
ROA not before: Mon 01 Jan 2024 18:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200852
IP address blocks: 193.239.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/8e1204-4a03-4c97-a03f-97e080e2a910/1/oInHIR6wy6D9k84xaziVOM4aywA.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/8e1204-4a03-4c97-a03f-97e080e2a910/1/oInHIR6wy6D9k84xaziVOM4aywA.mft
rsync://rpki.ripe.net/repository/DEFAULT/oInHIR6wy6D9k84xaziVOM4aywA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:09:25:25:d2:47:01:a7:19:45:01:c0:37:e3:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a089c7211eb0cba0fd93ce316b389538ce1acb00
Validity
Not Before: Jan 1 18:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ecedaa34f10d47d06f34e1fc048915ce2290d72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:4d:81:d8:ad:0f:27:1b:14:b2:31:41:e4:32:
fe:37:f8:ae:03:e9:85:85:f1:ff:be:d7:45:b8:4e:
48:af:31:c6:4a:b0:37:02:1f:fd:ab:a3:f2:8a:da:
e0:85:13:1a:1d:b8:b3:6e:59:99:16:07:4a:5e:59:
b3:cd:ee:fb:c5:c5:b7:6c:a1:80:a7:64:28:90:18:
64:b4:39:c2:08:84:a6:43:a5:a3:f7:e2:ef:bb:1e:
76:d2:d3:5a:a0:73:78:3c:b9:61:30:f2:b5:6f:b0:
48:a7:36:97:51:f2:80:e3:8f:c4:a7:a4:f0:11:43:
ba:16:d8:a9:d3:bd:b8:ff:a8:20:cf:5d:bf:00:d4:
4d:63:1f:c9:0f:d9:35:23:39:9d:55:60:6b:4b:0e:
15:c7:29:3c:8f:9a:53:fb:4d:1c:09:98:23:0f:b0:
be:b0:f6:e6:89:4f:3c:e7:d4:b7:28:3f:2e:6f:01:
cf:3d:32:d4:7a:f8:7c:10:9e:1a:bd:e1:23:ca:a2:
50:b9:39:26:40:c6:68:cb:9c:22:5e:01:47:18:41:
6e:2a:71:0f:d3:d0:5f:eb:cd:ab:1a:96:92:24:54:
59:24:ad:f7:ee:5f:25:cd:bf:a0:2d:b6:15:99:3a:
d2:ce:92:74:bb:44:50:3d:e5:60:18:df:dd:ec:58:
61:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:CE:DA:A3:4F:10:D4:7D:06:F3:4E:1F:C0:48:91:5C:E2:29:0D:72
X509v3 Authority Key Identifier:
keyid:A0:89:C7:21:1E:B0:CB:A0:FD:93:CE:31:6B:38:95:38:CE:1A:CB:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oInHIR6wy6D9k84xaziVOM4aywA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/8e1204-4a03-4c97-a03f-97e080e2a910/1/Ls7ao08Q1H0G804fwEiRXOIpDXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/8e1204-4a03-4c97-a03f-97e080e2a910/1/oInHIR6wy6D9k84xaziVOM4aywA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.239.208.0/24
Signature Algorithm: sha256WithRSAEncryption
78:94:2d:c2:e2:78:e3:2e:f1:6a:46:40:d1:ba:ec:c8:10:d5:
18:bc:4c:8e:69:5c:d4:f2:22:45:7f:d8:1e:a7:f4:c1:24:16:
75:4b:e5:44:0f:cd:32:19:a9:8f:57:c0:96:16:86:ca:d0:17:
e7:9d:fb:bd:79:e1:2d:18:05:ea:ff:60:bf:64:37:c4:cd:1a:
8c:4b:57:9a:c1:f1:db:ea:c6:5f:3d:1e:be:89:19:fd:58:90:
89:42:d5:40:b0:f0:d5:d3:82:fe:d1:a6:28:c6:1c:b1:99:93:
88:65:d4:9a:49:4a:9f:4a:04:12:47:f3:8e:08:1e:0c:08:ce:
4d:b1:7d:1a:a3:86:23:dd:e6:ac:c4:74:0b:1a:c4:b1:b6:4e:
8f:cf:e7:19:d6:97:37:68:07:11:28:cc:2b:7b:bd:b1:c5:bd:
06:c9:42:bd:a8:68:7e:52:a2:81:4a:d6:87:c9:89:b2:88:d6:
79:75:e2:db:60:5d:c1:1d:23:d8:e4:cd:24:55:05:4f:37:94:
be:3d:d6:61:b5:19:0a:1f:bc:f6:a9:c4:fd:49:5e:f4:ad:f6:
85:fa:a0:ec:01:6f:82:0e:e1:9a:4e:ad:39:d2:08:e9:a7:62:
67:a0:0a:d1:c2:a2:87:f5:95:1f:2b:60:0b:98:f2:2e:a0:39:
3c:33:ea:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSwklJdJHAacZRQHAN+ORMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwODljNzIxMWViMGNiYTBmZDkzY2UzMTZiMzg5NTM4Y2Ux
YWNiMDAwHhcNMjQwMTAxMTgzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWNlZGFhMzRmMTBkNDdkMDZmMzRlMWZjMDQ4OTE1Y2UyMjkwZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhE2B2K0PJxsUsjFB5DL+N/iuA+mF
hfH/vtdFuE5IrzHGSrA3Ah/9q6PyitrghRMaHbizblmZFgdKXlmzze77xcW3bKGA
p2QokBhktDnCCISmQ6Wj9+Lvux520tNaoHN4PLlhMPK1b7BIpzaXUfKA44/Ep6Tw
EUO6Ftip0724/6ggz12/ANRNYx/JD9k1IzmdVWBrSw4Vxyk8j5pT+00cCZgjD7C+
sPbmiU8859S3KD8ubwHPPTLUevh8EJ4aveEjyqJQuTkmQMZoy5wiXgFHGEFuKnEP
09Bf682rGpaSJFRZJK337l8lzb+gLbYVmTrSzpJ0u0RQPeVgGN/d7Fhh2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC7O2qNPENR9BvNOH8BIkVziKQ1yMB8GA1UdIwQY
MBaAFKCJxyEesMug/ZPOMWs4lTjOGssAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0luSElSNnd5NkQ5azg0eGF6aVZPTTRheXdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS84ZTEyMDQtNGEwMy00Yzk3LWEwM2Yt
OTdlMDgwZTJhOTEwLzEvTHM3YW8wOFExSDBHODA0ZndFaVJYT0lwRFhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS84ZTEyMDQtNGEwMy00Yzk3LWEwM2YtOTdlMDgwZTJhOTEw
LzEvb0luSElSNnd5NkQ5azg0eGF6aVZPTTRheXdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwe/QMA0G
CSqGSIb3DQEBCwUAA4IBAQB4lC3C4njjLvFqRkDRuuzIENUYvEyOaVzU8iJFf9ge
p/TBJBZ1S+VED80yGamPV8CWFobK0Bfnnfu9eeEtGAXq/2C/ZDfEzRqMS1eawfHb
6sZfPR6+iRn9WJCJQtVAsPDV04L+0aYoxhyxmZOIZdSaSUqfSgQSR/OOCB4MCM5N
sX0ao4Yj3easxHQLGsSxtk6Pz+cZ1pc3aAcRKMwre72xxb0GyUK9qGh+UqKBStaH
yYmyiNZ5deLbYF3BHSPY5M0kVQVPN5S+PdZhtRkKH7z2qcT9SV70rfaF+qDsAW+C
DuGaTq050gjpp2JnoArRwqKH9ZUfK2ALmPIuoDk8M+rK
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:59:01 2024 by rpki-client on console-fra.rpki-client.org