Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/8MbfMR14X4WpV6aU0HGifzfXJZM.roa
File: 8MbfMR14X4WpV6aU0HGifzfXJZM.roa (raw, json)
Hash identifier: FKAyK0i5B3rcaY+7nVw2mluPawmgTVJz20i+8rbcRCI=
Subject key identifier: F0:C6:DF:31:1D:78:5F:85:A9:57:A6:94:D0:71:A2:7F:37:D7:25:93
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 01908CD3A40AEC47EE21BFE413E9A626B654
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/8MbfMR14X4WpV6aU0HGifzfXJZM.roa
Signing time: Sun 07 Jul 2024 10:53:18 +0000
ROA not before: Sun 07 Jul 2024 10:53:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 109.107.155.0/24 maxlen: 24
194.39.110.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Sep 2024 19:08:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:8c:d3:a4:0a:ec:47:ee:21:bf:e4:13:e9:a6:26:b6:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Jul 7 10:53:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0c6df311d785f85a957a694d071a27f37d72593
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:62:d9:37:69:b9:3e:31:71:4a:ee:6e:b2:be:
2f:ee:55:0c:3e:7a:a0:29:be:37:37:a9:e5:8a:41:
55:07:6d:ec:6e:5e:71:fa:5e:be:5b:ff:bd:e6:cc:
dc:e6:49:09:4d:be:6c:58:99:cc:1b:33:c2:69:c6:
a5:a5:92:e7:a7:61:97:8a:f7:b6:fb:76:7e:c3:15:
ae:10:48:55:3d:a6:aa:2f:ac:50:c2:3b:ea:a4:c3:
90:8e:10:3c:f8:cd:36:3a:7e:19:25:b6:41:4b:2f:
82:d1:3b:d8:72:a7:fe:31:d1:00:c4:73:d4:d9:5c:
96:c1:f8:fe:40:5e:ff:ed:91:8e:60:2a:8f:90:7a:
66:ff:4a:e6:21:d3:09:d1:e8:2e:76:4d:b5:c4:b0:
0a:17:0b:99:f2:3f:2f:7d:a8:7b:d9:11:36:d4:d2:
20:de:6a:e8:99:59:39:fc:a4:e1:35:69:88:24:ba:
f1:5a:99:d5:54:10:e0:42:af:18:1c:e3:03:b9:8c:
b5:60:7f:1c:6b:fd:f4:44:fa:3d:d1:93:5d:07:97:
2e:1c:de:45:a0:65:2e:76:3f:d8:fa:d1:93:4c:7e:
98:30:2f:15:bc:3f:bc:56:80:8b:59:34:0d:89:94:
99:6a:b5:82:61:64:92:a3:26:ae:da:5a:59:6e:69:
70:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:C6:DF:31:1D:78:5F:85:A9:57:A6:94:D0:71:A2:7F:37:D7:25:93
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/8MbfMR14X4WpV6aU0HGifzfXJZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.155.0/24
194.39.110.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:0d:58:65:b1:5f:11:32:a8:26:eb:8b:96:e3:4e:6b:75:30:
c0:44:c5:33:92:d2:de:cb:a1:c9:3e:1c:4a:f1:b6:f5:3b:2b:
75:9e:ae:b6:f6:a3:11:6c:88:56:46:c1:1a:45:d4:56:f7:50:
66:9f:14:72:cb:8e:e6:98:4a:b8:b9:e7:66:20:8d:5e:ab:45:
33:58:78:c7:57:3a:aa:15:9f:11:0b:c8:7f:fd:e2:49:29:33:
3b:9c:c7:f9:f3:43:1c:92:89:2d:33:3e:a6:c7:2f:c0:58:45:
2d:6e:d5:6d:70:02:ff:48:d9:e5:01:ca:73:07:66:7f:57:5f:
8c:07:a2:a0:6a:84:be:d1:6a:c6:0e:5a:9f:61:e5:14:86:9c:
8c:b0:7d:3a:77:d3:29:cd:ec:89:1b:3c:3c:ec:86:8f:ea:78:
46:5b:55:ab:b9:9b:e6:18:4c:c1:52:45:d8:dd:52:8c:57:d9:
b2:51:37:89:85:56:a2:94:6a:5f:21:5f:3a:97:07:f7:3d:d3:
f1:b6:36:df:2f:63:b4:76:f8:f4:46:6f:2b:87:5b:29:0f:dc:
85:8e:8a:e5:d3:a0:c3:6c:cf:14:1d:5d:ca:53:48:43:3a:94:
7e:7a:58:7b:ca:dc:25:90:8e:5c:5f:0d:e4:db:5e:f7:2a:79:
12:7f:53:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZCM06QK7EfuIb/kE+mmJrZUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjQwNzA3MTA1MzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGM2ZGYzMTFkNzg1Zjg1YTk1N2E2OTRkMDcxYTI3ZjM3ZDcyNTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GLZN2m5PjFxSu5usr4v7lUMPnqg
Kb43N6nlikFVB23sbl5x+l6+W/+95szc5kkJTb5sWJnMGzPCacalpZLnp2GXive2
+3Z+wxWuEEhVPaaqL6xQwjvqpMOQjhA8+M02On4ZJbZBSy+C0TvYcqf+MdEAxHPU
2VyWwfj+QF7/7ZGOYCqPkHpm/0rmIdMJ0egudk21xLAKFwuZ8j8vfah72RE21NIg
3mromVk5/KThNWmIJLrxWpnVVBDgQq8YHOMDuYy1YH8ca/30RPo90ZNdB5cuHN5F
oGUudj/Y+tGTTH6YMC8VvD+8VoCLWTQNiZSZarWCYWSSoyau2lpZbmlwZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPDG3zEdeF+FqVemlNBxon831yWTMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvOE1iZk1SMTRYNFdwVjZhVTBIR2lmemZYSlpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbWubAwQA
widuMA0GCSqGSIb3DQEBCwUAA4IBAQArDVhlsV8RMqgm64uW405rdTDARMUzktLe
y6HJPhxK8bb1Oyt1nq629qMRbIhWRsEaRdRW91BmnxRyy47mmEq4uedmII1eq0Uz
WHjHVzqqFZ8RC8h//eJJKTM7nMf580MckoktMz6mxy/AWEUtbtVtcAL/SNnlAcpz
B2Z/V1+MB6KgaoS+0WrGDlqfYeUUhpyMsH06d9MpzeyJGzw87IaP6nhGW1WruZvm
GEzBUkXY3VKMV9myUTeJhVailGpfIV86lwf3PdPxtjbfL2O0dvj0Rm8rh1spD9yF
jorl06DDbM8UHV3KU0hDOpR+elh7ytwlkI5cXw3k2173KnkSf1MZ
-----END CERTIFICATE-----
Generated at Sat Sep 7 23:59:59 2024 by rpki-client on console-ams.rpki-client.org