Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/_8rJuTQOL6dA7I04wwPydxCa3_I.roa
File: _8rJuTQOL6dA7I04wwPydxCa3_I.roa (raw, json)
Hash identifier: Cu5wVONAKbIO6p9xyDmta5EinVSBkwim6xF3jQ6wQkE=
Subject key identifier: FF:CA:C9:B9:34:0E:2F:A7:40:EC:8D:38:C3:03:F2:77:10:9A:DF:F2
Certificate issuer: /CN=84695c825129e3654a508b3bc529fe3a5b3839b1
Certificate serial: 018CC64B4B788F1763CE35FF3C0793BD91B8
Authority key identifier: 84:69:5C:82:51:29:E3:65:4A:50:8B:3B:C5:29:FE:3A:5B:38:39:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hGlcglEp42VKUIs7xSn-Ols4ObE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/_8rJuTQOL6dA7I04wwPydxCa3_I.roa
Signing time: Mon 01 Jan 2024 18:31:12 +0000
ROA not before: Mon 01 Jan 2024 18:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 194.56.216.0/23 maxlen: 23
194.56.222.0/23 maxlen: 23
2a0f:13c6::/31 maxlen: 31
2a0f:13c0::/31 maxlen: 31
2a0f:13c2::/31 maxlen: 31
2a0f:13c4::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/hGlcglEp42VKUIs7xSn-Ols4ObE.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/hGlcglEp42VKUIs7xSn-Ols4ObE.mft
rsync://rpki.ripe.net/repository/DEFAULT/hGlcglEp42VKUIs7xSn-Ols4ObE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 10:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:4b:78:8f:17:63:ce:35:ff:3c:07:93:bd:91:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84695c825129e3654a508b3bc529fe3a5b3839b1
Validity
Not Before: Jan 1 18:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffcac9b9340e2fa740ec8d38c303f277109adff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:9f:10:1a:25:a6:18:02:a7:24:95:50:8f:ec:
a9:0a:88:b8:5c:89:6d:4d:f8:f9:ee:ad:1a:6f:4a:
41:fa:74:25:47:88:65:e5:99:1c:ae:17:37:49:00:
01:e5:0b:ee:9a:81:9c:1d:ce:1d:1a:71:fb:d6:80:
f2:6f:2f:c8:56:fd:a6:c6:1a:94:9e:0b:4b:61:c4:
5f:af:61:81:56:09:c2:e7:3a:82:04:51:73:73:84:
f9:d0:ac:64:f0:15:c0:8c:61:36:94:d2:79:1b:cf:
ed:eb:48:69:14:f6:9b:58:b5:c2:08:c3:f7:ec:44:
d6:0f:3d:16:87:0a:4d:47:e2:1e:8b:99:9b:4f:df:
82:82:5d:ce:c4:6c:d9:0d:e7:f8:e0:0f:d2:b0:02:
43:44:0a:c9:e8:23:d0:f2:b7:9a:93:64:9c:66:db:
04:e6:49:cd:e8:77:dd:3e:85:70:1c:fe:c1:69:17:
22:3f:06:b6:5b:65:1d:48:ba:cf:93:39:9d:d4:89:
fb:a6:96:53:1a:ca:95:f6:88:49:c6:af:a0:81:67:
14:37:f6:61:33:59:f6:6f:40:3a:c8:dc:e9:08:a5:
b3:b9:41:0f:35:e8:02:59:af:0e:0e:b4:25:91:69:
f8:10:d0:01:e6:90:bd:2e:f6:f7:09:04:43:d0:d1:
63:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:CA:C9:B9:34:0E:2F:A7:40:EC:8D:38:C3:03:F2:77:10:9A:DF:F2
X509v3 Authority Key Identifier:
keyid:84:69:5C:82:51:29:E3:65:4A:50:8B:3B:C5:29:FE:3A:5B:38:39:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGlcglEp42VKUIs7xSn-Ols4ObE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/_8rJuTQOL6dA7I04wwPydxCa3_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/hGlcglEp42VKUIs7xSn-Ols4ObE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.216.0/23
194.56.222.0/23
IPv6:
2a0f:13c0::/29
Signature Algorithm: sha256WithRSAEncryption
23:2e:6f:f7:73:d2:b3:15:17:e2:b5:b5:bf:a5:81:55:c5:03:
4c:8e:02:28:18:40:db:7f:23:d6:c8:3d:51:c3:df:c4:9d:ab:
94:a7:1b:76:bb:6e:74:53:1f:7c:5b:43:a6:22:6c:bb:8c:38:
70:fe:ff:a2:62:bf:71:b7:09:47:12:39:f9:00:95:27:07:f2:
a3:5f:4f:47:0d:36:4b:53:82:52:fe:af:4f:8e:bd:10:fa:7a:
e8:eb:ab:e3:32:53:0a:51:06:0f:a1:74:aa:7c:2f:d2:99:99:
5f:d6:78:e4:d5:be:ea:62:c3:3b:98:c6:21:9d:0f:0c:f3:4f:
28:18:56:74:42:54:43:f6:d3:e6:aa:f7:62:bb:05:fd:d2:6d:
99:08:53:35:46:73:62:26:23:f0:e6:43:94:31:e4:fa:65:1a:
eb:68:e9:c0:91:9c:b7:e2:12:bd:53:c5:44:e0:83:f5:f3:4e:
4b:9b:cb:dd:be:8b:4d:39:a6:b0:bf:75:41:de:d1:f5:68:32:
b0:4f:fb:29:cc:df:53:a8:c5:91:c6:f6:4b:6b:ff:a5:a1:0d:
3b:09:e8:ad:c9:7d:66:7e:23:33:94:d7:e7:d6:fc:1d:77:40:
5e:54:d3:82:af:fe:f3:d0:56:cf:5b:b0:43:db:b0:b0:a7:90:
06:60:77:ad
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGS0t4jxdjzjX/PAeTvZG4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0Njk1YzgyNTEyOWUzNjU0YTUwOGIzYmM1MjlmZTNhNWIz
ODM5YjEwHhcNMjQwMTAxMTgzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmNhYzliOTM0MGUyZmE3NDBlYzhkMzhjMzAzZjI3NzEwOWFkZmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgp8QGiWmGAKnJJVQj+ypCoi4XIlt
Tfj57q0ab0pB+nQlR4hl5Zkcrhc3SQAB5QvumoGcHc4dGnH71oDyby/IVv2mxhqU
ngtLYcRfr2GBVgnC5zqCBFFzc4T50Kxk8BXAjGE2lNJ5G8/t60hpFPabWLXCCMP3
7ETWDz0WhwpNR+Iei5mbT9+Cgl3OxGzZDef44A/SsAJDRArJ6CPQ8reak2ScZtsE
5knN6HfdPoVwHP7BaRciPwa2W2UdSLrPkzmd1In7ppZTGsqV9ohJxq+ggWcUN/Zh
M1n2b0A6yNzpCKWzuUEPNegCWa8ODrQlkWn4ENAB5pC9Lvb3CQRD0NFjLwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFP/Kybk0Di+nQOyNOMMD8ncQmt/yMB8GA1UdIwQY
MBaAFIRpXIJRKeNlSlCLO8Up/jpbODmxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEdsY2dsRXA0MlZLVUlzN3hTbi1PbHM0T2JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hMGU5MGYtMjE5OC00NDJlLTk1ZmMt
YjdmNjM0MjNmMTkyLzEvXzhySnVUUU9MNmRBN0kwNHd3UHlkeENhM19JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9hMGU5MGYtMjE5OC00NDJlLTk1ZmMtYjdmNjM0MjNmMTky
LzEvaEdsY2dsRXA0MlZLVUlzN3hTbi1PbHM0T2JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwjjYAwQB
wjjeMA0EAgACMAcDBQMqDxPAMA0GCSqGSIb3DQEBCwUAA4IBAQAjLm/3c9KzFRfi
tbW/pYFVxQNMjgIoGEDbfyPWyD1Rw9/EnauUpxt2u250Ux98W0OmImy7jDhw/v+i
Yr9xtwlHEjn5AJUnB/KjX09HDTZLU4JS/q9Pjr0Q+nro66vjMlMKUQYPoXSqfC/S
mZlf1njk1b7qYsM7mMYhnQ8M808oGFZ0QlRD9tPmqvdiuwX90m2ZCFM1RnNiJiPw
5kOUMeT6ZRrraOnAkZy34hK9U8VE4IP1805Lm8vdvotNOaawv3VB3tH1aDKwT/sp
zN9TqMWRxvZLa/+loQ07CeityX1mfiMzlNfn1vwdd0BeVNOCr/7z0FbPW7BD27Cw
p5AGYHet
-----END CERTIFICATE-----
Generated at Mon May 6 17:51:51 2024 by rpki-client on console-fra.rpki-client.org