Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/8wBZnw2BLLPt2kpPM0AkpBik8ZQ.roa
File: 8wBZnw2BLLPt2kpPM0AkpBik8ZQ.roa (raw, json)
Hash identifier: LiXcfSTLLuJAxrL1yIExe/DdcF5qNzmnen17v6fyvXM=
Subject key identifier: F3:00:59:9F:0D:81:2C:B3:ED:DA:4A:4F:33:40:24:A4:18:A4:F1:94
Certificate issuer: /CN=87be093097097c4457ff5aa3e5893c8c15432612
Certificate serial: 018CC8DF82C79B9045D622E285FA0BEDDF13
Authority key identifier: 87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/8wBZnw2BLLPt2kpPM0AkpBik8ZQ.roa
Signing time: Tue 02 Jan 2024 06:32:20 +0000
ROA not before: Tue 02 Jan 2024 06:32:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210930
IP address blocks: 2a10:9903:511::/48 maxlen: 48
2a10:9903:501::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.mft
rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:82:c7:9b:90:45:d6:22:e2:85:fa:0b:ed:df:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87be093097097c4457ff5aa3e5893c8c15432612
Validity
Not Before: Jan 2 06:32:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f300599f0d812cb3edda4a4f334024a418a4f194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:eb:2f:ec:99:0e:09:50:7d:43:1f:25:39:7f:
6f:01:53:bc:eb:32:2d:c0:6a:97:37:b8:ca:b0:a0:
e3:96:81:e7:c1:73:bf:b0:7e:3b:94:45:50:39:fb:
b6:24:be:68:5c:41:cc:fa:ba:82:f1:6a:c1:42:dd:
81:95:bf:82:d6:bf:5b:6d:86:62:ce:f3:08:c2:55:
aa:0e:6d:45:09:72:f5:c6:52:09:df:de:bb:5c:d9:
18:69:41:4f:c6:b0:8c:b0:23:40:2b:d5:1f:c5:49:
da:80:e9:a7:4f:7f:11:e0:1b:67:40:79:1f:6f:17:
43:cc:7f:c3:d2:94:32:a3:49:30:27:5b:55:25:a4:
f7:3d:a4:86:6c:86:1d:27:cc:13:09:1e:05:95:2c:
96:35:02:d0:24:68:02:31:a6:d2:85:24:62:eb:e8:
18:b9:9a:58:9f:85:b1:79:7e:92:2d:50:91:3a:46:
70:00:21:99:36:b8:26:63:9e:c8:f2:3e:26:a4:b7:
06:ac:42:25:47:66:71:59:cc:93:db:7e:a8:b5:65:
a0:19:53:b7:a1:cb:9f:12:1b:5a:3f:fc:e2:a9:fd:
1e:c6:a3:d5:f8:80:91:4c:84:48:a8:74:c7:31:23:
68:65:07:f9:24:3e:95:9e:2b:13:d4:ca:32:37:cc:
07:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:00:59:9F:0D:81:2C:B3:ED:DA:4A:4F:33:40:24:A4:18:A4:F1:94
X509v3 Authority Key Identifier:
keyid:87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/8wBZnw2BLLPt2kpPM0AkpBik8ZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:9903:501::/48
2a10:9903:511::/48
Signature Algorithm: sha256WithRSAEncryption
30:71:9c:ca:83:7e:82:75:43:2f:16:92:dd:6a:6f:62:ef:02:
5e:74:ff:b4:d1:66:75:b0:fb:d3:c5:6c:ff:cc:27:6c:3b:ee:
a5:8a:6f:73:53:a2:77:46:95:70:5f:26:f0:60:03:ae:6f:dc:
52:02:d6:fd:57:67:71:43:06:39:6d:be:c9:4f:8f:90:5a:42:
23:76:ff:25:43:c1:5e:ec:fa:fa:c2:54:7d:f0:97:ce:7e:3e:
28:2a:42:c4:a2:2c:69:b8:4b:17:e1:9b:fb:35:93:2d:22:56:
96:5a:25:53:5b:9b:97:63:1a:77:be:f4:25:e4:77:59:15:cc:
de:f2:51:c3:60:12:78:84:f9:98:c1:eb:30:5c:a4:b3:d0:ad:
6f:fb:89:d4:6e:9b:cc:8d:d1:ca:b4:48:63:89:1e:dd:ea:e9:
c3:a1:2a:88:24:61:f0:20:6b:25:34:4d:15:60:bb:b2:ae:e0:
ec:a5:0b:00:e1:fb:ce:18:3a:59:34:e6:b0:18:2d:18:74:72:
dd:62:f5:79:21:1e:61:ac:88:92:c9:4e:d6:47:f2:32:e6:fc:
e2:84:68:cc:be:a7:14:20:5d:9f:6b:e6:ee:fd:8b:c3:bc:a0:
8c:d9:b3:ff:dc:69:cf:e1:b2:d9:38:fe:c7:ef:e9:db:62:ef:
7c:61:19:91
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI34LHm5BF1iLihfoL7d8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YmUwOTMwOTcwOTdjNDQ1N2ZmNWFhM2U1ODkzYzhjMTU0
MzI2MTIwHhcNMjQwMTAyMDYzMjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzAwNTk5ZjBkODEyY2IzZWRkYTRhNGYzMzQwMjRhNDE4YTRmMTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhusv7JkOCVB9Qx8lOX9vAVO86zIt
wGqXN7jKsKDjloHnwXO/sH47lEVQOfu2JL5oXEHM+rqC8WrBQt2Blb+C1r9bbYZi
zvMIwlWqDm1FCXL1xlIJ3967XNkYaUFPxrCMsCNAK9UfxUnagOmnT38R4BtnQHkf
bxdDzH/D0pQyo0kwJ1tVJaT3PaSGbIYdJ8wTCR4FlSyWNQLQJGgCMabShSRi6+gY
uZpYn4WxeX6SLVCROkZwACGZNrgmY57I8j4mpLcGrEIlR2ZxWcyT236otWWgGVO3
ocufEhtaP/ziqf0exqPV+ICRTIRIqHTHMSNoZQf5JD6VnisT1MoyN8wHjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPMAWZ8NgSyz7dpKTzNAJKQYpPGUMB8GA1UdIwQY
MBaAFIe+CTCXCXxEV/9ao+WJPIwVQyYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMt
MmNkZTY1ZjMxMTJhLzEvOHdCWm53MkJMTFB0MmtwUE0wQWtwQmlrOFpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMtMmNkZTY1ZjMxMTJh
LzEvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhCZAwUB
AwcAKhCZAwURMA0GCSqGSIb3DQEBCwUAA4IBAQAwcZzKg36CdUMvFpLdam9i7wJe
dP+00WZ1sPvTxWz/zCdsO+6lim9zU6J3RpVwXybwYAOub9xSAtb9V2dxQwY5bb7J
T4+QWkIjdv8lQ8Fe7Pr6wlR98JfOfj4oKkLEoixpuEsX4Zv7NZMtIlaWWiVTW5uX
Yxp3vvQl5HdZFcze8lHDYBJ4hPmYweswXKSz0K1v+4nUbpvMjdHKtEhjiR7d6unD
oSqIJGHwIGslNE0VYLuyruDspQsA4fvOGDpZNOawGC0YdHLdYvV5IR5hrIiSyU7W
R/Iy5vzihGjMvqcUIF2fa+bu/YvDvKCM2bP/3GnP4bLZOP7H7+nbYu98YRmR
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:08:25 2024 by rpki-client on console-fra.rpki-client.org