Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/hs08Sp3xnNDZ3XAsQNyWIlLq4m0.roa
File: hs08Sp3xnNDZ3XAsQNyWIlLq4m0.roa (raw, json)
Hash identifier: oZN6r1XRbgFg4MIbXtenflK12nk57JNnUKe9VbuD6A8=
Subject key identifier: 86:CD:3C:4A:9D:F1:9C:D0:D9:DD:70:2C:40:DC:96:22:52:EA:E2:6D
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018CC8DF3DC7ED149A97D69E94086935DBCD
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/hs08Sp3xnNDZ3XAsQNyWIlLq4m0.roa
Signing time: Tue 02 Jan 2024 06:32:02 +0000
ROA not before: Tue 02 Jan 2024 06:32:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207795
IP address blocks: 213.209.131.0/24 maxlen: 24
77.90.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 10:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:3d:c7:ed:14:9a:97:d6:9e:94:08:69:35:db:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 2 06:32:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86cd3c4a9df19cd0d9dd702c40dc962252eae26d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:15:d4:d2:43:0b:d1:13:04:8b:97:d2:0d:4b:
73:85:fe:fd:46:8c:ed:f2:3b:cc:06:b2:8b:c1:79:
e1:4e:b0:b2:af:5d:f6:51:b3:e0:11:35:e8:db:cf:
4b:0f:1e:11:f6:82:03:4f:fa:6a:0c:e5:c7:e9:e2:
76:19:eb:ba:8d:21:13:a7:89:65:7a:a5:07:9f:0b:
f0:55:15:fe:5b:3e:13:ae:53:5c:2e:04:6b:e4:d1:
34:fc:fc:cd:79:0a:81:be:2c:e9:7c:93:a7:83:26:
eb:ab:3d:12:75:d1:f1:e9:74:b0:34:eb:3b:e6:50:
a6:63:91:02:eb:42:75:b1:29:ce:26:9a:c5:c5:11:
96:56:e8:87:8d:41:9b:3e:88:1a:b0:55:14:72:6d:
53:7f:04:7c:be:9a:6f:3f:b9:7c:45:e1:91:21:0e:
c9:69:64:2a:df:77:f7:40:47:59:bb:5b:d8:ac:5a:
02:f8:8c:9a:ae:98:78:e8:c5:99:a5:80:15:eb:7b:
e1:59:2b:f7:ec:72:a8:4f:f6:fc:af:dd:05:0f:04:
e9:15:11:10:00:92:3e:47:f4:39:d2:7f:ba:dc:80:
72:8f:b5:f1:5d:a5:29:99:44:e9:e4:56:8d:34:bf:
c1:5e:19:c8:f6:27:9d:c7:6c:d6:58:22:78:33:70:
dd:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:CD:3C:4A:9D:F1:9C:D0:D9:DD:70:2C:40:DC:96:22:52:EA:E2:6D
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/hs08Sp3xnNDZ3XAsQNyWIlLq4m0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.177.0/24
213.209.131.0/24
Signature Algorithm: sha256WithRSAEncryption
95:d5:83:90:a7:fd:92:af:f0:a8:d8:5e:0b:48:71:48:54:f6:
ee:9f:87:89:9c:d1:36:cd:05:33:98:5b:e4:cd:da:f3:d5:d7:
73:07:2c:92:49:5c:85:1c:f4:73:f6:e6:3d:2e:34:c5:31:1a:
55:19:c2:d2:74:ff:7d:2d:47:ed:2b:f1:55:b7:d2:d6:23:43:
20:02:d3:42:58:0c:8a:bf:9a:e8:ff:45:1f:e3:8a:1c:33:95:
d2:87:68:a9:5e:fd:02:6c:81:f7:ed:51:20:03:7d:92:c5:b1:
8f:8e:c6:e8:8d:8f:a4:6e:7b:0c:64:b0:1c:02:33:03:b8:72:
fe:99:6d:d3:d9:5d:d3:48:92:46:5d:95:96:1f:46:9c:7f:14:
be:ed:af:ec:92:c4:17:5a:dd:9a:01:5c:3f:a3:ac:46:9b:33:
4f:7a:76:bf:68:d8:a3:41:bb:84:ce:10:51:92:df:c7:9b:b5:
e7:42:d0:98:d6:0a:0d:d8:71:9a:e9:89:57:6a:c9:6f:a2:a6:
31:d5:df:ac:3d:65:22:66:f7:10:59:91:4d:b3:9c:51:b5:63:
29:de:9a:38:80:e6:64:f3:1c:ae:1d:62:07:7e:1e:c7:5d:99:
19:1c:01:74:f8:eb:3f:27:60:cb:a5:3b:03:6e:29:73:ce:fc:
63:c3:74:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3z3H7RSal9aelAhpNdvNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMTAyMDYzMjAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmNkM2M0YTlkZjE5Y2QwZDlkZDcwMmM0MGRjOTYyMjUyZWFlMjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRXU0kML0RMEi5fSDUtzhf79Rozt
8jvMBrKLwXnhTrCyr132UbPgETXo289LDx4R9oIDT/pqDOXH6eJ2Geu6jSETp4ll
eqUHnwvwVRX+Wz4TrlNcLgRr5NE0/PzNeQqBvizpfJOngybrqz0SddHx6XSwNOs7
5lCmY5EC60J1sSnOJprFxRGWVuiHjUGbPogasFUUcm1TfwR8vppvP7l8ReGRIQ7J
aWQq33f3QEdZu1vYrFoC+Iyarph46MWZpYAV63vhWSv37HKoT/b8r90FDwTpFREQ
AJI+R/Q50n+63IByj7XxXaUpmUTp5FaNNL/BXhnI9iedx2zWWCJ4M3DdswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIbNPEqd8ZzQ2d1wLEDcliJS6uJtMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvaHMwOFNwM3huTkRaM1hBc1FOeVdJbExxNG0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVqxAwQA
1dGDMA0GCSqGSIb3DQEBCwUAA4IBAQCV1YOQp/2Sr/Co2F4LSHFIVPbun4eJnNE2
zQUzmFvkzdrz1ddzByySSVyFHPRz9uY9LjTFMRpVGcLSdP99LUftK/FVt9LWI0Mg
AtNCWAyKv5ro/0Uf44ocM5XSh2ipXv0CbIH37VEgA32SxbGPjsbojY+kbnsMZLAc
AjMDuHL+mW3T2V3TSJJGXZWWH0acfxS+7a/sksQXWt2aAVw/o6xGmzNPena/aNij
QbuEzhBRkt/Hm7XnQtCY1goN2HGa6YlXaslvoqYx1d+sPWUiZvcQWZFNs5xRtWMp
3po4gOZk8xyuHWIHfh7HXZkZHAF0+Os/J2DLpTsDbilzzvxjw3S2
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:10:24 2024 by rpki-client on console-fra.rpki-client.org