Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/f50b96-630e-4379-95ca-71aedbaef48b/1/h8AMIaKhyiLbPDzFf7BcfWQ5mpc.roa
File: h8AMIaKhyiLbPDzFf7BcfWQ5mpc.roa (raw, json)
Hash identifier: KVaE8b+KxSVHv/FsTM82H0rYDe/8aSOdGTzbVsD3ksg=
Subject key identifier: 87:C0:0C:21:A2:A1:CA:22:DB:3C:3C:C5:7F:B0:5C:7D:64:39:9A:97
Certificate issuer: /CN=c867f46624d481bea9d1ba8beb0c0189c9b44b5e
Certificate serial: 018F288DF38EA088370D1CFEF480B4CF913B
Authority key identifier: C8:67:F4:66:24:D4:81:BE:A9:D1:BA:8B:EB:0C:01:89:C9:B4:4B:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yGf0ZiTUgb6p0bqL6wwBicm0S14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/f50b96-630e-4379-95ca-71aedbaef48b/1/h8AMIaKhyiLbPDzFf7BcfWQ5mpc.roa
Signing time: Mon 29 Apr 2024 06:32:22 +0000
ROA not before: Mon 29 Apr 2024 06:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60631
IP address blocks: 87.236.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/f50b96-630e-4379-95ca-71aedbaef48b/1/yGf0ZiTUgb6p0bqL6wwBicm0S14.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/f50b96-630e-4379-95ca-71aedbaef48b/1/yGf0ZiTUgb6p0bqL6wwBicm0S14.mft
rsync://rpki.ripe.net/repository/DEFAULT/yGf0ZiTUgb6p0bqL6wwBicm0S14.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 06:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:28:8d:f3:8e:a0:88:37:0d:1c:fe:f4:80:b4:cf:91:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c867f46624d481bea9d1ba8beb0c0189c9b44b5e
Validity
Not Before: Apr 29 06:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87c00c21a2a1ca22db3c3cc57fb05c7d64399a97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a0:0f:88:35:64:a8:d9:df:77:b2:07:70:8e:
8b:8b:93:3a:ac:5e:46:e2:69:a6:45:04:c2:7a:e4:
dd:96:6d:46:0a:6d:da:f2:53:02:d2:d9:a2:4f:bd:
6b:6c:3a:d4:60:6a:68:58:41:1c:b9:68:da:e7:72:
72:15:73:87:c1:37:5f:51:15:7b:16:da:4f:d6:5d:
0c:c6:f9:5f:9b:06:8c:11:23:01:c8:59:20:4b:78:
71:ec:7c:8f:81:16:dd:c8:99:b2:8d:09:be:36:09:
aa:b1:4a:7e:cb:ac:a5:3a:4d:84:6b:c7:fa:a0:ef:
3d:4a:0f:95:77:34:ad:3a:89:f5:02:06:c2:05:1d:
d7:e3:d8:ab:02:2b:02:26:96:f0:2d:f1:e9:89:30:
56:af:11:69:00:04:16:f1:69:28:f4:b1:84:e4:7b:
8b:75:02:49:b1:63:bb:0e:52:cc:25:c4:e7:14:0d:
cc:e0:23:f2:3e:06:da:d2:78:aa:3c:e4:d6:8b:1f:
04:50:92:d5:c6:5d:e4:34:79:87:5c:cc:d6:84:97:
02:c9:ad:81:e2:f6:bf:87:9b:0a:d3:a8:1d:e4:6c:
02:f9:12:5b:62:b8:d3:8c:e4:33:4d:bc:eb:9f:f1:
5d:b3:22:30:7e:bb:2c:9d:83:7a:75:fc:99:fd:89:
5f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C0:0C:21:A2:A1:CA:22:DB:3C:3C:C5:7F:B0:5C:7D:64:39:9A:97
X509v3 Authority Key Identifier:
keyid:C8:67:F4:66:24:D4:81:BE:A9:D1:BA:8B:EB:0C:01:89:C9:B4:4B:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGf0ZiTUgb6p0bqL6wwBicm0S14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/f50b96-630e-4379-95ca-71aedbaef48b/1/h8AMIaKhyiLbPDzFf7BcfWQ5mpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/f50b96-630e-4379-95ca-71aedbaef48b/1/yGf0ZiTUgb6p0bqL6wwBicm0S14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.38.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:1c:ae:98:e8:05:1e:06:d9:c4:0a:08:d2:18:fe:8e:c2:2a:
00:af:8d:18:b9:88:54:84:34:b9:2c:3c:20:da:59:d3:15:69:
0d:8b:1a:e9:03:bf:71:7e:8d:62:7a:6d:70:5a:0c:df:b3:76:
29:60:94:d1:b2:a8:5f:6e:be:02:b6:93:76:14:6c:68:6b:a3:
08:cc:a5:84:3e:0e:16:c1:8e:ae:56:89:aa:d5:7c:5f:72:38:
7b:23:aa:b7:89:50:b8:f2:ea:d7:f0:91:b5:de:87:96:34:f4:
15:82:52:77:df:8f:c2:bf:22:08:fd:bd:2e:99:0c:50:4e:24:
68:c1:1f:c6:0a:c3:e0:20:90:61:07:2d:f6:cd:8d:b4:91:43:
67:eb:52:4b:72:42:07:ba:d9:9d:13:2a:2d:14:bc:08:6f:54:
95:ac:55:3e:68:0a:04:3d:da:31:fc:bb:77:4f:9a:2c:70:7c:
4a:9d:f1:19:53:5c:bd:86:1e:a1:40:09:53:44:6b:98:8b:40:
f4:03:ec:90:d3:05:89:20:ba:41:6f:6f:b5:0c:4e:45:74:96:
4a:0d:cb:c1:db:1f:11:ce:16:0b:f4:7f:db:46:26:b2:94:29:
86:cf:ac:7a:f0:e5:56:0c:cd:d6:07:08:62:26:f2:01:89:e1:
45:ef:63:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8ojfOOoIg3DRz+9IC0z5E7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NjdmNDY2MjRkNDgxYmVhOWQxYmE4YmViMGMwMTg5Yzli
NDRiNWUwHhcNMjQwNDI5MDYzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2MwMGMyMWEyYTFjYTIyZGIzYzNjYzU3ZmIwNWM3ZDY0Mzk5YTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKAPiDVkqNnfd7IHcI6Li5M6rF5G
4mmmRQTCeuTdlm1GCm3a8lMC0tmiT71rbDrUYGpoWEEcuWja53JyFXOHwTdfURV7
FtpP1l0MxvlfmwaMESMByFkgS3hx7HyPgRbdyJmyjQm+NgmqsUp+y6ylOk2Ea8f6
oO89Sg+VdzStOon1AgbCBR3X49irAisCJpbwLfHpiTBWrxFpAAQW8Wko9LGE5HuL
dQJJsWO7DlLMJcTnFA3M4CPyPgba0niqPOTWix8EUJLVxl3kNHmHXMzWhJcCya2B
4va/h5sK06gd5GwC+RJbYrjTjOQzTbzrn/FdsyIwfrssnYN6dfyZ/YlfKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIfADCGiocoi2zw8xX+wXH1kOZqXMB8GA1UdIwQY
MBaAFMhn9GYk1IG+qdG6i+sMAYnJtEteMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdmMFppVFVnYjZwMGJxTDZ3d0JpY20wUzE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9mNTBiOTYtNjMwZS00Mzc5LTk1Y2Et
NzFhZWRiYWVmNDhiLzEvaDhBTUlhS2h5aUxiUER6RmY3QmNmV1E1bXBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9mNTBiOTYtNjMwZS00Mzc5LTk1Y2EtNzFhZWRiYWVmNDhi
LzEveUdmMFppVFVnYjZwMGJxTDZ3d0JpY20wUzE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+wmMA0G
CSqGSIb3DQEBCwUAA4IBAQCrHK6Y6AUeBtnECgjSGP6OwioAr40YuYhUhDS5LDwg
2lnTFWkNixrpA79xfo1iem1wWgzfs3YpYJTRsqhfbr4CtpN2FGxoa6MIzKWEPg4W
wY6uVomq1Xxfcjh7I6q3iVC48urX8JG13oeWNPQVglJ334/CvyII/b0umQxQTiRo
wR/GCsPgIJBhBy32zY20kUNn61JLckIHutmdEyotFLwIb1SVrFU+aAoEPdox/Lt3
T5oscHxKnfEZU1y9hh6hQAlTRGuYi0D0A+yQ0wWJILpBb2+1DE5FdJZKDcvB2x8R
zhYL9H/bRiaylCmGz6x68OVWDM3WBwhiJvIBieFF72N0
-----END CERTIFICATE-----
Generated at Mon May 20 15:35:03 2024 by rpki-client on console-fra.rpki-client.org