Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/8WWo2pvEg_rRjGyzBhmf-N5PI6g.roa
File: 8WWo2pvEg_rRjGyzBhmf-N5PI6g.roa (raw, json)
Hash identifier: LBBcV7YVn0xZSifzx47PfWuUl6MCZi+i7TBia0tSvT4=
Subject key identifier: F1:65:A8:DA:9B:C4:83:FA:D1:8C:6C:B3:06:19:9F:F8:DE:4F:23:A8
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018E5A831AB77D44EAC1E263BB510F379C93
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/8WWo2pvEg_rRjGyzBhmf-N5PI6g.roa
Signing time: Wed 20 Mar 2024 06:18:45 +0000
ROA not before: Wed 20 Mar 2024 06:18:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206164
IP address blocks: 85.203.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5a:83:1a:b7:7d:44:ea:c1:e2:63:bb:51:0f:37:9c:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Mar 20 06:18:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f165a8da9bc483fad18c6cb306199ff8de4f23a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:8a:4d:8c:ee:79:bc:f0:97:4c:14:9f:ff:59:
57:68:39:e6:e3:33:ee:82:76:f9:9a:59:d0:d9:2d:
dd:d0:2c:aa:03:85:01:1b:b0:f2:aa:ce:c8:de:1b:
a1:41:e5:e8:20:23:7a:94:13:c3:a5:a2:72:c5:99:
c3:cc:a2:99:ae:ed:55:1f:2b:e1:e1:5b:08:58:c8:
81:5b:99:38:42:7d:be:e2:c0:66:3d:06:65:8d:bb:
fa:a9:68:3d:d9:1a:39:09:ad:53:46:c5:df:0c:76:
49:f7:38:76:c4:a6:14:92:9d:69:a5:e5:6b:38:cd:
49:fc:1a:44:81:c9:0a:4d:46:8a:47:f5:e0:4a:b0:
44:f9:95:eb:e6:2f:3f:96:f1:c0:1a:40:5a:7c:14:
de:57:68:a6:52:d5:e9:dd:cc:9a:12:26:b7:81:68:
5f:dc:43:c0:42:4d:56:a5:da:0b:d6:c4:9b:21:ba:
9b:60:e0:76:e7:0d:98:12:a8:3a:41:41:45:f7:ed:
15:2a:f1:17:d9:2a:a6:29:2b:81:0f:db:83:3e:46:
b6:69:92:d7:06:c7:af:7d:8f:8c:c4:74:4b:f4:9b:
7d:09:54:70:58:29:77:95:5f:78:ba:5b:62:30:5e:
e1:e7:ab:d1:5c:1e:3f:18:6c:52:7d:9f:44:ee:67:
67:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:65:A8:DA:9B:C4:83:FA:D1:8C:6C:B3:06:19:9F:F8:DE:4F:23:A8
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/8WWo2pvEg_rRjGyzBhmf-N5PI6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.37.0/24
Signature Algorithm: sha256WithRSAEncryption
19:6a:bb:38:76:e6:30:f4:5a:3a:9e:cc:3e:b5:ad:1e:0f:22:
ac:31:a9:d8:80:d6:4e:ef:c9:72:75:92:12:a1:72:86:fc:5b:
d5:00:b7:8e:5c:ae:c1:24:f9:34:3e:4f:8c:b2:c6:3b:6a:68:
3d:f0:fc:31:82:e5:04:54:13:b0:c6:23:77:ca:66:d8:ac:0d:
d1:71:c0:73:17:2f:61:7d:80:f9:ee:ff:1e:fc:23:93:46:4a:
6e:c7:56:75:8d:b2:fa:d4:25:08:88:64:0e:55:5e:67:41:94:
e6:c0:7a:68:e1:23:93:20:3e:05:4b:25:2c:1f:e5:ac:37:4b:
02:94:4a:eb:1a:75:09:27:61:96:5b:13:47:5e:18:0d:a3:dd:
e7:6a:df:4f:f1:6b:c6:d3:4a:2b:d1:65:97:d5:86:56:a6:c4:
fe:c9:b0:17:b5:2e:81:75:67:26:66:5a:65:3e:0c:ca:52:b8:
1b:c4:c1:f0:c8:ea:91:ba:c4:fc:2f:f5:72:c4:ee:97:67:28:
c3:47:a5:d2:52:55:09:d7:b1:35:ce:94:62:e8:a4:60:28:fb:
c2:df:b0:bf:c0:33:41:45:0c:09:7c:a1:90:07:e9:6e:19:ea:
2b:1b:95:30:18:a4:30:f5:b6:3c:43:15:9b:89:c1:24:74:59:
10:71:36:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5agxq3fUTqweJju1EPN5yTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjQwMzIwMDYxODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTY1YThkYTliYzQ4M2ZhZDE4YzZjYjMwNjE5OWZmOGRlNGYyM2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6YpNjO55vPCXTBSf/1lXaDnm4zPu
gnb5mlnQ2S3d0CyqA4UBG7Dyqs7I3huhQeXoICN6lBPDpaJyxZnDzKKZru1VHyvh
4VsIWMiBW5k4Qn2+4sBmPQZljbv6qWg92Ro5Ca1TRsXfDHZJ9zh2xKYUkp1ppeVr
OM1J/BpEgckKTUaKR/XgSrBE+ZXr5i8/lvHAGkBafBTeV2imUtXp3cyaEia3gWhf
3EPAQk1WpdoL1sSbIbqbYOB25w2YEqg6QUFF9+0VKvEX2SqmKSuBD9uDPka2aZLX
BsevfY+MxHRL9Jt9CVRwWCl3lV94ultiMF7h56vRXB4/GGxSfZ9E7mdncwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPFlqNqbxIP60YxsswYZn/jeTyOoMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvOFdXbzJwdkVnX3JSakd5ekJobWYtTjVQSTZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcslMA0G
CSqGSIb3DQEBCwUAA4IBAQAZars4duYw9Fo6nsw+ta0eDyKsManYgNZO78lydZIS
oXKG/FvVALeOXK7BJPk0Pk+MssY7amg98PwxguUEVBOwxiN3ymbYrA3RccBzFy9h
fYD57v8e/COTRkpux1Z1jbL61CUIiGQOVV5nQZTmwHpo4SOTID4FSyUsH+WsN0sC
lErrGnUJJ2GWWxNHXhgNo93nat9P8WvG00or0WWX1YZWpsT+ybAXtS6BdWcmZlpl
PgzKUrgbxMHwyOqRusT8L/VyxO6XZyjDR6XSUlUJ17E1zpRi6KRgKPvC37C/wDNB
RQwJfKGQB+luGeorG5UwGKQw9bY8QxWbicEkdFkQcTaP
-----END CERTIFICATE-----
Generated at Thu May 2 23:20:56 2024 by rpki-client on console-ams.rpki-client.org