Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/8-rwKw2cIL0S43j1LeLRpQJtAQQ.roa
File: 8-rwKw2cIL0S43j1LeLRpQJtAQQ.roa (raw, json)
Hash identifier: cVXCAq7KDXmf5EGWEq4Sm9ruwtWd2bFiBOjobb+o08E=
Subject key identifier: F3:EA:F0:2B:0D:9C:20:BD:12:E3:78:F5:2D:E2:D1:A5:02:6D:01:04
Certificate issuer: /CN=bd7d8178cec5cd376548a9049117f469c0a7431c
Certificate serial: 018CC2DABC3B1068B9AB738B7C6AE1BE5C9D
Authority key identifier: BD:7D:81:78:CE:C5:CD:37:65:48:A9:04:91:17:F4:69:C0:A7:43:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vX2BeM7FzTdlSKkEkRf0acCnQxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/8-rwKw2cIL0S43j1LeLRpQJtAQQ.roa
Signing time: Mon 01 Jan 2024 02:29:24 +0000
ROA not before: Mon 01 Jan 2024 02:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 78.24.53.0/24 maxlen: 24
78.24.54.0/24 maxlen: 24
178.255.10.0/24 maxlen: 24
82.116.144.0/24 maxlen: 24
82.116.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/vX2BeM7FzTdlSKkEkRf0acCnQxw.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/vX2BeM7FzTdlSKkEkRf0acCnQxw.mft
rsync://rpki.ripe.net/repository/DEFAULT/vX2BeM7FzTdlSKkEkRf0acCnQxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:bc:3b:10:68:b9:ab:73:8b:7c:6a:e1:be:5c:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd7d8178cec5cd376548a9049117f469c0a7431c
Validity
Not Before: Jan 1 02:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3eaf02b0d9c20bd12e378f52de2d1a5026d0104
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1d:09:db:35:a1:c9:4c:ec:e3:44:13:f0:dc:
65:e0:b8:7b:f5:20:31:6e:d7:06:e1:77:44:64:4f:
48:77:d7:8f:d1:9e:5c:5d:f7:b4:05:56:e9:fe:69:
e3:c7:5d:30:31:17:7e:87:2c:f6:ce:14:ac:a5:fb:
14:88:a1:7a:4a:ce:87:ee:49:2c:59:c8:26:77:c0:
91:ee:cf:0f:60:e9:fe:1a:3e:4e:d4:c8:37:5d:55:
63:c1:f8:dd:b7:8d:a8:37:d9:f6:dd:f7:b8:61:64:
e9:b0:77:03:15:0d:66:d9:8f:3a:9d:8c:50:48:49:
4a:f5:89:64:56:c7:95:61:12:95:91:1a:58:8f:eb:
6e:9e:23:d2:8e:8b:9b:22:3e:6e:b4:24:84:36:2b:
7f:96:8a:0c:bb:bc:a4:b0:13:cb:10:ff:09:62:38:
85:d1:90:66:a8:fa:54:31:ea:01:27:0f:eb:6d:94:
49:cb:b2:78:1c:77:89:86:47:be:e1:e4:ab:27:34:
4e:09:ac:4f:42:f4:d9:ad:19:a2:9b:b3:76:e1:b8:
43:03:61:06:62:31:cc:f3:83:17:e3:08:c8:74:48:
fd:18:7a:c8:6d:3d:88:b1:72:5b:93:b3:67:62:31:
d3:1b:76:5f:14:5e:d9:46:92:de:6c:29:a3:19:76:
f9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:EA:F0:2B:0D:9C:20:BD:12:E3:78:F5:2D:E2:D1:A5:02:6D:01:04
X509v3 Authority Key Identifier:
keyid:BD:7D:81:78:CE:C5:CD:37:65:48:A9:04:91:17:F4:69:C0:A7:43:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vX2BeM7FzTdlSKkEkRf0acCnQxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/8-rwKw2cIL0S43j1LeLRpQJtAQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/vX2BeM7FzTdlSKkEkRf0acCnQxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.53.0-78.24.54.255
82.116.140.0/24
82.116.144.0/24
178.255.10.0/24
Signature Algorithm: sha256WithRSAEncryption
32:c4:17:3b:3b:06:ce:92:b6:6d:d8:ef:2c:a5:2f:05:70:a1:
ae:40:5b:60:f3:9b:58:8c:a3:64:5d:bd:80:2b:b0:3e:3c:5f:
1f:e7:e1:ee:0e:94:37:69:37:0a:ec:18:a4:8e:91:df:6a:fc:
9e:d3:85:bb:2a:08:7b:9d:63:7c:b0:73:59:8e:34:56:50:76:
ea:0e:4d:b6:c4:90:8d:1e:e4:35:a4:16:32:85:24:83:2e:56:
f0:dc:be:86:da:de:98:23:a3:13:2f:84:73:59:82:f7:8d:cb:
53:1d:38:56:6d:b4:e6:e0:0d:1c:38:2e:b4:e0:5b:4f:fb:55:
f0:37:69:ea:a3:53:8b:15:c1:9c:d1:f2:3b:fb:e4:c8:94:b7:
33:85:67:65:6d:54:cc:bc:f1:1c:30:d9:2f:4d:d1:0e:1b:6b:
4f:8a:a1:be:7c:67:c7:a5:78:e0:7d:4f:8f:82:91:6e:7c:86:
0b:8d:6c:19:65:f9:8d:84:2b:b2:57:b5:9f:03:ee:31:4a:8b:
d2:4f:10:b0:1e:c5:07:03:c4:e4:e0:b9:e1:77:f1:10:63:14:
3f:1b:99:5d:16:a8:fe:3b:77:aa:26:1f:78:6a:25:16:ef:a1:
a6:ca:ee:a5:fa:b1:9f:a0:79:87:cf:ff:2c:38:1c:de:1f:27:
fd:8f:82:b3
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzC2rw7EGi5q3OLfGrhvlydMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkN2Q4MTc4Y2VjNWNkMzc2NTQ4YTkwNDkxMTdmNDY5YzBh
NzQzMWMwHhcNMjQwMTAxMDIyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2VhZjAyYjBkOWMyMGJkMTJlMzc4ZjUyZGUyZDFhNTAyNmQwMTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAth0J2zWhyUzs40QT8Nxl4Lh79SAx
btcG4XdEZE9Id9eP0Z5cXfe0BVbp/mnjx10wMRd+hyz2zhSspfsUiKF6Ss6H7kks
Wcgmd8CR7s8PYOn+Gj5O1Mg3XVVjwfjdt42oN9n23fe4YWTpsHcDFQ1m2Y86nYxQ
SElK9YlkVseVYRKVkRpYj+tuniPSjoubIj5utCSENit/looMu7yksBPLEP8JYjiF
0ZBmqPpUMeoBJw/rbZRJy7J4HHeJhke+4eSrJzROCaxPQvTZrRmim7N24bhDA2EG
YjHM84MX4wjIdEj9GHrIbT2IsXJbk7NnYjHTG3ZfFF7ZRpLebCmjGXb5JwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPPq8CsNnCC9EuN49S3i0aUCbQEEMB8GA1UdIwQY
MBaAFL19gXjOxc03ZUipBJEX9GnAp0McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlgyQmVNN0Z6VGRsU0trRWtSZjBhY0NuUXh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mMzE3YjMtMDY2OC00ZTA0LTliNmQt
NjE1YWNhNTFlMmY2LzEvOC1yd0t3MmNJTDBTNDNqMUxlTFJwUUp0QVFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mMzE3YjMtMDY2OC00ZTA0LTliNmQtNjE1YWNhNTFlMmY2
LzEvdlgyQmVNN0Z6VGRsU0trRWtSZjBhY0NuUXh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABOGDUD
BABOGDYDBABSdIwDBABSdJADBACy/wowDQYJKoZIhvcNAQELBQADggEBADLEFzs7
Bs6Stm3Y7yylLwVwoa5AW2Dzm1iMo2RdvYArsD48Xx/n4e4OlDdpNwrsGKSOkd9q
/J7ThbsqCHudY3ywc1mONFZQduoOTbbEkI0e5DWkFjKFJIMuVvDcvoba3pgjoxMv
hHNZgveNy1MdOFZttObgDRw4LrTgW0/7VfA3aeqjU4sVwZzR8jv75MiUtzOFZ2Vt
VMy88Rww2S9N0Q4ba0+Kob58Z8eleOB9T4+CkW58hguNbBll+Y2EK7JXtZ8D7jFK
i9JPELAexQcDxOTgueF38RBjFD8bmV0WqP47d6omH3hqJRbvoabK7qX6sZ+geYfP
/yw4HN4fJ/2PgrM=
-----END CERTIFICATE-----
Generated at Mon May 6 02:05:48 2024 by rpki-client on console-ams.rpki-client.org