Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f696fd-4d9d-4e28-926e-0aa5b46bf8aa/1/8dOtpJxpy9uoOJ0O265aArhXl6s.roa
File: 8dOtpJxpy9uoOJ0O265aArhXl6s.roa (raw, json)
Hash identifier: +iNb3BL2IxFseTUsw1C+WDREeKxYSkgW2GjXahq6M1M=
Subject key identifier: F1:D3:AD:A4:9C:69:CB:DB:A8:38:9D:0E:DB:AE:5A:02:B8:57:97:AB
Certificate issuer: /CN=b0dfafd36730396fe338e772dadbe4c3c85cd952
Certificate serial: 018CC8DEA09F5EFBC9A9D6423E2C6AA5CD8D
Authority key identifier: B0:DF:AF:D3:67:30:39:6F:E3:38:E7:72:DA:DB:E4:C3:C8:5C:D9:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sN-v02cwOW_jOOdy2tvkw8hc2VI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f696fd-4d9d-4e28-926e-0aa5b46bf8aa/1/8dOtpJxpy9uoOJ0O265aArhXl6s.roa
Signing time: Tue 02 Jan 2024 06:31:22 +0000
ROA not before: Tue 02 Jan 2024 06:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42295
IP address blocks: 93.152.232.0/24 maxlen: 24
93.152.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f696fd-4d9d-4e28-926e-0aa5b46bf8aa/1/sN-v02cwOW_jOOdy2tvkw8hc2VI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f696fd-4d9d-4e28-926e-0aa5b46bf8aa/1/sN-v02cwOW_jOOdy2tvkw8hc2VI.mft
rsync://rpki.ripe.net/repository/DEFAULT/sN-v02cwOW_jOOdy2tvkw8hc2VI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:a0:9f:5e:fb:c9:a9:d6:42:3e:2c:6a:a5:cd:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0dfafd36730396fe338e772dadbe4c3c85cd952
Validity
Not Before: Jan 2 06:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1d3ada49c69cbdba8389d0edbae5a02b85797ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e7:db:09:61:07:23:9f:d1:90:dd:6f:04:1c:
7f:56:28:d8:e6:55:45:43:a3:5b:ee:9a:b0:29:d6:
04:54:a0:0d:ca:dd:f8:3e:31:ca:ed:1b:ba:c2:ab:
e8:34:42:20:e1:00:75:0e:8c:bb:8c:5a:0c:86:14:
27:10:06:f3:ae:87:92:90:82:fd:cd:58:f6:ab:a4:
3f:2a:a8:9c:40:82:7a:80:c5:2b:0e:68:d4:ca:69:
45:98:34:97:4b:ea:c8:e8:48:20:8a:32:f6:4f:82:
7a:57:cb:aa:5a:52:e4:5a:3d:b7:9c:0c:3b:b1:c6:
4d:a3:20:4a:f8:aa:7e:f1:f4:9e:d0:69:2b:7f:57:
21:78:e3:a4:04:e1:d1:33:73:1a:4c:9a:a5:05:89:
0d:35:0e:50:20:fb:78:24:d1:54:b0:9a:1d:ac:f2:
71:c8:e6:f4:68:09:58:6b:fd:93:46:a4:1c:d8:c8:
f4:34:83:f9:93:0f:32:b3:a2:9e:d4:60:21:e3:02:
04:e6:d4:25:96:bb:46:1e:e1:61:5c:a8:15:02:30:
0b:04:15:cf:94:2b:da:36:4c:f9:c2:0d:69:eb:ec:
44:7c:cc:22:5c:d0:e3:8f:4b:03:6a:b4:c1:da:90:
ad:c1:e9:18:6c:95:33:66:0e:61:0d:b9:b1:55:f3:
cc:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:D3:AD:A4:9C:69:CB:DB:A8:38:9D:0E:DB:AE:5A:02:B8:57:97:AB
X509v3 Authority Key Identifier:
keyid:B0:DF:AF:D3:67:30:39:6F:E3:38:E7:72:DA:DB:E4:C3:C8:5C:D9:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sN-v02cwOW_jOOdy2tvkw8hc2VI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f696fd-4d9d-4e28-926e-0aa5b46bf8aa/1/8dOtpJxpy9uoOJ0O265aArhXl6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f696fd-4d9d-4e28-926e-0aa5b46bf8aa/1/sN-v02cwOW_jOOdy2tvkw8hc2VI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.152.231.0-93.152.232.255
Signature Algorithm: sha256WithRSAEncryption
a3:1d:7a:d4:8e:86:5e:e9:02:c8:a1:2e:8e:96:de:3c:0b:3a:
d4:f9:18:fa:06:e5:01:8c:3a:0c:b0:24:20:41:77:35:9b:29:
f4:ab:6b:11:6a:4c:67:6e:15:a7:bd:9f:91:5a:74:86:db:82:
2f:e3:11:74:1c:8f:3a:2b:25:39:75:e1:c8:99:bc:df:d1:57:
ee:f2:97:c9:85:f8:56:21:78:db:f1:34:70:db:6b:68:9c:01:
9d:16:5d:d8:9a:51:82:0b:29:52:b7:11:e5:b1:50:9f:83:b5:
d1:b9:da:f9:a5:f9:e7:68:fe:d6:95:0f:dc:32:d9:79:42:84:
6c:61:cf:9f:f6:f6:80:c3:59:a6:8b:98:ce:91:05:93:be:60:
95:67:91:ab:ba:0f:5e:b4:d6:9a:e9:a0:10:e5:87:4c:95:ed:
d9:17:c8:5f:13:db:eb:d9:42:09:1e:28:07:f1:40:c3:e2:23:
cf:da:08:67:6c:39:8b:93:b0:fb:bd:bf:95:02:9c:c2:cb:d0:
a6:73:d1:a6:e0:05:3e:33:41:7f:d4:9a:4b:93:82:68:e2:13:
d2:80:25:c3:36:f8:45:80:37:bb:8a:f1:c1:01:54:25:4d:d5:
1b:77:88:89:a5:8d:b2:11:a6:ae:cd:23:9e:79:29:b1:e1:00:
4a:8b:20:a5
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzI3qCfXvvJqdZCPixqpc2NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZGZhZmQzNjczMDM5NmZlMzM4ZTc3MmRhZGJlNGMzYzg1
Y2Q5NTIwHhcNMjQwMTAyMDYzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWQzYWRhNDljNjljYmRiYTgzODlkMGVkYmFlNWEwMmI4NTc5N2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkufbCWEHI5/RkN1vBBx/VijY5lVF
Q6Nb7pqwKdYEVKANyt34PjHK7Ru6wqvoNEIg4QB1Doy7jFoMhhQnEAbzroeSkIL9
zVj2q6Q/KqicQIJ6gMUrDmjUymlFmDSXS+rI6EggijL2T4J6V8uqWlLkWj23nAw7
scZNoyBK+Kp+8fSe0Gkrf1cheOOkBOHRM3MaTJqlBYkNNQ5QIPt4JNFUsJodrPJx
yOb0aAlYa/2TRqQc2Mj0NIP5kw8ys6Ke1GAh4wIE5tQllrtGHuFhXKgVAjALBBXP
lCvaNkz5wg1p6+xEfMwiXNDjj0sDarTB2pCtwekYbJUzZg5hDbmxVfPMLwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPHTraScacvbqDidDtuuWgK4V5erMB8GA1UdIwQY
MBaAFLDfr9NnMDlv4zjnctrb5MPIXNlSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc04tdjAyY3dPV19qT09keTJ0dmt3OGhjMlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mNjk2ZmQtNGQ5ZC00ZTI4LTkyNmUt
MGFhNWI0NmJmOGFhLzEvOGRPdHBKeHB5OXVvT0owTzI2NWFBcmhYbDZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mNjk2ZmQtNGQ5ZC00ZTI4LTkyNmUtMGFhNWI0NmJmOGFh
LzEvc04tdjAyY3dPV19qT09keTJ0dmt3OGhjMlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABdmOcD
BABdmOgwDQYJKoZIhvcNAQELBQADggEBAKMdetSOhl7pAsihLo6W3jwLOtT5GPoG
5QGMOgywJCBBdzWbKfSraxFqTGduFae9n5FadIbbgi/jEXQcjzorJTl14ciZvN/R
V+7yl8mF+FYheNvxNHDba2icAZ0WXdiaUYILKVK3EeWxUJ+DtdG52vml+edo/taV
D9wy2XlChGxhz5/29oDDWaaLmM6RBZO+YJVnkau6D1601prpoBDlh0yV7dkXyF8T
2+vZQgkeKAfxQMPiI8/aCGdsOYuTsPu9v5UCnMLL0KZz0abgBT4zQX/UmkuTgmji
E9KAJcM2+EWAN7uK8cEBVCVN1Rt3iImljbIRpq7NI555KbHhAEqLIKU=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:41:41 2024 by rpki-client on console-ams.rpki-client.org