Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/657197-c628-48b1-956d-effe955a5d64/1/8oEeQ5QLE1QzIm8B84tMDKbECrA.roa
File: 8oEeQ5QLE1QzIm8B84tMDKbECrA.roa (raw, json)
Hash identifier: wHnwQJA60JBmqKFjyD1sxwzzMXCbhA+dbSkvcICE/J4=
Subject key identifier: F2:81:1E:43:94:0B:13:54:33:22:6F:01:F3:8B:4C:0C:A6:C4:0A:B0
Certificate issuer: /CN=c1e8b88f1e30573a0e20e479d5ba00b4e91827b6
Certificate serial: 018CC8019C78E183C6E492FDB14D1A99CEBA
Authority key identifier: C1:E8:B8:8F:1E:30:57:3A:0E:20:E4:79:D5:BA:00:B4:E9:18:27:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wei4jx4wVzoOIOR51boAtOkYJ7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/657197-c628-48b1-956d-effe955a5d64/1/8oEeQ5QLE1QzIm8B84tMDKbECrA.roa
Signing time: Tue 02 Jan 2024 02:29:57 +0000
ROA not before: Tue 02 Jan 2024 02:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31317
IP address blocks: 185.170.244.0/22 maxlen: 32
2a0a:b900::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/657197-c628-48b1-956d-effe955a5d64/1/wei4jx4wVzoOIOR51boAtOkYJ7Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/657197-c628-48b1-956d-effe955a5d64/1/wei4jx4wVzoOIOR51boAtOkYJ7Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/wei4jx4wVzoOIOR51boAtOkYJ7Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:9c:78:e1:83:c6:e4:92:fd:b1:4d:1a:99:ce:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1e8b88f1e30573a0e20e479d5ba00b4e91827b6
Validity
Not Before: Jan 2 02:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2811e43940b135433226f01f38b4c0ca6c40ab0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:78:ff:1d:6d:21:7a:bf:00:ad:51:09:70:83:
1d:7d:93:9e:3b:55:ab:ff:ae:05:dd:f8:49:a8:aa:
d2:b6:2d:8f:fa:b0:97:50:2e:01:62:0f:40:22:09:
dd:5e:be:83:d7:d6:d8:1e:4d:77:cf:de:2f:2e:00:
14:bb:1c:ae:39:a9:cf:3b:9a:63:ae:41:d7:60:c1:
ab:86:12:e7:48:a4:93:0f:8d:54:d9:c1:89:4b:09:
a6:bb:18:e9:4f:e8:c8:69:16:2d:78:be:ee:34:ab:
8f:37:bf:a7:cd:5d:78:73:57:10:1f:d0:ec:37:51:
c6:84:6f:2a:11:75:1a:c5:36:70:bd:c8:90:90:96:
b5:b5:c8:34:32:e6:b9:21:d8:06:4d:2f:4a:a8:a5:
d3:51:6c:51:be:a7:62:49:df:d7:5a:d7:12:c1:08:
5c:4e:35:54:53:bc:dc:f1:34:39:90:cc:25:63:f9:
4f:67:f9:51:54:51:e7:fd:45:94:0c:ff:5f:2a:e0:
c1:1b:88:98:33:72:29:0d:3d:c7:da:07:51:50:e5:
37:f5:f6:ea:e0:93:cc:2c:d9:2f:e8:d4:f6:a3:19:
75:3a:84:ff:7c:ad:6f:a0:e3:a8:d3:83:61:b4:6f:
a2:5a:ce:4b:21:9b:56:4a:2c:93:4f:a9:a4:b5:f1:
3a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:81:1E:43:94:0B:13:54:33:22:6F:01:F3:8B:4C:0C:A6:C4:0A:B0
X509v3 Authority Key Identifier:
keyid:C1:E8:B8:8F:1E:30:57:3A:0E:20:E4:79:D5:BA:00:B4:E9:18:27:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wei4jx4wVzoOIOR51boAtOkYJ7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/657197-c628-48b1-956d-effe955a5d64/1/8oEeQ5QLE1QzIm8B84tMDKbECrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/657197-c628-48b1-956d-effe955a5d64/1/wei4jx4wVzoOIOR51boAtOkYJ7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.244.0/22
IPv6:
2a0a:b900::/29
Signature Algorithm: sha256WithRSAEncryption
a0:1c:af:68:9d:3f:f2:5d:28:c1:4c:ef:dd:e9:61:a7:d4:3f:
9a:1e:26:ae:a9:4d:37:c8:58:36:0f:40:66:37:d4:b7:75:14:
af:18:fa:fb:82:23:aa:eb:4f:65:99:2f:e3:cd:64:88:ac:05:
3a:b7:52:c2:4b:52:aa:1f:d4:81:89:77:76:b4:11:3d:91:a7:
f9:7e:d4:39:24:4a:45:7d:02:96:e3:43:44:70:6f:08:6f:98:
c5:0b:15:71:e7:8b:fd:f4:0c:58:50:62:24:1e:66:37:a2:b2:
68:12:a4:83:f8:21:46:b1:92:7c:98:c9:c4:09:49:85:61:b4:
0a:5c:38:a9:c7:5f:e0:06:38:ee:42:00:6c:7a:cc:30:19:92:
76:d1:31:9f:37:4d:61:90:d3:d1:ab:f6:f9:f6:9b:db:b4:d7:
2c:51:9c:35:d2:ad:9f:b9:d8:ac:2f:6e:e1:01:4f:84:cc:fd:
13:ef:ae:92:2a:22:61:7f:c0:b8:e1:48:cb:87:90:07:60:c3:
a8:40:87:c0:74:9f:99:1e:32:9c:68:5a:58:44:50:9a:04:37:
d2:22:20:41:5b:42:da:8a:e2:b2:ff:0d:0d:bf:b8:aa:a7:59:
1c:8a:d5:ab:db:ba:53:0c:6e:5c:bc:73:78:5d:28:5b:fd:5f:
e2:5f:f5:ac
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAZx44YPG5JL9sU0amc66MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZThiODhmMWUzMDU3M2EwZTIwZTQ3OWQ1YmEwMGI0ZTkx
ODI3YjYwHhcNMjQwMTAyMDIyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjgxMWU0Mzk0MGIxMzU0MzMyMjZmMDFmMzhiNGMwY2E2YzQwYWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXj/HW0her8ArVEJcIMdfZOeO1Wr
/64F3fhJqKrSti2P+rCXUC4BYg9AIgndXr6D19bYHk13z94vLgAUuxyuOanPO5pj
rkHXYMGrhhLnSKSTD41U2cGJSwmmuxjpT+jIaRYteL7uNKuPN7+nzV14c1cQH9Ds
N1HGhG8qEXUaxTZwvciQkJa1tcg0Mua5IdgGTS9KqKXTUWxRvqdiSd/XWtcSwQhc
TjVUU7zc8TQ5kMwlY/lPZ/lRVFHn/UWUDP9fKuDBG4iYM3IpDT3H2gdRUOU39fbq
4JPMLNkv6NT2oxl1OoT/fK1voOOo04NhtG+iWs5LIZtWSiyTT6mktfE6ewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPKBHkOUCxNUMyJvAfOLTAymxAqwMB8GA1UdIwQY
MBaAFMHouI8eMFc6DiDkedW6ALTpGCe2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2VpNGp4NHdWem9PSU9SNTFib0F0T2tZSjdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NTcxOTctYzYyOC00OGIxLTk1NmQt
ZWZmZTk1NWE1ZDY0LzEvOG9FZVE1UUxFMVF6SW04Qjg0dE1ES2JFQ3JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82NTcxOTctYzYyOC00OGIxLTk1NmQtZWZmZTk1NWE1ZDY0
LzEvd2VpNGp4NHdWem9PSU9SNTFib0F0T2tZSjdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuar0MA0E
AgACMAcDBQMqCrkAMA0GCSqGSIb3DQEBCwUAA4IBAQCgHK9onT/yXSjBTO/d6WGn
1D+aHiauqU03yFg2D0BmN9S3dRSvGPr7giOq609lmS/jzWSIrAU6t1LCS1KqH9SB
iXd2tBE9kaf5ftQ5JEpFfQKW40NEcG8Ib5jFCxVx54v99AxYUGIkHmY3orJoEqSD
+CFGsZJ8mMnECUmFYbQKXDipx1/gBjjuQgBseswwGZJ20TGfN01hkNPRq/b59pvb
tNcsUZw10q2fudisL27hAU+EzP0T766SKiJhf8C44UjLh5AHYMOoQIfAdJ+ZHjKc
aFpYRFCaBDfSIiBBW0LaiuKy/w0Nv7iqp1kcitWr27pTDG5cvHN4XShb/V/iX/Ws
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:09:09 2024 by rpki-client on console-fra.rpki-client.org