Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/8sbIf1DD936MHj95Kk8L6zGtTnI.roa
File: 8sbIf1DD936MHj95Kk8L6zGtTnI.roa (raw, json)
Hash identifier: WAchPz4xljGApd4Fy0uCnuUKHpgGj3PF/UwUyDMZxCg=
Subject key identifier: F2:C6:C8:7F:50:C3:F7:7E:8C:1E:3F:79:2A:4F:0B:EB:31:AD:4E:72
Certificate issuer: /CN=d8012faf98275ae4f3f8d87f084ee4ff8420c485
Certificate serial: 018F591543AC1534B6F48AEA9D20EC6DF104
Authority key identifier: D8:01:2F:AF:98:27:5A:E4:F3:F8:D8:7F:08:4E:E4:FF:84:20:C4:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2AEvr5gnWuTz-Nh_CE7k_4QgxIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/8sbIf1DD936MHj95Kk8L6zGtTnI.roa
Signing time: Wed 08 May 2024 16:41:56 +0000
ROA not before: Wed 08 May 2024 16:41:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 185.224.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/2AEvr5gnWuTz-Nh_CE7k_4QgxIU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/2AEvr5gnWuTz-Nh_CE7k_4QgxIU.mft
rsync://rpki.ripe.net/repository/DEFAULT/2AEvr5gnWuTz-Nh_CE7k_4QgxIU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:59:15:43:ac:15:34:b6:f4:8a:ea:9d:20:ec:6d:f1:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8012faf98275ae4f3f8d87f084ee4ff8420c485
Validity
Not Before: May 8 16:41:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2c6c87f50c3f77e8c1e3f792a4f0beb31ad4e72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9a:ab:4b:a2:86:d8:29:dd:91:44:fc:32:1a:
88:2e:b1:7f:be:cb:da:83:71:e5:64:7f:7d:7f:b4:
98:98:19:db:ed:18:98:33:25:cd:74:78:d6:11:25:
bb:50:4b:8a:e4:26:c0:51:cd:8b:50:e6:56:ac:be:
50:a6:30:7c:72:85:a4:6d:4a:d1:2c:37:13:aa:e8:
26:91:7d:09:2b:70:c3:c5:07:53:56:bc:d6:2a:10:
a8:c8:75:32:62:90:3b:5e:37:e2:f0:d3:71:1d:5d:
7d:65:7b:f2:99:1c:63:ba:22:c1:3b:60:3c:ea:9f:
3a:2f:42:c2:c3:ef:e5:cb:b2:fb:1c:12:32:88:0f:
3e:22:44:94:4d:24:0e:e8:3e:83:5c:be:6d:fc:c0:
d4:ca:1f:41:da:1a:6b:60:e8:46:18:5e:eb:25:1f:
69:c4:89:27:40:09:88:ce:9e:ca:ac:d1:af:3e:23:
b2:e7:25:5c:43:fb:68:84:0d:0d:67:89:40:24:a0:
80:79:55:84:86:cf:fc:63:19:6d:c4:e6:7c:04:46:
b9:88:76:6e:5f:ff:d7:18:76:95:ee:fc:ae:54:39:
15:f6:f6:03:68:4a:aa:20:3e:f9:b2:27:04:a7:fc:
a0:23:20:69:23:6d:d5:d0:06:56:39:58:6d:21:76:
d9:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:C6:C8:7F:50:C3:F7:7E:8C:1E:3F:79:2A:4F:0B:EB:31:AD:4E:72
X509v3 Authority Key Identifier:
keyid:D8:01:2F:AF:98:27:5A:E4:F3:F8:D8:7F:08:4E:E4:FF:84:20:C4:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2AEvr5gnWuTz-Nh_CE7k_4QgxIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/8sbIf1DD936MHj95Kk8L6zGtTnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/2AEvr5gnWuTz-Nh_CE7k_4QgxIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.3.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:d7:0f:55:54:8c:ea:dd:ca:30:8c:2c:8f:0f:bb:92:f6:7f:
01:b5:01:d6:60:56:fa:89:5b:be:19:76:ba:45:60:c9:9d:64:
b0:ce:c1:4b:08:71:fe:d7:42:41:3b:ee:ff:d5:38:bd:a9:33:
68:45:56:b2:1b:42:21:c5:1f:52:a3:18:28:a3:bb:c7:f5:aa:
41:8e:fd:27:7f:b2:13:9c:00:d4:72:30:ed:75:eb:4d:b8:ae:
b9:79:66:3a:20:8f:96:e8:90:eb:d0:47:f3:0e:04:72:ed:39:
f4:48:f8:09:d3:4b:1c:eb:8a:c0:27:1a:6c:f6:ef:f7:37:d8:
c4:ae:ac:66:92:77:67:e4:86:ce:d6:3c:a9:8a:24:ca:f6:8d:
39:65:39:b9:d5:a6:e1:1a:6c:f6:cd:96:43:57:14:2e:93:5a:
46:aa:d5:02:db:fa:23:9d:43:83:fb:37:bf:27:48:81:1b:5c:
62:af:84:ad:e4:de:3d:2c:1a:9a:b3:55:c8:e9:90:11:14:38:
ee:d3:42:f0:90:1e:f1:7f:0b:4b:83:d0:18:ce:6e:43:e0:cc:
ea:63:a4:3f:08:0a:12:05:d1:3e:70:53:52:bd:a6:ac:36:79:
d4:6e:2f:2e:b8:06:b1:dd:a5:84:d0:fb:d6:92:7f:3d:17:7f:
b0:c8:25:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9ZFUOsFTS29IrqnSDsbfEEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MDEyZmFmOTgyNzVhZTRmM2Y4ZDg3ZjA4NGVlNGZmODQy
MGM0ODUwHhcNMjQwNTA4MTY0MTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmM2Yzg3ZjUwYzNmNzdlOGMxZTNmNzkyYTRmMGJlYjMxYWQ0ZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJqrS6KG2CndkUT8MhqILrF/vsva
g3HlZH99f7SYmBnb7RiYMyXNdHjWESW7UEuK5CbAUc2LUOZWrL5QpjB8coWkbUrR
LDcTqugmkX0JK3DDxQdTVrzWKhCoyHUyYpA7Xjfi8NNxHV19ZXvymRxjuiLBO2A8
6p86L0LCw+/ly7L7HBIyiA8+IkSUTSQO6D6DXL5t/MDUyh9B2hprYOhGGF7rJR9p
xIknQAmIzp7KrNGvPiOy5yVcQ/tohA0NZ4lAJKCAeVWEhs/8YxltxOZ8BEa5iHZu
X//XGHaV7vyuVDkV9vYDaEqqID75sicEp/ygIyBpI23V0AZWOVhtIXbZVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPLGyH9Qw/d+jB4/eSpPC+sxrU5yMB8GA1UdIwQY
MBaAFNgBL6+YJ1rk8/jYfwhO5P+EIMSFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkFFdnI1Z25XdVR6LU5oX0NFN2tfNFFneElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9mNjdhYTgtNTFjMi00M2IyLWIwMjIt
NmQ1NjBkZWJmN2IzLzEvOHNiSWYxREQ5MzZNSGo5NUtrOEw2ekd0VG5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9mNjdhYTgtNTFjMi00M2IyLWIwMjItNmQ1NjBkZWJmN2Iz
LzEvMkFFdnI1Z25XdVR6LU5oX0NFN2tfNFFneElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueADMA0G
CSqGSIb3DQEBCwUAA4IBAQCd1w9VVIzq3cowjCyPD7uS9n8BtQHWYFb6iVu+GXa6
RWDJnWSwzsFLCHH+10JBO+7/1Ti9qTNoRVayG0IhxR9Soxgoo7vH9apBjv0nf7IT
nADUcjDtdetNuK65eWY6II+W6JDr0EfzDgRy7Tn0SPgJ00sc64rAJxps9u/3N9jE
rqxmkndn5IbO1jypiiTK9o05ZTm51abhGmz2zZZDVxQuk1pGqtUC2/ojnUOD+ze/
J0iBG1xir4St5N49LBqas1XI6ZARFDju00LwkB7xfwtLg9AYzm5D4MzqY6Q/CAoS
BdE+cFNSvaasNnnUbi8uuAax3aWE0PvWkn89F3+wyCW0
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:26:24 2024 by rpki-client on console-fra.rpki-client.org