Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/8TTh69vxbScEdikjlWgOoA2QK9I.roa
File: 8TTh69vxbScEdikjlWgOoA2QK9I.roa (raw, json)
Hash identifier: Yo0FLlDhC8QAcrLRxvYlGL1p1ck4EJGK6w2d8Ef6JpQ=
Subject key identifier: F1:34:E1:EB:DB:F1:6D:27:04:76:29:23:95:68:0E:A0:0D:90:2B:D2
Certificate issuer: /CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Certificate serial: 0190C55AB5A01F89ECF5B5229617B79474B3
Authority key identifier: C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/8TTh69vxbScEdikjlWgOoA2QK9I.roa
Signing time: Thu 18 Jul 2024 10:19:34 +0000
ROA not before: Thu 18 Jul 2024 10:19:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43607
IP address blocks: 193.17.2.0/24 maxlen: 24
2a07:2480::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c5:5a:b5:a0:1f:89:ec:f5:b5:22:96:17:b7:94:74:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Validity
Not Before: Jul 18 10:19:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f134e1ebdbf16d270476292395680ea00d902bd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:99:6c:25:06:2f:37:fe:0d:32:54:ef:65:9c:
b9:02:a8:c2:cd:f3:2d:55:d9:76:cc:47:4d:2b:c2:
f9:35:f0:e0:27:c5:25:b4:7b:b0:20:f9:1a:07:7f:
16:3c:fe:a2:ec:c2:fe:53:46:a4:13:16:fe:28:d6:
ab:4c:e8:8f:fb:1f:de:1b:48:32:d6:3d:b2:4b:a8:
62:ad:e7:e1:f8:b8:5c:84:76:94:94:f4:eb:f0:98:
c8:fa:cd:cc:84:52:5e:f8:33:e8:7b:80:ff:3a:93:
35:e2:27:75:15:46:70:e8:a9:9e:ec:ab:01:ba:77:
74:b7:3d:38:d9:f4:59:89:f5:4d:b1:af:89:22:cf:
89:14:55:43:4d:ab:c5:e6:da:75:f3:ac:ed:5b:a6:
7b:7e:04:4d:b9:11:f2:2b:47:a0:20:e8:30:58:78:
47:cc:61:92:63:91:3e:b0:04:9a:80:14:f0:ed:60:
8d:93:bb:82:94:72:4e:9b:df:66:88:1c:43:50:73:
1f:73:97:95:8d:4e:53:95:9b:4b:9d:66:d1:36:6d:
7c:ea:20:af:3a:72:02:12:15:6a:89:7d:2c:b4:13:
ae:c6:a0:47:38:48:b5:77:cb:f4:42:2b:24:b2:30:
9b:2d:c0:e6:5a:f6:93:99:48:b7:b9:07:b4:7a:3f:
db:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:34:E1:EB:DB:F1:6D:27:04:76:29:23:95:68:0E:A0:0D:90:2B:D2
X509v3 Authority Key Identifier:
keyid:C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/8TTh69vxbScEdikjlWgOoA2QK9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.2.0/24
IPv6:
2a07:2480::/32
Signature Algorithm: sha256WithRSAEncryption
14:23:f7:e8:01:62:1f:38:4e:ea:59:c5:43:c2:b9:f7:2b:f6:
27:8d:e2:d2:88:7d:16:23:67:94:05:07:e9:b4:58:a3:53:61:
16:c6:65:df:32:5a:2c:d0:8f:b0:b2:a8:b8:e6:df:2d:0e:6f:
c6:1e:08:44:1a:69:51:ff:3a:a1:07:2c:aa:9e:e8:d8:2e:bd:
0f:1c:65:8f:19:58:4a:e0:3e:fd:93:e0:d9:df:80:e7:86:32:
83:5a:36:f7:05:9f:aa:67:cc:8e:c3:ea:7c:f7:c5:a2:7a:39:
69:52:ed:73:8b:43:61:1a:bb:74:1e:b7:24:24:61:2a:9f:f9:
bf:b2:24:7a:4a:d5:10:10:c4:5d:79:cc:cc:4e:12:e2:8b:a3:
ed:1f:91:97:d3:9c:87:c8:03:29:6d:00:1e:d3:d2:47:09:eb:
01:36:45:9f:cb:b3:8a:90:48:0e:fb:94:b2:da:de:1e:34:8e:
62:bb:d0:3f:2c:5b:27:31:c3:d1:26:5a:b2:83:7f:1d:25:d6:
84:c5:d7:69:22:7a:5d:06:75:7e:20:57:e7:a0:44:19:09:a3:
45:04:0b:15:b6:7c:ef:d1:d0:83:d4:73:f1:9d:12:0c:e3:b0:
cc:fb:1a:ae:84:93:c3:1f:f6:2c:5f:31:47:a7:ab:c6:43:19:
b8:e7:c8:64
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZDFWrWgH4ns9bUilhe3lHSzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMzZlOGMyMTZmMDVhOWQ5ZTAzMjdmMTIyMmJmMTIxOThh
YmE1ZGEwHhcNMjQwNzE4MTAxOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTM0ZTFlYmRiZjE2ZDI3MDQ3NjI5MjM5NTY4MGVhMDBkOTAyYmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZlsJQYvN/4NMlTvZZy5AqjCzfMt
Vdl2zEdNK8L5NfDgJ8UltHuwIPkaB38WPP6i7ML+U0akExb+KNarTOiP+x/eG0gy
1j2yS6hirefh+LhchHaUlPTr8JjI+s3MhFJe+DPoe4D/OpM14id1FUZw6Kme7KsB
und0tz042fRZifVNsa+JIs+JFFVDTavF5tp186ztW6Z7fgRNuRHyK0egIOgwWHhH
zGGSY5E+sASagBTw7WCNk7uClHJOm99miBxDUHMfc5eVjU5TlZtLnWbRNm186iCv
OnICEhVqiX0stBOuxqBHOEi1d8v0QisksjCbLcDmWvaTmUi3uQe0ej/b3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPE04evb8W0nBHYpI5VoDqANkCvSMB8GA1UdIwQY
MBaAFMI26MIW8FqdngMn8SIr8SGYq6XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgt
Mzg0ZmZjZTc3ZjUyLzEvOFRUaDY5dnhiU2NFZGlramxXZ09vQTJRSzlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgtMzg0ZmZjZTc3ZjUy
LzEvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwRECMA0E
AgACMAcDBQAqBySAMA0GCSqGSIb3DQEBCwUAA4IBAQAUI/foAWIfOE7qWcVDwrn3
K/YnjeLSiH0WI2eUBQfptFijU2EWxmXfMlos0I+wsqi45t8tDm/GHghEGmlR/zqh
ByyqnujYLr0PHGWPGVhK4D79k+DZ34DnhjKDWjb3BZ+qZ8yOw+p898WiejlpUu1z
i0NhGrt0HrckJGEqn/m/siR6StUQEMRdeczMThLii6PtH5GX05yHyAMpbQAe09JH
CesBNkWfy7OKkEgO+5Sy2t4eNI5iu9A/LFsnMcPRJlqyg38dJdaExddpInpdBnV+
IFfnoEQZCaNFBAsVtnzv0dCD1HPxnRIM47DM+xquhJPDH/YsXzFHp6vGQxm458hk
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:43:06 2024 by rpki-client on console-fra.rpki-client.org