Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/7XoDnpfHTvHQ84QzS4cQOXeZwt0.roa
File: 7XoDnpfHTvHQ84QzS4cQOXeZwt0.roa (raw, json)
Hash identifier: Xqa90QF4NZlpvriIMtb97TTxuisTq6/WBVIgKSbnO3M=
Subject key identifier: ED:7A:03:9E:97:C7:4E:F1:D0:F3:84:33:4B:87:10:39:77:99:C2:DD
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 018CC9BCA9CD29D119E17E110AE0409AD81C
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/7XoDnpfHTvHQ84QzS4cQOXeZwt0.roa
Signing time: Tue 02 Jan 2024 10:33:53 +0000
ROA not before: Tue 02 Jan 2024 10:33:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211614
IP address blocks: 213.252.243.0/24 maxlen: 24
84.15.125.0/24 maxlen: 24
84.15.127.0/24 maxlen: 24
84.15.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:a9:cd:29:d1:19:e1:7e:11:0a:e0:40:9a:d8:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Jan 2 10:33:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed7a039e97c74ef1d0f384334b8710397799c2dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:55:92:2a:6d:fc:f8:cb:7e:6c:29:4c:a5:14:
40:47:28:f9:d3:49:68:b8:09:e8:5c:63:f9:58:83:
5d:5c:46:79:59:43:23:c0:64:6e:56:05:20:14:df:
ed:1e:19:28:8e:bf:19:19:4b:ba:89:e3:79:75:5e:
e8:9d:9b:7a:7b:ec:c4:96:a7:e3:c8:e1:56:cd:1e:
f5:74:a3:69:26:c6:bf:29:79:df:ee:43:7c:a3:67:
dc:5f:c3:a1:dd:3b:fe:aa:a1:34:be:55:32:e4:48:
46:0a:8e:94:4a:62:3e:a7:7c:6a:0c:4c:d7:4f:d3:
c1:4f:66:f1:6c:be:15:d2:c3:54:ef:34:64:2d:6e:
d9:38:47:c4:81:41:df:b5:0a:ef:4a:b5:01:2f:0e:
f0:4f:79:63:cc:c0:29:78:34:28:85:57:7e:eb:2c:
5e:df:4e:28:18:1b:61:34:94:0c:a8:bb:c8:ce:c0:
20:ac:4f:55:a3:0e:5e:85:1c:47:ab:ce:46:0c:af:
80:e7:c9:0a:e9:55:fb:5e:2f:e3:96:9c:ec:8e:38:
00:ab:ca:15:27:b0:91:10:13:b4:3b:d0:21:86:ae:
c9:27:46:5c:ea:e7:57:4b:e8:ae:23:cb:67:09:e6:
e0:bb:a9:e0:51:1f:62:4a:6a:fd:0d:fd:54:9d:80:
03:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:7A:03:9E:97:C7:4E:F1:D0:F3:84:33:4B:87:10:39:77:99:C2:DD
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/7XoDnpfHTvHQ84QzS4cQOXeZwt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.15.125.0-84.15.127.255
213.252.243.0/24
Signature Algorithm: sha256WithRSAEncryption
44:99:d7:79:f1:74:a7:b5:ad:8f:69:64:a3:8f:b1:f5:0b:0d:
9f:12:5e:ff:50:9a:4f:5e:8a:44:ae:7b:54:aa:df:18:4b:5b:
92:d7:3c:d0:c2:29:dc:ba:99:de:de:c2:35:e7:b7:b0:33:51:
02:3a:6d:96:90:d2:79:47:3b:a6:b1:c6:0c:6b:e3:5b:e7:6f:
74:e3:da:4b:7b:9c:5f:4d:ea:41:60:21:35:2c:da:cd:37:30:
07:03:0e:09:28:d4:c3:55:eb:d6:67:ba:8a:10:29:09:c2:c4:
a7:31:37:3e:e7:61:99:33:41:a9:b7:ab:04:75:17:aa:00:01:
37:5d:94:7b:bd:9e:2b:fe:8a:c0:bd:7c:6d:10:3c:5b:d7:18:
cd:e5:7d:42:bd:4a:44:ef:84:53:b6:db:46:6b:a3:7f:9a:66:
66:e2:1a:b7:3c:6f:c1:73:7b:23:0a:e5:91:80:3f:dd:39:76:
47:86:41:3e:17:98:c3:69:7a:c5:bb:5a:16:b7:52:d9:96:21:
80:02:c1:d9:d8:7b:4a:db:6d:d7:9f:b1:db:27:6d:ed:e2:6b:
8a:18:e0:8b:79:9c:2f:94:f1:18:f1:a7:58:4c:f2:7a:8f:ee:
0d:40:0d:f0:e5:09:9f:14:0d:3a:7a:d7:6c:74:45:c4:ea:91:
70:86:ff:cb
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzJvKnNKdEZ4X4RCuBAmtgcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjQwMTAyMTAzMzUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDdhMDM5ZTk3Yzc0ZWYxZDBmMzg0MzM0Yjg3MTAzOTc3OTljMmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlWSKm38+Mt+bClMpRRARyj500lo
uAnoXGP5WINdXEZ5WUMjwGRuVgUgFN/tHhkojr8ZGUu6ieN5dV7onZt6e+zElqfj
yOFWzR71dKNpJsa/KXnf7kN8o2fcX8Oh3Tv+qqE0vlUy5EhGCo6USmI+p3xqDEzX
T9PBT2bxbL4V0sNU7zRkLW7ZOEfEgUHftQrvSrUBLw7wT3ljzMApeDQohVd+6yxe
304oGBthNJQMqLvIzsAgrE9Vow5ehRxHq85GDK+A58kK6VX7Xi/jlpzsjjgAq8oV
J7CREBO0O9Ahhq7JJ0Zc6udXS+iuI8tnCebgu6ngUR9iSmr9Df1UnYADowIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFO16A56Xx07x0POEM0uHEDl3mcLdMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvN1hvRG5wZkhUdkhRODRRelM0Y1FPWGVad3QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABUD30D
BAdUDwADBADV/PMwDQYJKoZIhvcNAQELBQADggEBAESZ13nxdKe1rY9pZKOPsfUL
DZ8SXv9Qmk9eikSue1Sq3xhLW5LXPNDCKdy6md7ewjXnt7AzUQI6bZaQ0nlHO6ax
xgxr41vnb3Tj2kt7nF9N6kFgITUs2s03MAcDDgko1MNV69ZnuooQKQnCxKcxNz7n
YZkzQam3qwR1F6oAATddlHu9niv+isC9fG0QPFvXGM3lfUK9SkTvhFO220Zro3+a
ZmbiGrc8b8FzeyMK5ZGAP905dkeGQT4XmMNpesW7Wha3UtmWIYACwdnYe0rbbdef
sdsnbe3ia4oY4It5nC+U8Rjxp1hM8nqP7g1ADfDlCZ8UDTp612x0RcTqkXCG/8s=
-----END CERTIFICATE-----
Generated at Fri May 3 08:46:13 2024 by rpki-client on console-ams.rpki-client.org