Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/8LNtOUXbFEe2EbsIPSH5XczKzlo.roa
File: 8LNtOUXbFEe2EbsIPSH5XczKzlo.roa (raw, json)
Hash identifier: TUGsr6svPuccXDxbPIJR+BOyo5thf26v13nJL/NoULY=
Subject key identifier: F0:B3:6D:39:45:DB:14:47:B6:11:BB:08:3D:21:F9:5D:CC:CA:CE:5A
Certificate issuer: /CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Certificate serial: 018CC801533D316DC835A5077D3B0F65C7B5
Authority key identifier: CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/8LNtOUXbFEe2EbsIPSH5XczKzlo.roa
Signing time: Tue 02 Jan 2024 02:29:39 +0000
ROA not before: Tue 02 Jan 2024 02:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5583
IP address blocks: 57.79.0.0/16 maxlen: 32
57.82.0.0/15 maxlen: 32
57.66.0.0/15 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.mft
rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:53:3d:31:6d:c8:35:a5:07:7d:3b:0f:65:c7:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Validity
Not Before: Jan 2 02:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0b36d3945db1447b611bb083d21f95dcccace5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e8:41:61:19:95:b9:71:9c:21:7d:4f:c3:00:
fc:e5:67:15:1d:2b:4e:b1:2d:37:70:22:bf:ff:ea:
49:19:55:fd:0e:22:b5:9a:02:9c:b5:24:e8:32:a7:
5c:ba:00:47:d5:bb:45:46:be:aa:0b:f7:85:23:34:
d9:46:e0:7c:8e:b2:6b:3c:dd:3d:6b:d6:c2:f3:f3:
02:02:11:ee:66:68:4a:5c:44:32:9a:1c:60:f2:73:
20:2c:57:1c:58:96:3f:43:50:22:3b:ff:27:f0:2a:
4e:12:b4:fa:29:4d:a2:31:f5:25:a7:98:7a:2c:f0:
ee:17:ea:ae:42:78:96:04:ce:22:1d:a3:27:df:b6:
c0:e5:0e:d3:77:70:16:b8:fb:2b:fe:57:1c:25:83:
05:5e:de:4c:41:9f:e5:4a:08:3d:04:97:ff:4b:dd:
3f:69:ce:d8:b0:ca:58:3e:58:cd:bb:8e:a3:33:d6:
9c:08:1e:8e:e9:20:10:99:a3:1b:ba:9f:ce:6b:22:
19:33:a9:9e:71:ab:95:c5:36:dc:ab:65:1b:8b:d6:
07:48:e0:00:fd:f2:4f:ca:62:e1:36:c8:48:1d:3c:
76:06:29:62:75:1b:62:70:44:f5:3e:c1:19:36:eb:
da:58:56:26:09:34:2c:e4:07:7d:8a:7c:d3:cc:40:
05:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:B3:6D:39:45:DB:14:47:B6:11:BB:08:3D:21:F9:5D:CC:CA:CE:5A
X509v3 Authority Key Identifier:
keyid:CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/8LNtOUXbFEe2EbsIPSH5XczKzlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.66.0.0/15
57.79.0.0/16
57.82.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c8:ea:36:0a:f1:f8:10:ac:24:ca:12:7c:8b:4e:c9:de:14:71:
af:a1:3c:86:22:b5:22:bc:db:b8:6f:da:fe:ad:ae:73:91:63:
47:01:a9:71:6c:a6:36:f3:d3:34:6c:08:fa:a0:12:7d:5e:5b:
85:f9:5c:01:b0:dd:2e:a9:e4:16:e1:2e:52:6a:f5:2e:f9:73:
b7:bb:19:42:fb:1e:66:40:b9:27:16:22:96:3e:df:18:79:48:
ac:ff:32:10:af:12:2e:99:70:9c:55:30:fb:00:19:e8:18:e8:
ce:40:9e:2f:cd:b3:57:c2:24:44:84:b5:87:34:f8:8e:1d:d5:
09:c8:11:16:a7:e7:93:6b:af:89:10:f8:df:f3:e5:36:84:1b:
49:0f:63:b5:1d:5e:96:24:2d:0f:a8:b5:7f:49:65:98:96:86:
7b:ea:c9:31:71:45:03:c9:87:fb:1c:59:61:45:35:9f:8e:3c:
39:47:e6:d8:0a:f1:05:fd:e0:49:55:d3:bd:2e:91:98:9b:6f:
b1:08:af:be:a2:97:d0:63:35:25:11:5e:71:9c:42:e3:80:dd:
9b:ea:70:a3:c4:00:a6:ce:3d:17:4b:95:4e:54:07:81:39:14:
78:9b:84:fd:70:96:80:0b:d2:9d:4c:cb:f5:08:02:a9:43:20:
d7:35:a6:6f
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAYzIAVM9MW3INaUHfTsPZce1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYjgzY2ZlNTQ4OTgzNWYyOTRkMGFmNGRkNGRiNmUzZGMy
NWYxZjMwHhcNMjQwMTAyMDIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGIzNmQzOTQ1ZGIxNDQ3YjYxMWJiMDgzZDIxZjk1ZGNjY2FjZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+hBYRmVuXGcIX1PwwD85WcVHStO
sS03cCK//+pJGVX9DiK1mgKctSToMqdcugBH1btFRr6qC/eFIzTZRuB8jrJrPN09
a9bC8/MCAhHuZmhKXEQymhxg8nMgLFccWJY/Q1AiO/8n8CpOErT6KU2iMfUlp5h6
LPDuF+quQniWBM4iHaMn37bA5Q7Td3AWuPsr/lccJYMFXt5MQZ/lSgg9BJf/S90/
ac7YsMpYPljNu46jM9acCB6O6SAQmaMbup/OayIZM6mecauVxTbcq2Ubi9YHSOAA
/fJPymLhNshIHTx2BilidRticET1PsEZNuvaWFYmCTQs5Ad9inzTzEAFAwIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFPCzbTlF2xRHthG7CD0h+V3Mys5aMB8GA1UdIwQY
MBaAFM24PP5UiYNfKU0K9N1NtuPcJfHzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEt
YTNiNzRmOTY0MWFjLzEvOExOdE9VWGJGRWUyRWJzSVBTSDVYY3pLemxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEtYTNiNzRmOTY0MWFj
LzEvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAATAPAwMBOUIDAwA5
TwMDATlSMA0GCSqGSIb3DQEBCwUAA4IBAQDI6jYK8fgQrCTKEnyLTsneFHGvoTyG
IrUivNu4b9r+ra5zkWNHAalxbKY289M0bAj6oBJ9XluF+VwBsN0uqeQW4S5SavUu
+XO3uxlC+x5mQLknFiKWPt8YeUis/zIQrxIumXCcVTD7ABnoGOjOQJ4vzbNXwiRE
hLWHNPiOHdUJyBEWp+eTa6+JEPjf8+U2hBtJD2O1HV6WJC0PqLV/SWWYloZ76skx
cUUDyYf7HFlhRTWfjjw5R+bYCvEF/eBJVdO9LpGYm2+xCK++opfQYzUlEV5xnELj
gN2b6nCjxACmzj0XS5VOVAeBORR4m4T9cJaAC9KdTMv1CAKpQyDXNaZv
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:15:12 2024 by rpki-client on console-fra.rpki-client.org