Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/7b8d5d-13e6-4d2b-bce3-4980fca8d277/1/j2XFjbfjxS5txp6rPJWo1xRivdw.roa
File: j2XFjbfjxS5txp6rPJWo1xRivdw.roa (raw, json)
Hash identifier: qOtG2b4QwJZRyvfF390jC8Fdzvly7SGmL0iisW+VDl0=
Subject key identifier: 8F:65:C5:8D:B7:E3:C5:2E:6D:C6:9E:AB:3C:95:A8:D7:14:62:BD:DC
Certificate issuer: /CN=cd7f8789490107097b20cfa6e3d459f136274ba4
Certificate serial: 018CC64AD3EC07C87DE3EE6B6CBA16706F12
Authority key identifier: CD:7F:87:89:49:01:07:09:7B:20:CF:A6:E3:D4:59:F1:36:27:4B:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zX-HiUkBBwl7IM-m49RZ8TYnS6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/7b8d5d-13e6-4d2b-bce3-4980fca8d277/1/j2XFjbfjxS5txp6rPJWo1xRivdw.roa
Signing time: Mon 01 Jan 2024 18:30:41 +0000
ROA not before: Mon 01 Jan 2024 18:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8426
IP address blocks: 178.248.184.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/7b8d5d-13e6-4d2b-bce3-4980fca8d277/1/zX-HiUkBBwl7IM-m49RZ8TYnS6Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/7b8d5d-13e6-4d2b-bce3-4980fca8d277/1/zX-HiUkBBwl7IM-m49RZ8TYnS6Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/zX-HiUkBBwl7IM-m49RZ8TYnS6Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:d3:ec:07:c8:7d:e3:ee:6b:6c:ba:16:70:6f:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd7f8789490107097b20cfa6e3d459f136274ba4
Validity
Not Before: Jan 1 18:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f65c58db7e3c52e6dc69eab3c95a8d71462bddc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e4:8b:c7:e6:d5:ab:92:16:cd:fa:0d:fd:26:
c7:5a:a3:54:bb:23:cf:92:c2:d4:8a:85:56:9b:4c:
59:7e:30:ba:d0:1c:9a:b1:a6:57:bb:d1:37:d9:13:
75:1a:ae:dd:22:08:72:19:a5:ee:c4:50:c1:19:e2:
1a:4a:a2:0c:e3:18:54:ad:65:76:b5:87:0b:d0:57:
f3:36:dd:ad:79:7a:a0:80:90:13:7e:cf:6c:35:b1:
de:02:57:5e:f8:46:45:ef:f6:d7:8b:25:1c:67:81:
d2:e0:a5:03:9d:bf:63:f7:f6:ce:25:7a:5e:c9:ff:
b7:bc:29:13:36:00:b9:6b:f0:6d:07:b2:0b:09:ea:
40:3e:93:6d:bd:0e:0e:3e:18:3c:73:cc:b3:99:64:
fb:17:47:19:2e:c5:cc:a2:9a:09:6a:e5:db:e8:e4:
3f:1b:ba:9b:6b:eb:17:4b:b1:83:eb:78:26:13:c9:
c6:9b:5a:1b:5c:32:21:34:78:be:93:b6:82:3f:a5:
74:26:52:56:85:36:28:59:2f:36:19:dc:3e:a3:3f:
65:5e:ba:f0:dd:3a:fa:dd:85:97:42:a6:1c:6b:de:
36:5d:99:59:72:f5:98:cd:84:da:0a:0b:ba:2e:3f:
31:25:a8:61:0c:82:b2:1d:88:f1:c2:a1:50:f0:99:
ee:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:65:C5:8D:B7:E3:C5:2E:6D:C6:9E:AB:3C:95:A8:D7:14:62:BD:DC
X509v3 Authority Key Identifier:
keyid:CD:7F:87:89:49:01:07:09:7B:20:CF:A6:E3:D4:59:F1:36:27:4B:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zX-HiUkBBwl7IM-m49RZ8TYnS6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/7b8d5d-13e6-4d2b-bce3-4980fca8d277/1/j2XFjbfjxS5txp6rPJWo1xRivdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/7b8d5d-13e6-4d2b-bce3-4980fca8d277/1/zX-HiUkBBwl7IM-m49RZ8TYnS6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.184.0/21
Signature Algorithm: sha256WithRSAEncryption
7f:98:0f:0f:ae:f5:91:bf:7d:ea:fc:4a:8c:02:50:b1:4a:fd:
f1:e5:62:46:72:0e:e6:fd:d0:bf:8a:0f:eb:bc:93:d7:36:06:
66:49:d1:72:73:c3:a8:58:26:8a:97:79:1f:b4:7d:14:05:63:
69:58:48:a3:72:e9:eb:4f:37:37:00:50:e4:bb:90:e4:05:a7:
67:4d:72:1e:ae:f9:35:4a:ca:c4:35:04:f0:2a:83:d1:9d:9e:
2d:7d:2b:0c:c2:a2:b5:81:66:9b:9c:d4:ba:4b:a2:1c:e4:54:
75:0a:a8:9a:c7:cf:92:20:cf:d2:f3:3b:7c:01:c4:0b:c4:39:
d6:6f:00:4a:ee:67:12:49:0d:b0:51:88:45:29:06:c3:a1:59:
67:bb:05:bd:d7:8a:35:33:94:6a:64:7d:ff:5e:60:32:e9:8d:
ba:46:01:fd:fe:e2:09:bf:22:7f:01:0b:2a:ff:15:dc:94:40:
ae:cf:b7:ad:29:c2:51:e6:a1:7c:84:81:fc:6c:f6:6d:f4:ce:
a8:ed:c5:ef:ea:45:ec:3c:ce:e7:7d:02:f3:b2:7b:e1:b9:e9:
4e:e9:81:dd:9c:41:63:0a:91:6d:50:7a:80:c3:05:ce:f1:a9:
4b:7b:5f:c6:d2:0b:04:bc:f1:af:80:be:44:b3:1b:1c:b3:de:
54:cc:f6:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGStPsB8h94+5rbLoWcG8SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkN2Y4Nzg5NDkwMTA3MDk3YjIwY2ZhNmUzZDQ1OWYxMzYy
NzRiYTQwHhcNMjQwMTAxMTgzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjY1YzU4ZGI3ZTNjNTJlNmRjNjllYWIzYzk1YThkNzE0NjJiZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguSLx+bVq5IWzfoN/SbHWqNUuyPP
ksLUioVWm0xZfjC60ByasaZXu9E32RN1Gq7dIghyGaXuxFDBGeIaSqIM4xhUrWV2
tYcL0FfzNt2teXqggJATfs9sNbHeAlde+EZF7/bXiyUcZ4HS4KUDnb9j9/bOJXpe
yf+3vCkTNgC5a/BtB7ILCepAPpNtvQ4OPhg8c8yzmWT7F0cZLsXMopoJauXb6OQ/
G7qba+sXS7GD63gmE8nGm1obXDIhNHi+k7aCP6V0JlJWhTYoWS82Gdw+oz9lXrrw
3Tr63YWXQqYca942XZlZcvWYzYTaCgu6Lj8xJahhDIKyHYjxwqFQ8JnuZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI9lxY2348UubcaeqzyVqNcUYr3cMB8GA1UdIwQY
MBaAFM1/h4lJAQcJeyDPpuPUWfE2J0ukMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelgtSGlVa0JCd2w3SU0tbTQ5Ulo4VFluUzZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC83YjhkNWQtMTNlNi00ZDJiLWJjZTMt
NDk4MGZjYThkMjc3LzEvajJYRmpiZmp4UzV0eHA2clBKV28xeFJpdmR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC83YjhkNWQtMTNlNi00ZDJiLWJjZTMtNDk4MGZjYThkMjc3
LzEvelgtSGlVa0JCd2w3SU0tbTQ5Ulo4VFluUzZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsvi4MA0G
CSqGSIb3DQEBCwUAA4IBAQB/mA8PrvWRv33q/EqMAlCxSv3x5WJGcg7m/dC/ig/r
vJPXNgZmSdFyc8OoWCaKl3kftH0UBWNpWEijcunrTzc3AFDku5DkBadnTXIervk1
SsrENQTwKoPRnZ4tfSsMwqK1gWabnNS6S6Ic5FR1Cqiax8+SIM/S8zt8AcQLxDnW
bwBK7mcSSQ2wUYhFKQbDoVlnuwW914o1M5RqZH3/XmAy6Y26RgH9/uIJvyJ/AQsq
/xXclECuz7etKcJR5qF8hIH8bPZt9M6o7cXv6kXsPM7nfQLzsnvhuelO6YHdnEFj
CpFtUHqAwwXO8alLe1/G0gsEvPGvgL5Esxscs95UzPZY
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:12:00 2024 by rpki-client on console-fra.rpki-client.org