Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/9BVUzVKeQNAp63jDMkiHu2BVxMg.roa
File: 9BVUzVKeQNAp63jDMkiHu2BVxMg.roa (raw, json)
Hash identifier: eHWRRMsYYLALnTTySDUJRwfkBMxKWjgGSFkp0/tX61M=
Subject key identifier: F4:15:54:CD:52:9E:40:D0:29:EB:78:C3:32:48:87:BB:60:55:C4:C8
Certificate issuer: /CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Certificate serial: 018EA2EBC8EC1B1B9DEE1C04F4962DBEF43E
Authority key identifier: 8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/9BVUzVKeQNAp63jDMkiHu2BVxMg.roa
Signing time: Wed 03 Apr 2024 07:45:45 +0000
ROA not before: Wed 03 Apr 2024 07:45:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 86.111.230.0/24 maxlen: 24
86.111.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 14:36:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a2:eb:c8:ec:1b:1b:9d:ee:1c:04:f4:96:2d:be:f4:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Validity
Not Before: Apr 3 07:45:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f41554cd529e40d029eb78c3324887bb6055c4c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:63:ab:bf:79:bf:30:c3:7b:9d:54:cc:a4:bf:
45:e8:8c:18:20:db:be:17:6e:e7:94:ac:66:4d:d6:
2e:68:40:64:64:7b:9f:18:cb:cb:a7:ae:fa:80:35:
28:a8:cb:e9:5c:88:f9:f9:27:19:2b:99:50:2f:90:
b3:34:b6:c2:0c:24:b5:30:3d:3a:5f:0a:6e:af:08:
4f:9f:8a:9e:25:71:bd:c8:84:38:3f:65:f8:11:9c:
5c:f5:e5:00:b9:03:b7:0b:66:60:4c:59:6f:89:89:
f5:56:7b:31:a3:02:2f:b3:8d:a2:93:b7:1e:39:59:
3a:9f:5b:36:35:5e:ad:9d:9b:ca:01:13:05:d3:2d:
04:07:98:77:4a:a4:ad:d3:c6:ef:cc:26:27:1d:9a:
a6:8c:5a:7f:70:ab:46:8a:e4:c0:80:f4:16:3f:f9:
af:a1:76:58:f5:db:e5:37:3f:74:d1:64:d7:3c:e1:
02:19:eb:8f:16:4f:0b:cf:96:37:d0:d3:cc:8d:59:
9e:da:4c:50:c4:64:7d:86:79:59:ba:fb:9f:ef:d8:
6f:7a:21:1e:4d:f9:8c:56:5b:38:98:36:41:dc:01:
ef:13:f8:1b:af:6e:b1:d5:f1:14:80:88:a3:bd:c6:
da:e2:3c:00:01:ed:24:2e:85:66:ca:f9:60:f5:b1:
44:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:15:54:CD:52:9E:40:D0:29:EB:78:C3:32:48:87:BB:60:55:C4:C8
X509v3 Authority Key Identifier:
keyid:8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/9BVUzVKeQNAp63jDMkiHu2BVxMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.230.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:28:67:3c:db:3f:12:fa:01:d8:ca:80:d9:27:8b:60:51:28:
c3:fd:8a:fe:ac:1c:be:52:51:28:cb:46:9e:68:3d:0d:11:85:
d0:35:d3:e1:2f:e4:26:09:12:b8:ae:2d:72:08:8a:92:e1:1e:
68:eb:bc:26:b4:9c:c2:69:fe:4b:db:f1:91:06:75:7f:35:33:
08:c8:40:88:c2:97:07:09:b8:c4:42:49:bd:87:64:8d:1d:23:
4f:59:70:b1:dd:8f:f0:f3:a0:a0:91:6f:68:58:07:49:9b:86:
f6:18:73:d1:9b:12:ce:a7:be:57:c1:fe:3a:55:75:dc:c8:1c:
67:e2:ee:7e:92:00:0d:1b:cb:27:b6:fb:72:a8:91:8e:95:1a:
56:67:75:ad:59:e7:a2:ba:fe:6c:ac:c6:b1:e3:e6:2a:75:77:
b6:06:94:1f:4c:4d:0f:bf:fc:1b:b9:f7:d4:c8:76:b8:6c:85:
85:48:91:d5:b9:d5:88:4c:f9:3b:01:5f:e9:cb:98:1b:e6:b7:
7b:d3:9a:94:24:1f:4d:19:ef:f4:0a:54:c3:22:5c:3f:18:55:
76:00:03:0a:ce:ce:9e:c3:7b:60:7c:f0:cd:d7:89:d8:5b:62:
34:1e:95:79:ea:0a:7f:86:1c:71:a5:24:8f:bf:f7:ff:05:80:
f0:42:27:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6i68jsGxud7hwE9JYtvvQ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYjQ0MWRhZGJiZWNiNjk2NWQ0ZWExZjA0NmNjNWM4ZTI4
ODE3ZmMwHhcNMjQwNDAzMDc0NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDE1NTRjZDUyOWU0MGQwMjllYjc4YzMzMjQ4ODdiYjYwNTVjNGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2Orv3m/MMN7nVTMpL9F6IwYINu+
F27nlKxmTdYuaEBkZHufGMvLp676gDUoqMvpXIj5+ScZK5lQL5CzNLbCDCS1MD06
XwpurwhPn4qeJXG9yIQ4P2X4EZxc9eUAuQO3C2ZgTFlviYn1VnsxowIvs42ik7ce
OVk6n1s2NV6tnZvKARMF0y0EB5h3SqSt08bvzCYnHZqmjFp/cKtGiuTAgPQWP/mv
oXZY9dvlNz900WTXPOECGeuPFk8Lz5Y30NPMjVme2kxQxGR9hnlZuvuf79hveiEe
TfmMVls4mDZB3AHvE/gbr26x1fEUgIijvcba4jwAAe0kLoVmyvlg9bFE4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPQVVM1SnkDQKet4wzJIh7tgVcTIMB8GA1UdIwQY
MBaAFI60QdrbvstpZdTqHwRsxcjiiBf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmIt
NDZiOTQ5MDkyY2JlLzEvOUJWVXpWS2VRTkFwNjNqRE1raUh1MkJWeE1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmItNDZiOTQ5MDkyY2Jl
LzEvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVm/mMA0G
CSqGSIb3DQEBCwUAA4IBAQCOKGc82z8S+gHYyoDZJ4tgUSjD/Yr+rBy+UlEoy0ae
aD0NEYXQNdPhL+QmCRK4ri1yCIqS4R5o67wmtJzCaf5L2/GRBnV/NTMIyECIwpcH
CbjEQkm9h2SNHSNPWXCx3Y/w86CgkW9oWAdJm4b2GHPRmxLOp75Xwf46VXXcyBxn
4u5+kgANG8sntvtyqJGOlRpWZ3WtWeeiuv5srMax4+YqdXe2BpQfTE0Pv/wbuffU
yHa4bIWFSJHVudWITPk7AV/py5gb5rd705qUJB9NGe/0ClTDIlw/GFV2AAMKzs6e
w3tgfPDN14nYW2I0HpV56gp/hhxxpSSPv/f/BYDwQif+
-----END CERTIFICATE-----
Generated at Mon Jun 3 20:15:03 2024 by rpki-client on console-fra.rpki-client.org