Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/63e413-35ca-49e0-8285-35f1a9088b42/1/vYujAm0GTTMu5nxMyzvZIetpjH8.roa
File: vYujAm0GTTMu5nxMyzvZIetpjH8.roa (raw, json)
Hash identifier: whnAkLbxuvT16RYWTvmize9sMISE/swDlxbAnZUNL3o=
Subject key identifier: BD:8B:A3:02:6D:06:4D:33:2E:E6:7C:4C:CB:3B:D9:21:EB:69:8C:7F
Certificate issuer: /CN=7e86dcde711d545353974b33955108d9df40b6e9
Certificate serial: 018CC802592591F61FD0E9F33BF923A6647F
Authority key identifier: 7E:86:DC:DE:71:1D:54:53:53:97:4B:33:95:51:08:D9:DF:40:B6:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fobc3nEdVFNTl0szlVEI2d9Atuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/63e413-35ca-49e0-8285-35f1a9088b42/1/vYujAm0GTTMu5nxMyzvZIetpjH8.roa
Signing time: Tue 02 Jan 2024 02:30:46 +0000
ROA not before: Tue 02 Jan 2024 02:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199803
IP address blocks: 185.138.108.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/63e413-35ca-49e0-8285-35f1a9088b42/1/fobc3nEdVFNTl0szlVEI2d9Atuk.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/63e413-35ca-49e0-8285-35f1a9088b42/1/fobc3nEdVFNTl0szlVEI2d9Atuk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fobc3nEdVFNTl0szlVEI2d9Atuk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:59:25:91:f6:1f:d0:e9:f3:3b:f9:23:a6:64:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e86dcde711d545353974b33955108d9df40b6e9
Validity
Not Before: Jan 2 02:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd8ba3026d064d332ee67c4ccb3bd921eb698c7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:23:d5:ce:26:f9:60:7c:bc:ea:0c:77:ce:5e:
55:6f:c2:18:36:71:fe:92:ac:94:68:6a:8b:fa:d2:
80:8b:c7:8f:bd:48:2b:63:db:9b:11:67:1c:07:b8:
9e:92:b2:e8:8b:c7:c7:e5:37:d0:2a:ad:bb:1f:23:
94:2d:b1:a7:e4:b2:eb:32:3b:c8:fc:71:50:ed:a9:
39:b3:f2:26:7e:72:30:eb:d6:e0:b6:65:4d:5d:da:
d9:e3:27:64:24:9d:b7:99:e0:cd:34:ee:02:ab:8f:
22:cb:d7:40:e3:4f:b3:17:c2:5d:79:c6:9a:67:f3:
e9:a7:5a:70:8c:46:a5:f9:b9:57:2f:f1:8e:96:2b:
9f:52:7d:ef:ad:50:42:11:df:0b:77:25:dd:7f:34:
82:b2:e6:de:ed:9a:c3:b1:f6:9c:17:1f:5f:21:1d:
80:8d:c3:84:a3:02:df:c8:12:6f:2d:7a:58:b2:14:
e1:8d:21:0a:1a:5b:e9:0f:9b:f9:b9:5a:b7:46:cc:
a2:06:2e:01:24:52:5f:91:6e:bb:e4:5d:a5:47:0c:
2f:70:30:85:2d:d8:48:95:f3:86:95:96:fd:f4:39:
0d:db:b1:45:2e:64:6a:11:b6:42:b8:18:c5:f4:67:
1a:d5:be:45:d9:bd:b1:16:ef:c1:0c:c6:c9:6c:91:
bc:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:8B:A3:02:6D:06:4D:33:2E:E6:7C:4C:CB:3B:D9:21:EB:69:8C:7F
X509v3 Authority Key Identifier:
keyid:7E:86:DC:DE:71:1D:54:53:53:97:4B:33:95:51:08:D9:DF:40:B6:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fobc3nEdVFNTl0szlVEI2d9Atuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/63e413-35ca-49e0-8285-35f1a9088b42/1/vYujAm0GTTMu5nxMyzvZIetpjH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/63e413-35ca-49e0-8285-35f1a9088b42/1/fobc3nEdVFNTl0szlVEI2d9Atuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.108.0/23
Signature Algorithm: sha256WithRSAEncryption
32:4d:a2:34:a0:9a:c1:ce:3e:a8:b3:37:14:9a:b1:2c:23:e4:
90:b5:da:a0:fc:24:b7:7c:e1:c1:ab:3f:94:53:5c:d2:02:bd:
ae:c4:a1:c4:2e:cf:3d:74:b7:b6:31:c0:d0:60:24:13:6e:c3:
cf:e7:69:15:85:b2:09:cb:97:3d:86:13:63:40:58:aa:d4:66:
96:9b:22:c9:0f:7c:52:d4:75:28:88:78:56:e7:a6:b8:a7:b4:
2a:cc:1f:39:dc:6e:90:4b:e8:44:c5:95:73:d2:a6:6d:3f:34:
f9:f0:ea:0f:ea:c3:b4:c1:ce:5f:6c:21:41:1c:2e:34:dd:e1:
fa:88:68:55:2b:7a:0a:60:2a:90:2f:00:a2:8c:22:d7:c8:40:
d0:cd:ab:56:3d:00:6f:67:66:9d:8d:67:d6:fa:09:aa:cb:5d:
bb:b1:06:d1:8d:fe:28:ca:89:e4:d9:a5:74:08:cd:8f:82:96:
b7:b3:21:c0:7c:ea:b7:1c:9c:ad:43:3c:42:ca:a9:1a:3e:a2:
29:8c:73:40:51:fc:94:3a:cd:f3:ee:66:0f:36:ff:da:49:89:
af:e7:cf:c7:32:90:ad:96:fb:af:b9:bb:fe:32:b7:8d:c9:d4:
a2:81:27:4f:51:10:b9:10:56:55:1e:15:e8:5f:24:ea:3f:df:
fb:21:76:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAlklkfYf0OnzO/kjpmR/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlODZkY2RlNzExZDU0NTM1Mzk3NGIzMzk1NTEwOGQ5ZGY0
MGI2ZTkwHhcNMjQwMTAyMDIzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDhiYTMwMjZkMDY0ZDMzMmVlNjdjNGNjYjNiZDkyMWViNjk4YzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCPVzib5YHy86gx3zl5Vb8IYNnH+
kqyUaGqL+tKAi8ePvUgrY9ubEWccB7iekrLoi8fH5TfQKq27HyOULbGn5LLrMjvI
/HFQ7ak5s/ImfnIw69bgtmVNXdrZ4ydkJJ23meDNNO4Cq48iy9dA40+zF8Jdecaa
Z/Ppp1pwjEal+blXL/GOliufUn3vrVBCEd8LdyXdfzSCsube7ZrDsfacFx9fIR2A
jcOEowLfyBJvLXpYshThjSEKGlvpD5v5uVq3RsyiBi4BJFJfkW675F2lRwwvcDCF
LdhIlfOGlZb99DkN27FFLmRqEbZCuBjF9Gca1b5F2b2xFu/BDMbJbJG8JwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL2LowJtBk0zLuZ8TMs72SHraYx/MB8GA1UdIwQY
MBaAFH6G3N5xHVRTU5dLM5VRCNnfQLbpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZm9iYzNuRWRWRk5UbDBzemxWRUkyZDlBdHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82M2U0MTMtMzVjYS00OWUwLTgyODUt
MzVmMWE5MDg4YjQyLzEvdll1akFtMEdUVE11NW54TXl6dlpJZXRwakg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82M2U0MTMtMzVjYS00OWUwLTgyODUtMzVmMWE5MDg4YjQy
LzEvZm9iYzNuRWRWRk5UbDBzemxWRUkyZDlBdHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYpsMA0G
CSqGSIb3DQEBCwUAA4IBAQAyTaI0oJrBzj6oszcUmrEsI+SQtdqg/CS3fOHBqz+U
U1zSAr2uxKHELs89dLe2McDQYCQTbsPP52kVhbIJy5c9hhNjQFiq1GaWmyLJD3xS
1HUoiHhW56a4p7QqzB853G6QS+hExZVz0qZtPzT58OoP6sO0wc5fbCFBHC403eH6
iGhVK3oKYCqQLwCijCLXyEDQzatWPQBvZ2adjWfW+gmqy127sQbRjf4oyonk2aV0
CM2Pgpa3syHAfOq3HJytQzxCyqkaPqIpjHNAUfyUOs3z7mYPNv/aSYmv58/HMpCt
lvuvubv+MreNydSigSdPURC5EFZVHhXoXyTqP9/7IXax
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:10:21 2024 by rpki-client on console-ams.rpki-client.org