Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/souJ8C993718HHq8B2qYvQlwZGw.roa
File: souJ8C993718HHq8B2qYvQlwZGw.roa (raw, json)
Hash identifier: m4MoQrmKFJcurTBT6zmHKk3hibii3uhEV0vFN8IHOfk=
Subject key identifier: B2:8B:89:F0:2F:7D:DF:BD:7C:1C:7A:BC:07:6A:98:BD:09:70:64:6C
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 018CC64A766437772510A2BBEED7E480E37E
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/souJ8C993718HHq8B2qYvQlwZGw.roa
Signing time: Mon 01 Jan 2024 18:30:17 +0000
ROA not before: Mon 01 Jan 2024 18:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42938
IP address blocks: 37.230.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:76:64:37:77:25:10:a2:bb:ee:d7:e4:80:e3:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 18:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b28b89f02f7ddfbd7c1c7abc076a98bd0970646c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b9:dd:18:1a:2e:3a:37:d4:ec:20:54:3a:71:
b8:78:16:80:10:ea:4e:a1:de:f6:02:97:64:a5:f4:
43:ff:97:68:63:24:51:b9:bf:d2:03:a1:25:aa:90:
ec:be:f6:9f:3b:79:af:bf:9c:fa:18:aa:7e:41:92:
72:28:2d:5d:88:b8:68:0c:36:f2:25:db:4a:ed:60:
be:02:db:9e:28:98:e9:e8:95:b4:2b:07:a8:8d:23:
b5:c1:a4:59:0d:7a:c3:cb:bb:70:30:c5:b2:3a:22:
f7:c7:3f:34:a4:65:b0:ba:f6:25:d4:7e:ab:80:43:
11:3f:60:67:6a:90:00:a7:6d:d5:fc:f1:6c:40:cd:
f2:1c:f4:64:df:79:c8:c0:65:f2:87:71:fa:39:47:
a3:07:4a:14:e8:40:6e:59:f5:41:0c:66:9a:55:86:
0f:e4:13:03:14:4b:a0:e4:6b:4f:1a:33:8b:d0:bd:
19:c6:4a:85:ab:f4:95:c9:18:79:0f:49:50:66:32:
12:08:4c:03:bc:cb:ca:77:c8:89:21:18:f8:95:68:
cc:87:45:84:da:bf:33:69:76:f9:d3:0a:09:2f:65:
d9:6a:aa:9d:28:0a:57:06:a3:92:44:c3:5f:8f:53:
f7:77:17:61:a3:8f:f4:ae:5f:ed:82:1c:d2:bb:37:
7b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:8B:89:F0:2F:7D:DF:BD:7C:1C:7A:BC:07:6A:98:BD:09:70:64:6C
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/souJ8C993718HHq8B2qYvQlwZGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.247.0/24
Signature Algorithm: sha256WithRSAEncryption
28:ff:1d:62:ed:19:46:c0:d3:56:5f:f7:44:c3:80:3e:ae:3e:
e1:78:e9:8d:02:6b:2e:5e:8c:43:39:6f:94:d6:a0:26:cd:b2:
8d:c7:dc:10:85:38:47:2d:d2:ae:93:1a:95:36:3a:a6:c2:af:
90:6a:c8:48:83:56:c2:03:96:05:2c:75:44:ec:ae:98:19:0f:
0a:2e:c7:d3:25:83:f9:bd:ad:de:bc:70:0c:e6:f1:d5:9d:a1:
65:64:f0:82:81:ce:a5:63:82:5e:ed:ce:e4:bd:27:30:c9:1f:
73:6b:da:d5:3b:0b:d4:a8:d8:06:28:57:fa:ab:1f:0c:01:64:
08:dc:fb:95:6b:d8:9c:7f:17:ce:a1:71:ea:29:e2:6f:b0:5d:
24:a4:f8:8a:b6:dc:d7:cc:3d:04:68:c6:a0:69:d0:c1:c6:0f:
0c:7b:58:12:ad:52:59:ba:f5:17:b0:32:e0:a4:70:7f:36:ad:
09:4c:09:94:49:16:f3:6e:7a:f8:cf:28:51:5d:e1:b0:8b:75:
5e:f3:f2:c6:5e:19:b5:04:e2:15:46:74:c4:e3:25:3c:00:3f:
86:69:5b:d7:d6:bc:ba:68:9d:52:ea:47:b3:21:b0:3c:2f:2a:
9a:82:1a:be:9f:16:c3:fa:0b:c1:fa:3e:c4:59:f1:6d:66:e9:
46:c8:b7:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSnZkN3clEKK77tfkgON+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjQwMTAxMTgzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjhiODlmMDJmN2RkZmJkN2MxYzdhYmMwNzZhOThiZDA5NzA2NDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrndGBouOjfU7CBUOnG4eBaAEOpO
od72ApdkpfRD/5doYyRRub/SA6ElqpDsvvafO3mvv5z6GKp+QZJyKC1diLhoDDby
JdtK7WC+AtueKJjp6JW0KweojSO1waRZDXrDy7twMMWyOiL3xz80pGWwuvYl1H6r
gEMRP2BnapAAp23V/PFsQM3yHPRk33nIwGXyh3H6OUejB0oU6EBuWfVBDGaaVYYP
5BMDFEug5GtPGjOL0L0ZxkqFq/SVyRh5D0lQZjISCEwDvMvKd8iJIRj4lWjMh0WE
2r8zaXb50woJL2XZaqqdKApXBqOSRMNfj1P3dxdho4/0rl/tghzSuzd7JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLKLifAvfd+9fBx6vAdqmL0JcGRsMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvc291SjhDOTkzNzE4SEhxOEIycVl2UWx3Wkd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJeb3MA0G
CSqGSIb3DQEBCwUAA4IBAQAo/x1i7RlGwNNWX/dEw4A+rj7heOmNAmsuXoxDOW+U
1qAmzbKNx9wQhThHLdKukxqVNjqmwq+QashIg1bCA5YFLHVE7K6YGQ8KLsfTJYP5
va3evHAM5vHVnaFlZPCCgc6lY4Je7c7kvScwyR9za9rVOwvUqNgGKFf6qx8MAWQI
3PuVa9icfxfOoXHqKeJvsF0kpPiKttzXzD0EaMagadDBxg8Me1gSrVJZuvUXsDLg
pHB/Nq0JTAmUSRbzbnr4zyhRXeGwi3Ve8/LGXhm1BOIVRnTE4yU8AD+GaVvX1ry6
aJ1S6kezIbA8Lyqaghq+nxbD+gvB+j7EWfFtZulGyLcv
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:03:13 2024 by rpki-client on console-ams.rpki-client.org