Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/db3303-7879-4b69-8848-115f15b20de7/1/8DDuamUsKuBuBOZfU4hBM2e6ywQ.roa
File: 8DDuamUsKuBuBOZfU4hBM2e6ywQ.roa (raw, json)
Hash identifier: QIpEcV0s8jPVciGcK+nIocaO8kuctQtiPK6Fsn/WB+Q=
Subject key identifier: F0:30:EE:6A:65:2C:2A:E0:6E:04:E6:5F:53:88:41:33:67:BA:CB:04
Certificate issuer: /CN=c1d710d8ac31b1f6daf7046c45374ae8e405f18e
Certificate serial: 018CC6B7F21EE7FCE3D0732369E3094B5ADB
Authority key identifier: C1:D7:10:D8:AC:31:B1:F6:DA:F7:04:6C:45:37:4A:E8:E4:05:F1:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wdcQ2Kwxsfba9wRsRTdK6OQF8Y4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/db3303-7879-4b69-8848-115f15b20de7/1/8DDuamUsKuBuBOZfU4hBM2e6ywQ.roa
Signing time: Mon 01 Jan 2024 20:29:52 +0000
ROA not before: Mon 01 Jan 2024 20:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.116.188.0/23 maxlen: 32
2001:7f8:15::/48 maxlen: 128
2a04:80c0::/29 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/db3303-7879-4b69-8848-115f15b20de7/1/wdcQ2Kwxsfba9wRsRTdK6OQF8Y4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/db3303-7879-4b69-8848-115f15b20de7/1/wdcQ2Kwxsfba9wRsRTdK6OQF8Y4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wdcQ2Kwxsfba9wRsRTdK6OQF8Y4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:f2:1e:e7:fc:e3:d0:73:23:69:e3:09:4b:5a:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1d710d8ac31b1f6daf7046c45374ae8e405f18e
Validity
Not Before: Jan 1 20:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f030ee6a652c2ae06e04e65f5388413367bacb04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:4f:e2:06:2b:71:d5:52:d4:76:4e:69:e0:0e:
b1:6a:52:85:e7:2e:f3:83:d5:9a:a8:7e:e5:80:41:
4e:0f:86:e3:f3:7f:35:14:4d:6d:11:db:b6:b6:c0:
62:1f:97:66:6b:1d:fe:87:bc:2a:97:bb:34:7e:c2:
bb:be:8a:7d:56:c4:70:f7:1b:d1:3f:12:22:f9:af:
23:c3:94:95:8a:34:2f:6a:a1:3e:49:0e:1b:40:a3:
a2:b0:23:6a:52:7e:0a:91:ec:98:3c:8d:31:16:09:
f2:99:12:a9:cb:65:8b:48:47:7b:55:ae:d5:20:9f:
23:fa:01:52:6a:48:d7:58:05:eb:c5:7d:01:aa:07:
7d:c0:ce:cc:9d:93:a5:a1:37:71:61:45:20:a6:4d:
30:44:55:6d:5d:23:14:5f:c1:37:7a:c3:8a:2c:a7:
d1:1c:f2:08:49:c1:c8:28:d6:81:03:ef:8f:c3:66:
ec:31:e4:6f:3f:40:b5:11:9a:5f:88:fb:cd:b5:2d:
49:2a:cb:a1:0c:c6:1b:df:20:2d:32:f8:52:d3:37:
80:13:a9:bb:b7:61:93:97:66:a8:1e:c7:bb:ca:8e:
5b:39:da:57:44:ed:61:64:e5:54:17:90:50:db:8a:
c9:39:24:44:4c:56:22:52:7f:7a:aa:88:62:b9:2a:
9e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:30:EE:6A:65:2C:2A:E0:6E:04:E6:5F:53:88:41:33:67:BA:CB:04
X509v3 Authority Key Identifier:
keyid:C1:D7:10:D8:AC:31:B1:F6:DA:F7:04:6C:45:37:4A:E8:E4:05:F1:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wdcQ2Kwxsfba9wRsRTdK6OQF8Y4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/db3303-7879-4b69-8848-115f15b20de7/1/8DDuamUsKuBuBOZfU4hBM2e6ywQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/db3303-7879-4b69-8848-115f15b20de7/1/wdcQ2Kwxsfba9wRsRTdK6OQF8Y4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.116.188.0/23
IPv6:
2001:7f8:15::/48
2a04:80c0::/29
Signature Algorithm: sha256WithRSAEncryption
32:89:be:1f:24:29:3f:6d:f8:ff:70:cd:94:76:ad:f3:1c:dd:
8d:35:3d:aa:0f:77:db:5a:91:33:8e:34:fc:2d:0a:7f:a7:85:
bf:10:d3:13:88:4c:d3:9d:69:47:9e:18:8e:95:53:f3:56:7e:
ae:cf:75:25:30:f8:3c:28:f9:52:0b:30:32:f4:ce:60:5e:65:
1a:f9:ee:d3:8d:9f:4d:5b:45:25:f4:4a:78:1e:07:20:71:0e:
7b:df:f0:d6:62:6f:fd:19:f2:c5:99:05:a2:ef:fc:df:4b:e6:
85:d6:63:fc:6b:64:40:7c:fa:e8:04:3b:0b:3a:77:8f:93:6a:
9f:c3:b3:db:70:2b:c1:e1:86:e4:d4:00:3f:bc:f9:0e:74:58:
06:d9:ee:32:11:f3:8c:16:ed:fd:56:18:86:3d:b7:93:78:85:
f2:bd:97:76:26:30:25:81:dc:e4:8c:c6:f0:e6:ab:ad:12:29:
f2:2d:49:a2:86:87:2e:23:6e:2d:70:36:c4:64:a8:e1:03:b3:
e9:52:09:74:98:0e:02:b3:54:ea:68:1e:38:8c:c7:76:fe:3b:
5a:a5:41:fb:22:06:31:28:04:07:95:62:0e:23:45:6d:a7:7b:
0c:d5:29:97:95:ab:44:5d:35:e8:29:3c:7a:81:c2:d2:da:ac:
83:33:6d:f3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzGt/Ie5/zj0HMjaeMJS1rbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZDcxMGQ4YWMzMWIxZjZkYWY3MDQ2YzQ1Mzc0YWU4ZTQw
NWYxOGUwHhcNMjQwMTAxMjAyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDMwZWU2YTY1MmMyYWUwNmUwNGU2NWY1Mzg4NDEzMzY3YmFjYjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgU/iBitx1VLUdk5p4A6xalKF5y7z
g9WaqH7lgEFOD4bj8381FE1tEdu2tsBiH5dmax3+h7wql7s0fsK7vop9VsRw9xvR
PxIi+a8jw5SVijQvaqE+SQ4bQKOisCNqUn4KkeyYPI0xFgnymRKpy2WLSEd7Va7V
IJ8j+gFSakjXWAXrxX0Bqgd9wM7MnZOloTdxYUUgpk0wRFVtXSMUX8E3esOKLKfR
HPIIScHIKNaBA++Pw2bsMeRvP0C1EZpfiPvNtS1JKsuhDMYb3yAtMvhS0zeAE6m7
t2GTl2aoHse7yo5bOdpXRO1hZOVUF5BQ24rJOSRETFYiUn96qohiuSqeBwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPAw7mplLCrgbgTmX1OIQTNnussEMB8GA1UdIwQY
MBaAFMHXENisMbH22vcEbEU3SujkBfGOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2RjUTJLd3hzZmJhOXdSc1JUZEs2T1FGOFk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9kYjMzMDMtNzg3OS00YjY5LTg4NDgt
MTE1ZjE1YjIwZGU3LzEvOEREdWFtVXNLdUJ1Qk9aZlU0aEJNMmU2eXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9kYjMzMDMtNzg3OS00YjY5LTg4NDgtMTE1ZjE1YjIwZGU3
LzEvd2RjUTJLd3hzZmJhOXdSc1JUZEs2T1FGOFk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQBwnS8MBYE
AgACMBADBwAgAQf4ABUDBQMqBIDAMA0GCSqGSIb3DQEBCwUAA4IBAQAyib4fJCk/
bfj/cM2Udq3zHN2NNT2qD3fbWpEzjjT8LQp/p4W/ENMTiEzTnWlHnhiOlVPzVn6u
z3UlMPg8KPlSCzAy9M5gXmUa+e7TjZ9NW0Ul9Ep4HgcgcQ573/DWYm/9GfLFmQWi
7/zfS+aF1mP8a2RAfProBDsLOnePk2qfw7PbcCvB4Ybk1AA/vPkOdFgG2e4yEfOM
Fu39VhiGPbeTeIXyvZd2JjAlgdzkjMbw5qutEinyLUmihocuI24tcDbEZKjhA7Pp
Ugl0mA4Cs1TqaB44jMd2/jtapUH7IgYxKAQHlWIOI0Vtp3sM1SmXlatEXTXoKTx6
gcLS2qyDM23z
-----END CERTIFICATE-----
Generated at Thu Apr 25 23:13:01 2024 by rpki-client on console-fra.rpki-client.org