Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/4a1111-8f3c-4edf-b77c-2fa2631bc31c/1/joRecpO_kkpbcxedFt3gNye1Uvs.roa
File: joRecpO_kkpbcxedFt3gNye1Uvs.roa (raw, json)
Hash identifier: ktv4VXuFkC8CZbztIfhCalx89J73AFMmKyMo5God+KE=
Subject key identifier: 8E:84:5E:72:93:BF:92:4A:5B:73:17:9D:16:DD:E0:37:27:B5:52:FB
Certificate issuer: /CN=7fe68b12234bd7034301bc96b138aae277860a3e
Certificate serial: 018FC4AD9A4C7D3432914DAE0465D1DD1D26
Authority key identifier: 7F:E6:8B:12:23:4B:D7:03:43:01:BC:96:B1:38:AA:E2:77:86:0A:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-aLEiNL1wNDAbyWsTiq4neGCj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/4a1111-8f3c-4edf-b77c-2fa2631bc31c/1/joRecpO_kkpbcxedFt3gNye1Uvs.roa
Signing time: Wed 29 May 2024 14:07:42 +0000
ROA not before: Wed 29 May 2024 14:07:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214867
IP address blocks: 194.56.152.0/23 maxlen: 24
2a14:5040::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/4a1111-8f3c-4edf-b77c-2fa2631bc31c/1/f-aLEiNL1wNDAbyWsTiq4neGCj4.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/4a1111-8f3c-4edf-b77c-2fa2631bc31c/1/f-aLEiNL1wNDAbyWsTiq4neGCj4.mft
rsync://rpki.ripe.net/repository/DEFAULT/f-aLEiNL1wNDAbyWsTiq4neGCj4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 17:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c4:ad:9a:4c:7d:34:32:91:4d:ae:04:65:d1:dd:1d:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fe68b12234bd7034301bc96b138aae277860a3e
Validity
Not Before: May 29 14:07:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e845e7293bf924a5b73179d16dde03727b552fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:58:95:40:3a:c1:2e:08:a9:a3:b4:9b:97:70:
7b:1a:d2:26:ab:43:ae:b0:8b:a2:81:39:a2:8d:45:
7f:9e:cd:3f:48:a8:26:98:ee:a1:70:97:9d:72:87:
78:48:12:46:dc:eb:ab:cd:16:18:20:04:f4:52:56:
4a:e2:99:87:9a:5e:61:bf:4f:6b:32:1d:e5:28:a4:
f1:c0:4b:67:fe:c6:fc:76:f1:68:b5:6d:e6:7e:55:
d1:e5:2d:2d:87:f0:4c:7d:ff:e3:5c:22:2b:9b:bd:
20:fd:37:f4:1f:3c:84:be:7b:61:0f:9b:08:cd:d7:
dc:a4:08:07:59:fd:9a:9c:3e:06:61:55:75:7f:a8:
58:ce:62:e8:c5:7d:06:b6:dd:ae:29:23:5b:7b:30:
88:9a:8f:e1:7b:3c:63:c5:51:c2:a5:f3:e2:d8:df:
51:d9:c5:03:5d:d3:7a:f8:de:e4:bd:2b:99:e2:dd:
04:de:c2:32:52:97:3c:7c:96:cd:a7:e3:d3:44:67:
74:82:4b:3f:fa:e3:af:07:bb:17:e7:cd:57:d6:73:
86:c7:69:f3:23:1d:ea:bb:ee:d6:bb:db:39:63:07:
2e:f3:02:79:5e:d1:8b:40:c5:b8:3f:99:6f:4b:c2:
b5:1e:05:61:bb:46:1e:de:bd:75:5f:23:27:c6:a7:
3b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:84:5E:72:93:BF:92:4A:5B:73:17:9D:16:DD:E0:37:27:B5:52:FB
X509v3 Authority Key Identifier:
keyid:7F:E6:8B:12:23:4B:D7:03:43:01:BC:96:B1:38:AA:E2:77:86:0A:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-aLEiNL1wNDAbyWsTiq4neGCj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/4a1111-8f3c-4edf-b77c-2fa2631bc31c/1/joRecpO_kkpbcxedFt3gNye1Uvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/4a1111-8f3c-4edf-b77c-2fa2631bc31c/1/f-aLEiNL1wNDAbyWsTiq4neGCj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.152.0/23
IPv6:
2a14:5040::/29
Signature Algorithm: sha256WithRSAEncryption
a7:dc:eb:47:eb:67:48:eb:43:85:ea:36:22:48:50:af:a3:91:
3c:53:1a:91:9c:c0:1b:d8:c1:97:5c:b5:3e:1e:f3:91:c6:2c:
31:a6:5a:52:e7:84:8e:5a:7b:2d:fd:be:33:f9:66:d9:27:66:
2a:16:41:e2:76:dc:29:4c:a3:c9:a5:bf:bb:45:66:22:16:b8:
20:ef:f5:7b:7c:85:72:3e:72:0d:93:d2:76:d3:be:8b:e4:56:
80:07:3a:eb:55:76:38:c8:10:4e:34:4d:08:8d:9a:0b:58:32:
77:62:74:b0:01:5b:d5:37:5e:c2:01:39:af:ad:07:53:d7:6c:
bd:8f:a7:fe:14:35:14:7b:f1:9e:5a:35:aa:12:0f:ce:7f:55:
f4:fc:99:06:28:1b:58:11:07:f3:08:66:7c:4f:37:9a:6f:d3:
40:f4:65:eb:3d:91:e6:f0:7b:0a:1b:ae:b4:41:1e:1c:c8:ea:
04:17:06:8d:4d:25:7f:c5:86:a4:00:42:0d:c3:e4:29:d1:9c:
23:65:2a:ee:21:86:ce:c8:55:28:53:b6:f4:0a:88:96:b5:8f:
c6:9e:2a:2c:e3:16:7e:0c:a2:74:5e:a0:23:94:a7:f6:e9:96:
70:db:28:3f:8e:1d:8b:05:58:ac:43:e7:96:e9:00:a0:b1:bd:
b2:2c:62:6e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY/ErZpMfTQykU2uBGXR3R0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmZTY4YjEyMjM0YmQ3MDM0MzAxYmM5NmIxMzhhYWUyNzc4
NjBhM2UwHhcNMjQwNTI5MTQwNzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTg0NWU3MjkzYmY5MjRhNWI3MzE3OWQxNmRkZTAzNzI3YjU1MmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFiVQDrBLgipo7Sbl3B7GtImq0Ou
sIuigTmijUV/ns0/SKgmmO6hcJedcod4SBJG3OurzRYYIAT0UlZK4pmHml5hv09r
Mh3lKKTxwEtn/sb8dvFotW3mflXR5S0th/BMff/jXCIrm70g/Tf0HzyEvnthD5sI
zdfcpAgHWf2anD4GYVV1f6hYzmLoxX0Gtt2uKSNbezCImo/hezxjxVHCpfPi2N9R
2cUDXdN6+N7kvSuZ4t0E3sIyUpc8fJbNp+PTRGd0gks/+uOvB7sX581X1nOGx2nz
Ix3qu+7Wu9s5Ywcu8wJ5XtGLQMW4P5lvS8K1HgVhu0Ye3r11XyMnxqc7qQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI6EXnKTv5JKW3MXnRbd4DcntVL7MB8GA1UdIwQY
MBaAFH/mixIjS9cDQwG8lrE4quJ3hgo+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZi1hTEVpTkwxd05EQWJ5V3NUaXE0bmVHQ2o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi80YTExMTEtOGYzYy00ZWRmLWI3N2Mt
MmZhMjYzMWJjMzFjLzEvam9SZWNwT19ra3BiY3hlZEZ0M2dOeWUxVXZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi80YTExMTEtOGYzYy00ZWRmLWI3N2MtMmZhMjYzMWJjMzFj
LzEvZi1hTEVpTkwxd05EQWJ5V3NUaXE0bmVHQ2o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBwjiYMA0E
AgACMAcDBQMqFFBAMA0GCSqGSIb3DQEBCwUAA4IBAQCn3OtH62dI60OF6jYiSFCv
o5E8UxqRnMAb2MGXXLU+HvORxiwxplpS54SOWnst/b4z+WbZJ2YqFkHidtwpTKPJ
pb+7RWYiFrgg7/V7fIVyPnINk9J2076L5FaABzrrVXY4yBBONE0IjZoLWDJ3YnSw
AVvVN17CATmvrQdT12y9j6f+FDUUe/GeWjWqEg/Of1X0/JkGKBtYEQfzCGZ8Tzea
b9NA9GXrPZHm8HsKG660QR4cyOoEFwaNTSV/xYakAEINw+Qp0ZwjZSruIYbOyFUo
U7b0CoiWtY/Gnios4xZ+DKJ0XqAjlKf26ZZw2yg/jh2LBVisQ+eW6QCgsb2yLGJu
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:45:39 2024 by rpki-client on console-fra.rpki-client.org