Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/8d9f77-4684-4d82-ae38-31e50bab716e/1/cFdhJPGnDIHoox1YTz8MlwyuU48.roa
File: cFdhJPGnDIHoox1YTz8MlwyuU48.roa (raw, json)
Hash identifier: b07FLSUSCtEa5V1LMDcBUOfxWZtM819DnL9IFwqMiPc=
Subject key identifier: 70:57:61:24:F1:A7:0C:81:E8:A3:1D:58:4F:3F:0C:97:0C:AE:53:8F
Certificate issuer: /CN=7c57532e1cfd31c72732e44e3539ff6e096c2a47
Certificate serial: 018DC4EA3DA0E45C850ABE8FCA4F302CDAF7
Authority key identifier: 7C:57:53:2E:1C:FD:31:C7:27:32:E4:4E:35:39:FF:6E:09:6C:2A:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fFdTLhz9MccnMuRONTn_bglsKkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/8d9f77-4684-4d82-ae38-31e50bab716e/1/cFdhJPGnDIHoox1YTz8MlwyuU48.roa
Signing time: Tue 20 Feb 2024 05:08:21 +0000
ROA not before: Tue 20 Feb 2024 05:08:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209242
IP address blocks: 213.241.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/8d9f77-4684-4d82-ae38-31e50bab716e/1/fFdTLhz9MccnMuRONTn_bglsKkc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/8d9f77-4684-4d82-ae38-31e50bab716e/1/fFdTLhz9MccnMuRONTn_bglsKkc.mft
rsync://rpki.ripe.net/repository/DEFAULT/fFdTLhz9MccnMuRONTn_bglsKkc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c4:ea:3d:a0:e4:5c:85:0a:be:8f:ca:4f:30:2c:da:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c57532e1cfd31c72732e44e3539ff6e096c2a47
Validity
Not Before: Feb 20 05:08:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70576124f1a70c81e8a31d584f3f0c970cae538f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:92:88:5c:e7:75:1a:53:b0:8e:75:7c:71:50:
b0:de:b5:9e:d4:ab:e9:b4:81:9f:48:77:93:42:64:
a8:84:39:7e:44:79:ff:5a:2b:bc:55:ce:b7:f5:49:
7d:22:0c:08:3e:5f:4e:fd:b1:a1:82:a9:48:13:03:
c5:aa:c4:56:e1:e5:a7:84:9a:87:19:7d:b0:9c:6e:
ae:0a:f6:3a:59:2a:30:20:c3:ad:05:89:90:91:15:
7a:25:d2:0d:08:64:4f:e4:30:16:8d:9c:9f:4e:84:
83:03:90:18:c5:31:06:77:e3:45:de:f2:63:7c:a6:
9a:df:38:64:d3:60:b9:69:63:ae:d5:3e:a7:c3:61:
b8:d1:fc:47:75:d9:75:e0:b8:5a:de:97:54:d5:a9:
80:8c:a8:f7:c0:6b:99:3b:42:23:fd:07:67:70:bd:
8e:6c:77:dc:8b:bf:73:1c:b4:0f:2c:6a:db:26:99:
41:dd:57:1e:ea:0e:2a:c0:d5:dc:54:40:14:ca:d8:
97:a5:39:0d:ea:08:4b:ba:e2:88:59:a7:9b:5c:69:
30:99:96:ec:20:f4:98:2f:62:fd:45:67:e3:b2:52:
8b:eb:e8:a2:14:a2:47:75:09:58:77:87:52:cf:ae:
1a:a6:c9:dd:48:1b:bf:80:78:33:f8:9f:8d:ac:a8:
ff:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:57:61:24:F1:A7:0C:81:E8:A3:1D:58:4F:3F:0C:97:0C:AE:53:8F
X509v3 Authority Key Identifier:
keyid:7C:57:53:2E:1C:FD:31:C7:27:32:E4:4E:35:39:FF:6E:09:6C:2A:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fFdTLhz9MccnMuRONTn_bglsKkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/8d9f77-4684-4d82-ae38-31e50bab716e/1/cFdhJPGnDIHoox1YTz8MlwyuU48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/8d9f77-4684-4d82-ae38-31e50bab716e/1/fFdTLhz9MccnMuRONTn_bglsKkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.241.198.0/24
Signature Algorithm: sha256WithRSAEncryption
24:5e:21:67:9e:1c:ea:10:99:d4:2b:8e:c8:1a:74:6f:45:bc:
78:63:a0:0c:c6:19:d7:6d:d6:35:ac:88:b8:c0:9d:c5:82:12:
f0:23:1c:4d:ba:78:cf:73:94:0e:10:23:c9:b7:88:34:78:f6:
36:5a:74:82:0e:79:9c:f8:6f:8e:06:a2:29:9f:24:8e:d0:5b:
96:fc:4d:7c:eb:9b:3d:42:85:ed:7c:eb:27:c4:7e:85:13:a8:
61:ce:a2:f4:62:f1:b7:4d:b4:ea:46:17:15:54:b8:6c:a4:b2:
b0:38:57:cb:c3:d1:b8:a3:60:40:35:65:c5:ef:2b:1f:3c:4b:
7a:f2:e7:63:9b:bc:10:d3:8f:54:f8:09:5e:e7:38:38:7d:6e:
5b:27:4f:f0:f6:48:da:1a:99:c5:a6:3d:b9:d3:7d:88:72:1a:
d7:0c:68:c8:d1:8c:de:13:82:12:bc:aa:a2:5a:fb:d5:3f:eb:
52:95:31:13:db:66:06:19:6e:bf:b7:e0:ad:9f:bf:36:fe:97:
a0:b6:44:3e:e2:1c:9b:a8:8c:02:66:f7:47:cc:64:76:06:90:
3f:a0:24:1b:38:a8:b8:aa:fb:ba:7b:d6:d8:20:2d:63:2e:9e:
f3:39:02:0c:f9:f3:57:c6:66:93:a3:3d:dc:6d:dd:f5:73:46:
b9:8e:24:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3E6j2g5FyFCr6Pyk8wLNr3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNTc1MzJlMWNmZDMxYzcyNzMyZTQ0ZTM1MzlmZjZlMDk2
YzJhNDcwHhcNMjQwMjIwMDUwODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDU3NjEyNGYxYTcwYzgxZThhMzFkNTg0ZjNmMGM5NzBjYWU1MzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJKIXOd1GlOwjnV8cVCw3rWe1Kvp
tIGfSHeTQmSohDl+RHn/Wiu8Vc639Ul9IgwIPl9O/bGhgqlIEwPFqsRW4eWnhJqH
GX2wnG6uCvY6WSowIMOtBYmQkRV6JdINCGRP5DAWjZyfToSDA5AYxTEGd+NF3vJj
fKaa3zhk02C5aWOu1T6nw2G40fxHddl14Lha3pdU1amAjKj3wGuZO0Ij/QdncL2O
bHfci79zHLQPLGrbJplB3Vce6g4qwNXcVEAUytiXpTkN6ghLuuKIWaebXGkwmZbs
IPSYL2L9RWfjslKL6+iiFKJHdQlYd4dSz64apsndSBu/gHgz+J+NrKj/dQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHBXYSTxpwyB6KMdWE8/DJcMrlOPMB8GA1UdIwQY
MBaAFHxXUy4c/THHJzLkTjU5/24JbCpHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkZkVExoejlNY2NuTXVST05Ubl9iZ2xzS2tjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy84ZDlmNzctNDY4NC00ZDgyLWFlMzgt
MzFlNTBiYWI3MTZlLzEvY0ZkaEpQR25ESUhvb3gxWVR6OE1sd3l1VTQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy84ZDlmNzctNDY4NC00ZDgyLWFlMzgtMzFlNTBiYWI3MTZl
LzEvZkZkVExoejlNY2NuTXVST05Ubl9iZ2xzS2tjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1fHGMA0G
CSqGSIb3DQEBCwUAA4IBAQAkXiFnnhzqEJnUK47IGnRvRbx4Y6AMxhnXbdY1rIi4
wJ3FghLwIxxNunjPc5QOECPJt4g0ePY2WnSCDnmc+G+OBqIpnySO0FuW/E1865s9
QoXtfOsnxH6FE6hhzqL0YvG3TbTqRhcVVLhspLKwOFfLw9G4o2BANWXF7ysfPEt6
8udjm7wQ049U+Ale5zg4fW5bJ0/w9kjaGpnFpj25032IchrXDGjI0YzeE4ISvKqi
WvvVP+tSlTET22YGGW6/t+Ctn782/pegtkQ+4hybqIwCZvdHzGR2BpA/oCQbOKi4
qvu6e9bYIC1jLp7zOQIM+fNXxmaToz3cbd31c0a5jiR1
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:17:40 2024 by rpki-client on console-ams.rpki-client.org