Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/b45b47-c2fd-42af-98bd-e0162401ff7a/1/o5f9IGyEfA3EpCYlK093cVpZ9Z4.roa
File: o5f9IGyEfA3EpCYlK093cVpZ9Z4.roa (raw, json)
Hash identifier: 7pmvPefctBHkgLstgQOJtzhUkVmJAaLsQSACHPI784k=
Subject key identifier: A3:97:FD:20:6C:84:7C:0D:C4:A4:26:25:2B:4F:77:71:5A:59:F5:9E
Certificate issuer: /CN=887e81ba84344598c61462833aadf3204eae087c
Certificate serial: 018CC86F6448F15730162C53CF2D8D292D14
Authority key identifier: 88:7E:81:BA:84:34:45:98:C6:14:62:83:3A:AD:F3:20:4E:AE:08:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iH6BuoQ0RZjGFGKDOq3zIE6uCHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/b45b47-c2fd-42af-98bd-e0162401ff7a/1/o5f9IGyEfA3EpCYlK093cVpZ9Z4.roa
Signing time: Tue 02 Jan 2024 04:29:52 +0000
ROA not before: Tue 02 Jan 2024 04:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8542
IP address blocks: 85.200.0.0/16 maxlen: 16
62.97.192.0/18 maxlen: 18
82.134.0.0/17 maxlen: 17
213.153.0.0/19 maxlen: 19
2a00:14d8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/b45b47-c2fd-42af-98bd-e0162401ff7a/1/iH6BuoQ0RZjGFGKDOq3zIE6uCHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/b45b47-c2fd-42af-98bd-e0162401ff7a/1/iH6BuoQ0RZjGFGKDOq3zIE6uCHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/iH6BuoQ0RZjGFGKDOq3zIE6uCHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:64:48:f1:57:30:16:2c:53:cf:2d:8d:29:2d:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=887e81ba84344598c61462833aadf3204eae087c
Validity
Not Before: Jan 2 04:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a397fd206c847c0dc4a426252b4f77715a59f59e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:61:23:71:90:6e:20:97:e6:30:62:af:8e:af:
51:ce:6b:d5:f7:79:d1:8b:5d:f3:db:7d:c1:23:e4:
5d:4d:4a:e0:bf:98:c1:11:a1:3b:b7:be:8e:c0:f8:
8f:1c:d4:7c:d7:2f:e4:5f:22:74:5c:31:0c:3e:1c:
a1:bb:9b:fb:8e:dd:59:86:65:bb:b2:98:fe:de:a7:
59:d8:34:00:e8:8d:f4:88:ee:69:e5:78:7c:50:5d:
1e:78:09:ee:c1:c6:56:be:c7:f2:8e:bd:72:48:51:
e1:8a:c9:ac:eb:1e:56:76:42:ef:00:b8:c5:22:d9:
41:38:96:4a:0d:52:f5:db:67:ab:bc:46:fb:40:17:
f3:49:bf:bd:1a:de:82:ad:4b:85:8f:3c:4b:4e:1f:
7a:e9:04:e0:d7:62:23:bc:3c:2b:12:ea:0f:0a:38:
2b:a3:61:b6:24:f7:98:e8:9d:99:b9:3f:b8:8a:dc:
8a:6f:11:c8:16:8b:09:d1:7b:a9:3e:0c:47:81:a0:
c6:37:73:a2:05:bb:c1:28:d4:8c:29:4c:5d:7d:14:
a2:8e:f1:24:44:29:60:08:bd:ac:a5:00:da:a0:2f:
c7:ef:6c:d9:97:ee:20:a9:cf:b6:e5:d6:f1:fa:8f:
63:55:ab:2a:4b:b7:84:a9:0b:50:af:e7:36:7d:26:
8e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:97:FD:20:6C:84:7C:0D:C4:A4:26:25:2B:4F:77:71:5A:59:F5:9E
X509v3 Authority Key Identifier:
keyid:88:7E:81:BA:84:34:45:98:C6:14:62:83:3A:AD:F3:20:4E:AE:08:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iH6BuoQ0RZjGFGKDOq3zIE6uCHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/b45b47-c2fd-42af-98bd-e0162401ff7a/1/o5f9IGyEfA3EpCYlK093cVpZ9Z4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/b45b47-c2fd-42af-98bd-e0162401ff7a/1/iH6BuoQ0RZjGFGKDOq3zIE6uCHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.97.192.0/18
82.134.0.0/17
85.200.0.0/16
213.153.0.0/19
IPv6:
2a00:14d8::/29
Signature Algorithm: sha256WithRSAEncryption
bb:7d:5c:bf:d3:c1:bb:5e:a3:f6:42:b3:b5:95:1c:70:d7:77:
b3:7f:1b:a9:b5:31:81:17:87:6a:da:00:66:28:00:f9:e9:b8:
11:8d:ae:c9:31:b9:52:e5:bf:b1:01:61:68:2d:91:39:d6:13:
35:9a:53:34:1f:cd:20:4c:ba:0b:02:98:a6:b5:c5:f0:d7:13:
ac:80:2a:e8:f5:18:1a:95:b1:4a:ea:f9:cf:af:0d:1c:8f:ef:
43:7a:a3:b4:fd:bd:d1:33:bd:e6:b4:15:50:5d:cb:8f:08:0c:
27:a1:c3:bd:6f:68:69:a8:0a:84:eb:ca:0b:7e:e7:69:25:34:
e3:9f:11:ad:73:9c:79:6a:08:c8:d1:15:05:d5:b6:e8:c5:ad:
c7:5e:5b:a3:3b:39:21:bb:e8:dc:b7:56:a5:f8:95:c8:da:e8:
b9:2c:0a:b8:c8:fe:db:fc:b9:40:d5:30:38:9a:3e:ed:6f:41:
f5:e0:98:31:9c:dd:95:13:a0:69:79:ce:86:f8:5d:48:6e:3b:
3c:6f:08:96:51:8d:26:37:41:dc:ef:16:d4:60:70:09:14:14:
0d:40:9c:3d:1d:f9:a0:61:cf:de:d6:af:4c:86:7b:37:08:99:
09:08:e6:39:41:e1:52:a2:be:e6:d5:0b:54:76:95:31:1e:97:
0b:0c:5c:90
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzIb2RI8VcwFixTzy2NKS0UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4N2U4MWJhODQzNDQ1OThjNjE0NjI4MzNhYWRmMzIwNGVh
ZTA4N2MwHhcNMjQwMTAyMDQyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzk3ZmQyMDZjODQ3YzBkYzRhNDI2MjUyYjRmNzc3MTVhNTlmNTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGEjcZBuIJfmMGKvjq9RzmvV93nR
i13z233BI+RdTUrgv5jBEaE7t76OwPiPHNR81y/kXyJ0XDEMPhyhu5v7jt1ZhmW7
spj+3qdZ2DQA6I30iO5p5Xh8UF0eeAnuwcZWvsfyjr1ySFHhisms6x5WdkLvALjF
ItlBOJZKDVL122ervEb7QBfzSb+9Gt6CrUuFjzxLTh966QTg12IjvDwrEuoPCjgr
o2G2JPeY6J2ZuT+4ityKbxHIFosJ0XupPgxHgaDGN3OiBbvBKNSMKUxdfRSijvEk
RClgCL2spQDaoC/H72zZl+4gqc+25dbx+o9jVasqS7eEqQtQr+c2fSaOWQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKOX/SBshHwNxKQmJStPd3FaWfWeMB8GA1UdIwQY
MBaAFIh+gbqENEWYxhRigzqt8yBOrgh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUg2QnVvUTBSWmpHRkdLRE9xM3pJRTZ1Q0h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iNDViNDctYzJmZC00MmFmLTk4YmQt
ZTAxNjI0MDFmZjdhLzEvbzVmOUlHeUVmQTNFcENZbEswOTNjVnBaOVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iNDViNDctYzJmZC00MmFmLTk4YmQtZTAxNjI0MDFmZjdh
LzEvaUg2QnVvUTBSWmpHRkdLRE9xM3pJRTZ1Q0h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQGPmHAAwQH
UoYAAwMAVcgDBAXVmQAwDQQCAAIwBwMFAyoAFNgwDQYJKoZIhvcNAQELBQADggEB
ALt9XL/Twbteo/ZCs7WVHHDXd7N/G6m1MYEXh2raAGYoAPnpuBGNrskxuVLlv7EB
YWgtkTnWEzWaUzQfzSBMugsCmKa1xfDXE6yAKuj1GBqVsUrq+c+vDRyP70N6o7T9
vdEzvea0FVBdy48IDCehw71vaGmoCoTrygt+52klNOOfEa1znHlqCMjRFQXVtujF
rcdeW6M7OSG76Ny3VqX4lcja6LksCrjI/tv8uUDVMDiaPu1vQfXgmDGc3ZUToGl5
zob4XUhuOzxvCJZRjSY3QdzvFtRgcAkUFA1AnD0d+aBhz97Wr0yGezcImQkI5jlB
4VKivubVC1R2lTEelwsMXJA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:45:56 2024 by rpki-client on console-ams.rpki-client.org