Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/b45b47-c2fd-42af-98bd-e0162401ff7a/1/yD04s6WK-Db2ScKM-N95lwup-4c.roa
File: yD04s6WK-Db2ScKM-N95lwup-4c.roa (raw, json)
Hash identifier: anZvXshhwMklKjuQtXZwQ+tQfN/x2eghE58DzECQuDQ=
Subject key identifier: C8:3D:38:B3:A5:8A:F8:36:F6:49:C2:8C:F8:DF:79:97:0B:A9:FB:87
Certificate issuer: /CN=887e81ba84344598c61462833aadf3204eae087c
Certificate serial: 018D3B7B48BD56A1B81A20BAECC1D9E89A9F
Authority key identifier: 88:7E:81:BA:84:34:45:98:C6:14:62:83:3A:AD:F3:20:4E:AE:08:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iH6BuoQ0RZjGFGKDOq3zIE6uCHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/b45b47-c2fd-42af-98bd-e0162401ff7a/1/yD04s6WK-Db2ScKM-N95lwup-4c.roa
Signing time: Wed 24 Jan 2024 12:39:11 +0000
ROA not before: Wed 24 Jan 2024 12:39:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 62.97.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/b45b47-c2fd-42af-98bd-e0162401ff7a/1/iH6BuoQ0RZjGFGKDOq3zIE6uCHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/b45b47-c2fd-42af-98bd-e0162401ff7a/1/iH6BuoQ0RZjGFGKDOq3zIE6uCHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/iH6BuoQ0RZjGFGKDOq3zIE6uCHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3b:7b:48:bd:56:a1:b8:1a:20:ba:ec:c1:d9:e8:9a:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=887e81ba84344598c61462833aadf3204eae087c
Validity
Not Before: Jan 24 12:39:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c83d38b3a58af836f649c28cf8df79970ba9fb87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:99:3e:e8:da:15:ff:7b:07:38:e2:b8:6e:e9:
27:d7:62:9c:02:a7:b5:6f:9f:fb:0a:b2:1d:b1:63:
9b:82:c3:b3:8a:fa:7a:83:47:fc:c0:6a:63:d3:41:
c6:7c:7e:92:31:72:75:3d:9d:ce:d9:47:cf:56:51:
13:76:37:f7:ef:4d:b4:10:33:7f:8d:08:44:b8:86:
f2:1d:09:75:f1:b9:40:27:68:e1:bb:ae:94:84:03:
fc:09:40:45:f5:32:9c:5b:34:4e:3b:cc:7a:af:f1:
0f:4d:85:15:c8:e3:9a:ef:f6:b3:d7:e9:7c:c7:0b:
22:fa:2c:d1:a4:80:39:4c:03:8e:fe:de:f4:e6:2c:
99:2c:03:fa:7b:f8:8a:57:03:53:be:ff:ad:d0:24:
e4:7a:8f:5b:39:15:7c:e2:1a:01:23:5f:75:26:22:
b6:d1:6e:cb:ba:72:de:c6:c6:13:97:21:b4:7b:41:
3e:0b:fe:db:69:b6:d4:5e:a6:99:39:76:4d:21:73:
d0:0c:cd:e3:2b:28:be:09:c9:21:a5:35:56:1e:60:
da:0f:a2:c2:c6:14:f4:73:72:86:90:ab:2a:39:05:
62:0d:75:f8:49:04:02:5d:5c:83:76:78:12:81:00:
a4:5a:89:a5:9e:b9:49:4a:db:a3:d6:16:80:96:9b:
00:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:3D:38:B3:A5:8A:F8:36:F6:49:C2:8C:F8:DF:79:97:0B:A9:FB:87
X509v3 Authority Key Identifier:
keyid:88:7E:81:BA:84:34:45:98:C6:14:62:83:3A:AD:F3:20:4E:AE:08:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iH6BuoQ0RZjGFGKDOq3zIE6uCHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/b45b47-c2fd-42af-98bd-e0162401ff7a/1/yD04s6WK-Db2ScKM-N95lwup-4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/b45b47-c2fd-42af-98bd-e0162401ff7a/1/iH6BuoQ0RZjGFGKDOq3zIE6uCHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.97.228.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:29:09:18:31:a3:f3:5b:e8:6a:59:41:44:3c:39:97:6f:cd:
09:1d:e7:55:05:59:86:2f:a0:5a:48:5d:e9:4f:3a:a3:94:a0:
df:c4:71:97:50:2a:33:ba:1b:fd:32:4e:4e:f5:09:6a:c2:a2:
37:3f:c3:2e:51:9e:34:9c:17:a3:d6:c9:19:d8:83:34:90:cb:
0d:f0:88:3e:09:b6:49:ba:35:94:a2:ad:29:04:50:40:b4:c1:
d3:10:e6:5b:d7:89:12:5c:b0:46:55:46:4f:ea:80:87:c7:16:
45:fd:3c:c6:29:6d:c7:be:33:bd:bd:f5:a3:e0:9d:db:dd:31:
5c:33:91:51:76:f2:38:e2:4d:5a:20:c8:d5:96:b8:52:c7:6a:
ae:19:13:3b:fb:84:8f:eb:1d:b0:9e:64:be:a2:e2:21:16:ac:
83:78:20:fa:e2:6e:8d:4d:4d:e8:01:12:6d:7e:2e:ca:bf:67:
f8:d3:eb:a3:d1:05:96:a8:b3:b0:d4:15:b9:37:fc:9e:3c:64:
15:cd:b1:a0:4d:14:85:4e:ca:41:78:c8:d8:26:5e:89:ee:e1:
04:13:42:bc:3a:56:9d:d9:ed:c3:fa:50:08:0f:ac:c2:ba:e9:
6f:85:08:71:fa:f5:0c:da:54:fe:7b:90:18:d1:d0:1f:75:bc:
39:7f:79:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY07e0i9VqG4GiC67MHZ6JqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4N2U4MWJhODQzNDQ1OThjNjE0NjI4MzNhYWRmMzIwNGVh
ZTA4N2MwHhcNMjQwMTI0MTIzOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODNkMzhiM2E1OGFmODM2ZjY0OWMyOGNmOGRmNzk5NzBiYTlmYjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZk+6NoV/3sHOOK4bukn12KcAqe1
b5/7CrIdsWObgsOzivp6g0f8wGpj00HGfH6SMXJ1PZ3O2UfPVlETdjf37020EDN/
jQhEuIbyHQl18blAJ2jhu66UhAP8CUBF9TKcWzROO8x6r/EPTYUVyOOa7/az1+l8
xwsi+izRpIA5TAOO/t705iyZLAP6e/iKVwNTvv+t0CTkeo9bORV84hoBI191JiK2
0W7LunLexsYTlyG0e0E+C/7babbUXqaZOXZNIXPQDM3jKyi+CckhpTVWHmDaD6LC
xhT0c3KGkKsqOQViDXX4SQQCXVyDdngSgQCkWomlnrlJStuj1haAlpsAVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMg9OLOlivg29knCjPjfeZcLqfuHMB8GA1UdIwQY
MBaAFIh+gbqENEWYxhRigzqt8yBOrgh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUg2QnVvUTBSWmpHRkdLRE9xM3pJRTZ1Q0h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iNDViNDctYzJmZC00MmFmLTk4YmQt
ZTAxNjI0MDFmZjdhLzEveUQwNHM2V0stRGIyU2NLTS1OOTVsd3VwLTRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iNDViNDctYzJmZC00MmFmLTk4YmQtZTAxNjI0MDFmZjdh
LzEvaUg2QnVvUTBSWmpHRkdLRE9xM3pJRTZ1Q0h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPmHkMA0G
CSqGSIb3DQEBCwUAA4IBAQB7KQkYMaPzW+hqWUFEPDmXb80JHedVBVmGL6BaSF3p
TzqjlKDfxHGXUCozuhv9Mk5O9QlqwqI3P8MuUZ40nBej1skZ2IM0kMsN8Ig+CbZJ
ujWUoq0pBFBAtMHTEOZb14kSXLBGVUZP6oCHxxZF/TzGKW3HvjO9vfWj4J3b3TFc
M5FRdvI44k1aIMjVlrhSx2quGRM7+4SP6x2wnmS+ouIhFqyDeCD64m6NTU3oARJt
fi7Kv2f40+uj0QWWqLOw1BW5N/yePGQVzbGgTRSFTspBeMjYJl6J7uEEE0K8Olad
2e3D+lAID6zCuulvhQhx+vUM2lT+e5AY0dAfdbw5f3kX
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:35:06 2024 by rpki-client on console-fra.rpki-client.org