Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/thHrsD-yqevP2knHpfUauu7RlpU.roa
File: thHrsD-yqevP2knHpfUauu7RlpU.roa (raw, json)
Hash identifier: qRqD1tlUXSxeS9yKFZTjYvsHbEourXQbS1jNvP8sYuw=
Subject key identifier: B6:11:EB:B0:3F:B2:A9:EB:CF:DA:49:C7:A5:F5:1A:BA:EE:D1:96:95
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 018CC9BBCD596ADA107D773427AC6356072B
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/thHrsD-yqevP2knHpfUauu7RlpU.roa
Signing time: Tue 02 Jan 2024 10:32:57 +0000
ROA not before: Tue 02 Jan 2024 10:32:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30942
IP address blocks: 84.2.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:cd:59:6a:da:10:7d:77:34:27:ac:63:56:07:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 10:32:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b611ebb03fb2a9ebcfda49c7a5f51abaeed19695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:19:51:91:d8:01:c9:31:f6:c7:cd:81:a4:6f:
1e:7b:32:5a:73:13:f8:0f:36:9f:81:6a:e8:ad:e7:
20:76:bd:51:c3:4f:84:55:4f:d3:fe:60:19:68:b9:
b9:17:b6:cb:cd:63:65:24:bd:b3:db:ca:82:fb:de:
62:af:3e:35:cb:ee:15:8e:aa:71:26:13:02:35:bc:
3c:e6:3b:bc:1e:e6:c3:6d:01:79:bd:db:fc:79:74:
a4:fa:63:96:e4:14:17:1c:1b:56:59:bd:0c:98:93:
f3:f2:e1:f5:6d:3d:99:c3:08:4f:f8:b8:ab:27:3d:
3d:88:e3:3c:f6:fc:b8:e7:25:54:2e:fa:a4:3d:01:
74:f5:79:34:6f:a3:fa:f5:33:00:c9:de:8a:20:f5:
07:31:8a:55:95:fe:e1:57:61:d3:ad:a3:20:aa:39:
17:67:0c:cf:d9:16:f6:87:54:09:1a:a5:55:7c:ee:
34:78:cd:09:16:42:7b:5a:29:42:65:5f:56:86:c1:
1a:b4:05:0f:a8:be:90:9d:5b:bc:0a:26:b1:fe:44:
bc:46:ea:48:1d:14:d7:49:b9:05:d3:44:ca:5a:c8:
b7:e2:aa:b8:9b:40:c1:ce:5b:12:fe:d1:b0:cf:6c:
a6:32:78:ee:ca:97:86:db:c7:58:d6:5c:8e:e7:1d:
47:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:11:EB:B0:3F:B2:A9:EB:CF:DA:49:C7:A5:F5:1A:BA:EE:D1:96:95
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/thHrsD-yqevP2knHpfUauu7RlpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.2.79.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:ad:1a:5a:3c:c9:e8:56:44:95:26:5d:bb:02:95:34:5a:ed:
88:b2:ac:54:cb:34:ed:25:b5:dd:fc:d3:34:3e:27:73:14:0b:
36:ef:dd:9f:70:9d:d1:22:c4:ea:02:46:f9:74:10:7f:0a:a4:
11:0e:5a:7d:bb:e7:4c:87:87:6b:55:d0:52:c4:da:a1:2e:f9:
1c:63:9d:cc:58:04:40:b4:5e:40:ee:b8:f8:d8:cb:d6:60:8d:
bd:1e:01:05:89:cd:27:74:e2:1f:8a:da:44:70:ab:2b:0d:95:
6c:98:86:04:5b:27:4e:ef:a2:ee:3b:b2:ac:6a:e8:65:b7:3d:
5a:9f:9e:8d:88:63:db:9b:ba:db:3c:03:bb:3d:2a:9d:84:b9:
67:c6:6b:20:ac:90:7f:5b:fd:c0:e2:92:b2:e3:6a:1f:eb:91:
9d:57:32:37:79:0b:68:4f:14:52:53:b6:90:3f:b4:1d:22:b3:
88:f9:93:74:3d:ba:86:fb:67:f1:c0:6d:19:e7:e7:c4:8b:08:
a8:a0:eb:f6:d4:97:99:bb:eb:0d:3b:33:1b:4c:17:57:9e:2a:
1c:ae:df:eb:0b:e6:7f:16:a4:9e:4d:0e:f9:b7:6e:3b:79:fe:
cb:71:00:c7:96:a1:9d:50:c5:7f:e4:f5:df:85:09:b6:d0:28:
2b:6d:ae:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu81ZatoQfXc0J6xjVgcrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjQwMTAyMTAzMjU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjExZWJiMDNmYjJhOWViY2ZkYTQ5YzdhNWY1MWFiYWVlZDE5Njk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxlRkdgByTH2x82BpG8eezJacxP4
DzafgWrorecgdr1Rw0+EVU/T/mAZaLm5F7bLzWNlJL2z28qC+95irz41y+4Vjqpx
JhMCNbw85ju8HubDbQF5vdv8eXSk+mOW5BQXHBtWWb0MmJPz8uH1bT2ZwwhP+Lir
Jz09iOM89vy45yVULvqkPQF09Xk0b6P69TMAyd6KIPUHMYpVlf7hV2HTraMgqjkX
ZwzP2Rb2h1QJGqVVfO40eM0JFkJ7WilCZV9WhsEatAUPqL6QnVu8Ciax/kS8RupI
HRTXSbkF00TKWsi34qq4m0DBzlsS/tGwz2ymMnjuypeG28dY1lyO5x1HpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLYR67A/sqnrz9pJx6X1Grru0ZaVMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvdGhIcnNELXlxZXZQMmtuSHBmVWF1dTdSbHBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVAJPMA0G
CSqGSIb3DQEBCwUAA4IBAQB6rRpaPMnoVkSVJl27ApU0Wu2IsqxUyzTtJbXd/NM0
PidzFAs2792fcJ3RIsTqAkb5dBB/CqQRDlp9u+dMh4drVdBSxNqhLvkcY53MWARA
tF5A7rj42MvWYI29HgEFic0ndOIfitpEcKsrDZVsmIYEWydO76LuO7Ksauhltz1a
n56NiGPbm7rbPAO7PSqdhLlnxmsgrJB/W/3A4pKy42of65GdVzI3eQtoTxRSU7aQ
P7QdIrOI+ZN0PbqG+2fxwG0Z5+fEiwiooOv21JeZu+sNOzMbTBdXniocrt/rC+Z/
FqSeTQ75t247ef7LcQDHlqGdUMV/5PXfhQm20Cgrba7c
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:44:08 2024 by rpki-client on console-ams.rpki-client.org