Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/IPKoepMyDBFhtHvAHYf5oGHDq4Y.roa
File: IPKoepMyDBFhtHvAHYf5oGHDq4Y.roa (raw, json)
Hash identifier: fhSDmXvJk3MWFa/k4r5DD11FAUyKtGrxK6Oxf3g1Srg=
Subject key identifier: 20:F2:A8:7A:93:32:0C:11:61:B4:7B:C0:1D:87:F9:A0:61:C3:AB:86
Certificate issuer: /CN=8d7dcb363d9ac34bdc9b6980f2686dd219d50257
Certificate serial: 018CC56EA1B9DF49CB733F3209D17F5A5EBE
Authority key identifier: 8D:7D:CB:36:3D:9A:C3:4B:DC:9B:69:80:F2:68:6D:D2:19:D5:02:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jX3LNj2aw0vcm2mA8mht0hnVAlc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/IPKoepMyDBFhtHvAHYf5oGHDq4Y.roa
Signing time: Mon 01 Jan 2024 14:30:11 +0000
ROA not before: Mon 01 Jan 2024 14:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35189
IP address blocks: 185.198.78.0/23 maxlen: 23
78.24.32.0/21 maxlen: 21
2a01:470::/29 maxlen: 29
2a0a:85c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/jX3LNj2aw0vcm2mA8mht0hnVAlc.crl
rsync://rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/jX3LNj2aw0vcm2mA8mht0hnVAlc.mft
rsync://rpki.ripe.net/repository/DEFAULT/jX3LNj2aw0vcm2mA8mht0hnVAlc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:a1:b9:df:49:cb:73:3f:32:09:d1:7f:5a:5e:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d7dcb363d9ac34bdc9b6980f2686dd219d50257
Validity
Not Before: Jan 1 14:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20f2a87a93320c1161b47bc01d87f9a061c3ab86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ae:2f:36:a8:a4:5d:1b:6f:1f:ba:15:af:2c:
17:1c:59:45:5e:fd:b7:ab:63:a5:a6:80:4c:22:81:
ab:74:09:e6:7f:8b:4a:c8:cf:1b:48:b1:6a:d1:6b:
05:fa:f7:07:9b:cd:be:8c:90:67:d8:7f:21:74:74:
49:46:79:fc:ea:e8:50:0b:e4:57:f5:4f:5e:cf:08:
cc:db:29:c3:21:31:ca:58:b3:72:2e:82:db:1c:47:
af:55:0f:d2:7b:94:2e:9f:3f:04:e9:27:38:58:a8:
60:f3:de:f0:99:63:62:0d:e4:cd:85:d8:96:08:b7:
54:35:11:50:60:34:b6:4c:79:66:5b:fe:63:6b:f6:
22:e3:07:f1:23:2e:dc:76:de:b3:46:f2:a4:27:1c:
0a:16:97:49:01:af:72:7b:b6:ab:52:83:70:ec:da:
98:ab:07:1a:05:3f:4d:e4:cf:69:e8:72:c9:12:4a:
7a:aa:b8:fb:23:dc:40:27:f0:49:d9:a1:bb:28:6d:
d3:00:c4:92:c1:03:5c:ba:01:36:83:0c:0c:e6:85:
e8:f3:16:52:b6:f8:4c:47:1f:7d:e4:c7:f3:04:f6:
09:f4:86:e2:26:95:01:00:d1:4f:1a:0e:fa:b6:79:
4a:ef:23:2a:6a:23:83:01:f1:e1:cf:8a:01:92:04:
c2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:F2:A8:7A:93:32:0C:11:61:B4:7B:C0:1D:87:F9:A0:61:C3:AB:86
X509v3 Authority Key Identifier:
keyid:8D:7D:CB:36:3D:9A:C3:4B:DC:9B:69:80:F2:68:6D:D2:19:D5:02:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jX3LNj2aw0vcm2mA8mht0hnVAlc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/IPKoepMyDBFhtHvAHYf5oGHDq4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/jX3LNj2aw0vcm2mA8mht0hnVAlc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.32.0/21
185.198.78.0/23
IPv6:
2a01:470::/29
2a0a:85c0::/29
Signature Algorithm: sha256WithRSAEncryption
7e:82:82:bc:61:cc:b2:c7:db:1c:0f:07:13:0e:62:c2:1b:82:
2a:07:51:fa:32:fd:0e:19:ca:e9:1e:55:68:78:18:aa:e3:33:
4c:f0:62:c6:19:68:6b:fd:59:d9:97:cd:36:33:68:c7:a9:db:
8b:6e:e3:1d:59:16:59:fc:ac:aa:4f:86:42:b3:60:af:73:1a:
55:a9:8c:a1:b9:71:f2:b0:ae:44:e0:a1:dc:6c:b7:c1:3a:43:
ed:c1:43:1c:1f:93:d6:31:0e:2e:57:d0:04:f7:af:dc:06:fa:
27:8b:52:64:cb:ee:68:ae:24:6a:7a:54:34:9c:24:88:19:a2:
33:7a:39:5c:f5:e8:e3:e7:f3:7f:1b:87:91:69:cb:7f:16:cd:
eb:e4:b4:62:c9:e6:be:95:65:19:46:56:d5:65:a8:e5:0a:1c:
dc:45:a4:f7:08:e9:bf:d7:03:5f:03:1e:5f:b4:dc:42:e5:d9:
80:e8:b2:a6:fb:ed:98:46:bf:b4:c9:fd:6d:c8:95:6b:4a:54:
25:4d:33:cf:1c:1f:5b:83:50:08:bc:a5:e9:e8:44:28:07:67:
48:b3:84:fb:45:55:d2:48:14:77:8f:8d:8e:1d:28:58:1e:fa:
94:f3:8f:51:2b:39:a0:f0:01:c0:4b:91:e4:c3:68:c3:35:31:
62:d0:49:4f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzFbqG530nLcz8yCdF/Wl6+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkN2RjYjM2M2Q5YWMzNGJkYzliNjk4MGYyNjg2ZGQyMTlk
NTAyNTcwHhcNMjQwMTAxMTQzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGYyYTg3YTkzMzIwYzExNjFiNDdiYzAxZDg3ZjlhMDYxYzNhYjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk64vNqikXRtvH7oVrywXHFlFXv23
q2OlpoBMIoGrdAnmf4tKyM8bSLFq0WsF+vcHm82+jJBn2H8hdHRJRnn86uhQC+RX
9U9ezwjM2ynDITHKWLNyLoLbHEevVQ/Se5Qunz8E6Sc4WKhg897wmWNiDeTNhdiW
CLdUNRFQYDS2THlmW/5ja/Yi4wfxIy7cdt6zRvKkJxwKFpdJAa9ye7arUoNw7NqY
qwcaBT9N5M9p6HLJEkp6qrj7I9xAJ/BJ2aG7KG3TAMSSwQNcugE2gwwM5oXo8xZS
tvhMRx995MfzBPYJ9IbiJpUBANFPGg76tnlK7yMqaiODAfHhz4oBkgTCNQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCDyqHqTMgwRYbR7wB2H+aBhw6uGMB8GA1UdIwQY
MBaAFI19yzY9msNL3JtpgPJobdIZ1QJXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalgzTE5qMmF3MHZjbTJtQThtaHQwaG5WQWxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jYWQyNDQtMzk5NS00ZDQxLTg4NmIt
YWM0NjNlMjIxOTc0LzEvSVBLb2VwTXlEQkZodEh2QUhZZjVvR0hEcTRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9jYWQyNDQtMzk5NS00ZDQxLTg4NmItYWM0NjNlMjIxOTc0
LzEvalgzTE5qMmF3MHZjbTJtQThtaHQwaG5WQWxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQDThggAwQB
ucZOMBQEAgACMA4DBQMqAQRwAwUDKgqFwDANBgkqhkiG9w0BAQsFAAOCAQEAfoKC
vGHMssfbHA8HEw5iwhuCKgdR+jL9DhnK6R5VaHgYquMzTPBixhloa/1Z2ZfNNjNo
x6nbi27jHVkWWfysqk+GQrNgr3MaVamMoblx8rCuROCh3Gy3wTpD7cFDHB+T1jEO
LlfQBPev3Ab6J4tSZMvuaK4kanpUNJwkiBmiM3o5XPXo4+fzfxuHkWnLfxbN6+S0
YsnmvpVlGUZW1WWo5Qoc3EWk9wjpv9cDXwMeX7TcQuXZgOiypvvtmEa/tMn9bciV
a0pUJU0zzxwfW4NQCLyl6ehEKAdnSLOE+0VV0kgUd4+Njh0oWB76lPOPUSs5oPAB
wEuR5MNowzUxYtBJTw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:03:49 2024 by rpki-client on console-fra.rpki-client.org