Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/U8u9wC94rUlOkgrzM74UjKdJyZo.roa
File: U8u9wC94rUlOkgrzM74UjKdJyZo.roa (raw, json)
Hash identifier: JF9xqjVHmrm9XilKBx+FFBS7ElKnlTrvbYkFgPuk2wA=
Subject key identifier: 53:CB:BD:C0:2F:78:AD:49:4E:92:0A:F3:33:BE:14:8C:A7:49:C9:9A
Certificate issuer: /CN=80a921408433b66ea50a4000aace10d2add06a85
Certificate serial: 01914624D01D8C6253FCD173A8D0CC7BB3D1
Authority key identifier: 80:A9:21:40:84:33:B6:6E:A5:0A:40:00:AA:CE:10:D2:AD:D0:6A:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gKkhQIQztm6lCkAAqs4Q0q3QaoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/U8u9wC94rUlOkgrzM74UjKdJyZo.roa
Signing time: Mon 12 Aug 2024 10:31:43 +0000
ROA not before: Mon 12 Aug 2024 10:31:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6730
IP address blocks: 194.124.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/gKkhQIQztm6lCkAAqs4Q0q3QaoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:46:24:d0:1d:8c:62:53:fc:d1:73:a8:d0:cc:7b:b3:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80a921408433b66ea50a4000aace10d2add06a85
Validity
Not Before: Aug 12 10:31:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53cbbdc02f78ad494e920af333be148ca749c99a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:cc:6f:41:da:ac:58:e1:44:f3:a3:a2:d5:72:
53:ab:4f:0c:3b:1b:3c:aa:ad:89:2b:b8:c1:24:34:
42:60:f9:fe:46:ec:e0:f2:0d:69:1d:8b:0f:45:06:
63:99:ab:56:45:1a:e1:dc:e4:17:78:42:16:51:cc:
5e:36:ef:67:d1:84:f8:b0:49:f5:9b:c1:03:d6:c3:
03:42:7f:18:07:4d:c7:b8:ae:df:07:41:5f:91:2d:
64:a0:89:0e:66:b8:1e:6b:73:33:d9:75:ee:f0:26:
b4:6e:eb:94:a3:88:e0:d2:09:1e:33:5f:e5:89:d4:
86:75:aa:cc:d2:8e:51:82:40:20:14:af:ac:59:20:
04:cd:c8:99:c8:a1:96:38:15:f0:a5:d5:e0:2f:73:
e2:d1:34:56:56:8c:96:b6:72:a8:24:6e:1c:14:de:
47:33:10:2d:8a:99:bb:3a:f2:a4:7b:09:3f:2a:4f:
9a:39:67:4b:5d:bf:d7:cf:eb:63:03:75:d7:c7:72:
fd:94:a7:b0:cd:0d:9e:ec:c4:ae:bc:b6:37:72:6a:
47:64:64:8c:b5:c7:d7:c8:64:90:dc:e3:7a:8e:27:
1c:3d:2d:f3:36:da:b9:22:fd:d7:2b:4b:32:ac:bd:
39:5e:b2:25:dc:28:0d:04:cc:24:1b:9f:a8:30:1a:
ff:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:CB:BD:C0:2F:78:AD:49:4E:92:0A:F3:33:BE:14:8C:A7:49:C9:9A
X509v3 Authority Key Identifier:
keyid:80:A9:21:40:84:33:B6:6E:A5:0A:40:00:AA:CE:10:D2:AD:D0:6A:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKkhQIQztm6lCkAAqs4Q0q3QaoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/U8u9wC94rUlOkgrzM74UjKdJyZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.187.0/24
Signature Algorithm: sha256WithRSAEncryption
31:ed:fe:e6:db:7b:28:4b:ed:a1:36:06:50:9a:97:83:47:42:
89:24:d4:cc:85:91:4d:40:68:57:a9:a4:4a:73:b3:f8:ba:6e:
18:05:5a:ae:30:a4:db:13:8f:e9:76:2b:5b:21:b9:70:dc:64:
32:58:d0:2f:32:c3:ac:bf:5f:3b:c7:04:d7:01:61:02:01:bc:
d4:5d:6c:fc:5c:16:4b:35:1f:7a:b4:7d:e1:07:92:5d:85:4f:
25:67:af:e9:c5:15:53:93:2c:8b:08:0e:71:60:39:8e:21:ef:
46:0e:d3:f7:75:07:1e:c3:ed:32:db:03:2e:2e:23:7b:dd:ee:
67:47:7b:19:98:d0:9c:2c:c6:90:28:a0:64:76:81:4d:54:d6:
ad:de:83:cf:3f:93:70:00:31:18:31:63:8c:21:88:68:e4:fe:
7a:ac:35:26:64:f0:6c:8c:de:c0:0e:cd:de:78:d3:ce:e5:c8:
83:a5:b2:74:35:1a:ae:fc:3e:d0:89:c1:23:d6:98:77:4c:8c:
7c:f3:77:4a:c7:c3:f7:45:e3:d2:9b:4f:5a:fa:6c:4d:84:ae:
8d:5c:f9:43:5a:f6:16:a4:95:45:ba:22:62:ba:26:61:c4:c5:
47:24:51:00:9c:87:96:ff:43:74:ac:31:07:23:25:5c:bb:4f:
df:16:60:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFGJNAdjGJT/NFzqNDMe7PRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYTkyMTQwODQzM2I2NmVhNTBhNDAwMGFhY2UxMGQyYWRk
MDZhODUwHhcNMjQwODEyMTAzMTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2NiYmRjMDJmNzhhZDQ5NGU5MjBhZjMzM2JlMTQ4Y2E3NDljOTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3sxvQdqsWOFE86Oi1XJTq08MOxs8
qq2JK7jBJDRCYPn+Ruzg8g1pHYsPRQZjmatWRRrh3OQXeEIWUcxeNu9n0YT4sEn1
m8ED1sMDQn8YB03HuK7fB0FfkS1koIkOZrgea3Mz2XXu8Ca0buuUo4jg0gkeM1/l
idSGdarM0o5RgkAgFK+sWSAEzciZyKGWOBXwpdXgL3Pi0TRWVoyWtnKoJG4cFN5H
MxAtipm7OvKkewk/Kk+aOWdLXb/Xz+tjA3XXx3L9lKewzQ2e7MSuvLY3cmpHZGSM
tcfXyGSQ3ON6jiccPS3zNtq5Iv3XK0syrL05XrIl3CgNBMwkG5+oMBr/fwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFPLvcAveK1JTpIK8zO+FIynScmaMB8GA1UdIwQY
MBaAFICpIUCEM7ZupQpAAKrOENKt0GqFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0traFFJUXp0bTZsQ2tBQXFzNFEwcTNRYW9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kODA5YjEtZmFmNy00MGMyLTk0YmEt
ZjE4MTVhNDFhMDMzLzEvVTh1OXdDOTRyVWxPa2dyek03NFVqS2RKeVpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kODA5YjEtZmFmNy00MGMyLTk0YmEtZjE4MTVhNDFhMDMz
LzEvZ0traFFJUXp0bTZsQ2tBQXFzNFEwcTNRYW9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwny7MA0G
CSqGSIb3DQEBCwUAA4IBAQAx7f7m23soS+2hNgZQmpeDR0KJJNTMhZFNQGhXqaRK
c7P4um4YBVquMKTbE4/pditbIblw3GQyWNAvMsOsv187xwTXAWECAbzUXWz8XBZL
NR96tH3hB5JdhU8lZ6/pxRVTkyyLCA5xYDmOIe9GDtP3dQcew+0y2wMuLiN73e5n
R3sZmNCcLMaQKKBkdoFNVNat3oPPP5NwADEYMWOMIYho5P56rDUmZPBsjN7ADs3e
eNPO5ciDpbJ0NRqu/D7QicEj1ph3TIx883dKx8P3RePSm09a+mxNhK6NXPlDWvYW
pJVFuiJiuiZhxMVHJFEAnIeW/0N0rDEHIyVcu0/fFmD9
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:16:38 2024 by rpki-client on console-ams.rpki-client.org