Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/V7Kfu9FDDrvJtwfTbVVk9aStW9U.roa
File: V7Kfu9FDDrvJtwfTbVVk9aStW9U.roa (raw, json)
Hash identifier: 6WmXk2ZROdRYhVU65ZS20A2lwlZWtuxXpEj+k4FlIOM=
Subject key identifier: 57:B2:9F:BB:D1:43:0E:BB:C9:B7:07:D3:6D:55:64:F5:A4:AD:5B:D5
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018EDCF4625D7EC94379CC2043E7739137BB
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/V7Kfu9FDDrvJtwfTbVVk9aStW9U.roa
Signing time: Sun 14 Apr 2024 14:13:07 +0000
ROA not before: Sun 14 Apr 2024 14:13:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8790
IP address blocks: 194.85.172.0/23 maxlen: 24
195.209.248.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:dc:f4:62:5d:7e:c9:43:79:cc:20:43:e7:73:91:37:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Apr 14 14:13:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57b29fbbd1430ebbc9b707d36d5564f5a4ad5bd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a3:fe:f5:f2:a0:7e:71:85:d9:0e:24:2d:b8:
3a:af:76:a0:86:59:5a:15:05:73:70:a1:98:eb:4b:
6a:9a:b5:3a:5d:07:42:28:05:69:3c:47:0d:7f:f0:
17:1d:ca:af:51:bc:23:80:c2:da:e2:a8:be:f7:a9:
8c:cf:47:4f:0c:0e:a2:04:be:5d:8c:ad:11:b3:22:
57:8b:32:e8:d6:77:e3:16:9b:fc:00:dd:62:a8:3a:
f9:86:64:71:4c:08:54:89:45:4f:07:9a:f5:c4:10:
c2:08:51:17:dc:ca:b0:e1:14:cc:ab:ce:ae:e3:88:
8e:23:49:71:3d:b7:bc:b5:b9:ba:f3:d2:0b:17:39:
20:ed:ee:29:1c:45:a4:05:1f:a3:ce:50:87:d8:7d:
59:cd:44:0f:ba:02:e1:15:d9:e1:f1:06:2f:6b:22:
ce:71:ba:0f:e9:2e:a1:7f:38:4f:15:00:6d:6c:ae:
3a:43:8c:78:4e:1e:9b:8a:19:5b:b1:95:6c:a2:57:
7e:08:23:0a:ac:b5:b2:45:bb:63:40:a9:04:4e:b2:
1c:94:48:7c:21:21:5f:bf:36:78:f2:14:b2:80:f7:
1a:67:70:85:ed:76:9d:de:ae:41:e3:7b:e9:ee:aa:
c8:ca:7d:59:c4:51:d6:73:1f:17:29:ed:9a:97:75:
8f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:B2:9F:BB:D1:43:0E:BB:C9:B7:07:D3:6D:55:64:F5:A4:AD:5B:D5
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/V7Kfu9FDDrvJtwfTbVVk9aStW9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.172.0/23
195.209.248.0/23
Signature Algorithm: sha256WithRSAEncryption
79:dc:ae:97:e9:91:44:75:e7:01:c7:a2:e5:90:8a:cd:51:de:
81:88:72:a8:2d:89:8e:e7:55:6c:5e:b0:82:b6:53:a5:c9:6e:
67:8b:46:cf:8c:56:23:59:a2:e5:72:98:50:b0:ff:61:0d:c0:
fb:52:ac:19:9f:16:89:1c:77:c2:54:bb:2d:f4:44:98:d7:aa:
9c:9d:03:c1:a3:a2:e4:4e:d8:53:db:0f:e8:34:26:6e:0d:6a:
55:29:0f:d4:88:0f:13:39:5d:9d:85:6c:ef:3f:23:3a:0f:51:
0f:99:39:8d:26:ba:34:d1:78:9a:97:78:1a:45:a9:24:74:0c:
75:ce:93:e3:8a:7d:24:00:99:55:40:d1:d6:58:36:26:e1:e0:
45:69:f7:30:f7:2f:c2:2f:e6:25:a3:ae:e3:82:d9:32:98:22:
2c:6a:e0:28:52:7c:53:13:a7:a7:ea:7e:f2:04:91:1f:a5:70:
9f:cf:e4:e6:66:30:31:90:ff:1c:5f:24:27:e0:1a:cb:0a:e2:
ae:38:2c:bd:9d:d0:63:00:04:32:1c:c6:cf:71:57:fb:43:f8:
ad:07:cf:b2:ad:40:00:cd:44:8d:10:6a:dc:ab:3a:2b:b0:fb:
b2:fb:74:e9:d2:37:e8:f1:6f:14:c4:7f:e7:7f:cf:06:70:43:
fa:c6:2a:6c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7c9GJdfslDecwgQ+dzkTe7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQwNDE0MTQxMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2IyOWZiYmQxNDMwZWJiYzliNzA3ZDM2ZDU1NjRmNWE0YWQ1YmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKP+9fKgfnGF2Q4kLbg6r3aghlla
FQVzcKGY60tqmrU6XQdCKAVpPEcNf/AXHcqvUbwjgMLa4qi+96mMz0dPDA6iBL5d
jK0RsyJXizLo1nfjFpv8AN1iqDr5hmRxTAhUiUVPB5r1xBDCCFEX3Mqw4RTMq86u
44iOI0lxPbe8tbm689ILFzkg7e4pHEWkBR+jzlCH2H1ZzUQPugLhFdnh8QYvayLO
cboP6S6hfzhPFQBtbK46Q4x4Th6bihlbsZVsold+CCMKrLWyRbtjQKkETrIclEh8
ISFfvzZ48hSygPcaZ3CF7Xad3q5B43vp7qrIyn1ZxFHWcx8XKe2al3WPuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFeyn7vRQw67ybcH021VZPWkrVvVMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvVjdLZnU5RkREcnZKdHdmVGJWVms5YVN0VzlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwlWsAwQB
w9H4MA0GCSqGSIb3DQEBCwUAA4IBAQB53K6X6ZFEdecBx6LlkIrNUd6BiHKoLYmO
51VsXrCCtlOlyW5ni0bPjFYjWaLlcphQsP9hDcD7UqwZnxaJHHfCVLst9ESY16qc
nQPBo6LkTthT2w/oNCZuDWpVKQ/UiA8TOV2dhWzvPyM6D1EPmTmNJro00Xial3ga
RakkdAx1zpPjin0kAJlVQNHWWDYm4eBFafcw9y/CL+Ylo67jgtkymCIsauAoUnxT
E6en6n7yBJEfpXCfz+TmZjAxkP8cXyQn4BrLCuKuOCy9ndBjAAQyHMbPcVf7Q/it
B8+yrUAAzUSNEGrcqzorsPuy+3Tp0jfo8W8UxH/nf88GcEP6xips
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:39:15 2024 by rpki-client on console-ams.rpki-client.org