Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/D7DvCExBQgY8WFr0p209nYcx6KE.roa
File: D7DvCExBQgY8WFr0p209nYcx6KE.roa (raw, json)
Hash identifier: dMytONdHpO/TSkESKgHgZMzQTupoAO2jUDaLGKFIoyM=
Subject key identifier: 0F:B0:EF:08:4C:41:42:06:3C:58:5A:F4:A7:6D:3D:9D:87:31:E8:A1
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 018CC5DC1AB5A329E489104D876BF5A491D6
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/D7DvCExBQgY8WFr0p209nYcx6KE.roa
Signing time: Mon 01 Jan 2024 16:29:45 +0000
ROA not before: Mon 01 Jan 2024 16:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34905
IP address blocks: 80.120.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:1a:b5:a3:29:e4:89:10:4d:87:6b:f5:a4:91:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Jan 1 16:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fb0ef084c4142063c585af4a76d3d9d8731e8a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4a:25:3b:f9:74:8c:5c:89:79:e6:d6:2e:ed:
80:39:77:85:66:90:9a:76:b3:51:7a:c3:03:02:5e:
cf:b1:1b:b1:2f:0d:ba:19:da:08:d0:8b:fe:86:58:
15:4d:2b:21:1f:d1:e4:e5:96:a6:87:1c:3d:9e:62:
a1:e7:ea:02:05:d5:9c:84:5b:dd:4f:d3:8c:6e:61:
94:7e:56:ed:ec:6a:01:d7:21:17:c4:39:d9:75:4f:
d7:94:40:55:96:40:22:c0:ca:f0:0f:39:ca:f5:12:
44:5c:a4:03:79:4e:fa:d3:f1:8c:6c:57:cf:fb:97:
ec:43:57:b7:ca:7e:83:2c:f9:9a:c1:24:05:df:73:
b6:6b:cf:27:38:32:02:4a:21:dd:49:f9:8e:5f:c8:
9b:c7:fc:bf:9f:5f:7d:0f:7c:0e:05:42:b0:a8:91:
78:f3:17:51:fd:cc:1d:32:c5:92:bf:ac:00:7d:4d:
ab:01:06:41:fb:33:cb:5f:17:27:9c:82:c2:a7:d5:
3f:86:8b:42:41:51:dd:eb:28:ca:67:3e:29:87:52:
d3:ae:05:bb:fd:34:2e:b9:49:8f:f8:11:45:09:a5:
87:a2:c2:86:88:fb:4c:db:e4:ef:99:73:59:06:7c:
c0:29:a5:33:6d:64:cc:7f:17:68:c7:d6:34:e7:d5:
94:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:B0:EF:08:4C:41:42:06:3C:58:5A:F4:A7:6D:3D:9D:87:31:E8:A1
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/D7DvCExBQgY8WFr0p209nYcx6KE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.120.58.0/24
Signature Algorithm: sha256WithRSAEncryption
26:c8:31:e3:10:05:6d:7d:64:35:b7:32:08:da:12:c7:58:6b:
ed:58:78:81:42:6b:d3:1d:72:83:a7:10:fd:af:6d:03:95:5e:
d4:d4:58:34:45:e1:77:d3:59:f6:87:60:72:e6:8c:c0:93:86:
0c:67:7f:dc:08:8f:db:b6:01:95:81:3f:5e:cb:51:f9:60:05:
ef:2d:e7:07:6a:a9:36:60:a0:95:b3:b0:d9:ee:e1:60:f8:fb:
e5:49:1a:9f:c0:18:d4:a5:59:6f:7b:54:f1:f7:48:7d:62:8b:
a7:95:64:fd:73:33:c2:0e:f4:63:cb:94:5b:3f:d4:49:01:73:
c3:22:30:ec:af:0c:92:af:09:b7:82:2c:25:24:64:76:a9:b4:
6d:0b:93:58:8d:d7:9c:d4:96:f0:32:51:84:b1:be:77:52:69:
f4:56:af:8a:1f:bf:74:69:b8:16:bc:ed:77:11:28:e2:8b:0c:
1c:ce:c9:2b:97:8c:a0:ed:2a:7d:f9:41:fa:6c:d9:c7:fa:6c:
69:21:cf:f5:a3:e9:32:7b:9b:c2:8b:61:75:d8:7a:9b:76:d3:
5e:77:6d:2b:3c:dc:a1:75:b4:27:ba:30:f7:82:1e:3f:75:bf:
8c:24:dd:c8:5f:e0:5a:ca:33:71:df:f0:19:a2:b9:86:f1:ee:
9c:68:14:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3Bq1oynkiRBNh2v1pJHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjQwMTAxMTYyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmIwZWYwODRjNDE0MjA2M2M1ODVhZjRhNzZkM2Q5ZDg3MzFlOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkolO/l0jFyJeebWLu2AOXeFZpCa
drNResMDAl7PsRuxLw26GdoI0Iv+hlgVTSshH9Hk5Zamhxw9nmKh5+oCBdWchFvd
T9OMbmGUflbt7GoB1yEXxDnZdU/XlEBVlkAiwMrwDznK9RJEXKQDeU760/GMbFfP
+5fsQ1e3yn6DLPmawSQF33O2a88nODICSiHdSfmOX8ibx/y/n199D3wOBUKwqJF4
8xdR/cwdMsWSv6wAfU2rAQZB+zPLXxcnnILCp9U/hotCQVHd6yjKZz4ph1LTrgW7
/TQuuUmP+BFFCaWHosKGiPtM2+TvmXNZBnzAKaUzbWTMfxdox9Y059WUTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA+w7whMQUIGPFha9KdtPZ2HMeihMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvRDdEdkNFeEJRZ1k4V0ZyMHAyMDluWWN4NktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUHg6MA0G
CSqGSIb3DQEBCwUAA4IBAQAmyDHjEAVtfWQ1tzII2hLHWGvtWHiBQmvTHXKDpxD9
r20DlV7U1Fg0ReF301n2h2By5ozAk4YMZ3/cCI/btgGVgT9ey1H5YAXvLecHaqk2
YKCVs7DZ7uFg+PvlSRqfwBjUpVlve1Tx90h9YounlWT9czPCDvRjy5RbP9RJAXPD
IjDsrwySrwm3giwlJGR2qbRtC5NYjdec1JbwMlGEsb53Umn0Vq+KH790abgWvO13
ESjiiwwczskrl4yg7Sp9+UH6bNnH+mxpIc/1o+kye5vCi2F12HqbdtNed20rPNyh
dbQnujD3gh4/db+MJN3IX+BayjNx3/AZormG8e6caBR6
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:22:20 2024 by rpki-client on console-fra.rpki-client.org