Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/e1b20f-4d6d-40e0-af8a-3f17cbcba5ca/1/8fG3A8YqFIQ3Slsjxq2MSbjhzoQ.roa
File: 8fG3A8YqFIQ3Slsjxq2MSbjhzoQ.roa (raw, json)
Hash identifier: SuVsmLr1Zw7GxbYWnfcz13b6keFMx+YVI2JysvBfnoA=
Subject key identifier: F1:F1:B7:03:C6:2A:14:84:37:4A:5B:23:C6:AD:8C:49:B8:E1:CE:84
Certificate issuer: /CN=5b25909f3b94e55f5ef336a27d274a7dfd0d96b2
Certificate serial: 018CC5DBE6E976570E35C0466BFA39C4FE57
Authority key identifier: 5B:25:90:9F:3B:94:E5:5F:5E:F3:36:A2:7D:27:4A:7D:FD:0D:96:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WyWQnzuU5V9e8zaifSdKff0NlrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/e1b20f-4d6d-40e0-af8a-3f17cbcba5ca/1/8fG3A8YqFIQ3Slsjxq2MSbjhzoQ.roa
Signing time: Mon 01 Jan 2024 16:29:32 +0000
ROA not before: Mon 01 Jan 2024 16:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41400
IP address blocks: 185.98.200.0/22 maxlen: 22
2a04:c00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/e1b20f-4d6d-40e0-af8a-3f17cbcba5ca/1/WyWQnzuU5V9e8zaifSdKff0NlrI.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/e1b20f-4d6d-40e0-af8a-3f17cbcba5ca/1/WyWQnzuU5V9e8zaifSdKff0NlrI.mft
rsync://rpki.ripe.net/repository/DEFAULT/WyWQnzuU5V9e8zaifSdKff0NlrI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:e6:e9:76:57:0e:35:c0:46:6b:fa:39:c4:fe:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b25909f3b94e55f5ef336a27d274a7dfd0d96b2
Validity
Not Before: Jan 1 16:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1f1b703c62a1484374a5b23c6ad8c49b8e1ce84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0b:2b:6e:7a:fa:35:a0:1f:17:e1:9b:15:6d:
be:f9:be:2a:0c:d6:88:f6:d8:72:53:c2:1e:95:22:
82:75:c2:8a:09:f8:9e:32:ad:66:d8:e0:ae:96:a5:
62:50:b3:f8:1f:11:da:85:ba:dd:4b:44:99:55:69:
05:44:37:5c:91:07:60:94:27:32:08:5e:48:73:10:
5c:29:fd:64:38:af:fc:7c:0e:b7:c3:ac:7c:72:18:
24:f4:f4:92:be:bc:6c:eb:87:5b:0b:ea:d8:de:a0:
08:e1:ea:fc:79:dc:4e:cc:81:a2:46:c7:81:81:4c:
0b:75:48:1e:69:f2:82:3d:a9:51:d3:2b:bc:6a:c8:
b5:2e:65:37:b2:5c:85:56:75:3c:6f:f1:45:0d:0e:
f9:df:fc:7c:7a:01:6b:5a:21:48:6e:ed:85:b9:da:
85:25:39:4f:e0:f9:5d:d0:e7:e5:0e:96:4f:46:51:
11:6d:8b:ca:bc:f2:9a:7c:68:e5:ff:c6:ab:17:4c:
2c:30:dc:66:5d:3c:03:02:ab:b4:d1:86:5d:89:1b:
b5:87:4e:42:c1:d5:7a:d2:1d:54:23:60:5e:b3:92:
eb:a0:b9:a4:b1:7d:c3:0f:92:8e:8b:10:dc:9c:53:
26:a6:70:6b:a4:39:cf:27:73:35:ee:bd:54:49:7c:
e0:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:F1:B7:03:C6:2A:14:84:37:4A:5B:23:C6:AD:8C:49:B8:E1:CE:84
X509v3 Authority Key Identifier:
keyid:5B:25:90:9F:3B:94:E5:5F:5E:F3:36:A2:7D:27:4A:7D:FD:0D:96:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WyWQnzuU5V9e8zaifSdKff0NlrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/e1b20f-4d6d-40e0-af8a-3f17cbcba5ca/1/8fG3A8YqFIQ3Slsjxq2MSbjhzoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/e1b20f-4d6d-40e0-af8a-3f17cbcba5ca/1/WyWQnzuU5V9e8zaifSdKff0NlrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.200.0/22
IPv6:
2a04:c00::/29
Signature Algorithm: sha256WithRSAEncryption
32:49:5a:fd:86:9a:c8:a4:f5:88:a2:ed:0b:97:de:43:c2:24:
4e:c5:0d:f5:65:10:b9:dc:1d:4c:48:11:ab:93:fd:ef:ad:0e:
4c:8d:9e:fc:e6:a6:30:7f:be:f5:6d:84:a2:f7:11:a9:22:5c:
77:64:fc:2b:ff:cc:9a:bc:82:93:fa:51:ea:3b:13:4d:39:1a:
0e:14:f5:60:0d:51:5c:d7:35:1c:a2:db:1e:9b:72:7d:df:06:
e4:97:74:8d:29:19:55:f6:9d:25:04:5a:2b:6f:28:84:c7:7e:
24:bc:c5:f7:ee:9f:53:07:c2:21:72:78:ca:77:d5:4f:41:a5:
de:50:8b:7e:19:7c:8e:b5:74:89:a3:d0:6e:55:9b:cf:3d:11:
1a:81:f6:fa:d2:d1:86:f7:e3:4f:a7:6b:09:c7:fa:44:32:08:
fd:2a:9d:4f:84:48:c0:e7:30:53:36:fe:8c:a9:db:ac:e2:99:
da:16:52:74:e6:84:5d:46:f5:4f:02:38:84:10:7a:c1:c8:73:
ef:1a:21:ae:d7:69:1c:a6:df:70:b3:2c:4e:26:e4:4b:05:08:
4d:18:65:b1:d7:82:32:ee:a4:c9:80:24:00:b0:95:fd:80:77:
43:63:4f:3d:cd:d9:ec:db:33:73:8d:3a:1d:7a:c8:f6:1d:d4:
0f:40:08:ff
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF2+bpdlcONcBGa/o5xP5XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMjU5MDlmM2I5NGU1NWY1ZWYzMzZhMjdkMjc0YTdkZmQw
ZDk2YjIwHhcNMjQwMTAxMTYyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWYxYjcwM2M2MmExNDg0Mzc0YTViMjNjNmFkOGM0OWI4ZTFjZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQsrbnr6NaAfF+GbFW2++b4qDNaI
9thyU8IelSKCdcKKCfieMq1m2OCulqViULP4HxHahbrdS0SZVWkFRDdckQdglCcy
CF5IcxBcKf1kOK/8fA63w6x8chgk9PSSvrxs64dbC+rY3qAI4er8edxOzIGiRseB
gUwLdUgeafKCPalR0yu8asi1LmU3slyFVnU8b/FFDQ753/x8egFrWiFIbu2FudqF
JTlP4Pld0OflDpZPRlERbYvKvPKafGjl/8arF0wsMNxmXTwDAqu00YZdiRu1h05C
wdV60h1UI2Bes5LroLmksX3DD5KOixDcnFMmpnBrpDnPJ3M17r1USXzgmQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPHxtwPGKhSEN0pbI8atjEm44c6EMB8GA1UdIwQY
MBaAFFslkJ87lOVfXvM2on0nSn39DZayMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3lXUW56dVU1VjllOHphaWZTZEtmZjBObHJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9lMWIyMGYtNGQ2ZC00MGUwLWFmOGEt
M2YxN2NiY2JhNWNhLzEvOGZHM0E4WXFGSVEzU2xzanhxMk1TYmpoem9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9lMWIyMGYtNGQ2ZC00MGUwLWFmOGEtM2YxN2NiY2JhNWNh
LzEvV3lXUW56dVU1VjllOHphaWZTZEtmZjBObHJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWLIMA0E
AgACMAcDBQMqBAwAMA0GCSqGSIb3DQEBCwUAA4IBAQAySVr9hprIpPWIou0Ll95D
wiROxQ31ZRC53B1MSBGrk/3vrQ5MjZ785qYwf771bYSi9xGpIlx3ZPwr/8yavIKT
+lHqOxNNORoOFPVgDVFc1zUcotsem3J93wbkl3SNKRlV9p0lBForbyiEx34kvMX3
7p9TB8IhcnjKd9VPQaXeUIt+GXyOtXSJo9BuVZvPPREagfb60tGG9+NPp2sJx/pE
Mgj9Kp1PhEjA5zBTNv6Mqdus4pnaFlJ05oRdRvVPAjiEEHrByHPvGiGu12kcpt9w
syxOJuRLBQhNGGWx14Iy7qTJgCQAsJX9gHdDY089zdns2zNzjTodesj2HdQPQAj/
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:40:29 2024 by rpki-client on console-fra.rpki-client.org