Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/R8YKmaAwbxaY1MGf6xC8acYgiMk.roa
File: R8YKmaAwbxaY1MGf6xC8acYgiMk.roa (raw, json)
Hash identifier: pqQduW8Xgtiv+Mr6XEuLBc8HveSqCzEc2GGZKG+RpXI=
Subject key identifier: 47:C6:0A:99:A0:30:6F:16:98:D4:C1:9F:EB:10:BC:69:C6:20:88:C9
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 018D35C09BFC4A6E92151D6B4A91A04CEED2
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/R8YKmaAwbxaY1MGf6xC8acYgiMk.roa
Signing time: Tue 23 Jan 2024 09:57:11 +0000
ROA not before: Tue 23 Jan 2024 09:57:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212063
IP address blocks: 87.107.172.0/24 maxlen: 24
87.107.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:35:c0:9b:fc:4a:6e:92:15:1d:6b:4a:91:a0:4c:ee:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 23 09:57:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47c60a99a0306f1698d4c19feb10bc69c62088c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e5:49:a8:57:ae:ca:55:fd:ac:06:1a:55:14:
db:bc:ca:0a:30:70:7d:80:67:6a:b1:6e:66:d1:31:
c5:f4:64:9e:76:70:bf:eb:00:3a:cf:3e:77:d6:9b:
ef:bd:3d:0e:2a:36:be:49:24:bf:e3:2a:50:d5:cb:
3b:8e:95:d0:c5:db:9c:b7:dd:07:f3:9e:f0:f2:97:
aa:03:ff:d5:b8:5d:e9:15:df:8e:2d:3a:40:ba:bf:
be:b0:4e:45:ed:bd:8f:13:40:ac:40:8d:d4:75:3c:
7b:df:d2:85:0f:9e:12:9f:02:86:2f:1b:28:5d:d3:
f8:72:d1:ae:88:98:47:d0:d9:cd:53:1e:8c:dc:5b:
55:a3:cf:3d:72:df:1b:fe:0d:3f:94:0f:a4:8e:7a:
6f:6f:a7:03:4a:b8:31:37:66:1c:23:2f:35:9e:84:
bb:51:fa:c0:d1:49:da:c1:bd:1a:72:93:88:f4:6d:
e7:21:d3:e6:94:77:57:9b:df:30:db:82:5e:03:82:
8e:c1:4b:75:e1:18:c3:26:fd:31:35:1e:47:5c:ad:
22:b7:3d:66:f9:5c:bf:95:b9:ed:43:fe:a1:5f:a6:
a0:57:e6:71:be:e7:9c:19:7c:cf:8c:04:05:b6:20:
c8:8e:9e:37:7b:2b:84:02:53:1d:12:b1:0a:6e:df:
d4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:C6:0A:99:A0:30:6F:16:98:D4:C1:9F:EB:10:BC:69:C6:20:88:C9
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/R8YKmaAwbxaY1MGf6xC8acYgiMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.107.172.0/24
87.107.188.0/24
Signature Algorithm: sha256WithRSAEncryption
82:58:ba:7c:30:2c:37:d2:bf:90:75:cc:3e:89:4c:d7:9a:04:
46:1e:5b:59:91:0e:28:d8:aa:52:b7:16:79:ac:32:f1:6c:5d:
18:f8:f3:58:51:cb:1a:bc:a3:62:0f:e2:92:25:f9:f0:fb:97:
ff:4d:01:71:1c:a9:38:5b:91:f2:83:83:f4:5a:6e:e4:15:f0:
fe:7a:2e:41:69:ae:b9:04:de:5f:da:79:f2:3e:55:41:a3:50:
c1:56:f9:4c:ea:92:ab:e1:f3:55:b5:85:7a:bd:8c:86:bd:d2:
c7:b5:48:78:2d:a7:21:bf:70:19:63:84:a1:8b:9c:f4:fa:85:
32:77:85:eb:16:31:b8:2a:29:a9:c0:02:e7:ce:24:fc:98:15:
1b:49:6e:12:ba:7f:02:8b:37:75:63:1a:8b:db:f1:c9:26:82:
9d:d2:41:2a:37:0c:9b:98:57:2b:34:27:a0:20:e8:5b:80:87:
91:86:93:85:c4:b8:10:27:01:32:55:aa:61:59:45:4b:6d:ad:
90:76:5d:0b:75:fb:62:8e:f1:0e:4b:2d:7b:cc:14:96:a2:5e:
fc:67:dc:08:43:67:22:cd:e0:11:31:0b:b8:fd:8e:19:a5:57:
be:bb:c8:53:2d:80:e8:72:b5:5a:7e:b5:8b:d1:60:14:61:6a:
5a:eb:14:0f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY01wJv8Sm6SFR1rSpGgTO7SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjQwMTIzMDk1NzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2M2MGE5OWEwMzA2ZjE2OThkNGMxOWZlYjEwYmM2OWM2MjA4OGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+VJqFeuylX9rAYaVRTbvMoKMHB9
gGdqsW5m0THF9GSednC/6wA6zz531pvvvT0OKja+SSS/4ypQ1cs7jpXQxduct90H
857w8peqA//VuF3pFd+OLTpAur++sE5F7b2PE0CsQI3UdTx739KFD54SnwKGLxso
XdP4ctGuiJhH0NnNUx6M3FtVo889ct8b/g0/lA+kjnpvb6cDSrgxN2YcIy81noS7
UfrA0Unawb0acpOI9G3nIdPmlHdXm98w24JeA4KOwUt14RjDJv0xNR5HXK0itz1m
+Vy/lbntQ/6hX6agV+ZxvuecGXzPjAQFtiDIjp43eyuEAlMdErEKbt/UnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEfGCpmgMG8WmNTBn+sQvGnGIIjJMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvUjhZS21hQXdieGFZMU1HZjZ4QzhhY1lnaU1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV2usAwQA
V2u8MA0GCSqGSIb3DQEBCwUAA4IBAQCCWLp8MCw30r+Qdcw+iUzXmgRGHltZkQ4o
2KpStxZ5rDLxbF0Y+PNYUcsavKNiD+KSJfnw+5f/TQFxHKk4W5Hyg4P0Wm7kFfD+
ei5Baa65BN5f2nnyPlVBo1DBVvlM6pKr4fNVtYV6vYyGvdLHtUh4Lachv3AZY4Sh
i5z0+oUyd4XrFjG4KimpwALnziT8mBUbSW4Sun8Cizd1YxqL2/HJJoKd0kEqNwyb
mFcrNCegIOhbgIeRhpOFxLgQJwEyVaphWUVLba2Qdl0LdftijvEOSy17zBSWol78
Z9wIQ2cizeARMQu4/Y4ZpVe+u8hTLYDocrVafrWL0WAUYWpa6xQP
-----END CERTIFICATE-----
Generated at Fri May 17 05:17:49 2024 by rpki-client on console-fra.rpki-client.org