Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/2b8877-e523-4e9c-9fc3-cd60c891001b/1/8FcL5VyeDWo8VAvAIU3tx3F99yw.roa
File: 8FcL5VyeDWo8VAvAIU3tx3F99yw.roa (raw, json)
Hash identifier: rWaa/mGnQm+bviYl3DpiK06fXfebRN5QKizUnN9gCVI=
Subject key identifier: F0:57:0B:E5:5C:9E:0D:6A:3C:54:0B:C0:21:4D:ED:C7:71:7D:F7:2C
Certificate issuer: /CN=8e702a616c04941e2c9f071651e49c5df3aed0b1
Certificate serial: 018CC424869BF48EE88D7189FD62E342E287
Authority key identifier: 8E:70:2A:61:6C:04:94:1E:2C:9F:07:16:51:E4:9C:5D:F3:AE:D0:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jnAqYWwElB4snwcWUeScXfOu0LE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/2b8877-e523-4e9c-9fc3-cd60c891001b/1/8FcL5VyeDWo8VAvAIU3tx3F99yw.roa
Signing time: Mon 01 Jan 2024 08:29:37 +0000
ROA not before: Mon 01 Jan 2024 08:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200325
IP address blocks: 91.200.176.0/24 maxlen: 24
107.150.176.0/24 maxlen: 24
193.162.131.0/24 maxlen: 24
109.104.146.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/2b8877-e523-4e9c-9fc3-cd60c891001b/1/jnAqYWwElB4snwcWUeScXfOu0LE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/2b8877-e523-4e9c-9fc3-cd60c891001b/1/jnAqYWwElB4snwcWUeScXfOu0LE.mft
rsync://rpki.ripe.net/repository/DEFAULT/jnAqYWwElB4snwcWUeScXfOu0LE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:86:9b:f4:8e:e8:8d:71:89:fd:62:e3:42:e2:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e702a616c04941e2c9f071651e49c5df3aed0b1
Validity
Not Before: Jan 1 08:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0570be55c9e0d6a3c540bc0214dedc7717df72c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c4:77:e7:16:e5:c7:44:4f:8b:00:db:b8:62:
4a:31:85:d7:f0:55:b3:17:96:02:50:9c:32:8d:9c:
d6:d6:36:45:4d:d4:48:28:a4:b9:ff:d6:fe:02:d3:
3f:26:1a:fb:32:e6:70:96:86:e9:44:a2:dc:0f:ae:
ce:8f:a6:5e:12:60:ac:37:91:4a:65:a1:9d:2e:62:
ba:b3:a0:1c:09:51:36:b8:b2:a3:63:d3:20:84:84:
01:fc:19:54:1b:e9:91:49:c7:db:be:6a:30:cb:c5:
a5:e5:b2:8f:b6:d4:f7:4c:d4:2b:8f:1f:36:e0:a7:
a5:45:a3:30:43:ca:5d:bb:d4:92:1d:fd:f3:61:9e:
0c:f7:4c:62:89:e3:fd:83:27:1b:bf:24:12:dd:b1:
17:ea:00:fc:25:ae:4b:4c:be:b1:e3:93:1a:2f:c7:
d6:4e:90:aa:1e:a9:3b:c2:5a:bb:5d:d7:53:bf:0b:
46:e3:10:45:0a:bd:77:3c:af:1b:e1:f8:96:b4:26:
17:0d:d7:02:05:63:95:1d:79:5d:bf:ae:55:8a:b9:
2d:d6:be:7a:bf:41:e8:69:c5:8a:7d:56:d8:42:bf:
d5:30:16:a9:d3:7e:1f:07:d6:76:6e:c7:9a:64:14:
7c:8f:66:30:8a:c0:8d:6f:c6:56:cf:ea:c4:0a:1f:
96:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:57:0B:E5:5C:9E:0D:6A:3C:54:0B:C0:21:4D:ED:C7:71:7D:F7:2C
X509v3 Authority Key Identifier:
keyid:8E:70:2A:61:6C:04:94:1E:2C:9F:07:16:51:E4:9C:5D:F3:AE:D0:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jnAqYWwElB4snwcWUeScXfOu0LE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/2b8877-e523-4e9c-9fc3-cd60c891001b/1/8FcL5VyeDWo8VAvAIU3tx3F99yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/2b8877-e523-4e9c-9fc3-cd60c891001b/1/jnAqYWwElB4snwcWUeScXfOu0LE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.176.0/24
107.150.176.0/24
109.104.146.0/23
193.162.131.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:6f:a1:61:97:06:4a:40:fc:e7:83:20:79:03:d6:15:57:54:
b8:3e:68:87:88:c4:42:dc:03:65:13:9e:d4:95:1d:dd:fa:91:
da:62:36:20:7d:b5:7c:35:33:c8:4b:95:f6:d8:e8:30:f0:bc:
02:2d:67:b5:ad:ea:e2:36:3e:02:bc:2f:7a:b1:2f:3a:61:a5:
10:42:11:9d:94:26:b8:da:8e:48:0e:59:71:02:28:8b:50:51:
4b:69:1e:7b:02:34:fa:8a:d5:8a:f6:e4:c1:3b:32:2c:d3:ad:
be:af:b2:93:54:bc:a6:4d:e6:0c:1a:49:4d:fc:da:f7:18:6b:
4e:00:7d:99:88:c4:5d:1a:f9:c5:45:7b:3e:c2:cd:53:67:24:
e9:ef:a4:49:b0:48:64:4b:fb:8d:a4:64:0a:13:93:60:1d:64:
48:03:7e:8d:bb:3e:3e:a6:c7:98:b9:d4:59:b5:ba:c6:62:0f:
89:a8:37:d2:bb:fc:91:42:6a:c7:3b:f5:b6:44:b7:d8:63:59:
2e:2a:5c:07:8d:00:89:5a:ab:17:ca:ce:07:5b:27:f9:06:ed:
92:05:32:09:ef:c6:a7:37:6a:4d:fb:f4:e0:55:ee:fb:3e:26:
3c:84:d1:11:76:fc:b0:27:3c:2b:78:58:74:b4:8d:72:b0:a2:
ea:b0:b7:dc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEJIab9I7ojXGJ/WLjQuKHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNzAyYTYxNmMwNDk0MWUyYzlmMDcxNjUxZTQ5YzVkZjNh
ZWQwYjEwHhcNMjQwMTAxMDgyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDU3MGJlNTVjOWUwZDZhM2M1NDBiYzAyMTRkZWRjNzcxN2RmNzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMR35xblx0RPiwDbuGJKMYXX8FWz
F5YCUJwyjZzW1jZFTdRIKKS5/9b+AtM/Jhr7MuZwlobpRKLcD67Oj6ZeEmCsN5FK
ZaGdLmK6s6AcCVE2uLKjY9MghIQB/BlUG+mRScfbvmowy8Wl5bKPttT3TNQrjx82
4KelRaMwQ8pdu9SSHf3zYZ4M90xiieP9gycbvyQS3bEX6gD8Ja5LTL6x45MaL8fW
TpCqHqk7wlq7XddTvwtG4xBFCr13PK8b4fiWtCYXDdcCBWOVHXldv65Virkt1r56
v0HoacWKfVbYQr/VMBap034fB9Z2bseaZBR8j2YwisCNb8ZWz+rECh+WdwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPBXC+Vcng1qPFQLwCFN7cdxffcsMB8GA1UdIwQY
MBaAFI5wKmFsBJQeLJ8HFlHknF3zrtCxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam5BcVlXd0VsQjRzbndjV1VlU2NYZk91MExFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8yYjg4NzctZTUyMy00ZTljLTlmYzMt
Y2Q2MGM4OTEwMDFiLzEvOEZjTDVWeWVEV284VkF2QUlVM3R4M0Y5OXl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8yYjg4NzctZTUyMy00ZTljLTlmYzMtY2Q2MGM4OTEwMDFi
LzEvam5BcVlXd0VsQjRzbndjV1VlU2NYZk91MExFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW8iwAwQA
a5awAwQBbWiSAwQAwaKDMA0GCSqGSIb3DQEBCwUAA4IBAQCnb6FhlwZKQPzngyB5
A9YVV1S4PmiHiMRC3ANlE57UlR3d+pHaYjYgfbV8NTPIS5X22Ogw8LwCLWe1reri
Nj4CvC96sS86YaUQQhGdlCa42o5IDllxAiiLUFFLaR57AjT6itWK9uTBOzIs062+
r7KTVLymTeYMGklN/Nr3GGtOAH2ZiMRdGvnFRXs+ws1TZyTp76RJsEhkS/uNpGQK
E5NgHWRIA36Nuz4+pseYudRZtbrGYg+JqDfSu/yRQmrHO/W2RLfYY1kuKlwHjQCJ
WqsXys4HWyf5Bu2SBTIJ78anN2pN+/TgVe77PiY8hNERdvywJzwreFh0tI1ysKLq
sLfc
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:54:24 2024 by rpki-client on console-fra.rpki-client.org