Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8oEMWQeEAY33DyDNTtMa4lrFgU0.roa
File: 8oEMWQeEAY33DyDNTtMa4lrFgU0.roa (raw, json)
Hash identifier: GUTvybpGjdVK1DdNEB8bOBmaby5bGD9yJuUK9pVxT3w=
Subject key identifier: F2:81:0C:59:07:84:01:8D:F7:0F:20:CD:4E:D3:1A:E2:5A:C5:81:4D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018FFC54D14338AAA0FCFB6F65183EE443A7
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8oEMWQeEAY33DyDNTtMa4lrFgU0.roa
Signing time: Sun 09 Jun 2024 09:29:28 +0000
ROA not before: Sun 09 Jun 2024 09:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206286
IP address blocks: 45.141.24.0/24 maxlen: 24
45.144.225.0/24 maxlen: 24
89.31.216.0/24 maxlen: 24
178.239.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:fc:54:d1:43:38:aa:a0:fc:fb:6f:65:18:3e:e4:43:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 9 09:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2810c590784018df70f20cd4ed31ae25ac5814d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6e:ec:fd:39:50:e5:c9:2e:ec:09:c4:6e:8b:
43:71:c9:ae:48:0d:6f:7c:10:6a:cd:53:df:1d:9a:
d5:aa:6c:df:d3:f5:8a:be:41:7a:fb:0d:24:8e:9d:
7e:83:f3:00:f0:2e:37:e8:46:e2:55:97:ef:41:8a:
db:89:04:62:5a:b7:8b:60:ca:7d:4d:a0:11:77:e9:
5f:43:f3:2b:1b:83:6a:3d:7e:b7:11:8a:b9:45:b2:
81:58:2b:35:c3:a2:ad:67:74:15:1a:01:21:82:92:
41:54:2c:9f:97:84:6a:b3:fb:d1:cf:77:84:ca:26:
1c:5b:8d:df:51:5f:e4:d0:52:82:a1:0c:d9:5b:bb:
b3:6e:87:5c:60:f2:0a:85:25:dc:8a:fc:8a:87:ac:
5c:ea:59:0a:44:20:ef:06:1b:93:dc:37:1d:9a:0d:
73:59:b3:2c:c0:d8:ce:e3:55:99:65:a7:b3:6e:41:
da:e1:99:3e:7f:e9:f3:dd:1c:bc:9e:e2:b7:94:cd:
2e:f6:5b:f1:0b:85:94:fc:4b:98:c6:4a:88:2d:5d:
03:1d:ef:fc:fb:c3:b6:e2:18:18:73:2a:66:35:87:
5b:7a:a5:d1:2c:f2:7d:96:16:18:3d:61:d7:3d:d6:
a2:f0:b4:41:32:88:01:3d:51:f7:8e:24:a5:d4:ff:
c8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:81:0C:59:07:84:01:8D:F7:0F:20:CD:4E:D3:1A:E2:5A:C5:81:4D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8oEMWQeEAY33DyDNTtMa4lrFgU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.24.0/24
45.144.225.0/24
89.31.216.0/24
178.239.199.0/24
Signature Algorithm: sha256WithRSAEncryption
25:01:85:49:bc:66:8c:65:dc:3a:74:6b:94:c7:65:58:a3:08:
fd:51:49:de:a4:1a:be:9d:a4:e5:60:a6:a5:a6:e4:1c:25:e4:
0c:c4:ff:ca:82:b3:ba:f4:dd:95:c6:60:ca:6e:d4:e4:e7:12:
31:a3:d7:8d:23:fe:61:b5:3e:94:00:6c:3c:6c:6e:95:3a:ce:
f0:a3:e9:a4:68:3a:6d:89:54:4e:0c:3d:d4:fe:7f:be:7f:55:
1b:7a:5d:5d:fa:22:82:bf:69:f9:5d:0c:8c:ab:85:98:15:a6:
ab:29:1f:f9:13:53:61:02:be:cf:87:29:67:a9:a2:e9:9e:d3:
58:e5:89:86:58:30:0d:1c:11:09:a9:6c:4d:4d:10:f5:83:bb:
c1:db:95:18:59:2c:e2:3d:53:e9:9d:d1:cc:b5:0d:4a:0a:b5:
1b:e0:3e:4d:bd:bb:94:6d:d7:c9:e7:62:4d:01:54:b2:82:af:
1d:03:fc:ff:80:7f:e3:7e:e4:25:7e:33:33:92:88:a1:a3:4d:
3a:fc:63:26:fd:f2:af:0f:f8:5d:f3:8a:59:a0:77:d6:68:fa:
d5:c9:be:b6:f5:2b:f3:5f:a1:96:00:ad:bd:9a:6b:01:a4:71:
55:e5:59:7a:aa:7b:77:0b:86:8b:0f:62:42:c5:06:85:5d:f0:
33:33:3f:db
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY/8VNFDOKqg/PtvZRg+5EOnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwNjA5MDkyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjgxMGM1OTA3ODQwMThkZjcwZjIwY2Q0ZWQzMWFlMjVhYzU4MTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlm7s/TlQ5cku7AnEbotDccmuSA1v
fBBqzVPfHZrVqmzf0/WKvkF6+w0kjp1+g/MA8C436EbiVZfvQYrbiQRiWreLYMp9
TaARd+lfQ/MrG4NqPX63EYq5RbKBWCs1w6KtZ3QVGgEhgpJBVCyfl4Rqs/vRz3eE
yiYcW43fUV/k0FKCoQzZW7uzbodcYPIKhSXcivyKh6xc6lkKRCDvBhuT3Dcdmg1z
WbMswNjO41WZZaezbkHa4Zk+f+nz3Ry8nuK3lM0u9lvxC4WU/EuYxkqILV0DHe/8
+8O24hgYcypmNYdbeqXRLPJ9lhYYPWHXPdai8LRBMogBPVH3jiSl1P/IKQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPKBDFkHhAGN9w8gzU7TGuJaxYFNMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvOG9FTVdRZUVBWTMzRHlETlR0TWE0bHJGZ1UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALY0YAwQA
LZDhAwQAWR/YAwQAsu/HMA0GCSqGSIb3DQEBCwUAA4IBAQAlAYVJvGaMZdw6dGuU
x2VYowj9UUnepBq+naTlYKalpuQcJeQMxP/KgrO69N2VxmDKbtTk5xIxo9eNI/5h
tT6UAGw8bG6VOs7wo+mkaDptiVRODD3U/n++f1Ubel1d+iKCv2n5XQyMq4WYFaar
KR/5E1NhAr7PhylnqaLpntNY5YmGWDANHBEJqWxNTRD1g7vB25UYWSziPVPpndHM
tQ1KCrUb4D5NvbuUbdfJ52JNAVSygq8dA/z/gH/jfuQlfjMzkoiho006/GMm/fKv
D/hd84pZoHfWaPrVyb629SvzX6GWAK29mmsBpHFV5Vl6qnt3C4aLD2JCxQaFXfAz
Mz/b
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:08:05 2024 by rpki-client on console-fra.rpki-client.org