Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/8CJsaFw6l6-8nyhM9ciYflrJwsc.roa
File: 8CJsaFw6l6-8nyhM9ciYflrJwsc.roa (raw, json)
Hash identifier: /v4kWbOAV1ajYosLUNQfl7KAIkiStEzbmQCDQwONUU8=
Subject key identifier: F0:22:6C:68:5C:3A:97:AF:BC:9F:28:4C:F5:C8:98:7E:5A:C9:C2:C7
Certificate issuer: /CN=a71a2a2db4d7418e9bf4f93c8c046a0161663c62
Certificate serial: 018D307A33F222EAD71500C2C9B5BFA484E0
Authority key identifier: A7:1A:2A:2D:B4:D7:41:8E:9B:F4:F9:3C:8C:04:6A:01:61:66:3C:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/8CJsaFw6l6-8nyhM9ciYflrJwsc.roa
Signing time: Mon 22 Jan 2024 09:22:11 +0000
ROA not before: Mon 22 Jan 2024 09:22:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.157.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/pxoqLbTXQY6b9Pk8jARqAWFmPGI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/pxoqLbTXQY6b9Pk8jARqAWFmPGI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:30:7a:33:f2:22:ea:d7:15:00:c2:c9:b5:bf:a4:84:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a71a2a2db4d7418e9bf4f93c8c046a0161663c62
Validity
Not Before: Jan 22 09:22:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0226c685c3a97afbc9f284cf5c8987e5ac9c2c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ff:e6:f5:39:25:af:fc:d3:21:1f:96:ab:6c:
84:cd:93:8f:f0:cf:e3:79:43:6d:c7:fb:da:a1:aa:
ad:27:64:81:a7:08:97:9e:a9:28:f4:96:fe:a1:a9:
8f:49:94:83:2f:79:38:37:df:cb:fc:74:28:44:f8:
b5:de:ef:3b:12:ae:0c:1c:d9:f5:6d:51:b7:e4:53:
72:8d:df:3e:3d:98:61:45:bb:0d:6f:df:5c:8e:54:
46:74:16:d2:ad:4f:55:ae:16:be:01:b4:80:93:06:
a1:13:0c:fa:7e:0d:c0:03:06:81:96:18:7e:ed:99:
bb:c3:e4:16:08:59:9c:19:3c:d4:a7:7b:96:f9:6c:
cd:c9:fe:c7:24:0f:98:55:46:10:02:f6:e0:df:10:
19:16:ed:21:26:5b:19:73:3f:a9:b9:58:e7:16:50:
61:70:8e:34:ba:be:c9:3b:5f:8c:fa:e7:80:5d:8a:
a4:a3:6a:c8:42:bf:cb:cb:a1:8d:b8:db:c8:67:ec:
f2:da:ac:a6:c3:43:e4:63:f7:0f:8c:24:48:90:d4:
8f:95:eb:d3:43:de:c9:45:78:3b:04:83:72:73:74:
ed:a5:9b:40:b0:46:07:a9:fd:11:ec:e5:9f:36:70:
32:6a:cc:14:a5:d9:17:66:b0:46:32:d3:db:f2:ac:
f0:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:22:6C:68:5C:3A:97:AF:BC:9F:28:4C:F5:C8:98:7E:5A:C9:C2:C7
X509v3 Authority Key Identifier:
keyid:A7:1A:2A:2D:B4:D7:41:8E:9B:F4:F9:3C:8C:04:6A:01:61:66:3C:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/8CJsaFw6l6-8nyhM9ciYflrJwsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/pxoqLbTXQY6b9Pk8jARqAWFmPGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.51.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:78:84:d7:5a:47:f1:cb:ea:c3:4e:2b:91:a8:e1:18:67:d4:
1a:ae:29:5a:4b:4a:83:ed:cf:8c:6d:7b:27:d9:bf:b0:71:ff:
8b:f9:1d:ef:7f:c9:5d:5a:fa:1e:70:3e:ec:fa:9f:08:5c:e7:
64:5f:e8:1e:13:6b:cc:bf:b2:4e:f6:15:87:df:0a:12:26:0e:
12:fe:cb:69:74:b2:f2:28:2e:77:a7:69:09:55:1b:97:e9:a1:
a0:0d:76:8d:50:a4:dc:be:a3:f2:01:78:33:3e:32:69:06:41:
5f:75:d5:de:53:08:9f:50:63:80:2f:12:2f:3c:2e:0c:a8:35:
87:10:a7:b4:87:41:f5:d9:71:b6:13:cb:11:7c:a1:b6:d3:8c:
22:9a:1d:73:1d:f7:23:ba:b4:19:84:fe:e7:ce:8c:4c:5d:7b:
68:0b:a4:94:43:b6:6c:e3:71:4f:a2:df:ad:24:52:44:b6:f1:
4f:f2:6c:3b:1f:39:b0:58:45:d4:a7:3c:f3:91:62:7e:3f:1d:
cf:cc:2b:1a:a7:9d:aa:04:34:ef:94:93:68:1a:30:15:ba:ed:
f3:1c:da:36:db:8d:2d:77:a7:6b:b2:43:01:ce:c9:1a:78:34:
5a:21:78:23:21:3e:8e:ec:c7:92:99:ba:77:b5:78:eb:e4:e9:
64:af:43:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0wejPyIurXFQDCybW/pITgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MWEyYTJkYjRkNzQxOGU5YmY0ZjkzYzhjMDQ2YTAxNjE2
NjNjNjIwHhcNMjQwMTIyMDkyMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDIyNmM2ODVjM2E5N2FmYmM5ZjI4NGNmNWM4OTg3ZTVhYzljMmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx//m9Tklr/zTIR+Wq2yEzZOP8M/j
eUNtx/vaoaqtJ2SBpwiXnqko9Jb+oamPSZSDL3k4N9/L/HQoRPi13u87Eq4MHNn1
bVG35FNyjd8+PZhhRbsNb99cjlRGdBbSrU9Vrha+AbSAkwahEwz6fg3AAwaBlhh+
7Zm7w+QWCFmcGTzUp3uW+WzNyf7HJA+YVUYQAvbg3xAZFu0hJlsZcz+puVjnFlBh
cI40ur7JO1+M+ueAXYqko2rIQr/Ly6GNuNvIZ+zy2qymw0PkY/cPjCRIkNSPlevT
Q97JRXg7BINyc3TtpZtAsEYHqf0R7OWfNnAyaswUpdkXZrBGMtPb8qzwUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPAibGhcOpevvJ8oTPXImH5aycLHMB8GA1UdIwQY
MBaAFKcaKi2010GOm/T5PIwEagFhZjxiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhvcUxiVFhRWTZiOVBrOGpBUnFBV0ZtUEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9iN2FiZGYtM2JlMS00NjQyLTlmM2Ut
ZjFmMGI5NTk4ZjMyLzEvOENKc2FGdzZsNi04bnloTTljaVlmbHJKd3NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9iN2FiZGYtM2JlMS00NjQyLTlmM2UtZjFmMGI5NTk4ZjMy
LzEvcHhvcUxiVFhRWTZiOVBrOGpBUnFBV0ZtUEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ0zMA0G
CSqGSIb3DQEBCwUAA4IBAQA9eITXWkfxy+rDTiuRqOEYZ9QarilaS0qD7c+MbXsn
2b+wcf+L+R3vf8ldWvoecD7s+p8IXOdkX+geE2vMv7JO9hWH3woSJg4S/stpdLLy
KC53p2kJVRuX6aGgDXaNUKTcvqPyAXgzPjJpBkFfddXeUwifUGOALxIvPC4MqDWH
EKe0h0H12XG2E8sRfKG204wimh1zHfcjurQZhP7nzoxMXXtoC6SUQ7Zs43FPot+t
JFJEtvFP8mw7HzmwWEXUpzzzkWJ+Px3PzCsap52qBDTvlJNoGjAVuu3zHNo2240t
d6drskMBzskaeDRaIXgjIT6O7MeSmbp3tXjr5Olkr0Mc
-----END CERTIFICATE-----
Generated at Thu May 2 04:42:58 2024 by rpki-client on console-fra.rpki-client.org