Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/h8lbxpX3XJJE6EndWXLR3kYQHPM.roa
File: h8lbxpX3XJJE6EndWXLR3kYQHPM.roa (raw, json)
Hash identifier: WI6ZFSW+U0slah/K2+zq+xAvb0eTDKCte5Q3GVSEmss=
Subject key identifier: 87:C9:5B:C6:95:F7:5C:92:44:E8:49:DD:59:72:D1:DE:46:10:1C:F3
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 018CC802C5F192E6C0569493F6A114763A5A
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/h8lbxpX3XJJE6EndWXLR3kYQHPM.roa
Signing time: Tue 02 Jan 2024 02:31:14 +0000
ROA not before: Tue 02 Jan 2024 02:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39277
IP address blocks: 188.210.224.0/21 maxlen: 21
89.32.216.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:c5:f1:92:e6:c0:56:94:93:f6:a1:14:76:3a:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 2 02:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87c95bc695f75c9244e849dd5972d1de46101cf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e5:c2:19:9b:a8:41:5f:fb:94:da:1e:f9:74:
87:b4:78:a6:00:c6:1a:c2:66:cb:fe:fc:04:9f:3a:
0c:95:36:6e:64:47:d4:d4:2e:7a:a7:92:93:89:c5:
80:4a:c4:49:31:1f:62:3f:78:5d:3b:1c:e5:6d:b0:
70:3a:44:39:ac:53:b7:57:e2:e3:5e:f4:8c:e6:79:
1f:33:01:2a:99:17:f7:d4:a5:38:dc:56:b3:3f:39:
de:65:66:bf:20:d2:bd:2c:36:8c:43:d6:8b:c4:4c:
f5:f0:40:38:bb:69:a1:24:9a:94:e0:6b:2d:fa:57:
2c:3e:a5:32:a7:e4:88:4d:4f:c6:a0:29:0f:48:e5:
fa:8a:be:c7:da:54:4c:31:0a:e9:e3:2c:df:4f:e3:
c4:b4:2e:5d:d2:26:3a:ae:74:b2:f5:56:e4:f8:99:
e4:85:0c:7d:c7:84:6b:7e:7d:38:f4:1c:03:0b:12:
54:4b:8a:ea:21:ae:8d:c3:6a:63:ea:e9:02:66:98:
f8:3b:19:5a:7a:e3:83:13:cb:32:25:79:72:84:4c:
29:59:72:6c:89:2f:32:08:bc:6d:39:a4:cb:54:9b:
75:ac:97:e9:6d:b6:63:62:4d:7d:26:2c:88:51:a3:
ff:54:ce:b2:77:88:e4:7b:10:ba:1d:94:f5:a3:c9:
e6:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C9:5B:C6:95:F7:5C:92:44:E8:49:DD:59:72:D1:DE:46:10:1C:F3
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/h8lbxpX3XJJE6EndWXLR3kYQHPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.216.0/21
188.210.224.0/21
Signature Algorithm: sha256WithRSAEncryption
2f:7f:78:17:ef:45:2d:8b:18:e3:3a:0a:bb:34:62:c6:f9:dd:
12:e6:3a:02:89:12:b3:58:70:e7:b5:44:9e:90:22:1f:07:46:
f9:8c:58:5c:72:dc:25:7a:78:59:ac:c1:d8:44:8c:0b:67:b1:
3a:3e:b5:dd:32:a7:1e:62:f7:9d:f0:49:0c:64:a7:e7:c8:d9:
6b:05:72:37:f4:c1:d7:ee:3d:65:38:c4:4d:bc:7f:d1:1a:43:
22:8c:cb:5a:6d:cc:ba:db:9f:04:f6:6d:55:28:97:e2:6c:db:
1a:e3:e8:00:95:ce:e1:25:7c:bb:e3:cd:c7:64:f8:d3:3d:5e:
43:1e:1f:11:5c:08:4b:7a:fd:85:d4:fd:3f:89:86:2b:d0:fa:
88:26:97:d0:5d:71:2b:f6:65:9e:b9:4a:63:07:88:9a:2b:6b:
0f:43:0e:e8:fc:f8:b3:1b:23:18:68:58:13:f7:68:55:ca:44:
e1:ef:8f:40:96:f4:98:03:f3:a6:d3:8b:00:75:70:34:7a:fd:
c9:9f:a8:2a:ea:58:6a:29:51:43:67:61:85:c1:59:e0:ec:be:
11:a3:fe:0e:6d:ba:8d:e9:f2:d2:33:29:77:7d:d8:15:9e:b4:
db:87:a9:16:53:65:82:75:2e:a6:6d:5f:df:88:e8:8d:0f:3d:
d3:41:5e:f8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAsXxkubAVpST9qEUdjpaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjQwMTAyMDIzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2M5NWJjNjk1Zjc1YzkyNDRlODQ5ZGQ1OTcyZDFkZTQ2MTAxY2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOXCGZuoQV/7lNoe+XSHtHimAMYa
wmbL/vwEnzoMlTZuZEfU1C56p5KTicWASsRJMR9iP3hdOxzlbbBwOkQ5rFO3V+Lj
XvSM5nkfMwEqmRf31KU43FazPzneZWa/INK9LDaMQ9aLxEz18EA4u2mhJJqU4Gst
+lcsPqUyp+SITU/GoCkPSOX6ir7H2lRMMQrp4yzfT+PEtC5d0iY6rnSy9Vbk+Jnk
hQx9x4Rrfn049BwDCxJUS4rqIa6Nw2pj6ukCZpj4OxlaeuODE8syJXlyhEwpWXJs
iS8yCLxtOaTLVJt1rJfpbbZjYk19JiyIUaP/VM6yd4jkexC6HZT1o8nmpwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIfJW8aV91ySROhJ3Vly0d5GEBzzMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvaDhsYnhwWDNYSkpFNkVuZFdYTFIza1lRSFBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDWSDYAwQD
vNLgMA0GCSqGSIb3DQEBCwUAA4IBAQAvf3gX70UtixjjOgq7NGLG+d0S5joCiRKz
WHDntUSekCIfB0b5jFhcctwlenhZrMHYRIwLZ7E6PrXdMqceYved8EkMZKfnyNlr
BXI39MHX7j1lOMRNvH/RGkMijMtabcy6258E9m1VKJfibNsa4+gAlc7hJXy7483H
ZPjTPV5DHh8RXAhLev2F1P0/iYYr0PqIJpfQXXEr9mWeuUpjB4iaK2sPQw7o/Piz
GyMYaFgT92hVykTh749AlvSYA/Om04sAdXA0ev3Jn6gq6lhqKVFDZ2GFwVng7L4R
o/4ObbqN6fLSMyl3fdgVnrTbh6kWU2WCdS6mbV/fiOiNDz3TQV74
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:37:19 2024 by rpki-client on console-fra.rpki-client.org