Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/L8AjesTkEuvn9L5TRzsDVNLgI-M.roa
File: L8AjesTkEuvn9L5TRzsDVNLgI-M.roa (raw, json)
Hash identifier: N03HrtzCMC+2aQQ/bFj8Qt8nyzMMQGNtGN9F/D/n4UA=
Subject key identifier: 2F:C0:23:7A:C4:E4:12:EB:E7:F4:BE:53:47:3B:03:54:D2:E0:23:E3
Certificate issuer: /CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Certificate serial: 018CC6B811862CF2F053EC4A654C7A27638F
Authority key identifier: 65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/L8AjesTkEuvn9L5TRzsDVNLgI-M.roa
Signing time: Mon 01 Jan 2024 20:30:00 +0000
ROA not before: Mon 01 Jan 2024 20:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8896
IP address blocks: 185.41.241.0/24 maxlen: 24
185.152.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 13:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:11:86:2c:f2:f0:53:ec:4a:65:4c:7a:27:63:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Validity
Not Before: Jan 1 20:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2fc0237ac4e412ebe7f4be53473b0354d2e023e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:95:90:6a:39:15:f4:2a:d0:a6:55:23:8f:32:
a6:e5:d7:b4:f2:6a:c7:7e:a0:9f:bc:ef:d5:f8:94:
9a:2f:d5:f3:a1:d7:83:ae:cf:6e:68:25:c1:da:ef:
18:c8:9c:97:1c:a4:f0:d7:77:0e:f0:55:68:ba:4c:
c8:46:17:0f:26:84:a3:50:03:52:21:1f:8f:ee:18:
37:33:11:c1:3e:84:1a:ff:3b:8b:cf:42:03:1e:36:
2e:03:1f:9d:b8:b4:93:0e:74:96:94:b9:9c:cf:d0:
69:1e:36:54:11:6c:d8:d3:f7:ed:db:81:c0:ff:8a:
21:b1:de:74:dd:e0:37:f1:a2:c4:fb:ec:f8:0e:83:
76:66:11:f9:d3:25:1b:dc:d7:39:97:34:44:5b:55:
b0:48:b0:bd:80:09:cc:27:fb:44:9c:36:9d:87:a0:
32:97:83:90:be:73:29:51:12:14:0a:e3:d7:fe:88:
44:c1:4e:46:9e:6b:17:26:77:59:be:ee:af:a5:b9:
50:ab:d8:49:a0:12:7d:a5:82:88:12:4e:5e:75:5a:
2a:39:44:dd:90:13:f7:88:70:64:1d:f8:9d:96:2a:
88:db:61:9a:38:a6:09:8c:57:94:4d:c6:6f:f4:37:
0d:4f:d1:02:5c:f3:81:04:d8:c1:90:ef:60:40:4a:
5b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:C0:23:7A:C4:E4:12:EB:E7:F4:BE:53:47:3B:03:54:D2:E0:23:E3
X509v3 Authority Key Identifier:
keyid:65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/L8AjesTkEuvn9L5TRzsDVNLgI-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.241.0/24
185.152.33.0/24
Signature Algorithm: sha256WithRSAEncryption
65:2c:fa:f8:47:79:3c:f8:a2:9b:ff:ec:e9:97:b0:16:d0:d8:
dc:a9:59:15:72:84:f4:b6:36:b8:b0:d4:c4:4e:6d:29:ed:36:
d8:cc:52:68:5d:9f:74:19:dd:ff:75:56:7c:57:68:57:a3:b9:
56:88:0d:ad:9b:64:35:68:ed:d6:d2:d6:cf:ba:45:0d:cd:af:
ab:9b:28:8c:f9:55:29:dd:aa:b7:a8:2c:51:61:a9:b5:df:2c:
f2:46:d2:0b:40:1d:82:5c:f0:54:d4:22:f0:46:37:3e:b8:ac:
e8:76:6f:b7:1e:41:8e:df:b2:e9:84:47:40:20:9b:44:f4:7f:
35:fe:19:56:77:91:4f:95:b1:1e:9e:10:78:cf:19:81:19:30:
c4:3c:bd:c5:d4:24:b9:e0:82:78:5d:1a:de:9d:d5:6e:69:57:
5c:c5:d2:43:d7:92:38:fe:98:13:1b:f9:9a:ed:8e:bc:34:79:
49:74:54:ea:44:bc:ff:1e:94:c4:73:4a:63:d8:29:d5:05:2f:
4d:0d:09:99:59:e7:4e:a3:88:8c:5c:1f:4e:1b:a5:e5:f7:6b:
9a:e8:3e:e7:0a:49:20:39:9a:f2:40:7f:ca:cb:c6:db:0d:ac:
ee:85:f6:fb:d3:cf:1c:ba:3d:50:ee:52:14:2c:b3:6f:19:4d:
29:3d:a4:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuBGGLPLwU+xKZUx6J2OPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YmRjZmY3N2JmMDYwZDVkYTEyZGU0NWUyMDcyZTFjZmY0
NTYwYTcwHhcNMjQwMTAxMjAzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmMwMjM3YWM0ZTQxMmViZTdmNGJlNTM0NzNiMDM1NGQyZTAyM2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpWQajkV9CrQplUjjzKm5de08mrH
fqCfvO/V+JSaL9XzodeDrs9uaCXB2u8YyJyXHKTw13cO8FVoukzIRhcPJoSjUANS
IR+P7hg3MxHBPoQa/zuLz0IDHjYuAx+duLSTDnSWlLmcz9BpHjZUEWzY0/ft24HA
/4ohsd503eA38aLE++z4DoN2ZhH50yUb3Nc5lzREW1WwSLC9gAnMJ/tEnDadh6Ay
l4OQvnMpURIUCuPX/ohEwU5GnmsXJndZvu6vpblQq9hJoBJ9pYKIEk5edVoqOUTd
kBP3iHBkHfidliqI22GaOKYJjFeUTcZv9DcNT9ECXPOBBNjBkO9gQEpbZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC/AI3rE5BLr5/S+U0c7A1TS4CPjMB8GA1UdIwQY
MBaAFGW9z/d78GDV2hLeReIHLhz/RWCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYt
ZDcwY2Q5N2Y0ODU3LzEvTDhBamVzVGtFdXZuOUw1VFJ6c0RWTkxnSS1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYtZDcwY2Q5N2Y0ODU3
LzEvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuSnxAwQA
uZghMA0GCSqGSIb3DQEBCwUAA4IBAQBlLPr4R3k8+KKb/+zpl7AW0NjcqVkVcoT0
tja4sNTETm0p7TbYzFJoXZ90Gd3/dVZ8V2hXo7lWiA2tm2Q1aO3W0tbPukUNza+r
myiM+VUp3aq3qCxRYam13yzyRtILQB2CXPBU1CLwRjc+uKzodm+3HkGO37LphEdA
IJtE9H81/hlWd5FPlbEenhB4zxmBGTDEPL3F1CS54IJ4XRrendVuaVdcxdJD15I4
/pgTG/ma7Y68NHlJdFTqRLz/HpTEc0pj2CnVBS9NDQmZWedOo4iMXB9OG6Xl92ua
6D7nCkkgOZryQH/Ky8bbDazuhfb7088cuj1Q7lIULLNvGU0pPaRO
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:02:57 2024 by rpki-client on console-fra.rpki-client.org