Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-A8fR4V04O4fU6QkCQbwfl2YOec.roa
File: 1-A8fR4V04O4fU6QkCQbwfl2YOec.roa (raw, json)
Hash identifier: toVh3jnXk9/TFgFQOH7TSzd23bvwq3upbzU+qgdLJYE=
Subject key identifier: F8:0F:1F:47:85:74:E0:EE:1F:53:A4:24:09:06:F0:7E:5D:98:39:E7
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018CC8DFB4EC6E486A74D26C6FD4F16BA6B9
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-A8fR4V04O4fU6QkCQbwfl2YOec.roa
Signing time: Tue 02 Jan 2024 06:32:33 +0000
ROA not before: Tue 02 Jan 2024 06:32:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216234
IP address blocks: 194.67.193.0/24 maxlen: 24
45.9.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:b4:ec:6e:48:6a:74:d2:6c:6f:d4:f1:6b:a6:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 06:32:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f80f1f478574e0ee1f53a4240906f07e5d9839e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:50:43:da:2d:88:0c:9a:15:b6:fd:23:e1:8d:
42:b4:28:38:f2:b0:71:3c:77:d9:a7:39:ea:77:aa:
fb:5f:1b:15:7c:28:8c:c5:82:b2:bf:bc:df:9c:61:
05:41:80:bc:c0:05:58:84:44:f6:b2:de:b3:67:c9:
91:c5:a5:04:94:d1:94:8f:6e:81:a5:6d:1d:ea:20:
8e:4b:ba:db:9e:37:b6:65:ee:68:94:ae:c3:37:a4:
f2:ac:65:95:20:34:55:fa:a7:1e:08:2f:a8:6e:57:
e5:a0:b6:82:bc:63:25:a8:01:75:4c:e6:cf:ff:49:
8a:91:b8:96:18:db:80:3d:1f:a8:79:ed:b7:b6:69:
bb:81:0d:60:a0:34:91:10:25:9e:fe:17:dc:1b:bf:
75:75:1d:01:a2:04:47:60:73:dc:8d:53:6f:0d:b9:
6a:a1:1a:04:f9:6b:ad:c1:b2:c4:12:51:fd:67:6f:
4d:e5:3e:11:38:58:84:71:d3:3c:89:e7:52:34:e2:
08:18:6b:18:cd:37:40:f2:7a:a2:f9:de:7f:22:ef:
09:65:62:a1:12:87:1d:4a:7a:57:42:61:1e:d8:2d:
cc:b2:b8:65:ab:ef:61:4e:4c:d8:f5:54:2a:06:88:
43:ed:89:b2:63:e2:8e:91:88:da:2d:52:fe:58:08:
f1:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:0F:1F:47:85:74:E0:EE:1F:53:A4:24:09:06:F0:7E:5D:98:39:E7
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-A8fR4V04O4fU6QkCQbwfl2YOec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.74.0/24
194.67.193.0/24
Signature Algorithm: sha256WithRSAEncryption
25:52:e9:89:1f:48:9b:f1:a7:41:1b:51:0f:10:d8:95:b8:82:
aa:20:44:e8:0d:69:2f:c2:0c:29:5a:c9:da:a3:72:92:6a:e6:
5f:af:22:74:0c:ca:74:a7:72:f5:3e:07:09:7c:dd:40:d7:6d:
62:96:a2:03:61:ef:6f:ea:7e:39:01:ec:8e:7d:fc:4b:b1:7c:
ee:17:76:8c:ad:08:f7:0c:d6:ee:62:95:93:54:7e:77:fe:29:
4c:36:02:8c:b3:0b:82:52:26:96:74:c3:f1:a0:d8:c2:e1:7b:
9c:ab:bd:d9:3c:66:cc:00:13:c8:00:47:67:8a:52:e4:ee:a5:
cc:ad:39:4f:8b:46:94:fc:a3:d1:52:65:17:16:75:7f:2c:bd:
b3:5e:bb:8c:6b:ca:48:55:f0:6c:63:c4:8f:df:3e:b2:d9:a8:
35:f1:52:54:03:68:8d:36:97:4f:de:b8:62:c6:56:ba:aa:41:
4f:dd:7f:0f:e5:fc:a6:f3:9c:aa:25:b8:86:0d:9d:2c:1f:13:
f1:d7:15:78:d4:26:5d:9d:3f:63:5f:63:26:26:05:ca:05:5b:
fe:9a:ad:4e:3b:d7:94:57:86:30:9a:e8:1a:9d:0c:78:dd:cd:
5e:e7:f3:26:0b:1f:92:e3:f5:2a:39:e1:2b:91:d7:81:4b:2f:
f6:05:bf:c2
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzI37TsbkhqdNJsb9Txa6a5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTAyMDYzMjMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODBmMWY0Nzg1NzRlMGVlMWY1M2E0MjQwOTA2ZjA3ZTVkOTgzOWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVBD2i2IDJoVtv0j4Y1CtCg48rBx
PHfZpznqd6r7XxsVfCiMxYKyv7zfnGEFQYC8wAVYhET2st6zZ8mRxaUElNGUj26B
pW0d6iCOS7rbnje2Ze5olK7DN6TyrGWVIDRV+qceCC+oblfloLaCvGMlqAF1TObP
/0mKkbiWGNuAPR+oee23tmm7gQ1goDSRECWe/hfcG791dR0BogRHYHPcjVNvDblq
oRoE+WutwbLEElH9Z29N5T4ROFiEcdM8iedSNOIIGGsYzTdA8nqi+d5/Iu8JZWKh
EocdSnpXQmEe2C3Msrhlq+9hTkzY9VQqBohD7YmyY+KOkYjaLVL+WAjxdQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPgPH0eFdODuH1OkJAkG8H5dmDnnMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvMS1BOGZSNFYwNE80ZlU2UWtDUWJ3ZmwyWU9lYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2Nk
Mi8xL3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC0JSgME
AMJDwTANBgkqhkiG9w0BAQsFAAOCAQEAJVLpiR9Im/GnQRtRDxDYlbiCqiBE6A1p
L8IMKVrJ2qNykmrmX68idAzKdKdy9T4HCXzdQNdtYpaiA2Hvb+p+OQHsjn38S7F8
7hd2jK0I9wzW7mKVk1R+d/4pTDYCjLMLglImlnTD8aDYwuF7nKu92TxmzAATyABH
Z4pS5O6lzK05T4tGlPyj0VJlFxZ1fyy9s167jGvKSFXwbGPEj98+stmoNfFSVANo
jTaXT964YsZWuqpBT91/D+X8pvOcqiW4hg2dLB8T8dcVeNQmXZ0/Y19jJiYFygVb
/pqtTjvXlFeGMJroGp0MeN3NXufzJgsfkuP1KjnhK5HXgUsv9gW/wg==
-----END CERTIFICATE-----
Generated at Wed May 29 08:58:08 2024 by rpki-client on console-ams.rpki-client.org