Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/8ev_3ecaOE9Xy6P1NIXqcQLzweI.roa
File: 8ev_3ecaOE9Xy6P1NIXqcQLzweI.roa (raw, json)
Hash identifier: Zj+FSqlWF1bKg6ErvNytlDkNslmJzZbU8Tq384TdAl4=
Subject key identifier: F1:EB:FF:DD:E7:1A:38:4F:57:CB:A3:F5:34:85:EA:71:02:F3:C1:E2
Certificate issuer: /CN=dc1fd007dffa508f30063fbe4d53a2b2e1e8c4de
Certificate serial: 019423D7F906C56E28A5A236A77C4CDD8B29
Authority key identifier: DC:1F:D0:07:DF:FA:50:8F:30:06:3F:BE:4D:53:A2:B2:E1:E8:C4:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3B_QB9_6UI8wBj--TVOisuHoxN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/8ev_3ecaOE9Xy6P1NIXqcQLzweI.roa
Signing time: Wed 01 Jan 2025 21:49:04 +0000
ROA not before: Wed 01 Jan 2025 21:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12502
IP address blocks: 193.96.243.0/24 maxlen: 24
194.55.100.0/23 maxlen: 23
212.71.192.0/19 maxlen: 24
2001:14f8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/3B_QB9_6UI8wBj--TVOisuHoxN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/3B_QB9_6UI8wBj--TVOisuHoxN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/3B_QB9_6UI8wBj--TVOisuHoxN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:f9:06:c5:6e:28:a5:a2:36:a7:7c:4c:dd:8b:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc1fd007dffa508f30063fbe4d53a2b2e1e8c4de
Validity
Not Before: Jan 1 21:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1ebffdde71a384f57cba3f53485ea7102f3c1e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8f:ff:66:83:bc:fb:5f:e4:75:24:ab:da:a6:
a3:43:05:21:6b:74:2e:de:ae:f0:ce:cf:5c:75:8e:
33:54:f2:cb:34:83:8e:7c:33:9e:40:f1:00:49:67:
37:50:fa:d6:23:7d:f3:81:10:0e:37:6e:ed:2c:4c:
1e:c8:87:aa:c6:9b:e9:5a:75:3b:8b:36:1d:8f:23:
49:16:5e:ef:e6:da:5c:bd:66:91:b1:1d:2a:25:b3:
6d:00:90:dc:39:a0:d6:64:22:26:68:f5:d5:eb:7a:
8c:51:04:70:f3:e7:b6:9c:b4:ec:3b:49:02:e1:b3:
48:11:c0:45:27:85:74:65:6d:14:ff:8d:a1:5c:91:
5a:90:c5:8b:cf:62:8c:af:5c:51:04:32:50:27:2c:
90:6f:13:53:46:ea:9e:08:8d:e6:ab:d5:a3:dd:be:
c9:a1:a0:6e:82:68:56:1d:71:f3:78:7c:16:84:7f:
8a:f7:b2:77:0c:a6:33:96:84:95:82:7d:ed:6c:b6:
8f:7e:08:aa:08:c6:85:5f:76:81:f7:c4:98:30:eb:
5e:c5:14:87:2e:04:49:62:c2:f2:ad:3c:db:69:e4:
a3:a8:d9:44:a1:ed:ff:a5:4a:94:09:8f:61:a6:01:
ad:26:0d:96:f8:5a:5d:fa:17:f2:a5:4f:f2:04:2a:
32:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:EB:FF:DD:E7:1A:38:4F:57:CB:A3:F5:34:85:EA:71:02:F3:C1:E2
X509v3 Authority Key Identifier:
keyid:DC:1F:D0:07:DF:FA:50:8F:30:06:3F:BE:4D:53:A2:B2:E1:E8:C4:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3B_QB9_6UI8wBj--TVOisuHoxN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/8ev_3ecaOE9Xy6P1NIXqcQLzweI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/3B_QB9_6UI8wBj--TVOisuHoxN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.96.243.0/24
194.55.100.0/23
212.71.192.0/19
IPv6:
2001:14f8::/32
Signature Algorithm: sha256WithRSAEncryption
45:55:7d:8f:54:db:89:85:cd:ed:d0:5a:25:ab:45:2f:bd:38:
70:18:b0:b2:0f:5a:d5:07:01:82:83:bc:83:f9:08:ae:b4:df:
dd:09:c7:f6:ac:f4:b7:56:0a:f4:6b:c7:b7:78:48:74:4e:4c:
19:66:07:8d:16:68:98:f4:e9:41:d0:18:21:bb:af:68:1c:a5:
5e:e8:06:5a:03:5e:42:ae:3d:97:69:cf:3c:77:8f:72:38:f3:
ec:43:02:26:ad:c3:a2:35:94:5e:d2:2a:6f:52:d8:57:26:bd:
a9:97:67:e3:fb:1f:62:3a:b9:be:5a:22:3d:40:f1:86:e1:5c:
08:00:90:97:84:1b:ef:73:63:27:6d:66:51:47:44:50:0d:d8:
22:e2:ba:ee:41:2e:7c:f4:5f:8f:81:7c:10:e6:fb:bb:cc:0a:
2b:ce:21:ab:45:ae:47:53:e0:c2:6e:78:9c:a8:3d:cc:17:2f:
01:99:47:5c:de:85:62:3a:d2:cc:3b:7e:4a:78:15:c7:6f:f6:
b7:3c:2a:d4:14:b1:92:61:26:3b:82:2d:a3:20:d4:61:5c:fb:
a3:48:0e:a4:5f:52:34:ca:d6:78:f9:7a:9d:31:8d:51:52:6e:
34:cb:7e:70:91:86:59:1c:37:c2:fa:35:96:f5:b1:3e:be:0e:
b5:2d:97:87
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQj1/kGxW4opaI2p3xM3YspMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMWZkMDA3ZGZmYTUwOGYzMDA2M2ZiZTRkNTNhMmIyZTFl
OGM0ZGUwHhcNMjUwMTAxMjE0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWViZmZkZGU3MWEzODRmNTdjYmEzZjUzNDg1ZWE3MTAyZjNjMWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuY//ZoO8+1/kdSSr2qajQwUha3Qu
3q7wzs9cdY4zVPLLNIOOfDOeQPEASWc3UPrWI33zgRAON27tLEweyIeqxpvpWnU7
izYdjyNJFl7v5tpcvWaRsR0qJbNtAJDcOaDWZCImaPXV63qMUQRw8+e2nLTsO0kC
4bNIEcBFJ4V0ZW0U/42hXJFakMWLz2KMr1xRBDJQJyyQbxNTRuqeCI3mq9Wj3b7J
oaBugmhWHXHzeHwWhH+K97J3DKYzloSVgn3tbLaPfgiqCMaFX3aB98SYMOtexRSH
LgRJYsLyrTzbaeSjqNlEoe3/pUqUCY9hpgGtJg2W+Fpd+hfypU/yBCoyUQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPHr/93nGjhPV8uj9TSF6nEC88HiMB8GA1UdIwQY
MBaAFNwf0Aff+lCPMAY/vk1TorLh6MTeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JfUUI5XzZVSTh3QmotLVRWT2lzdUhveE40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8wNzUzNzctZTQyNi00OTJmLWE1OWMt
YWU0Yzk1Yzk0MDA1LzEvOGV2XzNlY2FPRTlYeTZQMU5JWHFjUUx6d2VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8wNzUzNzctZTQyNi00OTJmLWE1OWMtYWU0Yzk1Yzk0MDA1
LzEvM0JfUUI5XzZVSTh3QmotLVRWT2lzdUhveE40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAwWDzAwQB
wjdkAwQF1EfAMA0EAgACMAcDBQAgART4MA0GCSqGSIb3DQEBCwUAA4IBAQBFVX2P
VNuJhc3t0Folq0UvvThwGLCyD1rVBwGCg7yD+QiutN/dCcf2rPS3Vgr0a8e3eEh0
TkwZZgeNFmiY9OlB0Bghu69oHKVe6AZaA15Crj2Xac88d49yOPPsQwImrcOiNZRe
0ipvUthXJr2pl2fj+x9iOrm+WiI9QPGG4VwIAJCXhBvvc2MnbWZRR0RQDdgi4rru
QS589F+PgXwQ5vu7zAorziGrRa5HU+DCbnicqD3MFy8BmUdc3oViOtLMO35KeBXH
b/a3PCrUFLGSYSY7gi2jINRhXPujSA6kX1I0ytZ4+XqdMY1RUm40y35wkYZZHDfC
+jWW9bE+vg61LZeH
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:15:08 2025 by rpki-client