Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/G8xhcV65ucF8VQ4zyXlNvIY7WaU.roa
File: G8xhcV65ucF8VQ4zyXlNvIY7WaU.roa (raw, json)
Hash identifier: mYzuxRcPEzAV1Y7eeW3bqRjJh5Ug4YK+a0AsB+agIsA=
Subject key identifier: 1B:CC:61:71:5E:B9:B9:C1:7C:55:0E:33:C9:79:4D:BC:86:3B:59:A5
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 018E14ADD83EB46EA3FAC88B005037AF0759
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/G8xhcV65ucF8VQ4zyXlNvIY7WaU.roa
Signing time: Wed 06 Mar 2024 16:52:01 +0000
ROA not before: Wed 06 Mar 2024 16:52:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212609
IP address blocks: 2.58.235.0/24 maxlen: 24
45.9.152.0/22 maxlen: 24
213.109.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:03:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:14:ad:d8:3e:b4:6e:a3:fa:c8:8b:00:50:37:af:07:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Mar 6 16:52:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bcc61715eb9b9c17c550e33c9794dbc863b59a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:fa:cc:02:ba:0e:c4:1f:2a:3e:fc:75:9c:d6:
de:08:7c:e7:d4:f8:fc:39:52:39:09:fb:a7:c1:a8:
a0:05:28:a4:c4:0a:5f:ee:02:f2:f2:f8:c3:57:b9:
fa:d7:0f:4d:8b:e5:be:e8:d6:ff:7a:bc:44:ce:41:
bd:b7:a0:f3:1b:8a:95:e0:4b:2a:de:bd:76:21:94:
1a:80:33:0f:98:2c:f0:9c:1a:7d:91:fb:d8:3a:53:
da:ca:1b:c3:7e:aa:5b:22:45:8a:b0:2b:85:5f:6a:
c5:a8:01:c5:df:a7:34:10:c7:bf:d4:28:bc:3e:18:
51:6f:f0:61:f3:eb:c5:77:9e:d6:38:96:6f:5e:13:
6d:cc:77:18:67:98:7c:1b:ff:ab:42:a2:ad:98:2b:
a9:23:13:89:d0:03:36:a5:8e:b3:da:d7:f5:4c:a9:
30:57:c1:89:2b:21:e0:2a:41:1a:d7:73:c5:94:51:
d9:8e:d3:14:65:87:71:f5:f6:b7:b3:73:0d:da:dd:
56:1c:0b:0a:8c:fb:65:ad:fd:9b:3d:c6:cb:72:4f:
8b:65:23:f4:33:7e:a1:cb:cb:d6:b2:41:dd:f4:f1:
45:ba:ce:35:38:89:c7:4d:fd:83:f8:16:e7:59:9b:
f8:9e:c9:67:1d:09:72:62:59:a9:7d:60:9d:c6:58:
fe:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:CC:61:71:5E:B9:B9:C1:7C:55:0E:33:C9:79:4D:BC:86:3B:59:A5
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/G8xhcV65ucF8VQ4zyXlNvIY7WaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.235.0/24
45.9.152.0/22
213.109.155.0/24
Signature Algorithm: sha256WithRSAEncryption
80:52:12:25:d8:c0:07:a3:9f:db:7b:8f:a7:d7:81:78:85:61:
7a:5a:fb:8d:24:24:8e:14:43:ee:13:ee:ac:39:b7:00:4f:da:
a5:c0:80:63:4f:13:3a:73:c8:5c:bd:38:35:eb:1b:2f:02:c9:
f8:a1:58:40:fb:85:4f:6e:b5:dd:19:8c:7d:1b:0b:7d:21:dd:
e8:61:10:7c:51:d7:83:7d:07:97:bc:86:fe:6f:cb:17:fd:19:
22:12:65:73:c8:53:ed:63:39:83:a4:82:0b:77:42:e4:25:85:
b0:53:b5:6e:12:ef:78:9a:68:a5:95:9b:60:42:23:8e:a5:93:
52:42:08:a5:9f:b9:23:d7:95:7b:a6:d3:34:ff:d9:4a:f5:51:
c5:70:b6:60:b1:82:45:c9:bf:9e:de:d0:58:81:48:b3:ba:71:
e3:95:56:5a:3b:97:b1:cc:a8:93:9b:f7:3b:85:2e:e1:e1:6d:
f3:c8:d1:a9:68:ed:13:6e:03:d0:02:96:27:84:44:b8:83:47:
71:d7:29:05:eb:78:95:15:c9:b9:88:49:a3:01:c4:7d:df:70:
b6:47:7a:50:fa:3a:2b:98:d0:97:e8:48:35:e4:8f:da:8b:91:
5b:90:c2:25:6e:11:22:33:49:3a:60:f4:96:ca:96:23:39:26:
28:2a:88:c0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY4Urdg+tG6j+siLAFA3rwdZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjQwMzA2MTY1MjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmNjNjE3MTVlYjliOWMxN2M1NTBlMzNjOTc5NGRiYzg2M2I1OWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfrMAroOxB8qPvx1nNbeCHzn1Pj8
OVI5CfunwaigBSikxApf7gLy8vjDV7n61w9Ni+W+6Nb/erxEzkG9t6DzG4qV4Esq
3r12IZQagDMPmCzwnBp9kfvYOlPayhvDfqpbIkWKsCuFX2rFqAHF36c0EMe/1Ci8
PhhRb/Bh8+vFd57WOJZvXhNtzHcYZ5h8G/+rQqKtmCupIxOJ0AM2pY6z2tf1TKkw
V8GJKyHgKkEa13PFlFHZjtMUZYdx9fa3s3MN2t1WHAsKjPtlrf2bPcbLck+LZSP0
M36hy8vWskHd9PFFus41OInHTf2D+BbnWZv4nslnHQlyYlmpfWCdxlj+AQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBvMYXFeubnBfFUOM8l5TbyGO1mlMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvRzh4aGNWNjV1Y0Y4VlE0enlYbE52SVk3V2FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjrrAwQC
LQmYAwQA1W2bMA0GCSqGSIb3DQEBCwUAA4IBAQCAUhIl2MAHo5/be4+n14F4hWF6
WvuNJCSOFEPuE+6sObcAT9qlwIBjTxM6c8hcvTg16xsvAsn4oVhA+4VPbrXdGYx9
Gwt9Id3oYRB8UdeDfQeXvIb+b8sX/RkiEmVzyFPtYzmDpIILd0LkJYWwU7VuEu94
mmillZtgQiOOpZNSQgiln7kj15V7ptM0/9lK9VHFcLZgsYJFyb+e3tBYgUizunHj
lVZaO5exzKiTm/c7hS7h4W3zyNGpaO0TbgPQApYnhES4g0dx1ykF63iVFcm5iEmj
AcR933C2R3pQ+jormNCX6Eg15I/ai5FbkMIlbhEiM0k6YPSWypYjOSYoKojA
-----END CERTIFICATE-----
Generated at Sun May 19 07:10:39 2024 by rpki-client on console-ams.rpki-client.org