Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/L8yiRc84MIB2h1fRIX44t7kUm1w.roa
File: L8yiRc84MIB2h1fRIX44t7kUm1w.roa (raw, json)
Hash identifier: zKA0L2bFvwOoiISQtduY5+bTDFyQnQhpCYlDUkZh/LM=
Subject key identifier: 2F:CC:A2:45:CF:38:30:80:76:87:57:D1:21:7E:38:B7:B9:14:9B:5C
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CC8027B7353DA47BE21C27685237223B1
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/L8yiRc84MIB2h1fRIX44t7kUm1w.roa
Signing time: Tue 02 Jan 2024 02:30:54 +0000
ROA not before: Tue 02 Jan 2024 02:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43618
IP address blocks: 193.37.66.0/24 maxlen: 24
193.37.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:7b:73:53:da:47:be:21:c2:76:85:23:72:23:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 02:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2fcca245cf383080768757d1217e38b7b9149b5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:14:76:ff:ac:49:6c:1a:04:7c:91:60:cb:85:
86:02:cb:a5:8a:d2:01:14:93:ca:db:d7:28:79:00:
dd:f4:9a:a2:0f:eb:b9:ad:91:ba:75:fc:d7:43:dc:
50:a0:57:6e:3b:0a:18:6d:1b:ac:f1:24:b4:b2:55:
af:ba:80:c7:9a:b2:6e:c8:e7:c9:98:35:df:cf:a5:
40:95:e9:aa:13:15:85:8b:b9:c3:d2:6d:1d:88:6d:
58:dc:64:1d:3e:99:ee:4f:75:d8:6d:b6:ee:dd:a9:
d4:09:7a:2e:d8:7e:38:b2:c9:19:b5:15:45:72:79:
c1:dc:9b:88:74:7f:9e:77:9b:c0:1b:69:21:b3:9a:
ff:f1:6b:3a:ef:a6:cd:d8:71:b0:28:c2:5e:c1:88:
ed:87:3c:b3:e3:77:26:f1:01:1d:ff:ec:8d:80:50:
e9:f3:51:e9:c8:22:67:f0:3b:b6:53:cb:2c:ca:2a:
0c:4b:7e:1a:b4:fb:88:02:d8:3e:98:83:2d:f9:bc:
a8:e7:2d:a6:a4:65:f5:96:3b:2c:f3:51:7a:0b:b9:
5e:1f:c9:2f:27:6e:d6:0a:86:ad:7b:97:a1:9f:6b:
63:04:c5:82:bf:93:16:c1:6d:26:47:6b:4a:f7:71:
48:05:a8:40:38:2e:89:fc:02:8b:8b:f8:05:d3:d3:
51:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:CC:A2:45:CF:38:30:80:76:87:57:D1:21:7E:38:B7:B9:14:9B:5C
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/L8yiRc84MIB2h1fRIX44t7kUm1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.66.0/23
Signature Algorithm: sha256WithRSAEncryption
be:d5:77:6d:33:f9:a1:f1:02:7b:b2:f5:a3:e5:8a:d0:9e:60:
38:60:07:a7:dd:35:39:c5:29:14:ba:7f:1a:6f:fa:44:a8:e4:
0a:fa:e0:a0:39:0e:1f:90:44:ba:c3:db:36:4f:b2:47:35:cd:
0b:8d:76:11:87:f9:28:16:90:93:c2:67:96:bd:46:e2:75:a1:
ba:95:91:5d:f3:0b:73:d2:c9:45:7d:87:07:a3:3f:af:fc:ea:
e0:ac:b1:41:ff:84:bd:77:74:5a:fb:53:1d:20:de:fc:4c:53:
30:2e:2e:0d:85:94:80:ff:40:25:98:17:d0:d1:9e:40:c6:d1:
a8:28:a8:a3:f9:2c:a7:45:74:b5:07:2f:2a:b6:83:e0:8a:65:
66:cb:1a:1e:a5:bb:01:d2:8e:3b:37:07:dc:53:42:37:78:a2:
8b:be:77:54:19:22:d4:9e:fa:68:ac:b5:2d:7b:a4:08:dd:6f:
52:66:93:f7:2b:b7:41:1c:57:ac:c3:fa:82:61:f6:b1:76:b2:
08:61:a7:50:ac:98:81:48:71:b6:e7:ad:1a:f2:84:5e:6d:7f:
34:93:03:97:d9:79:71:d2:b4:e8:9f:bd:ff:63:00:ea:d1:6b:
de:33:d9:10:11:b3:7f:9a:67:79:da:f5:76:10:be:23:51:f2:
da:bb:37:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAntzU9pHviHCdoUjciOxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTAyMDIzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmNjYTI0NWNmMzgzMDgwNzY4NzU3ZDEyMTdlMzhiN2I5MTQ5YjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBR2/6xJbBoEfJFgy4WGAsulitIB
FJPK29coeQDd9JqiD+u5rZG6dfzXQ9xQoFduOwoYbRus8SS0slWvuoDHmrJuyOfJ
mDXfz6VAlemqExWFi7nD0m0diG1Y3GQdPpnuT3XYbbbu3anUCXou2H44sskZtRVF
cnnB3JuIdH+ed5vAG2khs5r/8Ws676bN2HGwKMJewYjthzyz43cm8QEd/+yNgFDp
81HpyCJn8Du2U8ssyioMS34atPuIAtg+mIMt+byo5y2mpGX1ljss81F6C7leH8kv
J27WCoate5ehn2tjBMWCv5MWwW0mR2tK93FIBahAOC6J/AKLi/gF09NR3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC/MokXPODCAdodX0SF+OLe5FJtcMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvTDh5aVJjODRNSUIyaDFmUklYNDR0N2tVbTF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwSVCMA0G
CSqGSIb3DQEBCwUAA4IBAQC+1XdtM/mh8QJ7svWj5YrQnmA4YAen3TU5xSkUun8a
b/pEqOQK+uCgOQ4fkES6w9s2T7JHNc0LjXYRh/koFpCTwmeWvUbidaG6lZFd8wtz
0slFfYcHoz+v/OrgrLFB/4S9d3Ra+1MdIN78TFMwLi4NhZSA/0AlmBfQ0Z5AxtGo
KKij+SynRXS1By8qtoPgimVmyxoepbsB0o47NwfcU0I3eKKLvndUGSLUnvporLUt
e6QI3W9SZpP3K7dBHFesw/qCYfaxdrIIYadQrJiBSHG2560a8oRebX80kwOX2Xlx
0rTon73/YwDq0WveM9kQEbN/mmd52vV2EL4jUfLauzfG
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:27:30 2024 by rpki-client on console-ams.rpki-client.org