Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/_8-3Qs_qZ1htreiN1JNh0Xfjgzw.roa
File: _8-3Qs_qZ1htreiN1JNh0Xfjgzw.roa (raw, json)
Hash identifier: vjBjNUyiud1IqRH6IpSBed0Ql8B7vtUZBKWlZlCokKM=
Subject key identifier: FF:CF:B7:42:CF:EA:67:58:6D:AD:E8:8D:D4:93:61:D1:77:E3:83:3C
Certificate issuer: /CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Certificate serial: 0194274896067D6263E7A94A4F9A56B0F1BB
Authority key identifier: 09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/_8-3Qs_qZ1htreiN1JNh0Xfjgzw.roa
Signing time: Thu 02 Jan 2025 13:50:55 +0000
ROA not before: Thu 02 Jan 2025 13:50:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215672
IP address blocks: 80.93.193.0/24 maxlen: 24
80.93.199.0/24 maxlen: 24
80.93.203.0/24 maxlen: 24
80.93.204.0/24 maxlen: 24
80.93.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 23:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:96:06:7d:62:63:e7:a9:4a:4f:9a:56:b0:f1:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Validity
Not Before: Jan 2 13:50:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ffcfb742cfea67586dade88dd49361d177e3833c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:21:7e:df:0e:4d:87:cd:fe:62:15:e3:69:45:
6a:fd:bf:9d:6c:c5:8f:2c:60:7e:75:2a:ff:21:9e:
81:f9:36:c5:77:9e:f1:ce:69:9d:cc:bc:95:26:a2:
31:8f:88:88:93:3a:e2:ee:da:c5:0f:44:90:e1:9e:
96:0b:a3:81:58:cb:46:9b:6d:88:90:d3:82:68:f4:
fa:96:1b:3a:2e:6c:e5:df:7b:ed:a7:70:a3:af:4a:
27:cd:31:d3:bc:52:1c:9b:f0:8e:1e:3e:95:ce:99:
f9:d2:9b:2d:1b:48:b0:91:cf:b2:3e:f8:d6:2d:84:
4e:bd:1c:db:7d:27:05:b6:8a:6b:b3:7b:6c:c9:19:
ff:4d:42:8a:18:ff:dc:bc:f7:9b:3b:88:db:81:76:
cf:b3:2c:91:dc:97:50:67:8d:b3:98:e2:2b:f2:93:
dd:48:f9:e3:3b:4f:f0:78:43:c5:34:36:33:89:bf:
82:30:7b:c9:66:99:d7:b5:50:b4:57:a8:99:60:8b:
5d:85:21:46:08:0f:7b:99:d5:1e:44:67:d5:52:2d:
95:51:8f:75:73:4a:ab:7e:9b:79:c6:a6:73:b5:6c:
f6:b1:22:10:67:38:a6:4a:11:ad:82:1b:8e:f8:45:
7b:0b:26:f2:1f:2f:c7:03:26:ad:77:ce:15:26:09:
b6:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:CF:B7:42:CF:EA:67:58:6D:AD:E8:8D:D4:93:61:D1:77:E3:83:3C
X509v3 Authority Key Identifier:
keyid:09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/_8-3Qs_qZ1htreiN1JNh0Xfjgzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.93.193.0/24
80.93.199.0/24
80.93.203.0-80.93.205.255
Signature Algorithm: sha256WithRSAEncryption
17:1c:e8:88:6d:80:e4:d7:b3:d7:15:bc:ce:cb:a3:e8:1e:f8:
a1:ab:28:ea:55:5e:7f:6b:7b:df:84:1e:d9:00:dc:a0:c5:af:
09:31:b5:a7:d8:ae:09:7a:ad:7d:87:3c:aa:db:27:a1:d8:90:
e6:b4:13:75:56:9e:1b:28:79:87:e7:6e:a3:43:55:92:fe:69:
50:24:9f:c3:6a:92:86:ed:df:ee:b1:c4:7d:c6:90:1d:67:56:
78:3c:85:80:f6:5e:de:f2:25:ba:03:0b:cc:c3:78:16:82:73:
26:e5:08:b1:71:6a:d9:54:0e:22:68:6f:ff:a2:8f:1e:4b:3e:
81:ee:bc:90:e2:37:b9:4e:cd:fa:97:02:89:76:a9:4a:f9:d4:
17:f7:20:ed:cf:c3:8a:81:27:8b:9e:be:cf:40:37:0d:24:62:
33:ec:9c:9f:c2:e4:e4:57:c3:83:da:d9:6d:50:a0:bf:64:dd:
58:28:ce:3d:a2:71:31:74:79:f6:02:0c:67:8d:69:da:d5:99:
50:46:49:51:57:b7:b5:ec:b4:b3:a5:29:87:55:41:c8:21:35:
1a:72:45:b3:5a:e9:53:62:cb:f4:3b:86:1d:3f:1d:23:44:d4:
ef:44:f1:47:c9:61:d2:80:6f:2b:a7:29:b0:f8:94:3e:75:70:
00:f7:66:d1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQnSJYGfWJj56lKT5pWsPG7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGY3YmEzNGJjNjU2N2JkMzYxNmQ1NzRmNzI4NWRkNzU1
NmRiZmQwHhcNMjUwMTAyMTM1MDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmNmYjc0MmNmZWE2NzU4NmRhZGU4OGRkNDkzNjFkMTc3ZTM4MzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiF+3w5Nh83+YhXjaUVq/b+dbMWP
LGB+dSr/IZ6B+TbFd57xzmmdzLyVJqIxj4iIkzri7trFD0SQ4Z6WC6OBWMtGm22I
kNOCaPT6lhs6Lmzl33vtp3Cjr0onzTHTvFIcm/COHj6Vzpn50pstG0iwkc+yPvjW
LYROvRzbfScFtoprs3tsyRn/TUKKGP/cvPebO4jbgXbPsyyR3JdQZ42zmOIr8pPd
SPnjO0/weEPFNDYzib+CMHvJZpnXtVC0V6iZYItdhSFGCA97mdUeRGfVUi2VUY91
c0qrfpt5xqZztWz2sSIQZzimShGtghuO+EV7CybyHy/HAyatd84VJgm2swIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFP/Pt0LP6mdYba3ojdSTYdF344M8MB8GA1UdIwQY
MBaAFAmPe6NLxlZ702FtV09yhd11Vtv9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMt
ZTIxNjZhZDc0ZTNmLzEvXzgtM1FzX3FaMWh0cmVpTjFKTmgwWGZqZ3p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMtZTIxNjZhZDc0ZTNm
LzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAUF3BAwQA
UF3HMAwDBABQXcsDBAFQXcwwDQYJKoZIhvcNAQELBQADggEBABcc6IhtgOTXs9cV
vM7Lo+ge+KGrKOpVXn9re9+EHtkA3KDFrwkxtafYrgl6rX2HPKrbJ6HYkOa0E3VW
nhsoeYfnbqNDVZL+aVAkn8Nqkobt3+6xxH3GkB1nVng8hYD2Xt7yJboDC8zDeBaC
cyblCLFxatlUDiJob/+ijx5LPoHuvJDiN7lOzfqXAol2qUr51Bf3IO3Pw4qBJ4ue
vs9ANw0kYjPsnJ/C5ORXw4Pa2W1QoL9k3Vgozj2icTF0efYCDGeNadrVmVBGSVFX
t7XstLOlKYdVQcghNRpyRbNa6VNiy/Q7hh0/HSNE1O9E8UfJYdKAbyunKbD4lD51
cAD3ZtE=
-----END CERTIFICATE-----
Generated at Wed Feb 5 05:59:54 2025 by rpki-client