Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/d99af7-e1a0-4b56-b213-87f129dc0ff2/1/8RFn73qCQ_qySwsQuTvS9p_y2GU.roa
File: 8RFn73qCQ_qySwsQuTvS9p_y2GU.roa (raw, json)
Hash identifier: yi+acZ7IVW4R8SYhD9687DDLgoulSXfZFCxqgy88jKo=
Subject key identifier: F1:11:67:EF:7A:82:43:FA:B2:4B:0B:10:B9:3B:D2:F6:9F:F2:D8:65
Certificate issuer: /CN=2697ee5bea95b6fca92d7c8005b2531d0d510468
Certificate serial: 018CC5DC79516D9DFB5EFD62E301B6F978FB
Authority key identifier: 26:97:EE:5B:EA:95:B6:FC:A9:2D:7C:80:05:B2:53:1D:0D:51:04:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JpfuW-qVtvypLXyABbJTHQ1RBGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/d99af7-e1a0-4b56-b213-87f129dc0ff2/1/8RFn73qCQ_qySwsQuTvS9p_y2GU.roa
Signing time: Mon 01 Jan 2024 16:30:09 +0000
ROA not before: Mon 01 Jan 2024 16:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35615
IP address blocks: 194.39.38.0/24 maxlen: 24
194.39.37.0/24 maxlen: 24
194.39.36.0/23 maxlen: 23
194.39.36.0/22 maxlen: 22
194.39.36.0/24 maxlen: 24
194.39.39.0/24 maxlen: 24
194.39.38.0/23 maxlen: 23
2a0d:84c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/d99af7-e1a0-4b56-b213-87f129dc0ff2/1/JpfuW-qVtvypLXyABbJTHQ1RBGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/d99af7-e1a0-4b56-b213-87f129dc0ff2/1/JpfuW-qVtvypLXyABbJTHQ1RBGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/JpfuW-qVtvypLXyABbJTHQ1RBGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:79:51:6d:9d:fb:5e:fd:62:e3:01:b6:f9:78:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2697ee5bea95b6fca92d7c8005b2531d0d510468
Validity
Not Before: Jan 1 16:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f11167ef7a8243fab24b0b10b93bd2f69ff2d865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:52:9f:7e:18:5d:b2:9e:7d:7e:bc:c9:e1:73:
c2:98:5b:eb:2b:1e:bd:69:c7:b1:03:a1:32:8a:6d:
17:06:e2:1b:4c:b3:ba:41:35:29:47:6c:53:24:64:
3d:fc:ef:95:69:1d:8f:b3:74:cd:22:9e:7d:06:b5:
a0:ed:86:52:52:fc:df:f6:12:0f:63:76:bc:22:ba:
79:09:b2:d9:75:f4:1a:21:28:41:7a:e2:39:d7:85:
39:85:03:f5:fd:9d:0c:c8:de:c1:8f:89:f7:63:01:
a2:c6:da:6a:be:41:b2:9a:6d:fd:95:64:09:90:5d:
dc:9b:69:08:fe:16:9c:8e:cf:65:50:da:59:6a:e2:
42:6d:2e:49:67:98:6e:fd:2b:40:7b:e7:b9:cd:63:
c3:32:14:fd:37:ab:e4:68:ea:b4:8b:40:28:88:e4:
c0:27:92:f5:bc:2c:c9:32:a4:30:fa:e5:e9:26:69:
f1:86:c2:25:c7:9a:ce:0f:3f:e5:3d:ee:db:47:6f:
e3:da:f6:ba:c1:ea:e0:59:4c:d3:82:d4:fb:69:c2:
a4:e6:b9:78:28:e2:03:f5:55:11:a9:18:33:1e:a3:
76:da:c2:7b:75:14:0a:50:9d:93:53:d3:30:41:fd:
f0:8a:88:97:36:a4:87:4a:ce:29:78:38:53:12:cc:
dc:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:11:67:EF:7A:82:43:FA:B2:4B:0B:10:B9:3B:D2:F6:9F:F2:D8:65
X509v3 Authority Key Identifier:
keyid:26:97:EE:5B:EA:95:B6:FC:A9:2D:7C:80:05:B2:53:1D:0D:51:04:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JpfuW-qVtvypLXyABbJTHQ1RBGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/d99af7-e1a0-4b56-b213-87f129dc0ff2/1/8RFn73qCQ_qySwsQuTvS9p_y2GU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/d99af7-e1a0-4b56-b213-87f129dc0ff2/1/JpfuW-qVtvypLXyABbJTHQ1RBGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.39.36.0/22
IPv6:
2a0d:84c0::/29
Signature Algorithm: sha256WithRSAEncryption
31:50:98:52:4a:ef:52:6d:ef:f3:d6:ed:25:0b:58:8e:8b:fe:
43:37:8a:84:ec:70:cb:9f:f0:a3:36:bc:7f:eb:6f:98:13:3e:
cd:12:bd:b6:0c:ad:93:0b:cf:6d:f3:42:55:19:48:e0:ea:f9:
6a:4c:5d:6e:55:fd:ea:87:db:51:5f:70:da:c3:fd:7f:c2:c1:
e7:ea:93:d0:05:0f:45:c5:b4:9f:11:67:73:64:9f:68:3c:65:
8b:1b:3b:d9:af:44:75:65:e5:b8:c6:0f:49:f6:d6:b7:48:3d:
c5:58:bd:30:c8:2e:a4:46:32:8e:08:b6:d6:58:31:df:7a:74:
ba:49:0b:ba:4b:fc:df:9e:1a:7d:bc:5c:76:16:1c:54:74:c3:
a4:9e:47:a7:a4:77:78:a9:91:f8:07:19:18:ce:74:a2:10:2d:
cb:65:e7:09:89:94:4c:4b:70:96:9d:25:15:15:d1:bd:78:6a:
73:c5:92:d5:0f:3a:c0:fe:a9:69:08:65:85:50:ad:4b:0f:49:
dd:67:18:b8:38:89:04:ba:93:f8:2d:e7:49:94:7e:3d:9b:22:
f7:f5:bb:75:68:54:f2:63:61:ff:0d:6f:c2:52:f3:aa:5f:50:
6b:ff:0d:2c:0a:d6:08:66:51:54:75:e5:b1:cf:94:a2:15:b0:
66:44:f2:30
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3HlRbZ37Xv1i4wG2+Xj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2OTdlZTViZWE5NWI2ZmNhOTJkN2M4MDA1YjI1MzFkMGQ1
MTA0NjgwHhcNMjQwMTAxMTYzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTExNjdlZjdhODI0M2ZhYjI0YjBiMTBiOTNiZDJmNjlmZjJkODY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlKffhhdsp59frzJ4XPCmFvrKx69
acexA6Eyim0XBuIbTLO6QTUpR2xTJGQ9/O+VaR2Ps3TNIp59BrWg7YZSUvzf9hIP
Y3a8Irp5CbLZdfQaIShBeuI514U5hQP1/Z0MyN7Bj4n3YwGixtpqvkGymm39lWQJ
kF3cm2kI/hacjs9lUNpZauJCbS5JZ5hu/StAe+e5zWPDMhT9N6vkaOq0i0AoiOTA
J5L1vCzJMqQw+uXpJmnxhsIlx5rODz/lPe7bR2/j2va6wergWUzTgtT7acKk5rl4
KOID9VURqRgzHqN22sJ7dRQKUJ2TU9MwQf3wioiXNqSHSs4peDhTEszcXwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPERZ+96gkP6sksLELk70vaf8thlMB8GA1UdIwQY
MBaAFCaX7lvqlbb8qS18gAWyUx0NUQRoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnBmdVctcVZ0dnlwTFh5QUJiSlRIUTFSQkdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9kOTlhZjctZTFhMC00YjU2LWIyMTMt
ODdmMTI5ZGMwZmYyLzEvOFJGbjczcUNRX3F5U3dzUXVUdlM5cF95MkdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9kOTlhZjctZTFhMC00YjU2LWIyMTMtODdmMTI5ZGMwZmYy
LzEvSnBmdVctcVZ0dnlwTFh5QUJiSlRIUTFSQkdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwickMA0E
AgACMAcDBQMqDYTAMA0GCSqGSIb3DQEBCwUAA4IBAQAxUJhSSu9Sbe/z1u0lC1iO
i/5DN4qE7HDLn/CjNrx/62+YEz7NEr22DK2TC89t80JVGUjg6vlqTF1uVf3qh9tR
X3Daw/1/wsHn6pPQBQ9FxbSfEWdzZJ9oPGWLGzvZr0R1ZeW4xg9J9ta3SD3FWL0w
yC6kRjKOCLbWWDHfenS6SQu6S/zfnhp9vFx2FhxUdMOknkenpHd4qZH4BxkYznSi
EC3LZecJiZRMS3CWnSUVFdG9eGpzxZLVDzrA/qlpCGWFUK1LD0ndZxi4OIkEupP4
LedJlH49myL39bt1aFTyY2H/DW/CUvOqX1Br/w0sCtYIZlFUdeWxz5SiFbBmRPIw
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:24:08 2024 by rpki-client on console-ams.rpki-client.org