Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/8Kn64p9snod_KH5IARhDTMSStFM.roa
File: 8Kn64p9snod_KH5IARhDTMSStFM.roa (raw, json)
Hash identifier: VPFAcFWNDQ9JUnshlVnJz1ZsNUbwE7QCayQ40+VhM6E=
Subject key identifier: F0:A9:FA:E2:9F:6C:9E:87:7F:28:7E:48:01:18:43:4C:C4:92:B4:53
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 018CC348C9869370CACB713CCA622AC7E12B
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/8Kn64p9snod_KH5IARhDTMSStFM.roa
Signing time: Mon 01 Jan 2024 04:29:36 +0000
ROA not before: Mon 01 Jan 2024 04:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208593
IP address blocks: 5.202.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.mft
rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:c9:86:93:70:ca:cb:71:3c:ca:62:2a:c7:e1:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jan 1 04:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0a9fae29f6c9e877f287e480118434cc492b453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c7:8c:47:e4:4d:4f:e2:46:be:33:bd:26:37:
7b:e6:72:55:cc:45:93:81:b6:52:ee:ab:f9:68:18:
10:c6:d2:b8:f8:e9:53:4c:83:47:54:41:49:f2:26:
b5:48:eb:6d:66:e3:a2:81:f7:9a:db:95:42:7e:9d:
8b:b0:18:ae:43:a4:0b:b2:46:11:36:a4:f8:9e:7c:
28:ec:b4:0a:d4:7e:d9:f3:13:11:a4:c8:78:73:71:
89:f2:3d:e4:1b:96:48:aa:99:c4:71:b1:55:a1:3f:
40:96:07:fc:74:6c:48:79:1c:82:0d:e2:a9:50:04:
ab:bf:39:de:e3:68:03:8f:79:9f:6f:06:58:8f:44:
14:8b:4a:52:11:49:80:fa:2a:ff:ef:45:9a:68:d9:
1f:f4:c1:f8:6d:d4:75:18:45:fe:46:7a:b7:48:75:
cb:af:41:e5:6a:78:f0:7b:1f:b7:36:0a:c1:58:8d:
c0:fa:50:81:5b:c6:f5:2b:88:18:a0:92:d4:f8:e6:
c5:0a:ce:ea:7f:23:35:a8:6b:3b:8f:5c:9d:ad:2b:
66:88:b3:2c:91:b2:a0:cc:65:dd:95:e3:3e:82:35:
f4:23:b8:b4:81:82:29:45:4d:8d:35:d3:57:3e:1d:
4b:26:2c:21:d3:a5:62:42:a9:fa:18:88:6e:9d:0f:
6b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:A9:FA:E2:9F:6C:9E:87:7F:28:7E:48:01:18:43:4C:C4:92:B4:53
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/8Kn64p9snod_KH5IARhDTMSStFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.187.0/24
Signature Algorithm: sha256WithRSAEncryption
89:e8:f2:db:59:b6:c2:b4:3b:41:fa:9f:40:06:19:00:6e:a4:
5f:26:f8:ea:51:e9:07:53:0b:c7:96:7b:1a:e8:ac:98:30:74:
c0:7f:52:55:72:51:20:0d:13:29:c7:ce:6b:3c:03:f8:a6:25:
df:65:d3:ed:af:6e:cf:6f:6e:5e:2a:1b:0d:bd:67:a3:cd:28:
30:bd:33:89:e1:12:42:bb:01:62:a5:29:65:f9:c1:32:d0:8a:
ba:50:5a:d0:f1:c9:23:c5:03:2d:53:07:17:83:f9:f6:88:f2:
c4:c3:78:84:41:34:89:a2:c7:2a:69:ce:1f:5c:d9:ff:b9:5a:
f0:e6:24:15:b4:60:d0:51:76:ab:ec:83:12:c5:31:60:a9:01:
d9:01:bb:10:be:41:53:bd:bb:c9:af:69:ba:8c:bf:b8:8d:45:
e3:8e:db:36:ed:19:ab:46:9d:65:12:4e:df:a6:83:4f:aa:6b:
6b:a2:ba:73:0f:3f:7d:24:03:8f:6a:7d:c0:97:18:17:ab:70:
80:08:a2:fb:aa:92:01:be:7d:51:f1:57:ec:cc:c0:50:63:ec:
07:97:f5:af:a2:bf:c9:7a:aa:d3:3c:13:2b:05:37:25:ea:70:
ff:6f:19:4d:b5:90:12:74:f2:a9:95:02:b9:2b:de:69:3a:2a:
5e:1d:e1:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSMmGk3DKy3E8ymIqx+ErMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjQwMTAxMDQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGE5ZmFlMjlmNmM5ZTg3N2YyODdlNDgwMTE4NDM0Y2M0OTJiNDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08eMR+RNT+JGvjO9Jjd75nJVzEWT
gbZS7qv5aBgQxtK4+OlTTINHVEFJ8ia1SOttZuOigfea25VCfp2LsBiuQ6QLskYR
NqT4nnwo7LQK1H7Z8xMRpMh4c3GJ8j3kG5ZIqpnEcbFVoT9Algf8dGxIeRyCDeKp
UASrvzne42gDj3mfbwZYj0QUi0pSEUmA+ir/70WaaNkf9MH4bdR1GEX+Rnq3SHXL
r0Hlanjwex+3NgrBWI3A+lCBW8b1K4gYoJLU+ObFCs7qfyM1qGs7j1ydrStmiLMs
kbKgzGXdleM+gjX0I7i0gYIpRU2NNdNXPh1LJiwh06ViQqn6GIhunQ9r0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPCp+uKfbJ6Hfyh+SAEYQ0zEkrRTMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvOEtuNjRwOXNub2RfS0g1SUFSaERUTVNTdEZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABcq7MA0G
CSqGSIb3DQEBCwUAA4IBAQCJ6PLbWbbCtDtB+p9ABhkAbqRfJvjqUekHUwvHlnsa
6KyYMHTAf1JVclEgDRMpx85rPAP4piXfZdPtr27Pb25eKhsNvWejzSgwvTOJ4RJC
uwFipSll+cEy0Iq6UFrQ8ckjxQMtUwcXg/n2iPLEw3iEQTSJoscqac4fXNn/uVrw
5iQVtGDQUXar7IMSxTFgqQHZAbsQvkFTvbvJr2m6jL+4jUXjjts27RmrRp1lEk7f
poNPqmtrorpzDz99JAOPan3AlxgXq3CACKL7qpIBvn1R8VfszMBQY+wHl/Wvor/J
eqrTPBMrBTcl6nD/bxlNtZASdPKplQK5K95pOipeHeGU
-----END CERTIFICATE-----
Generated at Sat Jun 8 01:20:20 2024 by rpki-client on console-ams.rpki-client.org