Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/CKR8t3COGCFUSMeuwbzJqt392x0.roa
File: CKR8t3COGCFUSMeuwbzJqt392x0.roa (raw, json)
Hash identifier: FtshUE7nFcGGtaPukw5gBO9YvQ5X6av8auVQGhHWnP8=
Subject key identifier: 08:A4:7C:B7:70:8E:18:21:54:48:C7:AE:C1:BC:C9:AA:DD:FD:DB:1D
Certificate issuer: /CN=808c3a6c5cbff0739e438d05744405b16197b15b
Certificate serial: 018F06239ED004821D80B9458E73454CAC36
Authority key identifier: 80:8C:3A:6C:5C:BF:F0:73:9E:43:8D:05:74:44:05:B1:61:97:B1:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gIw6bFy_8HOeQ40FdEQFsWGXsVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/CKR8t3COGCFUSMeuwbzJqt392x0.roa
Signing time: Mon 22 Apr 2024 14:09:08 +0000
ROA not before: Mon 22 Apr 2024 14:09:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39334
IP address blocks: 213.109.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/gIw6bFy_8HOeQ40FdEQFsWGXsVs.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/gIw6bFy_8HOeQ40FdEQFsWGXsVs.mft
rsync://rpki.ripe.net/repository/DEFAULT/gIw6bFy_8HOeQ40FdEQFsWGXsVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 17:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:06:23:9e:d0:04:82:1d:80:b9:45:8e:73:45:4c:ac:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=808c3a6c5cbff0739e438d05744405b16197b15b
Validity
Not Before: Apr 22 14:09:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08a47cb7708e18215448c7aec1bcc9aaddfddb1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ab:b7:c1:d7:64:1b:88:bf:8b:c2:a1:56:35:
11:18:e5:85:71:5e:66:68:74:18:e8:70:72:0b:b1:
ca:4a:47:25:cf:88:ce:34:90:79:a0:ae:05:f4:71:
b3:b0:46:4f:6d:e0:80:60:a4:31:e9:a1:82:01:cc:
9b:0b:3e:73:8f:9e:ae:ff:ca:6f:6c:87:96:4c:2b:
b1:bb:66:08:99:7e:cf:96:b0:3b:b1:9e:71:7a:79:
6a:f4:71:c7:18:be:d2:ff:d7:d0:00:8c:59:32:42:
71:52:9c:0d:76:83:16:70:58:08:a3:1e:82:43:c8:
cd:14:2c:fd:20:16:92:8d:9f:b6:4b:2a:0f:4d:e9:
46:0f:d6:3a:04:27:c8:d4:b3:c6:7f:c4:d2:b3:d6:
b4:55:72:8b:f6:38:87:ba:3b:18:26:ba:c1:04:64:
8e:f4:83:89:4d:1f:6d:cb:dc:4f:20:41:e8:67:a8:
5e:5e:02:51:73:c6:ea:a9:29:11:67:44:08:fa:e9:
ba:96:9d:47:1e:eb:14:18:79:89:ef:61:fd:38:c7:
0c:18:d0:93:9a:68:73:06:a4:aa:12:70:4a:bb:b0:
0b:55:c1:4b:fb:01:9d:22:22:0f:17:3d:6d:29:45:
cc:e6:30:4e:fd:d7:20:58:48:56:56:ea:aa:ed:eb:
9f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:A4:7C:B7:70:8E:18:21:54:48:C7:AE:C1:BC:C9:AA:DD:FD:DB:1D
X509v3 Authority Key Identifier:
keyid:80:8C:3A:6C:5C:BF:F0:73:9E:43:8D:05:74:44:05:B1:61:97:B1:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gIw6bFy_8HOeQ40FdEQFsWGXsVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/CKR8t3COGCFUSMeuwbzJqt392x0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/gIw6bFy_8HOeQ40FdEQFsWGXsVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.84.0/24
Signature Algorithm: sha256WithRSAEncryption
61:a2:6b:1c:0f:01:41:ac:ab:1e:80:e1:91:f6:06:1e:88:97:
0b:0f:ba:f0:9e:94:4e:89:d8:35:98:32:e3:55:08:d7:83:90:
77:27:e4:59:b6:9a:75:d4:4a:1d:89:fe:43:a8:2d:51:6a:43:
1b:60:44:49:bc:79:f7:0a:54:e0:54:31:65:c0:0e:b3:b0:70:
64:d7:fb:45:ac:8f:66:a8:f1:2e:98:2a:00:f7:b1:73:2b:56:
cc:87:6b:0a:94:f7:f7:3e:dc:c5:ac:24:54:17:ff:03:5c:02:
da:8e:e4:29:ee:27:3e:b7:f0:2a:e7:99:93:54:39:13:f5:53:
67:4b:ee:20:ae:48:7a:26:48:b0:9e:52:74:cf:20:a1:76:b0:
41:31:80:78:46:58:df:64:62:02:5a:7f:4e:3f:ab:04:86:a3:
8d:f6:eb:91:a9:a1:1d:45:5c:b7:23:73:66:11:dc:39:1d:c2:
33:ec:cc:eb:6b:72:5c:af:a2:3e:ac:68:1b:63:e0:2e:29:f2:
3b:50:a6:3d:d3:5b:65:e3:5b:1c:ae:33:0e:ed:9f:d1:76:95:
82:b2:ba:d0:98:e7:31:75:5e:37:b6:ab:12:c2:f7:f7:21:50:
07:21:f2:de:db:00:47:2e:6f:4b:02:a5:79:d0:60:26:b2:6c:
26:fd:a1:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8GI57QBIIdgLlFjnNFTKw2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwOGMzYTZjNWNiZmYwNzM5ZTQzOGQwNTc0NDQwNWIxNjE5
N2IxNWIwHhcNMjQwNDIyMTQwOTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGE0N2NiNzcwOGUxODIxNTQ0OGM3YWVjMWJjYzlhYWRkZmRkYjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoau3wddkG4i/i8KhVjURGOWFcV5m
aHQY6HByC7HKSkclz4jONJB5oK4F9HGzsEZPbeCAYKQx6aGCAcybCz5zj56u/8pv
bIeWTCuxu2YImX7PlrA7sZ5xenlq9HHHGL7S/9fQAIxZMkJxUpwNdoMWcFgIox6C
Q8jNFCz9IBaSjZ+2SyoPTelGD9Y6BCfI1LPGf8TSs9a0VXKL9jiHujsYJrrBBGSO
9IOJTR9ty9xPIEHoZ6heXgJRc8bqqSkRZ0QI+um6lp1HHusUGHmJ72H9OMcMGNCT
mmhzBqSqEnBKu7ALVcFL+wGdIiIPFz1tKUXM5jBO/dcgWEhWVuqq7eufawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAikfLdwjhghVEjHrsG8yard/dsdMB8GA1UdIwQY
MBaAFICMOmxcv/BznkONBXREBbFhl7FbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0l3NmJGeV84SE9lUTQwRmRFUUZzV0dYc1ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC82OThlNGUtMGEzOS00MTZiLWFmZmUt
NjE4MTljNDgwY2JlLzEvQ0tSOHQzQ09HQ0ZVU01ldXdiekpxdDM5MngwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC82OThlNGUtMGEzOS00MTZiLWFmZmUtNjE4MTljNDgwY2Jl
LzEvZ0l3NmJGeV84SE9lUTQwRmRFUUZzV0dYc1ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1W1UMA0G
CSqGSIb3DQEBCwUAA4IBAQBhomscDwFBrKsegOGR9gYeiJcLD7rwnpROidg1mDLj
VQjXg5B3J+RZtpp11Eodif5DqC1RakMbYERJvHn3ClTgVDFlwA6zsHBk1/tFrI9m
qPEumCoA97FzK1bMh2sKlPf3PtzFrCRUF/8DXALajuQp7ic+t/Aq55mTVDkT9VNn
S+4grkh6JkiwnlJ0zyChdrBBMYB4RljfZGICWn9OP6sEhqON9uuRqaEdRVy3I3Nm
Edw5HcIz7Mzra3Jcr6I+rGgbY+AuKfI7UKY901tl41scrjMO7Z/RdpWCsrrQmOcx
dV43tqsSwvf3IVAHIfLe2wBHLm9LAqV50GAmsmwm/aFN
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:33:19 2024 by rpki-client on console-ams.rpki-client.org