Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/OdffVt8dGid_5DWlHRx6hYbDHpI.roa
File: OdffVt8dGid_5DWlHRx6hYbDHpI.roa (raw, json)
Hash identifier: vYRejbsN+ZijqnxsKaFbWTMpJ/uD7LHqbZeiiK/a8YQ=
Subject key identifier: 39:D7:DF:56:DF:1D:1A:27:7F:E4:35:A5:1D:1C:7A:85:86:C3:1E:92
Certificate issuer: /CN=69507f066f2bb0389dd88436074e1426114f2d92
Certificate serial: 018CC649F3B1781EB18F6B67EC92EAD27D6A
Authority key identifier: 69:50:7F:06:6F:2B:B0:38:9D:D8:84:36:07:4E:14:26:11:4F:2D:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aVB_Bm8rsDid2IQ2B04UJhFPLZI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/OdffVt8dGid_5DWlHRx6hYbDHpI.roa
Signing time: Mon 01 Jan 2024 18:29:44 +0000
ROA not before: Mon 01 Jan 2024 18:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52000
IP address blocks: 178.208.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/aVB_Bm8rsDid2IQ2B04UJhFPLZI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/aVB_Bm8rsDid2IQ2B04UJhFPLZI.mft
rsync://rpki.ripe.net/repository/DEFAULT/aVB_Bm8rsDid2IQ2B04UJhFPLZI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:f3:b1:78:1e:b1:8f:6b:67:ec:92:ea:d2:7d:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69507f066f2bb0389dd88436074e1426114f2d92
Validity
Not Before: Jan 1 18:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39d7df56df1d1a277fe435a51d1c7a8586c31e92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:22:08:94:27:0b:8b:c2:ad:a5:cd:b8:5f:49:
3b:d2:85:18:01:ab:97:cd:f2:33:aa:9e:f6:22:34:
8d:92:81:ad:0d:97:43:c3:32:30:30:56:00:f8:fa:
e8:0b:ea:b1:a0:16:ff:21:9c:4e:39:6e:d7:54:36:
ca:b3:ca:46:fc:fc:37:64:6b:44:84:c0:16:1b:1c:
9b:10:c0:03:72:84:26:6a:97:b2:23:69:3e:39:d3:
af:a4:99:b7:a1:c6:79:3c:e8:93:6e:bf:ee:2c:e7:
53:b2:02:1b:62:18:1a:1d:6f:8d:02:f8:3e:71:1e:
0f:c2:83:66:67:84:35:04:be:62:be:db:8a:b0:25:
14:fd:00:bf:20:30:b1:30:8a:d9:5a:e2:51:12:41:
48:fa:bf:97:28:12:58:ba:42:c1:b3:55:48:33:b1:
11:98:da:9c:e3:d5:64:e2:c3:63:d8:d4:fd:3f:1b:
0a:a4:90:0d:d6:97:9b:94:45:3e:c5:b7:11:78:e2:
b7:c7:60:e7:1d:17:8e:1f:cf:d3:2a:af:33:63:c6:
0f:a2:c0:18:9f:87:6d:72:16:7a:ca:07:07:f4:75:
15:f9:62:44:1f:03:d2:08:a5:58:d5:1b:7e:dd:4b:
e7:cb:4f:22:eb:4b:6e:ed:e5:1e:db:4d:7e:08:06:
08:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:D7:DF:56:DF:1D:1A:27:7F:E4:35:A5:1D:1C:7A:85:86:C3:1E:92
X509v3 Authority Key Identifier:
keyid:69:50:7F:06:6F:2B:B0:38:9D:D8:84:36:07:4E:14:26:11:4F:2D:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aVB_Bm8rsDid2IQ2B04UJhFPLZI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/OdffVt8dGid_5DWlHRx6hYbDHpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/aVB_Bm8rsDid2IQ2B04UJhFPLZI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.208.87.0/24
Signature Algorithm: sha256WithRSAEncryption
53:9d:6d:ec:93:9f:07:fd:f3:00:69:2e:ed:c5:dd:4a:84:ee:
b3:b1:a4:df:97:4c:3c:6e:13:ae:e6:43:5a:2a:fe:a5:fd:c0:
0c:76:4e:59:55:d3:95:5e:7a:94:9a:eb:21:c6:e1:4d:f7:81:
e0:19:b8:76:33:01:d4:8c:f5:1e:52:ff:d5:bc:b1:bc:26:be:
57:78:21:30:ce:87:51:14:9f:c9:00:b7:9b:40:22:9b:61:4b:
e1:81:7b:a1:85:e1:d3:e3:66:db:0b:80:7d:5b:d4:4b:77:12:
e3:00:7f:a9:ab:05:82:d2:c3:57:18:26:35:2b:1c:06:b1:ac:
43:7c:3d:1a:1b:3c:98:9d:61:22:4b:7e:df:b0:b3:40:ec:4a:
92:43:9d:0d:d7:2a:47:01:d2:a8:4a:1b:f2:f5:6f:00:1e:f0:
35:69:5e:02:11:df:0c:6f:9c:c8:6e:14:6f:cc:8c:c0:34:b6:
a0:94:03:14:71:66:cf:90:2c:b3:db:c3:d9:1d:44:8a:d4:1a:
c4:d0:76:ce:d7:72:54:bd:13:95:e5:84:39:91:6c:02:8f:e6:
7c:ab:4f:00:4b:a3:42:5f:7d:88:7b:74:97:63:6c:72:20:ba:
f2:0c:df:3b:af:4e:b0:a8:41:ef:64:fe:ca:7f:f6:09:3b:63:
37:90:bc:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSfOxeB6xj2tn7JLq0n1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NTA3ZjA2NmYyYmIwMzg5ZGQ4ODQzNjA3NGUxNDI2MTE0
ZjJkOTIwHhcNMjQwMTAxMTgyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWQ3ZGY1NmRmMWQxYTI3N2ZlNDM1YTUxZDFjN2E4NTg2YzMxZTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviIIlCcLi8Ktpc24X0k70oUYAauX
zfIzqp72IjSNkoGtDZdDwzIwMFYA+ProC+qxoBb/IZxOOW7XVDbKs8pG/Pw3ZGtE
hMAWGxybEMADcoQmapeyI2k+OdOvpJm3ocZ5POiTbr/uLOdTsgIbYhgaHW+NAvg+
cR4PwoNmZ4Q1BL5ivtuKsCUU/QC/IDCxMIrZWuJREkFI+r+XKBJYukLBs1VIM7ER
mNqc49Vk4sNj2NT9PxsKpJAN1peblEU+xbcReOK3x2DnHReOH8/TKq8zY8YPosAY
n4dtchZ6ygcH9HUV+WJEHwPSCKVY1Rt+3Uvny08i60tu7eUe201+CAYIoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDnX31bfHRonf+Q1pR0ceoWGwx6SMB8GA1UdIwQY
MBaAFGlQfwZvK7A4ndiENgdOFCYRTy2SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVZCX0JtOHJzRGlkMklRMkIwNFVKaEZQTFpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9iZjgzMzgtODc1Mi00ZDU1LTljMzEt
MGUxYjhmZWE4OTEzLzEvT2RmZlZ0OGRHaWRfNURXbEhSeDZoWWJESHBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9iZjgzMzgtODc1Mi00ZDU1LTljMzEtMGUxYjhmZWE4OTEz
LzEvYVZCX0JtOHJzRGlkMklRMkIwNFVKaEZQTFpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstBXMA0G
CSqGSIb3DQEBCwUAA4IBAQBTnW3sk58H/fMAaS7txd1KhO6zsaTfl0w8bhOu5kNa
Kv6l/cAMdk5ZVdOVXnqUmushxuFN94HgGbh2MwHUjPUeUv/VvLG8Jr5XeCEwzodR
FJ/JALebQCKbYUvhgXuhheHT42bbC4B9W9RLdxLjAH+pqwWC0sNXGCY1KxwGsaxD
fD0aGzyYnWEiS37fsLNA7EqSQ50N1ypHAdKoShvy9W8AHvA1aV4CEd8Mb5zIbhRv
zIzANLaglAMUcWbPkCyz28PZHUSK1BrE0HbO13JUvROV5YQ5kWwCj+Z8q08AS6NC
X32Ie3SXY2xyILryDN87r06wqEHvZP7Kf/YJO2M3kLzU
-----END CERTIFICATE-----
Generated at Tue May 7 19:42:18 2024 by rpki-client on console-fra.rpki-client.org