Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4bfd56-880d-499b-8724-d7971f1e599d/1/8Bp7HBxI3xmvueezCoGIzkeS1a8.roa
File: 8Bp7HBxI3xmvueezCoGIzkeS1a8.roa (raw, json)
Hash identifier: kWb2UwXKiQRgptLU76HQVMZ+FbM72f71URGNB1ssOls=
Subject key identifier: F0:1A:7B:1C:1C:48:DF:19:AF:B9:E7:B3:0A:81:88:CE:47:92:D5:AF
Certificate issuer: /CN=400f2ea157bbb53ab026011ace5cd1360ef2f77d
Certificate serial: 018CC86F736D991C127961CFC5FC0399A663
Authority key identifier: 40:0F:2E:A1:57:BB:B5:3A:B0:26:01:1A:CE:5C:D1:36:0E:F2:F7:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QA8uoVe7tTqwJgEazlzRNg7y930.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/4bfd56-880d-499b-8724-d7971f1e599d/1/8Bp7HBxI3xmvueezCoGIzkeS1a8.roa
Signing time: Tue 02 Jan 2024 04:29:56 +0000
ROA not before: Tue 02 Jan 2024 04:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30781
IP address blocks: 91.223.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/4bfd56-880d-499b-8724-d7971f1e599d/1/QA8uoVe7tTqwJgEazlzRNg7y930.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/4bfd56-880d-499b-8724-d7971f1e599d/1/QA8uoVe7tTqwJgEazlzRNg7y930.mft
rsync://rpki.ripe.net/repository/DEFAULT/QA8uoVe7tTqwJgEazlzRNg7y930.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:73:6d:99:1c:12:79:61:cf:c5:fc:03:99:a6:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=400f2ea157bbb53ab026011ace5cd1360ef2f77d
Validity
Not Before: Jan 2 04:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f01a7b1c1c48df19afb9e7b30a8188ce4792d5af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:77:b1:8e:76:88:1b:9c:d7:ab:c2:03:1b:dc:
1f:c0:0b:3c:4f:61:35:b5:90:28:87:11:44:67:12:
c1:02:7a:28:ea:67:8e:12:4e:11:00:f1:0a:63:37:
9d:d6:03:59:71:2b:17:dc:31:10:9f:14:a9:65:db:
2e:6c:e7:55:0e:d9:8a:9e:07:63:03:74:45:fa:3d:
22:8f:09:15:a7:74:52:41:04:aa:1a:ec:aa:18:57:
b0:ee:82:5e:ef:65:89:75:41:e1:27:ac:91:c5:30:
79:e0:19:2b:0e:2e:9f:19:0f:47:87:23:d2:44:32:
48:0d:25:ed:a7:ac:f8:8c:9f:b8:e5:26:e7:8b:47:
ff:30:ed:5b:92:a9:be:74:de:d0:7f:4f:ea:78:d5:
dc:21:d3:41:82:67:c6:74:a3:8a:ec:a0:9a:4e:7b:
62:cb:f2:3d:ee:0d:eb:9a:2f:57:ab:38:e7:5c:b4:
0e:16:4b:c8:86:64:1f:fa:04:ba:5b:ae:98:12:76:
32:3d:f6:fc:65:c4:d5:af:f1:5f:86:27:68:7f:ef:
e6:a8:b4:17:b9:98:36:4a:52:50:d3:65:de:8e:c5:
18:97:d7:57:03:1d:5c:a2:59:b2:f5:d7:89:6c:1b:
16:64:9c:d0:81:0d:ea:f3:8c:de:56:87:a7:31:40:
73:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:1A:7B:1C:1C:48:DF:19:AF:B9:E7:B3:0A:81:88:CE:47:92:D5:AF
X509v3 Authority Key Identifier:
keyid:40:0F:2E:A1:57:BB:B5:3A:B0:26:01:1A:CE:5C:D1:36:0E:F2:F7:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QA8uoVe7tTqwJgEazlzRNg7y930.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4bfd56-880d-499b-8724-d7971f1e599d/1/8Bp7HBxI3xmvueezCoGIzkeS1a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4bfd56-880d-499b-8724-d7971f1e599d/1/QA8uoVe7tTqwJgEazlzRNg7y930.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.35.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:b1:ee:ee:bc:eb:ae:de:bf:f2:36:46:20:25:f5:19:ef:a4:
1f:bd:17:81:c4:ab:a1:b9:57:ca:67:e3:5a:d1:48:80:ec:9b:
43:7c:84:de:77:dc:53:d5:45:71:aa:5f:15:6e:f8:78:0d:02:
1c:40:46:fc:27:df:2f:d4:c9:2f:c6:98:81:56:f0:42:a4:86:
47:56:d2:5e:4d:93:27:f9:07:ae:2a:47:76:fe:26:b0:ad:cf:
29:56:5d:23:21:e1:ef:15:f1:de:71:b9:0c:e4:43:02:c5:ba:
b3:15:bb:09:c5:f9:b0:56:03:da:8d:d2:e8:55:95:96:4c:5a:
ac:97:7f:64:cd:c2:20:55:e9:53:d2:e0:03:fd:08:f1:4d:c1:
1a:e3:94:ec:81:09:5b:c3:0f:87:30:5e:d3:4e:11:5e:79:b5:
d8:68:a9:31:97:a9:d9:b4:71:48:af:44:2f:ea:13:00:f8:48:
77:7e:ff:bc:f5:75:b9:11:93:6b:cd:02:ad:13:98:1b:29:b3:
23:79:2e:03:8a:80:9d:08:7b:36:f7:c4:ae:37:6d:65:a2:18:
7c:86:51:69:35:f8:a8:a7:e9:0c:08:e8:1b:c8:2b:ea:41:d5:
c2:73:67:2c:89:ef:e3:0f:50:19:67:2e:df:6b:cf:5e:ab:69:
be:3e:32:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb3NtmRwSeWHPxfwDmaZjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMGYyZWExNTdiYmI1M2FiMDI2MDExYWNlNWNkMTM2MGVm
MmY3N2QwHhcNMjQwMTAyMDQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDFhN2IxYzFjNDhkZjE5YWZiOWU3YjMwYTgxODhjZTQ3OTJkNWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnexjnaIG5zXq8IDG9wfwAs8T2E1
tZAohxFEZxLBAnoo6meOEk4RAPEKYzed1gNZcSsX3DEQnxSpZdsubOdVDtmKngdj
A3RF+j0ijwkVp3RSQQSqGuyqGFew7oJe72WJdUHhJ6yRxTB54BkrDi6fGQ9HhyPS
RDJIDSXtp6z4jJ+45Sbni0f/MO1bkqm+dN7Qf0/qeNXcIdNBgmfGdKOK7KCaTnti
y/I97g3rmi9XqzjnXLQOFkvIhmQf+gS6W66YEnYyPfb8ZcTVr/Ffhidof+/mqLQX
uZg2SlJQ02XejsUYl9dXAx1colmy9deJbBsWZJzQgQ3q84zeVoenMUBzhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPAaexwcSN8Zr7nnswqBiM5HktWvMB8GA1UdIwQY
MBaAFEAPLqFXu7U6sCYBGs5c0TYO8vd9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUE4dW9WZTd0VHF3SmdFYXpselJOZzd5OTMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80YmZkNTYtODgwZC00OTliLTg3MjQt
ZDc5NzFmMWU1OTlkLzEvOEJwN0hCeEkzeG12dWVlekNvR0l6a2VTMWE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80YmZkNTYtODgwZC00OTliLTg3MjQtZDc5NzFmMWU1OTlk
LzEvUUE4dW9WZTd0VHF3SmdFYXpselJOZzd5OTMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW98jMA0G
CSqGSIb3DQEBCwUAA4IBAQBsse7uvOuu3r/yNkYgJfUZ76QfvReBxKuhuVfKZ+Na
0UiA7JtDfITed9xT1UVxql8Vbvh4DQIcQEb8J98v1MkvxpiBVvBCpIZHVtJeTZMn
+QeuKkd2/iawrc8pVl0jIeHvFfHecbkM5EMCxbqzFbsJxfmwVgPajdLoVZWWTFqs
l39kzcIgVelT0uAD/QjxTcEa45TsgQlbww+HMF7TThFeebXYaKkxl6nZtHFIr0Qv
6hMA+Eh3fv+89XW5EZNrzQKtE5gbKbMjeS4DioCdCHs298SuN21lohh8hlFpNfio
p+kMCOgbyCvqQdXCc2csie/jD1AZZy7fa89eq2m+PjIc
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:28:46 2024 by rpki-client on console-ams.rpki-client.org