Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/0v8NLHevbjUS320CRBF6MDLKZ1M.roa
File: 0v8NLHevbjUS320CRBF6MDLKZ1M.roa (raw, json)
Hash identifier: gS2QobexCN8mYaQB8g8mgWYsBXk/YdHG0oRZKrRdYJE=
Subject key identifier: D2:FF:0D:2C:77:AF:6E:35:12:DF:6D:02:44:11:7A:30:32:CA:67:53
Certificate issuer: /CN=01626ffd800eafa336bdf343141f03f7c393c364
Certificate serial: 018CC5DC8DFFCC5FA377CE7B5CA7D19B7925
Authority key identifier: 01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/0v8NLHevbjUS320CRBF6MDLKZ1M.roa
Signing time: Mon 01 Jan 2024 16:30:15 +0000
ROA not before: Mon 01 Jan 2024 16:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16278
IP address blocks: 89.30.224.0/22 maxlen: 24
2a02:20b2::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 19:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:8d:ff:cc:5f:a3:77:ce:7b:5c:a7:d1:9b:79:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01626ffd800eafa336bdf343141f03f7c393c364
Validity
Not Before: Jan 1 16:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2ff0d2c77af6e3512df6d0244117a3032ca6753
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:10:05:ba:42:6f:df:a3:29:67:97:2a:79:7f:
33:70:8d:7d:60:dc:b6:6a:67:41:00:a1:86:ed:7d:
07:f5:28:00:ea:25:f5:f9:41:74:79:d8:2c:3f:41:
ee:08:a0:24:b5:35:31:4d:71:cb:3c:df:6b:d7:1a:
a8:bb:25:33:7e:84:59:5f:20:92:68:25:37:26:19:
e7:8a:6f:51:e9:21:21:dd:1f:14:3d:72:3e:f2:47:
c4:45:09:79:ab:fb:0a:d6:f5:54:3e:5c:9f:a1:a4:
34:db:44:84:62:f1:d1:0b:e1:c9:67:9c:6b:67:7a:
3e:27:b3:65:5e:a0:64:7d:cd:9b:b4:50:3c:dd:d3:
0f:b5:ad:05:d7:2e:8b:68:ab:27:20:a8:41:85:cd:
50:53:49:9d:04:fe:e5:47:69:5d:01:e6:9f:32:01:
46:db:52:ed:0c:56:a1:f0:39:74:d7:91:e2:2f:9e:
58:62:6d:d0:1d:5a:8d:04:7f:f7:1b:c0:32:dd:4d:
20:57:73:93:42:17:60:82:77:30:6c:09:a4:10:b2:
d8:22:39:fa:e8:ac:32:d3:5a:29:3a:93:13:12:75:
61:d0:d3:81:1e:61:f8:ab:b9:0b:23:ed:09:07:c2:
b0:5d:95:b5:13:e4:94:25:0e:b4:91:3e:50:09:df:
da:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:FF:0D:2C:77:AF:6E:35:12:DF:6D:02:44:11:7A:30:32:CA:67:53
X509v3 Authority Key Identifier:
keyid:01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/0v8NLHevbjUS320CRBF6MDLKZ1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.30.224.0/22
IPv6:
2a02:20b2::/32
Signature Algorithm: sha256WithRSAEncryption
83:41:46:c6:27:fa:b1:7b:2b:d0:f6:68:de:44:14:75:9f:8f:
cf:22:7b:fa:79:1c:d4:31:67:67:3b:a2:47:9e:2a:c6:45:94:
04:1a:d3:7c:3e:9c:f2:f6:7f:e4:98:3a:67:25:7d:45:ef:06:
da:60:c3:cc:e7:cf:e0:51:72:a2:97:48:23:ff:33:3f:6f:54:
a3:4e:77:33:26:39:07:fa:95:46:b5:02:7f:67:5d:b7:81:98:
68:0f:f1:1a:6c:62:83:6a:c6:1f:2a:ce:63:3b:19:71:c8:92:
07:ee:c6:88:24:96:67:f7:8a:1d:0d:a7:71:3f:7f:38:2a:55:
5b:8b:05:ea:a9:ff:2d:b3:d5:1d:75:6a:f6:ee:7e:d3:9e:89:
ab:00:96:19:f1:47:44:6d:a6:87:86:38:96:a4:b3:c9:d7:7d:
de:f8:be:84:39:4a:33:d3:7d:9a:ed:82:87:23:68:f1:72:50:
0a:90:6f:28:f3:c3:4e:46:a8:4e:6e:21:ac:81:c5:ff:8d:73:
76:b3:86:c4:00:2d:d8:8e:4c:0b:e2:9d:35:92:09:47:89:21:
97:ab:b1:8d:e8:82:fc:ff:9d:66:14:f5:51:92:3a:51:b5:ca:
bf:06:11:af:ef:c4:29:c1:75:73:b2:d2:b7:a1:5b:a6:36:12:
3a:92:de:69
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3I3/zF+jd857XKfRm3klMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNjI2ZmZkODAwZWFmYTMzNmJkZjM0MzE0MWYwM2Y3YzM5
M2MzNjQwHhcNMjQwMTAxMTYzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmZmMGQyYzc3YWY2ZTM1MTJkZjZkMDI0NDExN2EzMDMyY2E2NzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhAFukJv36MpZ5cqeX8zcI19YNy2
amdBAKGG7X0H9SgA6iX1+UF0edgsP0HuCKAktTUxTXHLPN9r1xqouyUzfoRZXyCS
aCU3Jhnnim9R6SEh3R8UPXI+8kfERQl5q/sK1vVUPlyfoaQ020SEYvHRC+HJZ5xr
Z3o+J7NlXqBkfc2btFA83dMPta0F1y6LaKsnIKhBhc1QU0mdBP7lR2ldAeafMgFG
21LtDFah8Dl015HiL55YYm3QHVqNBH/3G8Ay3U0gV3OTQhdggncwbAmkELLYIjn6
6Kwy01opOpMTEnVh0NOBHmH4q7kLI+0JB8KwXZW1E+SUJQ60kT5QCd/a2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNL/DSx3r241Et9tAkQRejAyymdTMB8GA1UdIwQY
MBaAFAFib/2ADq+jNr3zQxQfA/fDk8NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODct
MWY0YmVhMjNlNGM3LzEvMHY4TkxIZXZialVTMzIwQ1JCRjZNRExLWjFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODctMWY0YmVhMjNlNGM3
LzEvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCWR7gMA0E
AgACMAcDBQAqAiCyMA0GCSqGSIb3DQEBCwUAA4IBAQCDQUbGJ/qxeyvQ9mjeRBR1
n4/PInv6eRzUMWdnO6JHnirGRZQEGtN8Ppzy9n/kmDpnJX1F7wbaYMPM58/gUXKi
l0gj/zM/b1SjTnczJjkH+pVGtQJ/Z123gZhoD/EabGKDasYfKs5jOxlxyJIH7saI
JJZn94odDadxP384KlVbiwXqqf8ts9UddWr27n7TnomrAJYZ8UdEbaaHhjiWpLPJ
133e+L6EOUoz032a7YKHI2jxclAKkG8o88NORqhObiGsgcX/jXN2s4bEAC3YjkwL
4p01kglHiSGXq7GN6IL8/51mFPVRkjpRtcq/BhGv78QpwXVzstK3oVumNhI6kt5p
-----END CERTIFICATE-----
Generated at Sat May 18 23:13:21 2024 by rpki-client on console-fra.rpki-client.org