Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/de190b-7335-4816-a711-dccad0211327/1/8etL1ZGqS1H_O126hvRXa4sDH9g.roa
File: 8etL1ZGqS1H_O126hvRXa4sDH9g.roa (raw, json)
Hash identifier: hlmfxprImqTmmYg34noCC0D9MjBihwafXuQa+0/nNVM=
Subject key identifier: F1:EB:4B:D5:91:AA:4B:51:FF:3B:5D:BA:86:F4:57:6B:8B:03:1F:D8
Certificate issuer: /CN=67147694fd17eb2d16fed7f735d7a11ddd451963
Certificate serial: 018CC2DB3A9227166C8D4BB37291BD430CE3
Authority key identifier: 67:14:76:94:FD:17:EB:2D:16:FE:D7:F7:35:D7:A1:1D:DD:45:19:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZxR2lP0X6y0W_tf3NdehHd1FGWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/de190b-7335-4816-a711-dccad0211327/1/8etL1ZGqS1H_O126hvRXa4sDH9g.roa
Signing time: Mon 01 Jan 2024 02:29:56 +0000
ROA not before: Mon 01 Jan 2024 02:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57121
IP address blocks: 176.96.160.0/20 maxlen: 32
192.109.84.0/23 maxlen: 32
192.109.132.0/23 maxlen: 32
176.96.144.0/21 maxlen: 32
91.230.221.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/de190b-7335-4816-a711-dccad0211327/1/ZxR2lP0X6y0W_tf3NdehHd1FGWM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/de190b-7335-4816-a711-dccad0211327/1/ZxR2lP0X6y0W_tf3NdehHd1FGWM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZxR2lP0X6y0W_tf3NdehHd1FGWM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:3a:92:27:16:6c:8d:4b:b3:72:91:bd:43:0c:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67147694fd17eb2d16fed7f735d7a11ddd451963
Validity
Not Before: Jan 1 02:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1eb4bd591aa4b51ff3b5dba86f4576b8b031fd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0f:73:cc:1d:b2:3a:03:3d:35:b3:04:be:8a:
e9:4c:59:ec:b4:67:2c:29:e4:a7:69:03:54:7c:99:
05:a5:e3:00:ae:f9:cd:bf:66:6c:9c:9b:d2:f2:0d:
16:b9:c2:6f:a2:b5:6c:1e:73:bc:c2:ba:27:9b:73:
cd:43:7e:ed:4a:92:a9:5c:07:ee:00:10:20:27:55:
35:c2:0b:57:05:55:3d:fc:66:60:6d:d8:c9:ab:6e:
a2:c4:67:61:4a:fc:91:6d:52:1d:12:4d:a0:fb:2b:
c8:99:50:8c:84:2f:1f:be:0a:9d:cb:ad:2d:c4:fd:
38:00:6b:fd:07:1d:81:2f:26:e3:ee:3a:71:38:0a:
3c:a9:28:8b:3b:df:0d:03:5c:2f:0d:17:7f:22:8b:
c8:9e:d1:82:aa:fd:3f:74:89:a4:86:ac:e4:9e:83:
9e:03:2d:c0:44:5a:be:d8:c4:34:0d:da:de:67:9d:
5b:ba:5b:ff:bd:24:d8:6c:d8:c9:93:f8:82:1e:f4:
10:c2:3c:49:eb:cc:54:35:9d:07:df:27:9c:03:d2:
ef:40:56:a8:6b:0b:1f:21:d2:12:18:5c:07:dd:cc:
a5:ff:76:d9:28:78:8c:46:bd:69:ab:48:65:7e:68:
02:c6:38:b6:c1:3a:e1:06:90:98:aa:63:94:72:de:
72:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:EB:4B:D5:91:AA:4B:51:FF:3B:5D:BA:86:F4:57:6B:8B:03:1F:D8
X509v3 Authority Key Identifier:
keyid:67:14:76:94:FD:17:EB:2D:16:FE:D7:F7:35:D7:A1:1D:DD:45:19:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZxR2lP0X6y0W_tf3NdehHd1FGWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/de190b-7335-4816-a711-dccad0211327/1/8etL1ZGqS1H_O126hvRXa4sDH9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/de190b-7335-4816-a711-dccad0211327/1/ZxR2lP0X6y0W_tf3NdehHd1FGWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.221.0/24
176.96.144.0/21
176.96.160.0/20
192.109.84.0/23
192.109.132.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:36:2e:c3:18:09:ae:41:ac:71:63:36:4c:6f:1d:60:42:98:
62:82:fe:cc:45:80:b7:4b:9d:d4:ca:e9:9c:50:6a:24:97:6c:
2b:be:ac:00:ca:c2:48:6b:a7:43:4e:22:90:ac:17:e2:25:5c:
7f:c7:68:26:f4:9a:ed:dc:0d:0e:cc:f2:7a:2a:6e:41:64:3f:
fd:14:2e:b1:0f:12:5c:40:98:d2:50:55:8f:9f:17:b7:da:0b:
21:0f:e7:4d:d2:52:0d:0d:55:f3:aa:21:5c:67:7d:d4:c2:19:
75:7f:bf:af:fd:53:89:54:a5:79:ca:c7:b8:eb:5b:02:cd:6f:
2b:fd:80:d4:de:69:26:72:50:59:9a:eb:78:84:0a:c7:2c:24:
3f:28:cf:00:a0:b1:67:c6:49:a9:f4:8a:06:24:af:43:99:98:
7e:4e:84:2a:87:d2:c3:91:eb:82:a4:53:d4:69:8a:45:7c:7b:
0d:21:6f:31:14:ed:f4:66:88:48:f5:25:06:5c:12:4f:7c:f5:
a1:69:3d:25:4f:d8:d4:b7:05:dc:f7:b2:ba:8e:fc:4a:c4:78:
e6:60:4b:12:f3:ed:6c:31:59:e6:b4:b1:45:5c:d2:24:4f:2b:
79:b8:ab:35:33:5e:0a:c9:88:fe:9c:bf:3f:68:a2:04:8d:78:
bf:5f:da:ff
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzC2zqSJxZsjUuzcpG9QwzjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3MTQ3Njk0ZmQxN2ViMmQxNmZlZDdmNzM1ZDdhMTFkZGQ0
NTE5NjMwHhcNMjQwMTAxMDIyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWViNGJkNTkxYWE0YjUxZmYzYjVkYmE4NmY0NTc2YjhiMDMxZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQ9zzB2yOgM9NbMEvorpTFnstGcs
KeSnaQNUfJkFpeMArvnNv2ZsnJvS8g0WucJvorVsHnO8wronm3PNQ37tSpKpXAfu
ABAgJ1U1wgtXBVU9/GZgbdjJq26ixGdhSvyRbVIdEk2g+yvImVCMhC8fvgqdy60t
xP04AGv9Bx2BLybj7jpxOAo8qSiLO98NA1wvDRd/IovIntGCqv0/dImkhqzknoOe
Ay3ARFq+2MQ0DdreZ51bulv/vSTYbNjJk/iCHvQQwjxJ68xUNZ0H3yecA9LvQFao
awsfIdISGFwH3cyl/3bZKHiMRr1pq0hlfmgCxji2wTrhBpCYqmOUct5y9QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPHrS9WRqktR/ztduob0V2uLAx/YMB8GA1UdIwQY
MBaAFGcUdpT9F+stFv7X9zXXoR3dRRljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnhSMmxQMFg2eTBXX3RmM05kZWhIZDFGR1dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kZTE5MGItNzMzNS00ODE2LWE3MTEt
ZGNjYWQwMjExMzI3LzEvOGV0TDFaR3FTMUhfTzEyNmh2UlhhNHNESDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kZTE5MGItNzMzNS00ODE2LWE3MTEtZGNjYWQwMjExMzI3
LzEvWnhSMmxQMFg2eTBXX3RmM05kZWhIZDFGR1dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW+bdAwQD
sGCQAwQEsGCgAwQBwG1UAwQBwG2EMA0GCSqGSIb3DQEBCwUAA4IBAQCoNi7DGAmu
QaxxYzZMbx1gQphigv7MRYC3S53UyumcUGokl2wrvqwAysJIa6dDTiKQrBfiJVx/
x2gm9Jrt3A0OzPJ6Km5BZD/9FC6xDxJcQJjSUFWPnxe32gshD+dN0lINDVXzqiFc
Z33Uwhl1f7+v/VOJVKV5yse461sCzW8r/YDU3mkmclBZmut4hArHLCQ/KM8AoLFn
xkmp9IoGJK9DmZh+ToQqh9LDkeuCpFPUaYpFfHsNIW8xFO30ZohI9SUGXBJPfPWh
aT0lT9jUtwXc97K6jvxKxHjmYEsS8+1sMVnmtLFFXNIkTyt5uKs1M14KyYj+nL8/
aKIEjXi/X9r/
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:59:32 2024 by rpki-client on console-ams.rpki-client.org