Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/362a4d-9ae6-4012-b5b8-2cc753e53955/1/8_yKeT1t-zaGFbmwfk4oqZdxDpI.roa
File: 8_yKeT1t-zaGFbmwfk4oqZdxDpI.roa (raw, json)
Hash identifier: Y0WGRagRIS4dorOrHYql2r71PDTdySAJJP2vg3UXr+k=
Subject key identifier: F3:FC:8A:79:3D:6D:FB:36:86:15:B9:B0:7E:4E:28:A9:97:71:0E:92
Certificate issuer: /CN=73ef4bbafdc73e53c099d4d52e9c9effa8379b4f
Certificate serial: 018CC7951CCB8B5F98D318C6A8EB14C60315
Authority key identifier: 73:EF:4B:BA:FD:C7:3E:53:C0:99:D4:D5:2E:9C:9E:FF:A8:37:9B:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c-9Luv3HPlPAmdTVLpye_6g3m08.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/362a4d-9ae6-4012-b5b8-2cc753e53955/1/8_yKeT1t-zaGFbmwfk4oqZdxDpI.roa
Signing time: Tue 02 Jan 2024 00:31:27 +0000
ROA not before: Tue 02 Jan 2024 00:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44486
IP address blocks: 45.67.69.0/24 maxlen: 24
45.67.71.0/24 maxlen: 24
45.67.68.0/24 maxlen: 24
45.67.70.0/24 maxlen: 24
2a09:71c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/362a4d-9ae6-4012-b5b8-2cc753e53955/1/c-9Luv3HPlPAmdTVLpye_6g3m08.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/362a4d-9ae6-4012-b5b8-2cc753e53955/1/c-9Luv3HPlPAmdTVLpye_6g3m08.mft
rsync://rpki.ripe.net/repository/DEFAULT/c-9Luv3HPlPAmdTVLpye_6g3m08.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:1c:cb:8b:5f:98:d3:18:c6:a8:eb:14:c6:03:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73ef4bbafdc73e53c099d4d52e9c9effa8379b4f
Validity
Not Before: Jan 2 00:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3fc8a793d6dfb368615b9b07e4e28a997710e92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:38:44:14:e9:07:16:17:0b:e3:6c:1e:8f:b8:
0f:2e:ba:a6:8a:81:21:d4:7f:eb:6a:54:4b:7b:32:
dc:40:c5:68:ed:47:4c:22:5b:ca:75:b4:73:57:4f:
9b:40:52:28:53:e7:20:b2:6e:ce:72:cb:04:1c:97:
75:5b:a6:38:4c:a5:f0:4c:e5:0b:0f:26:27:55:9d:
db:8c:a1:98:52:60:5a:16:d5:78:bb:d2:95:1c:9b:
b0:b1:a7:59:26:50:ef:58:76:b0:29:25:14:29:29:
2d:6f:a2:98:6e:b4:1b:3b:98:bb:27:0a:26:a7:37:
0e:5b:30:62:29:60:90:98:30:60:8c:07:c6:fb:6e:
f4:08:34:8d:4e:f8:07:a8:2d:29:ad:43:1f:96:3d:
bb:05:96:d6:93:c7:90:ef:3a:0c:f6:c8:70:aa:0a:
e3:7e:d2:30:cd:9d:3a:9e:3a:61:e3:65:96:59:75:
45:73:b7:2a:83:f3:4f:22:24:df:9a:3e:62:5f:6d:
a9:77:b2:02:a0:93:39:f3:2a:39:29:f9:10:49:87:
5e:5a:11:74:a8:49:d1:12:40:8a:b3:a3:d7:be:80:
80:92:68:3d:83:26:f7:d9:28:74:3e:29:a6:14:a7:
5f:88:3b:d3:c6:9e:d5:7f:a0:5f:16:51:e4:2c:b1:
da:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:FC:8A:79:3D:6D:FB:36:86:15:B9:B0:7E:4E:28:A9:97:71:0E:92
X509v3 Authority Key Identifier:
keyid:73:EF:4B:BA:FD:C7:3E:53:C0:99:D4:D5:2E:9C:9E:FF:A8:37:9B:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c-9Luv3HPlPAmdTVLpye_6g3m08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/362a4d-9ae6-4012-b5b8-2cc753e53955/1/8_yKeT1t-zaGFbmwfk4oqZdxDpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/362a4d-9ae6-4012-b5b8-2cc753e53955/1/c-9Luv3HPlPAmdTVLpye_6g3m08.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.68.0/22
IPv6:
2a09:71c0::/29
Signature Algorithm: sha256WithRSAEncryption
8f:7b:04:04:4d:c4:a3:d9:92:f2:fb:e4:35:33:b3:be:20:73:
8c:f8:de:46:2e:4e:b6:ae:9b:f0:9c:1f:6c:1f:e6:65:29:5f:
7b:a3:a7:d1:89:97:1f:bb:99:35:be:0c:ae:e1:62:dd:26:d4:
0c:00:cc:65:28:b6:7c:57:ef:ac:56:3a:b2:6d:69:83:22:91:
07:e6:3a:84:50:46:69:4e:0f:89:ef:cd:9a:dd:5b:7d:e7:6f:
c5:93:65:33:b9:81:7f:67:a7:04:44:9d:c8:bc:2b:21:d1:29:
4d:0f:a9:74:f7:57:47:a3:80:2e:ef:60:63:f3:22:06:6e:0f:
c8:77:64:09:d5:54:96:ff:95:75:25:d6:56:45:48:7f:cb:54:
3a:db:cc:8e:4f:d8:32:52:55:ee:12:2c:07:e5:56:d0:7c:f2:
36:ac:b2:8b:c9:ee:f7:9c:8d:8d:4c:34:4a:f9:26:5e:f9:2d:
f8:0b:9c:64:57:f1:d9:bf:fb:c9:46:75:4c:44:40:6e:4f:c6:
dc:d1:39:e9:24:b4:62:10:38:c1:28:60:18:4c:34:31:4b:b1:
64:f2:cd:ec:c7:37:60:d0:44:70:0f:36:9f:09:91:5e:11:7c:
34:3d:8b:d1:51:93:d6:ac:90:32:24:95:22:56:1b:04:1c:1a:
85:88:32:1b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlRzLi1+Y0xjGqOsUxgMVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZWY0YmJhZmRjNzNlNTNjMDk5ZDRkNTJlOWM5ZWZmYTgz
NzliNGYwHhcNMjQwMTAyMDAzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2ZjOGE3OTNkNmRmYjM2ODYxNWI5YjA3ZTRlMjhhOTk3NzEwZTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlThEFOkHFhcL42wej7gPLrqmioEh
1H/ralRLezLcQMVo7UdMIlvKdbRzV0+bQFIoU+cgsm7OcssEHJd1W6Y4TKXwTOUL
DyYnVZ3bjKGYUmBaFtV4u9KVHJuwsadZJlDvWHawKSUUKSktb6KYbrQbO5i7Jwom
pzcOWzBiKWCQmDBgjAfG+270CDSNTvgHqC0prUMflj27BZbWk8eQ7zoM9shwqgrj
ftIwzZ06njph42WWWXVFc7cqg/NPIiTfmj5iX22pd7ICoJM58yo5KfkQSYdeWhF0
qEnREkCKs6PXvoCAkmg9gyb32Sh0PimmFKdfiDvTxp7Vf6BfFlHkLLHaowIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPP8ink9bfs2hhW5sH5OKKmXcQ6SMB8GA1UdIwQY
MBaAFHPvS7r9xz5TwJnU1S6cnv+oN5tPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYy05THV2M0hQbFBBbWRUVkxweWVfNmczbTA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8zNjJhNGQtOWFlNi00MDEyLWI1Yjgt
MmNjNzUzZTUzOTU1LzEvOF95S2VUMXQtemFHRmJtd2ZrNG9xWmR4RHBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8zNjJhNGQtOWFlNi00MDEyLWI1YjgtMmNjNzUzZTUzOTU1
LzEvYy05THV2M0hQbFBBbWRUVkxweWVfNmczbTA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUNEMA0E
AgACMAcDBQMqCXHAMA0GCSqGSIb3DQEBCwUAA4IBAQCPewQETcSj2ZLy++Q1M7O+
IHOM+N5GLk62rpvwnB9sH+ZlKV97o6fRiZcfu5k1vgyu4WLdJtQMAMxlKLZ8V++s
VjqybWmDIpEH5jqEUEZpTg+J782a3Vt952/Fk2UzuYF/Z6cERJ3IvCsh0SlND6l0
91dHo4Au72Bj8yIGbg/Id2QJ1VSW/5V1JdZWRUh/y1Q628yOT9gyUlXuEiwH5VbQ
fPI2rLKLye73nI2NTDRK+SZe+S34C5xkV/HZv/vJRnVMREBuT8bc0TnpJLRiEDjB
KGAYTDQxS7Fk8s3sxzdg0ERwDzafCZFeEXw0PYvRUZPWrJAyJJUiVhsEHBqFiDIb
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:58:14 2024 by rpki-client on console-ams.rpki-client.org