Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/DNHfqH0b9VdF4hoVInKm7hfv6Wg.roa
File: DNHfqH0b9VdF4hoVInKm7hfv6Wg.roa (raw, json)
Hash identifier: 8VpVPqU/wWlwo2NPwvbaq4kpa/k25AkPPfIeEkeY+bc=
Subject key identifier: 0C:D1:DF:A8:7D:1B:F5:57:45:E2:1A:15:22:72:A6:EE:17:EF:E9:68
Certificate issuer: /CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Certificate serial: 018CC7958ECB8F237C68E0B81AB445D8BDC0
Authority key identifier: 7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/DNHfqH0b9VdF4hoVInKm7hfv6Wg.roa
Signing time: Tue 02 Jan 2024 00:31:56 +0000
ROA not before: Tue 02 Jan 2024 00:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8068
IP address blocks: 94.245.84.0/24 maxlen: 24
2a01:111:202d::/48 maxlen: 48
2a01:111:202e::/48 maxlen: 48
2a01:111:2003::/48 maxlen: 48
2a01:111:202c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 05:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:8e:cb:8f:23:7c:68:e0:b8:1a:b4:45:d8:bd:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Validity
Not Before: Jan 2 00:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0cd1dfa87d1bf55745e21a152272a6ee17efe968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:cd:1d:b5:c4:9a:cf:7d:0b:73:6e:7e:ca:e3:
05:52:78:72:37:30:9c:43:62:b2:87:5e:55:87:b7:
35:2a:ce:09:cd:e2:b6:44:9b:5d:53:19:c7:d7:f6:
e4:37:a0:69:94:b9:ed:58:79:88:c0:52:25:e9:cf:
a3:3c:bc:94:00:fc:db:00:5d:b3:75:22:4d:dd:b0:
91:37:41:a1:a8:e8:68:0d:a3:9e:77:44:41:f9:7e:
c2:ea:d8:c6:93:55:f4:df:11:10:78:72:db:b0:fb:
fc:e0:05:d9:93:cc:96:f1:d2:30:1c:1f:94:7e:b1:
1c:dc:91:85:09:a2:cf:21:2f:93:7e:50:53:58:dc:
bd:02:61:8e:2a:af:5e:5b:5c:a9:59:ef:a9:28:c7:
d7:98:55:c2:c7:95:d6:01:7b:e9:08:ad:f5:44:3f:
bc:44:6b:bf:82:d5:12:89:57:89:10:2e:33:43:d0:
82:54:9f:ab:1e:ea:93:fd:ab:6a:7c:3f:35:6f:0c:
a7:f7:0d:2e:7c:ee:49:5c:15:2e:29:a1:db:9d:8c:
f1:e2:19:78:c2:25:6f:50:b9:46:f0:87:9f:ca:7c:
05:35:cb:56:e3:07:b3:12:44:f7:e6:fb:26:76:bc:
12:21:c3:fd:c7:0d:0b:71:8a:db:c6:41:a0:c3:ae:
e9:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:D1:DF:A8:7D:1B:F5:57:45:E2:1A:15:22:72:A6:EE:17:EF:E9:68
X509v3 Authority Key Identifier:
keyid:7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/DNHfqH0b9VdF4hoVInKm7hfv6Wg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.245.84.0/24
IPv6:
2a01:111:2003::/48
2a01:111:202c::-2a01:111:202e:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
39:ec:60:8d:5a:8a:6d:60:37:af:d6:53:10:f0:5d:21:4d:9d:
0f:68:0d:af:31:05:32:fe:e9:9d:6c:e9:df:eb:96:43:c3:56:
a2:8b:aa:2c:a9:45:0d:6e:f0:95:5d:81:fe:f6:e8:ad:1f:69:
9e:f8:51:3f:49:57:df:ae:ec:f4:3d:ab:d3:f7:5c:86:fb:0a:
c7:86:d5:86:b9:3b:8f:a5:64:b1:b7:93:c1:77:52:d3:97:c3:
2a:ea:70:c6:f4:d0:f6:1a:be:84:74:3f:63:dc:8f:71:d0:8e:
5f:d9:23:c8:b4:8f:9f:06:a5:ce:06:06:cf:de:99:6e:a6:d5:
07:65:49:85:da:7c:bd:28:60:d8:ae:42:5b:3f:1c:48:f5:6f:
50:99:72:29:da:ed:20:12:e0:dd:68:14:e5:80:7b:3a:55:db:
9a:c0:ad:2b:ba:ff:ab:ff:04:0c:43:5b:ec:1a:85:ef:b6:2b:
a5:0f:5e:e8:7f:7c:92:95:c7:55:e2:ce:9d:14:96:d9:1d:f4:
a4:bf:63:c4:68:27:57:6f:77:29:95:ff:75:73:47:59:f9:a0:
7e:05:15:25:f4:18:52:90:cd:30:d4:a1:79:96:ae:de:51:bf:
01:14:65:01:b4:de:e8:ca:d5:b8:8e:6b:9a:cd:b0:3f:5a:23:
43:7b:13:0a
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYzHlY7LjyN8aOC4GrRF2L3AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZTY4ZGFmNWYwODk0NTZjMGUxZDAyMjQ1MzkzNTMxYWM1
YjhmY2IwHhcNMjQwMTAyMDAzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2QxZGZhODdkMWJmNTU3NDVlMjFhMTUyMjcyYTZlZTE3ZWZlOTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlc0dtcSaz30Lc25+yuMFUnhyNzCc
Q2Kyh15Vh7c1Ks4JzeK2RJtdUxnH1/bkN6BplLntWHmIwFIl6c+jPLyUAPzbAF2z
dSJN3bCRN0GhqOhoDaOed0RB+X7C6tjGk1X03xEQeHLbsPv84AXZk8yW8dIwHB+U
frEc3JGFCaLPIS+TflBTWNy9AmGOKq9eW1ypWe+pKMfXmFXCx5XWAXvpCK31RD+8
RGu/gtUSiVeJEC4zQ9CCVJ+rHuqT/atqfD81bwyn9w0ufO5JXBUuKaHbnYzx4hl4
wiVvULlG8IefynwFNctW4wezEkT35vsmdrwSIcP9xw0LcYrbxkGgw67p0wIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFAzR36h9G/VXReIaFSJypu4X7+loMB8GA1UdIwQY
MBaAFHzmja9fCJRWwOHQIkU5NTGsW4/LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMt
MTNhMDZhMjY5YWE4LzEvRE5IZnFIMGI5VmRGNGhvVkluS203aGZ2NldnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMtMTNhMDZhMjY5YWE4
LzEvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAMBAIAATAGAwQAXvVUMCME
AgACMB0DBwAqAQERIAMwEgMHAioBAREgLAMHACoBAREgLjANBgkqhkiG9w0BAQsF
AAOCAQEAOexgjVqKbWA3r9ZTEPBdIU2dD2gNrzEFMv7pnWzp3+uWQ8NWoouqLKlF
DW7wlV2B/vborR9pnvhRP0lX367s9D2r0/dchvsKx4bVhrk7j6VksbeTwXdS05fD
KupwxvTQ9hq+hHQ/Y9yPcdCOX9kjyLSPnwalzgYGz96ZbqbVB2VJhdp8vShg2K5C
Wz8cSPVvUJlyKdrtIBLg3WgU5YB7OlXbmsCtK7r/q/8EDENb7BqF77YrpQ9e6H98
kpXHVeLOnRSW2R30pL9jxGgnV293KZX/dXNHWfmgfgUVJfQYUpDNMNSheZau3lG/
ARRlAbTe6MrVuI5rms2wP1ojQ3sTCg==
-----END CERTIFICATE-----
Generated at Wed Jun 26 13:59:09 2024 by rpki-client on console-ams.rpki-client.org