Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/S8b2aX4uVW7YfgLpGjF7LSWhObY.roa
File: S8b2aX4uVW7YfgLpGjF7LSWhObY.roa (raw, json)
Hash identifier: 8I8Qliwggxs+X7MleyFZvP3agRQolBOzv7CcnoOyUKM=
Subject key identifier: 4B:C6:F6:69:7E:2E:55:6E:D8:7E:02:E9:1A:31:7B:2D:25:A1:39:B6
Certificate issuer: /CN=7abe11843dbe80340b2460fc160ec6b9b88f222a
Certificate serial: 018E74AFD884F55D415E5C82A21C9BA63FD1
Authority key identifier: 7A:BE:11:84:3D:BE:80:34:0B:24:60:FC:16:0E:C6:B9:B8:8F:22:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/er4RhD2-gDQLJGD8Fg7GubiPIio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/S8b2aX4uVW7YfgLpGjF7LSWhObY.roa
Signing time: Mon 25 Mar 2024 08:17:45 +0000
ROA not before: Mon 25 Mar 2024 08:17:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9110
IP address blocks: 91.142.129.0/24 maxlen: 24
212.233.68.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/er4RhD2-gDQLJGD8Fg7GubiPIio.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/er4RhD2-gDQLJGD8Fg7GubiPIio.mft
rsync://rpki.ripe.net/repository/DEFAULT/er4RhD2-gDQLJGD8Fg7GubiPIio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:74:af:d8:84:f5:5d:41:5e:5c:82:a2:1c:9b:a6:3f:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7abe11843dbe80340b2460fc160ec6b9b88f222a
Validity
Not Before: Mar 25 08:17:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bc6f6697e2e556ed87e02e91a317b2d25a139b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:6b:19:38:1c:9a:f0:54:e2:c7:30:16:d0:42:
e8:88:a5:93:e5:e9:47:af:15:f8:49:c2:73:4a:0b:
32:02:1c:6d:b2:b8:0f:e8:ea:7d:eb:db:7c:81:27:
3a:99:fa:ac:cf:dd:42:91:d4:17:5a:c8:e0:1c:d9:
91:16:9b:a2:da:55:89:d5:1b:b4:c3:8e:ef:71:4d:
d5:ca:6e:c7:84:e5:26:f4:7f:57:90:1f:6b:23:8d:
ee:74:6a:7a:25:fe:a7:de:01:5e:1d:30:71:c4:be:
9d:e6:03:20:86:0f:42:ac:f3:a5:90:c6:80:24:54:
08:0c:69:e9:00:e1:9f:29:a0:b9:e6:d2:d4:31:ca:
1c:cd:50:16:f3:fa:e5:cc:60:86:4d:3e:82:3f:fd:
6d:b5:f4:de:8b:5b:2d:b6:cc:b8:43:4a:84:04:03:
aa:81:33:ca:c3:10:2b:08:02:98:76:0c:3c:e3:a2:
be:98:c7:e5:e9:fb:13:ae:b2:12:61:1e:79:05:34:
b4:fe:39:01:a3:b2:5d:82:01:d0:ad:f0:86:99:e3:
8a:4f:f0:19:41:13:9c:06:b5:b0:5a:bf:74:09:ae:
24:0c:7d:a5:40:20:fd:f4:c5:58:5f:5b:9b:75:8a:
3d:8c:2a:16:68:9b:88:e0:bf:c5:bb:a7:15:93:26:
4b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:C6:F6:69:7E:2E:55:6E:D8:7E:02:E9:1A:31:7B:2D:25:A1:39:B6
X509v3 Authority Key Identifier:
keyid:7A:BE:11:84:3D:BE:80:34:0B:24:60:FC:16:0E:C6:B9:B8:8F:22:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/er4RhD2-gDQLJGD8Fg7GubiPIio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/S8b2aX4uVW7YfgLpGjF7LSWhObY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/er4RhD2-gDQLJGD8Fg7GubiPIio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.129.0/24
212.233.68.0/22
Signature Algorithm: sha256WithRSAEncryption
54:4b:5a:4f:b2:f1:45:89:e0:b2:8e:56:7c:7d:4d:14:e4:50:
89:06:81:c7:ab:22:a5:c2:d0:fc:42:74:97:53:ed:07:2f:4a:
6d:77:63:25:a2:03:61:ed:50:6f:57:0b:10:41:f7:d8:a4:56:
ee:fc:d5:ec:c8:0c:9d:fa:ad:7f:ce:3c:48:71:c0:a7:ca:75:
85:84:37:70:65:9d:a4:a2:21:16:9a:1b:68:f9:c0:03:6f:07:
3b:79:59:f9:12:db:c1:d2:bd:ec:16:7d:6b:da:68:2e:3f:ea:
db:9a:73:3b:4d:73:25:44:a9:94:98:70:79:10:18:b2:7b:2d:
89:eb:99:7d:1f:79:9d:93:73:5d:50:e0:2e:01:9c:fa:c4:0d:
ac:75:86:81:a9:3b:b4:a6:74:04:be:ba:3b:5b:02:c3:87:a7:
d2:79:ca:fd:f2:6f:1c:7b:ad:36:b1:b4:90:08:6e:a4:4c:e9:
cb:cb:52:cf:67:da:a0:70:08:6c:09:5b:13:0f:56:37:85:ab:
b1:4c:00:5e:ca:9a:6a:a9:1d:59:c7:ec:4f:5d:7e:10:ac:4f:
f5:84:e2:96:70:40:a1:99:d5:6a:54:e4:90:08:db:d6:47:86:
07:2c:37:5c:f5:dd:6d:6d:0b:38:ef:a7:26:ae:bc:80:93:ba:
31:6e:07:ea
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY50r9iE9V1BXlyCohybpj/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhYmUxMTg0M2RiZTgwMzQwYjI0NjBmYzE2MGVjNmI5Yjg4
ZjIyMmEwHhcNMjQwMzI1MDgxNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmM2ZjY2OTdlMmU1NTZlZDg3ZTAyZTkxYTMxN2IyZDI1YTEzOWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGsZOBya8FTixzAW0ELoiKWT5elH
rxX4ScJzSgsyAhxtsrgP6Op969t8gSc6mfqsz91CkdQXWsjgHNmRFpui2lWJ1Ru0
w47vcU3Vym7HhOUm9H9XkB9rI43udGp6Jf6n3gFeHTBxxL6d5gMghg9CrPOlkMaA
JFQIDGnpAOGfKaC55tLUMcoczVAW8/rlzGCGTT6CP/1ttfTei1sttsy4Q0qEBAOq
gTPKwxArCAKYdgw846K+mMfl6fsTrrISYR55BTS0/jkBo7JdggHQrfCGmeOKT/AZ
QROcBrWwWr90Ca4kDH2lQCD99MVYX1ubdYo9jCoWaJuI4L/Fu6cVkyZLhQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEvG9ml+LlVu2H4C6Roxey0loTm2MB8GA1UdIwQY
MBaAFHq+EYQ9voA0CyRg/BYOxrm4jyIqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXI0UmhEMi1nRFFMSkdEOEZnN0d1YmlQSWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82MjM1NjEtMDcxNS00Mjc3LWEwYmUt
MzQxMWM2ZmI0ZmNhLzEvUzhiMmFYNHVWVzdZZmdMcEdqRjdMU1doT2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82MjM1NjEtMDcxNS00Mjc3LWEwYmUtMzQxMWM2ZmI0ZmNh
LzEvZXI0UmhEMi1nRFFMSkdEOEZnN0d1YmlQSWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW46BAwQC
1OlEMA0GCSqGSIb3DQEBCwUAA4IBAQBUS1pPsvFFieCyjlZ8fU0U5FCJBoHHqyKl
wtD8QnSXU+0HL0ptd2MlogNh7VBvVwsQQffYpFbu/NXsyAyd+q1/zjxIccCnynWF
hDdwZZ2koiEWmhto+cADbwc7eVn5EtvB0r3sFn1r2mguP+rbmnM7TXMlRKmUmHB5
EBiyey2J65l9H3mdk3NdUOAuAZz6xA2sdYaBqTu0pnQEvro7WwLDh6fSecr98m8c
e602sbSQCG6kTOnLy1LPZ9qgcAhsCVsTD1Y3hauxTABeyppqqR1Zx+xPXX4QrE/1
hOKWcEChmdVqVOSQCNvWR4YHLDdc9d1tbQs476cmrryAk7oxbgfq
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:02:46 2024 by rpki-client on console-ams.rpki-client.org