Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/8gpzEWeK5cRlmrCGBYXLhxwRW38.roa
File: 8gpzEWeK5cRlmrCGBYXLhxwRW38.roa (raw, json)
Hash identifier: 4pZ7X0PcYz701J2d5mxjXGT0FAQaf0BYPt7RGE9HqsE=
Subject key identifier: F2:0A:73:11:67:8A:E5:C4:65:9A:B0:86:05:85:CB:87:1C:11:5B:7F
Certificate issuer: /CN=c224b69ed4a23b7b3e0674a3f994601d73b7baff
Certificate serial: 018EB2673D73DB9DF7CDD0D7E4C8FBAABF11
Authority key identifier: C2:24:B6:9E:D4:A2:3B:7B:3E:06:74:A3:F9:94:60:1D:73:B7:BA:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/8gpzEWeK5cRlmrCGBYXLhxwRW38.roa
Signing time: Sat 06 Apr 2024 07:54:54 +0000
ROA not before: Sat 06 Apr 2024 07:54:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51297
IP address blocks: 178.255.200.0/24 maxlen: 24
178.255.206.0/24 maxlen: 24
2a01:a440:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.mft
rsync://rpki.ripe.net/repository/DEFAULT/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b2:67:3d:73:db:9d:f7:cd:d0:d7:e4:c8:fb:aa:bf:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c224b69ed4a23b7b3e0674a3f994601d73b7baff
Validity
Not Before: Apr 6 07:54:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f20a7311678ae5c4659ab0860585cb871c115b7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0c:06:f7:07:4b:3c:57:1b:25:db:a7:90:40:
cb:52:da:6e:86:26:8e:20:48:f0:e7:be:fe:b0:53:
6f:8b:43:6a:10:43:02:38:7f:75:33:62:36:b3:b5:
2f:1d:f0:82:85:44:6b:54:ae:bb:15:9c:a5:b1:7a:
1b:db:71:95:81:a8:01:79:a4:4f:5f:f6:d2:74:22:
cd:bf:40:a5:44:fe:d3:05:d5:41:aa:82:a3:6c:f3:
54:fb:89:d0:74:54:b5:ff:fe:ca:94:87:13:da:af:
33:bb:de:5a:0c:5f:c0:3f:02:76:52:34:5b:cb:a1:
ca:b8:3a:e4:eb:67:31:d8:f9:05:b1:c4:2b:3c:fb:
e8:ff:5f:eb:a0:be:53:80:09:8b:8c:3c:ba:4f:f6:
74:db:8d:55:c0:04:ce:1a:a2:87:bb:c2:87:b7:58:
09:8f:e3:9b:cf:05:00:a2:a3:ba:0c:0a:f5:0f:48:
21:67:2b:08:3c:28:96:08:79:c8:8c:39:71:2b:71:
7d:0b:7f:b4:ef:fb:25:1a:c8:5b:5a:56:2a:db:7c:
b9:28:e8:47:ca:34:c9:aa:a3:bf:e2:12:54:a5:2d:
59:2b:85:c0:15:59:dd:9e:55:cf:7f:4b:cf:20:54:
e4:c7:46:1f:40:a7:0a:b7:e4:da:80:b2:47:d3:28:
0a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:0A:73:11:67:8A:E5:C4:65:9A:B0:86:05:85:CB:87:1C:11:5B:7F
X509v3 Authority Key Identifier:
keyid:C2:24:B6:9E:D4:A2:3B:7B:3E:06:74:A3:F9:94:60:1D:73:B7:BA:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/8gpzEWeK5cRlmrCGBYXLhxwRW38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.200.0/24
178.255.206.0/24
IPv6:
2a01:a440:2::/48
Signature Algorithm: sha256WithRSAEncryption
90:7c:97:e3:cd:9a:ac:b1:6d:5a:26:aa:e8:fe:63:41:59:ec:
1d:2f:82:ce:13:a3:73:41:b2:03:ef:92:c2:e6:d8:1e:b7:4a:
26:5b:2f:36:f2:75:e6:4f:85:d1:40:5f:25:a5:75:fc:14:cb:
fb:65:44:d3:42:79:d3:42:93:29:fa:7a:30:7a:a8:2d:cb:78:
6f:ff:e8:01:42:6a:f9:8c:83:3e:4e:eb:a4:4c:ef:d0:90:be:
ca:a9:61:2f:6c:81:79:10:46:fa:62:38:dd:45:50:85:7a:96:
77:95:3f:9c:ed:e6:71:a4:28:cd:28:2a:8a:05:c3:23:36:b7:
9d:f8:fe:5d:a7:c0:be:b5:a9:d0:d5:25:60:5d:25:0f:c9:3e:
e6:2e:d2:f7:0f:62:ba:9d:5f:04:11:cc:57:ed:6f:f5:f9:91:
a3:b6:51:f1:6c:47:ad:35:6f:01:7a:2c:fd:c8:86:af:27:0c:
97:07:6d:87:98:9b:4d:2a:72:28:19:95:15:65:bb:cd:c4:2e:
6b:be:2a:64:7a:e2:a9:10:1f:bd:c4:bc:29:52:e6:33:7b:5a:
85:19:b2:29:fc:84:1a:f2:d1:13:02:d8:7c:77:31:70:d7:65:
08:82:0e:f1:cb:32:a0:ee:0a:a4:25:7e:04:67:9b:3e:ea:74:
37:55:39:84
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY6yZz1z2533zdDX5Mj7qr8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjRiNjllZDRhMjNiN2IzZTA2NzRhM2Y5OTQ2MDFkNzNi
N2JhZmYwHhcNMjQwNDA2MDc1NDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjBhNzMxMTY3OGFlNWM0NjU5YWIwODYwNTg1Y2I4NzFjMTE1YjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAwG9wdLPFcbJdunkEDLUtpuhiaO
IEjw577+sFNvi0NqEEMCOH91M2I2s7UvHfCChURrVK67FZylsXob23GVgagBeaRP
X/bSdCLNv0ClRP7TBdVBqoKjbPNU+4nQdFS1//7KlIcT2q8zu95aDF/APwJ2UjRb
y6HKuDrk62cx2PkFscQrPPvo/1/roL5TgAmLjDy6T/Z0241VwATOGqKHu8KHt1gJ
j+ObzwUAoqO6DAr1D0ghZysIPCiWCHnIjDlxK3F9C3+07/slGshbWlYq23y5KOhH
yjTJqqO/4hJUpS1ZK4XAFVndnlXPf0vPIFTkx0YfQKcKt+TagLJH0ygKXQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPIKcxFniuXEZZqwhgWFy4ccEVt/MB8GA1UdIwQY
MBaAFMIktp7Uojt7PgZ0o/mUYB1zt7r/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lTMm50U2lPM3MtQm5Tai1aUmdIWE8zdXY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wYWYxOTktZmU0Ny00ZjViLTljNjgt
MTViOTQ0NTc3Yzg2LzEvOGdwekVXZUs1Y1JsbXJDR0JZWExoeHdSVzM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wYWYxOTktZmU0Ny00ZjViLTljNjgtMTViOTQ0NTc3Yzg2
LzEvd2lTMm50U2lPM3MtQm5Tai1aUmdIWE8zdXY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAsv/IAwQA
sv/OMA8EAgACMAkDBwAqAaRAAAIwDQYJKoZIhvcNAQELBQADggEBAJB8l+PNmqyx
bVomquj+Y0FZ7B0vgs4To3NBsgPvksLm2B63SiZbLzbydeZPhdFAXyWldfwUy/tl
RNNCedNCkyn6ejB6qC3LeG//6AFCavmMgz5O66RM79CQvsqpYS9sgXkQRvpiON1F
UIV6lneVP5zt5nGkKM0oKooFwyM2t534/l2nwL61qdDVJWBdJQ/JPuYu0vcPYrqd
XwQRzFftb/X5kaO2UfFsR601bwF6LP3Ihq8nDJcHbYeYm00qcigZlRVlu83ELmu+
KmR64qkQH73EvClS5jN7WoUZsin8hBry0RMC2Hx3MXDXZQiCDvHLMqDuCqQlfgRn
mz7qdDdVOYQ=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:18:20 2024 by rpki-client on console-fra.rpki-client.org