Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/a18cf1-a080-4945-8b21-05556959c455/1/8ILfYpD01k2SWXPtedrh0QU6ft0.roa
File: 8ILfYpD01k2SWXPtedrh0QU6ft0.roa (raw, json)
Hash identifier: +6CO7uoct66zzIzNhMedHPAWpMyvy0KRAuwNdGM/XaQ=
Subject key identifier: F0:82:DF:62:90:F4:D6:4D:92:59:73:ED:79:DA:E1:D1:05:3A:7E:DD
Certificate issuer: /CN=e180ebbbca0f890de353891421a83dd5b653d940
Certificate serial: 018CC86F13E7B2396DEF1EFDB48638CB3137
Authority key identifier: E1:80:EB:BB:CA:0F:89:0D:E3:53:89:14:21:A8:3D:D5:B6:53:D9:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4YDru8oPiQ3jU4kUIag91bZT2UA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/a18cf1-a080-4945-8b21-05556959c455/1/8ILfYpD01k2SWXPtedrh0QU6ft0.roa
Signing time: Tue 02 Jan 2024 04:29:31 +0000
ROA not before: Tue 02 Jan 2024 04:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35608
IP address blocks: 194.67.70.0/24 maxlen: 24
194.67.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/a18cf1-a080-4945-8b21-05556959c455/1/4YDru8oPiQ3jU4kUIag91bZT2UA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/a18cf1-a080-4945-8b21-05556959c455/1/4YDru8oPiQ3jU4kUIag91bZT2UA.mft
rsync://rpki.ripe.net/repository/DEFAULT/4YDru8oPiQ3jU4kUIag91bZT2UA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:13:e7:b2:39:6d:ef:1e:fd:b4:86:38:cb:31:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e180ebbbca0f890de353891421a83dd5b653d940
Validity
Not Before: Jan 2 04:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f082df6290f4d64d925973ed79dae1d1053a7edd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:39:53:f6:a8:f6:e8:ff:2e:f8:95:2c:56:ca:
74:70:80:73:3b:7b:71:26:9c:d9:cb:52:a9:dc:a5:
cc:35:36:63:36:7d:26:f0:ba:00:5e:d5:16:b9:96:
78:a9:dd:2d:1e:76:88:08:19:dd:29:9f:c1:04:8f:
3f:41:c3:83:a6:d0:22:c5:75:dc:fe:d5:9d:bc:2a:
67:4c:af:9f:21:88:f4:f5:2d:06:3c:d4:aa:dc:87:
f1:e7:6b:f7:08:11:c7:74:a2:ef:d5:15:eb:42:df:
23:fa:0c:df:b9:0c:52:e8:0a:8b:b9:c7:3c:5d:7d:
cf:b9:65:ed:5b:00:49:5a:f3:7a:82:d7:95:dc:49:
ed:43:c8:41:a8:84:c3:68:5a:fd:f1:5c:c4:cf:39:
8a:7d:9f:60:2b:df:b9:ef:da:8c:27:7b:5a:b0:f3:
5f:06:da:bc:12:cd:bc:0b:33:7d:5f:63:76:95:eb:
ce:1b:b4:fe:6c:a0:6f:eb:07:fa:da:7c:ad:dc:79:
1e:1b:9c:03:d7:a5:d6:27:78:ac:9d:e7:54:e5:a1:
e7:e7:76:09:09:bc:26:44:fa:9f:1b:b1:95:c5:d0:
90:e0:7b:19:79:2b:e8:45:96:e6:94:fa:8b:c8:57:
05:a7:ce:ac:3a:79:21:d3:76:1a:f8:78:3f:67:61:
07:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:82:DF:62:90:F4:D6:4D:92:59:73:ED:79:DA:E1:D1:05:3A:7E:DD
X509v3 Authority Key Identifier:
keyid:E1:80:EB:BB:CA:0F:89:0D:E3:53:89:14:21:A8:3D:D5:B6:53:D9:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4YDru8oPiQ3jU4kUIag91bZT2UA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/a18cf1-a080-4945-8b21-05556959c455/1/8ILfYpD01k2SWXPtedrh0QU6ft0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/a18cf1-a080-4945-8b21-05556959c455/1/4YDru8oPiQ3jU4kUIag91bZT2UA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.67.69.0-194.67.70.255
Signature Algorithm: sha256WithRSAEncryption
7b:ea:4f:50:e8:94:7a:1e:eb:83:fd:15:df:5b:d8:0b:2d:71:
a8:75:d7:fd:7e:f5:6b:e4:e9:24:47:ed:b4:50:15:82:28:34:
99:fa:66:c2:b1:80:7c:ed:2b:ab:0a:d0:76:c0:33:66:22:32:
ca:bb:54:7e:6c:fe:51:0e:18:69:b8:37:dd:5d:21:96:1b:f9:
53:eb:49:6a:8d:58:3b:f2:25:86:dc:53:6c:56:e6:f2:e0:47:
6f:8a:ba:d8:fc:a9:59:61:b5:6e:28:1d:6a:bd:03:4d:1e:20:
3d:25:fa:d4:61:7b:10:cd:cf:ed:79:f8:23:65:47:9e:ec:df:
21:34:e6:d4:69:f1:87:f8:89:66:63:21:77:7d:b2:4b:eb:f5:
9c:18:52:45:b7:15:af:d6:aa:e9:c1:54:c5:52:d0:cd:05:12:
34:8c:0b:f6:09:c8:53:de:01:83:ca:6f:ab:10:d3:16:ad:e0:
9f:f2:7d:0b:e1:c2:ff:a5:76:ec:8c:a7:f8:15:8d:51:cd:b4:
7f:b0:5a:0e:a0:2c:b6:8f:5b:c0:ab:ca:57:76:c1:71:41:68:
ad:f9:f0:a6:0c:b3:78:c0:4c:56:85:56:c1:94:50:bb:56:1e:
91:ad:ab:94:84:32:75:32:0a:9e:37:1a:2a:d2:e8:8b:0c:21:
49:46:c8:a3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzIbxPnsjlt7x79tIY4yzE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxODBlYmJiY2EwZjg5MGRlMzUzODkxNDIxYTgzZGQ1YjY1
M2Q5NDAwHhcNMjQwMTAyMDQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDgyZGY2MjkwZjRkNjRkOTI1OTczZWQ3OWRhZTFkMTA1M2E3ZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDlT9qj26P8u+JUsVsp0cIBzO3tx
JpzZy1Kp3KXMNTZjNn0m8LoAXtUWuZZ4qd0tHnaICBndKZ/BBI8/QcODptAixXXc
/tWdvCpnTK+fIYj09S0GPNSq3Ifx52v3CBHHdKLv1RXrQt8j+gzfuQxS6AqLucc8
XX3PuWXtWwBJWvN6gteV3EntQ8hBqITDaFr98VzEzzmKfZ9gK9+579qMJ3tasPNf
Btq8Es28CzN9X2N2levOG7T+bKBv6wf62nyt3HkeG5wD16XWJ3isnedU5aHn53YJ
CbwmRPqfG7GVxdCQ4HsZeSvoRZbmlPqLyFcFp86sOnkh03Ya+Hg/Z2EHWQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPCC32KQ9NZNkllz7Xna4dEFOn7dMB8GA1UdIwQY
MBaAFOGA67vKD4kN41OJFCGoPdW2U9lAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFlEcnU4b1BpUTNqVTRrVUlhZzkxYlpUMlVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9hMThjZjEtYTA4MC00OTQ1LThiMjEt
MDU1NTY5NTljNDU1LzEvOElMZllwRDAxazJTV1hQdGVkcmgwUVU2ZnQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9hMThjZjEtYTA4MC00OTQ1LThiMjEtMDU1NTY5NTljNDU1
LzEvNFlEcnU4b1BpUTNqVTRrVUlhZzkxYlpUMlVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADCQ0UD
BADCQ0YwDQYJKoZIhvcNAQELBQADggEBAHvqT1DolHoe64P9Fd9b2Astcah11/1+
9Wvk6SRH7bRQFYIoNJn6ZsKxgHztK6sK0HbAM2YiMsq7VH5s/lEOGGm4N91dIZYb
+VPrSWqNWDvyJYbcU2xW5vLgR2+Kutj8qVlhtW4oHWq9A00eID0l+tRhexDNz+15
+CNlR57s3yE05tRp8Yf4iWZjIXd9skvr9ZwYUkW3Fa/WqunBVMVS0M0FEjSMC/YJ
yFPeAYPKb6sQ0xat4J/yfQvhwv+lduyMp/gVjVHNtH+wWg6gLLaPW8Cryld2wXFB
aK358KYMs3jATFaFVsGUULtWHpGtq5SEMnUyCp43GirS6IsMIUlGyKM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:35:26 2024 by rpki-client on console-ams.rpki-client.org