Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/8O47t1EkFpDL-I_MKYgBBXQrG-c.roa
File: 8O47t1EkFpDL-I_MKYgBBXQrG-c.roa (raw, json)
Hash identifier: 8Vxu7XmYYy2HHX39yAF/XDBVlK3p93Zvb3HkHlZd5oA=
Subject key identifier: F0:EE:3B:B7:51:24:16:90:CB:F8:8F:CC:29:88:01:05:74:2B:1B:E7
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EA2E38BA6F612E6E5094A3094B093B863
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/8O47t1EkFpDL-I_MKYgBBXQrG-c.roa
Signing time: Wed 03 Apr 2024 07:36:45 +0000
ROA not before: Wed 03 Apr 2024 07:36:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206338
IP address blocks: 176.211.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a2:e3:8b:a6:f6:12:e6:e5:09:4a:30:94:b0:93:b8:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 3 07:36:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0ee3bb751241690cbf88fcc29880105742b1be7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d6:57:21:49:00:62:0d:9f:6f:3b:ea:1c:49:
36:86:cd:45:bf:bf:2e:6a:cb:d8:a8:9d:81:16:1b:
4f:29:ff:cb:75:c1:9c:75:7f:6c:0e:dd:fe:52:18:
fc:18:dc:af:60:f1:32:93:60:6b:77:2a:46:e5:a6:
60:95:32:86:7b:78:b2:d8:d1:0a:75:0a:bb:4b:a0:
67:da:1c:73:84:6a:02:c0:3b:37:29:1d:ab:77:01:
75:a0:7d:79:ad:63:30:43:2e:50:9d:75:a4:2c:13:
fe:61:f9:d5:97:3b:d9:77:ca:3d:21:4c:34:21:a3:
65:0d:a8:27:a4:9f:88:d0:3c:ee:e9:a2:a2:36:3c:
b4:05:94:17:70:b4:21:4f:c1:0f:ea:c9:c4:be:7a:
da:8e:d7:a1:94:a5:6a:f4:90:c5:c6:4e:60:a1:72:
0c:37:38:38:af:94:76:25:17:84:97:6f:57:3b:92:
e5:41:63:94:3d:34:e8:bc:2d:d1:c8:08:ff:f8:a2:
84:48:5c:be:1d:19:20:11:45:56:37:dc:c5:7b:6d:
04:7b:aa:36:ca:fb:e7:8c:f2:d7:73:6a:c9:9f:3d:
a2:d3:bf:e2:9a:34:8c:35:5b:dd:c0:07:a6:ae:55:
81:2b:2b:f5:09:96:fd:d0:f5:2a:98:2e:a4:15:8a:
59:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:EE:3B:B7:51:24:16:90:CB:F8:8F:CC:29:88:01:05:74:2B:1B:E7
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/8O47t1EkFpDL-I_MKYgBBXQrG-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.211.74.0/24
Signature Algorithm: sha256WithRSAEncryption
74:f9:f5:03:91:5e:c7:f6:32:b4:7a:f1:09:2d:78:ca:1c:41:
03:2c:f5:32:a6:74:15:0b:fd:9d:9b:3d:31:d2:5f:56:32:e0:
e5:53:82:bc:a0:35:75:11:cb:e3:15:a6:a3:4b:7a:aa:23:a4:
6d:ad:91:64:f9:ba:7f:8d:20:ca:25:39:2b:47:f4:cc:f3:82:
9b:74:29:ac:2e:ef:e3:bd:ee:e1:cc:ec:44:a9:dc:eb:b8:ac:
38:e5:ed:85:f8:51:c1:c3:06:16:b9:25:79:a7:f7:25:e1:2b:
fa:81:66:b5:6b:40:d5:c8:05:00:96:9b:3e:7a:d7:c5:f8:61:
f7:85:e0:b8:49:ef:10:ce:e2:9d:4d:d9:32:df:42:db:15:e1:
79:63:8c:35:84:3e:dd:6f:f1:ec:a0:06:16:f8:6f:ab:cb:e5:
92:51:e5:76:08:d0:02:d1:7a:36:70:9a:4d:62:b1:04:ae:68:
be:8d:6c:9a:d0:f5:d4:a1:93:2a:ac:8c:fa:eb:e5:60:b3:f8:
1a:32:e6:74:3f:e5:53:21:66:d0:b9:65:fc:31:65:e7:5a:2a:
53:e7:2a:6e:13:21:42:69:85:4c:6f:62:d2:57:b8:52:17:53:
47:da:1f:5d:15:24:bf:ef:96:d7:69:8e:eb:42:1d:f3:82:68:
d7:bf:8b:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6i44um9hLm5QlKMJSwk7hjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDAzMDczNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGVlM2JiNzUxMjQxNjkwY2JmODhmY2MyOTg4MDEwNTc0MmIxYmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9ZXIUkAYg2fbzvqHEk2hs1Fv78u
asvYqJ2BFhtPKf/LdcGcdX9sDt3+Uhj8GNyvYPEyk2BrdypG5aZglTKGe3iy2NEK
dQq7S6Bn2hxzhGoCwDs3KR2rdwF1oH15rWMwQy5QnXWkLBP+YfnVlzvZd8o9IUw0
IaNlDagnpJ+I0Dzu6aKiNjy0BZQXcLQhT8EP6snEvnrajtehlKVq9JDFxk5goXIM
Nzg4r5R2JReEl29XO5LlQWOUPTTovC3RyAj/+KKESFy+HRkgEUVWN9zFe20Ee6o2
yvvnjPLXc2rJnz2i07/imjSMNVvdwAemrlWBKyv1CZb90PUqmC6kFYpZDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPDuO7dRJBaQy/iPzCmIAQV0KxvnMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvOE80N3QxRWtGcERMLUlfTUtZZ0JCWFFyRy1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsNNKMA0G
CSqGSIb3DQEBCwUAA4IBAQB0+fUDkV7H9jK0evEJLXjKHEEDLPUypnQVC/2dmz0x
0l9WMuDlU4K8oDV1EcvjFaajS3qqI6RtrZFk+bp/jSDKJTkrR/TM84KbdCmsLu/j
ve7hzOxEqdzruKw45e2F+FHBwwYWuSV5p/cl4Sv6gWa1a0DVyAUAlps+etfF+GH3
heC4Se8QzuKdTdky30LbFeF5Y4w1hD7db/HsoAYW+G+ry+WSUeV2CNAC0Xo2cJpN
YrEErmi+jWya0PXUoZMqrIz66+Vgs/gaMuZ0P+VTIWbQuWX8MWXnWipT5ypuEyFC
aYVMb2LSV7hSF1NH2h9dFSS/75bXaY7rQh3zgmjXv4vn
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:27:56 2024 by rpki-client on console-ams.rpki-client.org