Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b45f21-3ee6-4712-98fc-b89840a74809/1/x_StohAYMsitDke2vhoAfr0Z9VM.roa
File: x_StohAYMsitDke2vhoAfr0Z9VM.roa (raw, json)
Hash identifier: JytXM3pe2o1E2C7rKHFchufuESp/9Q48tDvuYkaxul8=
Subject key identifier: C7:F4:AD:A2:10:18:32:C8:AD:0E:47:B6:BE:1A:00:7E:BD:19:F5:53
Certificate issuer: /CN=8bbb538fc4f8f1984100640dd8435766a6206723
Certificate serial: 018CCA29BD09F39148D6E31C88A63FAC4472
Authority key identifier: 8B:BB:53:8F:C4:F8:F1:98:41:00:64:0D:D8:43:57:66:A6:20:67:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i7tTj8T48ZhBAGQN2ENXZqYgZyM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b45f21-3ee6-4712-98fc-b89840a74809/1/x_StohAYMsitDke2vhoAfr0Z9VM.roa
Signing time: Tue 02 Jan 2024 12:33:02 +0000
ROA not before: Tue 02 Jan 2024 12:33:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60295
IP address blocks: 195.20.216.0/23 maxlen: 23
193.47.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/b45f21-3ee6-4712-98fc-b89840a74809/1/i7tTj8T48ZhBAGQN2ENXZqYgZyM.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/b45f21-3ee6-4712-98fc-b89840a74809/1/i7tTj8T48ZhBAGQN2ENXZqYgZyM.mft
rsync://rpki.ripe.net/repository/DEFAULT/i7tTj8T48ZhBAGQN2ENXZqYgZyM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:bd:09:f3:91:48:d6:e3:1c:88:a6:3f:ac:44:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bbb538fc4f8f1984100640dd8435766a6206723
Validity
Not Before: Jan 2 12:33:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7f4ada2101832c8ad0e47b6be1a007ebd19f553
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ba:57:15:9c:65:60:f9:06:72:97:aa:f5:da:
36:1c:39:99:29:82:51:69:58:08:e4:c1:81:62:c1:
de:a1:33:7a:49:39:a2:b1:ba:b8:6f:cb:32:46:00:
9a:cb:4c:b1:12:80:70:95:3d:0b:47:da:dd:c7:2f:
cf:b6:42:7a:47:29:d3:a8:3e:3f:56:8a:9f:84:d9:
07:44:1c:4d:6d:13:4e:ca:c1:e8:a2:61:f8:00:ec:
e9:3d:b6:13:af:4c:fa:4c:9d:e4:da:b0:e1:f0:0c:
12:41:1b:27:0c:bc:9e:89:87:73:35:88:ef:e5:e2:
3d:76:84:d9:20:07:98:2d:25:7a:51:a8:fa:0b:fb:
8b:da:f6:35:1b:2e:62:34:45:cd:67:6f:cc:4c:08:
0b:23:19:9a:6a:c5:94:99:11:3c:cf:96:aa:ad:32:
13:46:a7:e2:93:2d:26:1b:1e:a7:57:4e:8b:a7:1a:
74:c6:71:41:b2:fa:af:28:99:c3:19:61:49:02:93:
f3:6f:63:17:2f:fd:96:83:5a:ca:df:1d:fc:df:d4:
43:1d:9f:07:03:73:22:74:1b:72:00:d3:93:d6:ba:
74:c0:03:c1:8e:d9:3b:63:1b:ef:07:3d:ae:8c:3f:
cf:87:0f:c6:3f:52:f0:60:a0:db:5d:15:20:6b:cf:
48:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:F4:AD:A2:10:18:32:C8:AD:0E:47:B6:BE:1A:00:7E:BD:19:F5:53
X509v3 Authority Key Identifier:
keyid:8B:BB:53:8F:C4:F8:F1:98:41:00:64:0D:D8:43:57:66:A6:20:67:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i7tTj8T48ZhBAGQN2ENXZqYgZyM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b45f21-3ee6-4712-98fc-b89840a74809/1/x_StohAYMsitDke2vhoAfr0Z9VM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b45f21-3ee6-4712-98fc-b89840a74809/1/i7tTj8T48ZhBAGQN2ENXZqYgZyM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.47.84.0/24
195.20.216.0/23
Signature Algorithm: sha256WithRSAEncryption
99:4d:2e:cc:71:f5:1d:6e:aa:92:c6:73:be:16:d7:9d:3c:e2:
de:e1:36:0f:8e:45:23:80:ae:ef:25:0c:7e:2a:12:98:65:ea:
df:96:84:70:fb:0e:15:8b:fb:28:92:99:4d:9e:f6:03:21:17:
ce:15:3c:dd:bf:d1:24:18:d8:9f:fc:50:38:20:5e:83:0b:df:
1b:ba:0d:ed:45:10:b5:61:17:7f:88:ff:b2:c7:94:b5:20:66:
86:90:ba:49:67:8f:18:00:8e:0d:7f:20:74:b9:76:5c:a1:26:
f3:82:82:36:f0:cd:26:55:e7:ef:f6:f1:bf:84:13:c9:0d:aa:
12:b0:ff:7e:64:11:46:a4:21:86:b1:43:08:c7:4f:e4:23:59:
63:3c:be:95:18:7b:d7:7e:51:e7:db:a5:2a:5a:c7:32:df:b2:
ed:6b:6d:8b:76:74:d5:4e:8d:99:8b:9d:b3:7b:6e:4a:8d:4d:
af:aa:df:79:64:d9:f1:0b:92:aa:af:4b:7a:9d:55:fb:50:6f:
90:0e:55:85:97:ed:ef:52:6d:4c:c5:90:1f:06:87:bf:c6:e6:
15:89:b5:35:e2:4b:c9:0f:b0:d2:f1:38:8f:4f:0f:39:a6:a7:
4c:36:6c:f0:9d:8a:10:c4:53:1a:a0:fc:e8:a0:6b:aa:0b:d9:
03:2e:5d:0e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKb0J85FI1uMciKY/rERyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYmI1MzhmYzRmOGYxOTg0MTAwNjQwZGQ4NDM1NzY2YTYy
MDY3MjMwHhcNMjQwMTAyMTIzMzAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2Y0YWRhMjEwMTgzMmM4YWQwZTQ3YjZiZTFhMDA3ZWJkMTlmNTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7pXFZxlYPkGcpeq9do2HDmZKYJR
aVgI5MGBYsHeoTN6STmisbq4b8syRgCay0yxEoBwlT0LR9rdxy/PtkJ6RynTqD4/
VoqfhNkHRBxNbRNOysHoomH4AOzpPbYTr0z6TJ3k2rDh8AwSQRsnDLyeiYdzNYjv
5eI9doTZIAeYLSV6Uaj6C/uL2vY1Gy5iNEXNZ2/MTAgLIxmaasWUmRE8z5aqrTIT
Rqfiky0mGx6nV06Lpxp0xnFBsvqvKJnDGWFJApPzb2MXL/2Wg1rK3x3839RDHZ8H
A3MidBtyANOT1rp0wAPBjtk7YxvvBz2ujD/Phw/GP1LwYKDbXRUga89I2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMf0raIQGDLIrQ5Htr4aAH69GfVTMB8GA1UdIwQY
MBaAFIu7U4/E+PGYQQBkDdhDV2amIGcjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTd0VGo4VDQ4WmhCQUdRTjJFTlhacVlnWnlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iNDVmMjEtM2VlNi00NzEyLTk4ZmMt
Yjg5ODQwYTc0ODA5LzEveF9TdG9oQVlNc2l0RGtlMnZob0FmcjBaOVZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iNDVmMjEtM2VlNi00NzEyLTk4ZmMtYjg5ODQwYTc0ODA5
LzEvaTd0VGo4VDQ4WmhCQUdRTjJFTlhacVlnWnlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwS9UAwQB
wxTYMA0GCSqGSIb3DQEBCwUAA4IBAQCZTS7McfUdbqqSxnO+FtedPOLe4TYPjkUj
gK7vJQx+KhKYZerfloRw+w4Vi/sokplNnvYDIRfOFTzdv9EkGNif/FA4IF6DC98b
ug3tRRC1YRd/iP+yx5S1IGaGkLpJZ48YAI4NfyB0uXZcoSbzgoI28M0mVefv9vG/
hBPJDaoSsP9+ZBFGpCGGsUMIx0/kI1ljPL6VGHvXflHn26UqWscy37Lta22LdnTV
To2Zi52ze25KjU2vqt95ZNnxC5Kqr0t6nVX7UG+QDlWFl+3vUm1MxZAfBoe/xuYV
ibU14kvJD7DS8TiPTw85pqdMNmzwnYoQxFMaoPzooGuqC9kDLl0O
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:40:24 2024 by rpki-client on console-ams.rpki-client.org