Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/8c3a8b-9171-4620-b1e0-77fca7a30b9f/1/4gJ1dh1hVVhW7uZyinjeu6HCAoM.roa
File: 4gJ1dh1hVVhW7uZyinjeu6HCAoM.roa (raw, json)
Hash identifier: qZw4Mt/zE52oWBU0vHMOD25/wYpDc5vH6AA7yKw8O94=
Subject key identifier: E2:02:75:76:1D:61:55:58:56:EE:E6:72:8A:78:DE:BB:A1:C2:02:83
Certificate issuer: /CN=0c6859feba7834c9322b7c6f6bd81bd3bef5ce51
Certificate serial: 018F9AF2A5FC2DA069635330A973F60705FF
Authority key identifier: 0C:68:59:FE:BA:78:34:C9:32:2B:7C:6F:6B:D8:1B:D3:BE:F5:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DGhZ_rp4NMkyK3xva9gb0771zlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/8c3a8b-9171-4620-b1e0-77fca7a30b9f/1/4gJ1dh1hVVhW7uZyinjeu6HCAoM.roa
Signing time: Tue 21 May 2024 11:39:04 +0000
ROA not before: Tue 21 May 2024 11:39:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215371
IP address blocks: 195.140.196.0/24 maxlen: 24
195.140.197.0/24 maxlen: 24
195.140.198.0/24 maxlen: 24
195.140.199.0/24 maxlen: 24
195.149.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/8c3a8b-9171-4620-b1e0-77fca7a30b9f/1/DGhZ_rp4NMkyK3xva9gb0771zlE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/8c3a8b-9171-4620-b1e0-77fca7a30b9f/1/DGhZ_rp4NMkyK3xva9gb0771zlE.mft
rsync://rpki.ripe.net/repository/DEFAULT/DGhZ_rp4NMkyK3xva9gb0771zlE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 07:35:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9a:f2:a5:fc:2d:a0:69:63:53:30:a9:73:f6:07:05:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c6859feba7834c9322b7c6f6bd81bd3bef5ce51
Validity
Not Before: May 21 11:39:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e20275761d61555856eee6728a78debba1c20283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:04:b5:ec:1c:b4:a4:0f:46:f5:77:c6:33:94:
ae:3e:06:69:75:8b:19:cf:1c:75:0e:4c:d1:a3:ae:
43:04:c0:04:a1:4e:22:b6:7e:6d:60:f2:47:61:52:
9b:8f:cb:c2:46:51:1f:75:00:f2:e4:26:2b:70:d0:
48:4b:24:a1:c3:08:1f:b5:a4:83:0c:11:06:9e:e6:
97:7e:11:8a:bd:a5:dc:93:63:c5:5b:10:7b:15:9e:
73:2a:2f:d2:9a:6c:71:90:59:9f:7c:55:15:e6:7c:
0a:7d:5e:10:b6:e9:e8:aa:7b:4e:6d:0b:83:38:eb:
07:30:8e:0f:39:44:a7:fd:9c:4c:77:87:09:f9:45:
25:17:44:23:67:20:57:dc:51:4c:5c:ea:5d:7b:03:
f6:5b:30:fa:8a:b1:fd:7b:6d:4f:2b:19:15:6f:50:
88:a9:d8:46:57:63:7a:5c:36:36:27:b2:7a:ff:71:
6f:ba:27:6f:71:67:19:ed:f8:50:97:37:65:4c:e1:
aa:81:f4:74:a2:ed:98:77:d2:0b:73:eb:14:3d:d0:
3d:44:b1:60:d1:11:1e:c9:06:86:ce:d6:b6:a5:e9:
23:04:aa:f2:f5:e9:65:b8:9d:b6:79:6b:8c:cd:91:
a2:a9:05:fa:14:df:fc:17:b4:ca:b1:df:7b:88:98:
8d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:02:75:76:1D:61:55:58:56:EE:E6:72:8A:78:DE:BB:A1:C2:02:83
X509v3 Authority Key Identifier:
keyid:0C:68:59:FE:BA:78:34:C9:32:2B:7C:6F:6B:D8:1B:D3:BE:F5:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DGhZ_rp4NMkyK3xva9gb0771zlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/8c3a8b-9171-4620-b1e0-77fca7a30b9f/1/4gJ1dh1hVVhW7uZyinjeu6HCAoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/8c3a8b-9171-4620-b1e0-77fca7a30b9f/1/DGhZ_rp4NMkyK3xva9gb0771zlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.140.196.0/22
195.149.116.0/24
Signature Algorithm: sha256WithRSAEncryption
93:8c:cb:1e:3e:9a:d8:e7:50:9d:c2:27:f8:1a:c6:a3:77:47:
ec:24:b0:f9:1f:74:e9:a0:46:fb:51:ab:5c:ba:b9:53:91:99:
92:b8:9a:21:16:a3:d9:e2:1a:df:bd:de:51:54:94:d2:18:97:
ec:80:1e:0b:7e:58:ec:b4:f9:44:13:72:28:13:e1:85:b4:05:
88:55:c7:f2:c9:b1:c6:c6:5b:d2:21:2b:11:38:c9:66:51:69:
1c:0d:1b:f3:f1:b6:60:8c:5f:57:e7:53:2b:29:20:51:1b:53:
a5:69:08:b7:c5:c0:f0:b8:fe:f2:bc:31:fe:a8:4b:ac:0a:79:
a3:14:e1:c5:c4:29:81:35:48:e2:28:2f:77:97:50:3e:0c:27:
e5:25:8c:12:b1:78:4b:77:af:66:e2:0a:72:11:d0:8e:18:fb:
9c:11:9a:9d:7a:42:2c:79:66:a4:68:07:83:08:3c:41:3c:d4:
8b:68:e5:38:b6:3a:b7:1e:1e:a5:7a:6d:a8:f5:a3:da:92:07:
d2:5e:e1:db:36:14:24:2f:d3:fa:4a:1d:df:92:a3:bf:29:ef:
be:fb:77:b6:5e:51:b3:bb:47:f4:eb:44:60:00:04:0b:50:fa:
8c:8c:53:71:58:45:7d:b3:bf:13:1b:66:36:b2:10:84:64:d2:
55:f3:fd:cb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+a8qX8LaBpY1MwqXP2BwX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNjg1OWZlYmE3ODM0YzkzMjJiN2M2ZjZiZDgxYmQzYmVm
NWNlNTEwHhcNMjQwNTIxMTEzOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjAyNzU3NjFkNjE1NTU4NTZlZWU2NzI4YTc4ZGViYmExYzIwMjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAS17By0pA9G9XfGM5SuPgZpdYsZ
zxx1DkzRo65DBMAEoU4itn5tYPJHYVKbj8vCRlEfdQDy5CYrcNBISyShwwgftaSD
DBEGnuaXfhGKvaXck2PFWxB7FZ5zKi/SmmxxkFmffFUV5nwKfV4QtunoqntObQuD
OOsHMI4POUSn/ZxMd4cJ+UUlF0QjZyBX3FFMXOpdewP2WzD6irH9e21PKxkVb1CI
qdhGV2N6XDY2J7J6/3FvuidvcWcZ7fhQlzdlTOGqgfR0ou2Yd9ILc+sUPdA9RLFg
0REeyQaGzta2pekjBKry9elluJ22eWuMzZGiqQX6FN/8F7TKsd97iJiN9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOICdXYdYVVYVu7mcop43ruhwgKDMB8GA1UdIwQY
MBaAFAxoWf66eDTJMit8b2vYG9O+9c5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREdoWl9ycDROTWt5SzN4dmE5Z2IwNzcxemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC84YzNhOGItOTE3MS00NjIwLWIxZTAt
NzdmY2E3YTMwYjlmLzEvNGdKMWRoMWhWVmhXN3VaeWluamV1NkhDQW9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC84YzNhOGItOTE3MS00NjIwLWIxZTAtNzdmY2E3YTMwYjlm
LzEvREdoWl9ycDROTWt5SzN4dmE5Z2IwNzcxemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCw4zEAwQA
w5V0MA0GCSqGSIb3DQEBCwUAA4IBAQCTjMsePprY51Cdwif4Gsajd0fsJLD5H3Tp
oEb7UatcurlTkZmSuJohFqPZ4hrfvd5RVJTSGJfsgB4LfljstPlEE3IoE+GFtAWI
VcfyybHGxlvSISsROMlmUWkcDRvz8bZgjF9X51MrKSBRG1OlaQi3xcDwuP7yvDH+
qEusCnmjFOHFxCmBNUjiKC93l1A+DCflJYwSsXhLd69m4gpyEdCOGPucEZqdekIs
eWakaAeDCDxBPNSLaOU4tjq3Hh6lem2o9aPakgfSXuHbNhQkL9P6Sh3fkqO/Ke++
+3e2XlGzu0f060RgAAQLUPqMjFNxWEV9s78TG2Y2shCEZNJV8/3L
-----END CERTIFICATE-----
Generated at Mon Jul 1 09:00:46 2024 by rpki-client on console-fra.rpki-client.org