Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/Bo5i4c9lr1jWjkeryqokpiSB1wA.roa
File: Bo5i4c9lr1jWjkeryqokpiSB1wA.roa (raw, json)
Hash identifier: n0LpFneeUAphnNuGN6iqPxkOsuKwVKjp40SZ9wceoFg=
Subject key identifier: 06:8E:62:E1:CF:65:AF:58:D6:8E:47:AB:CA:AA:24:A6:24:81:D7:00
Certificate issuer: /CN=1e234242957bb1be129681721f9c2cd08df07baa
Certificate serial: 018CC7958228C0E740ECB623790183CA9CDD
Authority key identifier: 1E:23:42:42:95:7B:B1:BE:12:96:81:72:1F:9C:2C:D0:8D:F0:7B:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HiNCQpV7sb4SloFyH5ws0I3we6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/Bo5i4c9lr1jWjkeryqokpiSB1wA.roa
Signing time: Tue 02 Jan 2024 00:31:53 +0000
ROA not before: Tue 02 Jan 2024 00:31:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199484
IP address blocks: 195.142.152.0/22 maxlen: 24
195.142.154.0/24 maxlen: 24
195.142.185.0/24 maxlen: 24
195.142.186.0/24 maxlen: 24
195.142.184.0/24 maxlen: 24
195.142.184.0/22 maxlen: 22
185.40.72.0/22 maxlen: 24
195.142.187.0/24 maxlen: 24
195.155.98.0/24 maxlen: 24
195.142.192.0/22 maxlen: 24
195.155.96.0/24 maxlen: 24
195.155.97.0/24 maxlen: 24
195.142.194.0/24 maxlen: 24
195.155.99.0/24 maxlen: 24
2a01:4c20::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/HiNCQpV7sb4SloFyH5ws0I3we6o.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/HiNCQpV7sb4SloFyH5ws0I3we6o.mft
rsync://rpki.ripe.net/repository/DEFAULT/HiNCQpV7sb4SloFyH5ws0I3we6o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:82:28:c0:e7:40:ec:b6:23:79:01:83:ca:9c:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e234242957bb1be129681721f9c2cd08df07baa
Validity
Not Before: Jan 2 00:31:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=068e62e1cf65af58d68e47abcaaa24a62481d700
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ee:65:12:9d:58:5d:e7:44:c1:cb:dc:11:9f:
9b:77:ab:0f:0d:60:66:3a:cc:24:b9:4f:33:88:86:
4a:39:0b:e8:cf:0e:1b:35:37:bc:32:31:33:d0:d8:
cd:db:a0:15:f1:ce:ab:bb:7d:65:34:ac:0f:62:22:
34:49:41:1b:8c:02:99:85:4d:59:dc:6d:48:59:5a:
c1:59:1b:c4:ff:74:42:66:e2:10:fb:43:98:69:db:
51:f3:db:bf:7c:87:1b:af:bf:23:18:46:f3:b5:fd:
c6:c3:bf:6b:46:53:e4:02:9f:bd:3b:7b:d8:d0:37:
ed:5c:df:d7:71:c8:88:1f:be:74:a3:ee:71:bb:d5:
10:db:2a:c1:76:56:98:a7:78:a7:39:06:db:c2:e9:
65:5b:ae:4c:bd:37:50:8a:26:31:6b:9c:67:8e:9f:
65:8d:ba:42:9a:93:46:25:79:01:bc:a2:75:a3:ca:
d1:da:50:7c:c6:e8:75:29:4f:49:d1:c9:17:b9:f4:
6c:e2:89:47:c7:d7:b2:ed:28:ce:3d:73:b5:63:0f:
51:2c:83:c1:66:9b:78:b7:3b:6f:b7:3f:5c:f9:31:
c7:47:02:f7:ab:2c:a6:73:42:12:39:62:ea:76:b9:
b9:bc:4c:31:da:33:e3:a3:c1:5f:77:b9:d1:55:54:
1b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:8E:62:E1:CF:65:AF:58:D6:8E:47:AB:CA:AA:24:A6:24:81:D7:00
X509v3 Authority Key Identifier:
keyid:1E:23:42:42:95:7B:B1:BE:12:96:81:72:1F:9C:2C:D0:8D:F0:7B:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HiNCQpV7sb4SloFyH5ws0I3we6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/Bo5i4c9lr1jWjkeryqokpiSB1wA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/HiNCQpV7sb4SloFyH5ws0I3we6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.72.0/22
195.142.152.0/22
195.142.184.0/22
195.142.192.0/22
195.155.96.0/22
IPv6:
2a01:4c20::/29
Signature Algorithm: sha256WithRSAEncryption
8c:03:61:b6:7b:0e:74:da:b8:f9:a7:cf:36:ce:7a:a5:e5:34:
62:d3:be:03:93:9b:dd:be:b3:4b:92:e0:d3:21:2d:21:5d:31:
d2:ae:86:90:43:94:2a:93:8f:06:f2:c4:5b:4d:52:c2:b8:9c:
0b:32:57:29:e7:92:f7:a0:d9:4e:b0:74:5f:0c:95:b0:9e:e2:
8d:6b:73:82:ff:71:4c:5b:39:46:99:7e:12:95:7d:9e:fa:19:
cb:0d:68:16:77:56:ca:6e:0d:40:55:80:52:a3:29:76:c3:99:
2a:fc:aa:88:97:ca:47:51:d0:33:d1:b4:b2:55:80:b4:ee:d5:
aa:86:b2:1a:30:00:d0:65:33:b0:3c:b9:39:d8:c3:c2:03:e9:
df:f6:b1:f7:cb:bc:fb:32:3d:5e:89:65:76:ec:74:94:94:96:
55:fa:fb:01:7b:ec:03:f1:70:51:4b:79:d5:1a:fb:15:cf:6a:
4e:11:9b:70:3c:f4:bd:fc:fd:72:ae:ea:c0:70:f4:a7:7f:f4:
32:d7:7d:85:39:ce:27:3e:7a:c5:c9:a8:3a:bc:71:81:98:1b:
d1:ff:6c:91:48:ec:96:ae:3d:e6:96:71:8f:ea:4d:27:6c:3d:
c0:40:cb:f1:d3:a5:11:b0:73:e3:a3:43:9b:f6:97:fb:63:98:
b3:12:7b:61
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzHlYIowOdA7LYjeQGDypzdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMjM0MjQyOTU3YmIxYmUxMjk2ODE3MjFmOWMyY2QwOGRm
MDdiYWEwHhcNMjQwMTAyMDAzMTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjhlNjJlMWNmNjVhZjU4ZDY4ZTQ3YWJjYWFhMjRhNjI0ODFkNzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnO5lEp1YXedEwcvcEZ+bd6sPDWBm
OswkuU8ziIZKOQvozw4bNTe8MjEz0NjN26AV8c6ru31lNKwPYiI0SUEbjAKZhU1Z
3G1IWVrBWRvE/3RCZuIQ+0OYadtR89u/fIcbr78jGEbztf3Gw79rRlPkAp+9O3vY
0DftXN/XcciIH750o+5xu9UQ2yrBdlaYp3inOQbbwullW65MvTdQiiYxa5xnjp9l
jbpCmpNGJXkBvKJ1o8rR2lB8xuh1KU9J0ckXufRs4olHx9ey7SjOPXO1Yw9RLIPB
Zpt4tztvtz9c+THHRwL3qyymc0ISOWLqdrm5vEwx2jPjo8Ffd7nRVVQbuQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFAaOYuHPZa9Y1o5Hq8qqJKYkgdcAMB8GA1UdIwQY
MBaAFB4jQkKVe7G+EpaBch+cLNCN8HuqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGlOQ1FwVjdzYjRTbG9GeUg1d3MwSTN3ZTZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iM2FlMzMtNmQ2Mi00MDkzLTkyZWMt
NTYzODUyNmZmNjQxLzEvQm81aTRjOWxyMWpXamtlcnlxb2twaVNCMXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iM2FlMzMtNmQ2Mi00MDkzLTkyZWMtNTYzODUyNmZmNjQx
LzEvSGlOQ1FwVjdzYjRTbG9GeUg1d3MwSTN3ZTZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCuShIAwQC
w46YAwQCw464AwQCw47AAwQCw5tgMA0EAgACMAcDBQMqAUwgMA0GCSqGSIb3DQEB
CwUAA4IBAQCMA2G2ew502rj5p882znql5TRi074Dk5vdvrNLkuDTIS0hXTHSroaQ
Q5Qqk48G8sRbTVLCuJwLMlcp55L3oNlOsHRfDJWwnuKNa3OC/3FMWzlGmX4SlX2e
+hnLDWgWd1bKbg1AVYBSoyl2w5kq/KqIl8pHUdAz0bSyVYC07tWqhrIaMADQZTOw
PLk52MPCA+nf9rH3y7z7Mj1eiWV27HSUlJZV+vsBe+wD8XBRS3nVGvsVz2pOEZtw
PPS9/P1yrurAcPSnf/Qy132FOc4nPnrFyag6vHGBmBvR/2yRSOyWrj3mlnGP6k0n
bD3AQMvx06URsHPjo0Ob9pf7Y5izEnth
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:30:02 2024 by rpki-client on console-fra.rpki-client.org