Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/cKQ_RP6azBnCbnQKnzWTHCSk6bM.roa
File: cKQ_RP6azBnCbnQKnzWTHCSk6bM.roa (raw, json)
Hash identifier: y2O8a/80Jrex0GO2BFeXVW11W7a8LiraL+kB+Iixxw0=
Subject key identifier: 70:A4:3F:44:FE:9A:CC:19:C2:6E:74:0A:9F:35:93:1C:24:A4:E9:B3
Certificate issuer: /CN=94f519c4ecf15f5fc1e06eaa6e03f9cb03956caa
Certificate serial: 01914CC9318F45A52101C99B6C701078960E
Authority key identifier: 94:F5:19:C4:EC:F1:5F:5F:C1:E0:6E:AA:6E:03:F9:CB:03:95:6C:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lPUZxOzxX1_B4G6qbgP5ywOVbKo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/cKQ_RP6azBnCbnQKnzWTHCSk6bM.roa
Signing time: Tue 13 Aug 2024 17:28:59 +0000
ROA not before: Tue 13 Aug 2024 17:28:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29152
IP address blocks: 195.80.152.0/24 maxlen: 24
195.80.153.0/24 maxlen: 24
195.80.154.0/24 maxlen: 24
195.80.155.0/24 maxlen: 24
195.80.156.0/24 maxlen: 24
195.80.157.0/24 maxlen: 24
195.80.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/lPUZxOzxX1_B4G6qbgP5ywOVbKo.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/lPUZxOzxX1_B4G6qbgP5ywOVbKo.mft
rsync://rpki.ripe.net/repository/DEFAULT/lPUZxOzxX1_B4G6qbgP5ywOVbKo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4c:c9:31:8f:45:a5:21:01:c9:9b:6c:70:10:78:96:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94f519c4ecf15f5fc1e06eaa6e03f9cb03956caa
Validity
Not Before: Aug 13 17:28:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70a43f44fe9acc19c26e740a9f35931c24a4e9b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:01:3e:f1:09:ba:04:9c:c0:9f:17:4c:ec:f0:
3d:9e:ae:5a:2d:1c:26:09:8f:d3:d8:da:5b:72:b0:
37:f2:8f:48:de:7f:da:16:8c:c2:5c:4d:59:63:05:
38:fc:64:b3:b5:52:89:00:e6:6e:ab:9e:80:68:ae:
c7:10:db:95:44:67:e2:f0:4d:29:a8:e2:76:f7:f3:
e3:b1:65:be:5a:d9:0e:91:46:38:cb:98:92:20:f3:
fa:eb:53:f7:08:bc:2e:7a:f7:6f:16:03:31:81:cd:
48:a7:0f:75:83:d7:86:5e:53:95:58:2c:eb:18:a4:
91:32:73:c8:ed:90:7f:e4:9c:62:ce:a1:63:5e:ff:
da:c1:6a:57:b4:ff:d8:bd:93:26:e3:1f:ae:26:91:
94:72:0b:85:34:7e:a8:56:08:13:6f:26:f9:c7:b8:
ac:bc:91:77:66:d9:9b:3c:17:ef:3b:0b:8a:15:32:
69:2a:3c:34:19:5e:7f:35:37:85:f9:ef:39:c2:1e:
7c:3d:22:6d:82:7c:80:37:5e:79:16:82:1e:48:be:
7e:44:6e:70:a4:02:b1:87:9a:de:53:12:de:30:81:
79:94:39:46:de:b6:69:b2:87:39:a6:87:0b:73:28:
55:1c:37:01:89:cc:72:7b:1e:e6:31:8b:d6:bf:09:
d7:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A4:3F:44:FE:9A:CC:19:C2:6E:74:0A:9F:35:93:1C:24:A4:E9:B3
X509v3 Authority Key Identifier:
keyid:94:F5:19:C4:EC:F1:5F:5F:C1:E0:6E:AA:6E:03:F9:CB:03:95:6C:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPUZxOzxX1_B4G6qbgP5ywOVbKo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/cKQ_RP6azBnCbnQKnzWTHCSk6bM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/lPUZxOzxX1_B4G6qbgP5ywOVbKo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.80.152.0-195.80.157.255
195.80.159.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:97:00:36:9b:ba:b9:41:a0:e1:b9:b3:42:52:da:07:c7:9d:
9c:69:27:dc:ce:f4:d4:c0:0e:d9:29:9d:34:9c:ea:6e:9b:80:
39:ac:10:28:6f:96:7d:b6:71:99:db:0b:3d:96:15:b1:b3:b1:
c3:46:c8:dd:33:40:c7:e6:0f:5c:0f:c6:9c:4b:01:7f:b4:b3:
7b:2a:0d:0a:a0:b4:15:ce:2c:bc:04:a3:32:b4:95:3b:70:3d:
96:79:76:64:4b:d3:b2:69:db:d7:3c:e0:c6:28:00:a4:ad:0e:
46:01:cc:1e:58:05:07:fd:8c:69:e3:89:83:03:3d:14:63:d0:
79:7d:44:aa:42:e6:5f:8a:f8:25:22:3f:42:23:e4:19:be:c2:
4a:f6:9d:b1:63:33:b3:59:46:cb:cf:43:f6:99:63:b8:7b:4b:
8b:c5:12:45:07:17:b4:7e:af:a0:99:48:d6:e8:bc:d9:84:cc:
cf:12:87:02:ca:b2:94:fe:c8:46:ec:d6:33:44:aa:75:f9:dd:
39:9c:2c:ed:79:b7:e3:e6:de:66:2b:28:19:fc:f0:ad:65:4e:
c5:e8:eb:e9:62:56:f6:3d:04:26:3e:eb:c6:c5:bc:2c:11:66:
a1:22:c5:c1:a3:da:bb:27:54:ca:cc:5c:c5:a2:4d:d1:48:4b:
1c:36:b8:67
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZFMyTGPRaUhAcmbbHAQeJYOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZjUxOWM0ZWNmMTVmNWZjMWUwNmVhYTZlMDNmOWNiMDM5
NTZjYWEwHhcNMjQwODEzMTcyODU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGE0M2Y0NGZlOWFjYzE5YzI2ZTc0MGE5ZjM1OTMxYzI0YTRlOWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugE+8Qm6BJzAnxdM7PA9nq5aLRwm
CY/T2NpbcrA38o9I3n/aFozCXE1ZYwU4/GSztVKJAOZuq56AaK7HENuVRGfi8E0p
qOJ29/PjsWW+WtkOkUY4y5iSIPP661P3CLwuevdvFgMxgc1Ipw91g9eGXlOVWCzr
GKSRMnPI7ZB/5JxizqFjXv/awWpXtP/YvZMm4x+uJpGUcguFNH6oVggTbyb5x7is
vJF3ZtmbPBfvOwuKFTJpKjw0GV5/NTeF+e85wh58PSJtgnyAN155FoIeSL5+RG5w
pAKxh5reUxLeMIF5lDlG3rZpsoc5pocLcyhVHDcBicxyex7mMYvWvwnX6QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHCkP0T+mswZwm50Cp81kxwkpOmzMB8GA1UdIwQY
MBaAFJT1GcTs8V9fweBuqm4D+csDlWyqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBVWnhPenhYMV9CNEc2cWJnUDV5d09WYktvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8xMDg5NjctNjg2YS00MzIyLTg1YjMt
NTE2ZWFjNDY5MDUzLzEvY0tRX1JQNmF6Qm5DYm5RS256V1RIQ1NrNmJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8xMDg5NjctNjg2YS00MzIyLTg1YjMtNTE2ZWFjNDY5MDUz
LzEvbFBVWnhPenhYMV9CNEc2cWJnUDV5d09WYktvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAPDUJgD
BAHDUJwDBADDUJ8wDQYJKoZIhvcNAQELBQADggEBAFuXADaburlBoOG5s0JS2gfH
nZxpJ9zO9NTADtkpnTSc6m6bgDmsEChvln22cZnbCz2WFbGzscNGyN0zQMfmD1wP
xpxLAX+0s3sqDQqgtBXOLLwEozK0lTtwPZZ5dmRL07Jp29c84MYoAKStDkYBzB5Y
BQf9jGnjiYMDPRRj0Hl9RKpC5l+K+CUiP0Ij5Bm+wkr2nbFjM7NZRsvPQ/aZY7h7
S4vFEkUHF7R+r6CZSNbovNmEzM8ShwLKspT+yEbs1jNEqnX53TmcLO15t+Pm3mYr
KBn88K1lTsXo6+liVvY9BCY+68bFvCwRZqEixcGj2rsnVMrMXMWiTdFISxw2uGc=
-----END CERTIFICATE-----
Generated at Tue Nov 26 02:50:55 2024 by rpki-client on console-fra.rpki-client.org