Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/_ETaswa0WitiWVkBFYZeKHQ2c8s.roa
File: _ETaswa0WitiWVkBFYZeKHQ2c8s.roa (raw, json)
Hash identifier: SZKTJ0Hi8zcANOk21VYQ9r5pEu5NQnc5TnMIVMdNDx0=
Subject key identifier: FC:44:DA:B3:06:B4:5A:2B:62:59:59:01:15:86:5E:28:74:36:73:CB
Certificate issuer: /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial: 018CC94DFAF893021F3AC12395595FFD2C19
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/_ETaswa0WitiWVkBFYZeKHQ2c8s.roa
Signing time: Tue 02 Jan 2024 08:33:00 +0000
ROA not before: Tue 02 Jan 2024 08:33:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34826
IP address blocks: 195.187.130.0/24 maxlen: 24
195.187.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.mft
rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:fa:f8:93:02:1f:3a:c1:23:95:59:5f:fd:2c:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Validity
Not Before: Jan 2 08:33:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc44dab306b45a2b6259590115865e28743673cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b1:c9:2a:3d:dd:42:8b:4e:d2:c2:bf:1b:f5:
cf:bb:2f:d9:dc:c5:ad:81:20:48:8c:ab:bc:9d:34:
71:de:b2:bd:37:5f:37:5e:1c:36:df:2d:7f:57:e0:
c3:1a:3b:86:be:f3:a3:2f:e4:ea:c0:43:58:8f:e1:
c6:63:ed:cb:6d:ac:19:e6:26:2c:6c:4b:22:6a:ed:
90:c7:2e:26:14:62:32:aa:de:01:b5:e2:47:6f:16:
7f:3f:9b:20:e2:d5:10:3e:78:67:50:ff:35:c5:a5:
2e:80:af:b5:12:2e:f3:5c:4d:7e:d7:da:6e:d1:f4:
16:12:9f:a4:78:ee:73:2e:1f:14:38:91:81:ad:29:
76:63:65:ca:a9:da:78:53:00:4a:db:2f:19:99:0a:
a5:d5:d8:f4:16:ab:41:7c:aa:87:d1:76:ac:6b:2b:
dd:b0:ba:ce:68:d8:d4:f5:d8:b3:d6:85:3f:fc:63:
00:64:63:31:69:ed:8b:c5:8b:b0:1f:6e:7d:a3:c2:
aa:c4:c1:a6:15:8e:22:b4:78:48:01:c5:82:c7:22:
3a:8c:af:8b:90:8b:70:83:c6:a2:51:6a:ac:00:b6:
af:be:14:f7:6e:47:53:5e:28:9d:47:34:da:36:8c:
c5:f0:7f:e6:6b:9f:79:1e:2e:3d:14:f5:19:41:df:
f6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:44:DA:B3:06:B4:5A:2B:62:59:59:01:15:86:5E:28:74:36:73:CB
X509v3 Authority Key Identifier:
keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/_ETaswa0WitiWVkBFYZeKHQ2c8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.187.130.0/24
195.187.142.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:bf:df:3c:25:a9:86:48:fd:96:ca:85:2f:b7:8a:b8:8d:4e:
1b:53:f1:cb:e4:b6:e3:18:cf:b8:81:c0:0e:47:92:5a:a7:d3:
a3:de:79:e9:f9:50:0f:e3:17:d8:b6:11:97:b1:f8:25:ae:77:
a0:4a:11:e1:69:82:7f:e9:74:bb:6d:92:89:c6:13:d7:64:5d:
03:7b:42:a3:5c:36:db:08:31:21:c4:8b:b9:cb:5d:c2:ea:c7:
c9:cc:6f:80:88:8a:a0:18:3e:48:4f:1c:e2:6d:15:11:5c:22:
1f:0e:4a:d2:74:fc:b7:2f:5b:e6:b3:3b:21:7d:e3:46:97:b7:
29:46:b6:0f:42:be:89:5b:16:90:0a:cb:56:d8:c0:b0:ad:25:
51:11:18:b6:60:c1:90:4d:66:6b:f7:dd:ad:d8:4c:62:ef:8d:
2b:d6:da:7e:33:9e:82:05:b7:f6:c9:a7:2a:61:b9:6e:a6:30:
c6:b9:60:7a:32:66:33:11:82:4e:cb:6e:02:0a:ac:41:30:b8:
71:bb:7f:9e:f2:bb:b8:39:11:fa:f0:5c:ba:6f:1f:1c:ec:8d:
27:2a:f4:2f:5d:ef:d5:78:0d:69:37:f6:4c:7b:75:cf:f7:d7:
d0:4c:d5:1f:4f:7b:65:1f:17:aa:f2:89:81:46:d2:30:3b:1d:
7d:ac:d0:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTfr4kwIfOsEjlVlf/SwZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzQwOTYxM2ZlYTBhMmI0NDJjZTExMmU5Y2JkYjQ4NWUw
MTE4OGYwHhcNMjQwMTAyMDgzMzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzQ0ZGFiMzA2YjQ1YTJiNjI1OTU5MDExNTg2NWUyODc0MzY3M2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7HJKj3dQotO0sK/G/XPuy/Z3MWt
gSBIjKu8nTRx3rK9N183Xhw23y1/V+DDGjuGvvOjL+TqwENYj+HGY+3LbawZ5iYs
bEsiau2Qxy4mFGIyqt4BteJHbxZ/P5sg4tUQPnhnUP81xaUugK+1Ei7zXE1+19pu
0fQWEp+keO5zLh8UOJGBrSl2Y2XKqdp4UwBK2y8ZmQql1dj0FqtBfKqH0Xasayvd
sLrOaNjU9diz1oU//GMAZGMxae2LxYuwH259o8KqxMGmFY4itHhIAcWCxyI6jK+L
kItwg8aiUWqsALavvhT3bkdTXiidRzTaNozF8H/ma595Hi49FPUZQd/2YwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPxE2rMGtForYllZARWGXih0NnPLMB8GA1UdIwQY
MBaAFDDECWE/6gorRCzhEunL20heARiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYt
YzA2NzFiZjRjZjNlLzEvX0VUYXN3YTBXaXRpV1ZrQkZZWmVLSFEyYzhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYtYzA2NzFiZjRjZjNl
LzEvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw7uCAwQA
w7uOMA0GCSqGSIb3DQEBCwUAA4IBAQBdv988JamGSP2WyoUvt4q4jU4bU/HL5Lbj
GM+4gcAOR5Jap9Oj3nnp+VAP4xfYthGXsfglrnegShHhaYJ/6XS7bZKJxhPXZF0D
e0KjXDbbCDEhxIu5y13C6sfJzG+AiIqgGD5ITxzibRURXCIfDkrSdPy3L1vmszsh
feNGl7cpRrYPQr6JWxaQCstW2MCwrSVRERi2YMGQTWZr992t2Exi740r1tp+M56C
Bbf2yacqYblupjDGuWB6MmYzEYJOy24CCqxBMLhxu3+e8ru4ORH68Fy6bx8c7I0n
KvQvXe/VeA1pN/ZMe3XP99fQTNUfT3tlHxeq8omBRtIwOx19rNCy
-----END CERTIFICATE-----
Generated at Sat Nov 23 18:56:08 2024 by rpki-client on console-fra.rpki-client.org