Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/26qO268wEcAcXB5t4PDV5eJPiU0.roa
File: 26qO268wEcAcXB5t4PDV5eJPiU0.roa (raw, json)
Hash identifier: e9A1zcJAH+QV9CMnrpJhfncM8bhPbGh19QAjv9XlZVk=
Subject key identifier: DB:AA:8E:DB:AF:30:11:C0:1C:5C:1E:6D:E0:F0:D5:E5:E2:4F:89:4D
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 018CC9BCCCE30276E2F979831285CD5B96BB
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/26qO268wEcAcXB5t4PDV5eJPiU0.roa
Signing time: Tue 02 Jan 2024 10:34:02 +0000
ROA not before: Tue 02 Jan 2024 10:34:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8331
IP address blocks: 195.54.192.0/19 maxlen: 19
80.90.240.0/20 maxlen: 20
80.90.252.0/24 maxlen: 24
80.90.250.0/24 maxlen: 24
195.54.198.0/24 maxlen: 24
195.54.195.0/24 maxlen: 24
195.54.196.0/24 maxlen: 24
80.90.254.0/24 maxlen: 24
195.54.202.0/24 maxlen: 24
195.54.202.0/23 maxlen: 23
195.54.203.0/24 maxlen: 24
86.62.105.0/24 maxlen: 24
86.62.64.0/24 maxlen: 24
86.62.64.0/18 maxlen: 18
80.90.240.0/24 maxlen: 24
195.91.128.0/17 maxlen: 17
2a00:14d0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:cc:e3:02:76:e2:f9:79:83:12:85:cd:5b:96:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 2 10:34:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbaa8edbaf3011c01c5c1e6de0f0d5e5e24f894d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c7:a0:3b:fd:bd:f4:52:12:e7:02:b2:c5:d0:
d4:ba:23:8a:61:00:03:2b:b7:f5:5c:3b:a5:f6:24:
30:6d:67:90:ab:f4:b2:3f:b5:18:9a:03:7e:4c:2f:
44:62:3a:2a:da:51:79:40:4b:ba:4d:c4:f0:e1:9d:
9b:dd:23:8f:73:76:82:ca:aa:6f:4e:9c:a0:59:9f:
8e:22:26:e6:c1:f2:6c:f9:8f:99:ac:df:ab:a7:88:
cc:64:78:e0:e9:5d:6c:f2:6d:d5:15:f3:09:cd:03:
fd:3f:db:29:2e:18:27:ed:6d:fd:99:9e:57:40:94:
8a:79:fe:47:73:f4:7c:7f:fc:af:e5:a7:14:bb:6e:
ef:cd:90:25:bc:f5:c2:f8:d3:90:4a:c9:23:13:10:
34:7f:e6:11:03:19:3a:22:dd:a4:6a:a7:06:f5:3c:
24:c7:45:36:af:95:ff:c4:f8:4f:f2:bf:fa:00:e7:
42:33:ef:d8:46:a5:bc:69:3d:06:77:fb:a7:6c:fc:
01:85:4b:20:6e:f8:c4:ad:50:d5:d2:6c:a0:5d:6a:
0d:a7:cc:25:96:44:62:84:4a:bd:65:bb:5a:32:4e:
4d:ca:a4:33:41:c2:27:14:01:f7:e6:fa:73:66:f8:
9c:c8:d2:80:04:0c:85:f3:4b:4c:99:93:49:79:88:
b0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:AA:8E:DB:AF:30:11:C0:1C:5C:1E:6D:E0:F0:D5:E5:E2:4F:89:4D
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/26qO268wEcAcXB5t4PDV5eJPiU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.240.0/20
86.62.64.0/18
195.54.192.0/19
195.91.128.0/17
IPv6:
2a00:14d0::/32
Signature Algorithm: sha256WithRSAEncryption
2a:fb:7b:a4:ec:ae:36:9c:04:43:80:59:0e:a5:19:3d:c6:dd:
52:cd:97:c3:05:9e:d6:ab:c7:e6:14:0b:42:4e:8d:43:50:bd:
e9:b4:aa:d2:ac:07:75:c2:ae:ae:be:70:16:31:6d:8c:e8:96:
72:52:a0:05:d1:23:5f:f3:f3:0b:fb:56:7e:ba:86:43:d7:18:
67:d4:58:67:69:fe:f2:0c:02:fe:c5:6c:29:12:db:17:d2:e0:
9d:10:69:56:4a:f7:ad:1d:ae:e9:69:99:a5:0a:e8:5b:18:fe:
d3:e9:5d:08:47:80:c4:7c:f7:42:07:bc:2a:ec:38:33:19:30:
bc:5b:ca:98:b6:48:71:b0:51:4d:46:af:8c:55:a6:68:ae:fc:
b7:a4:34:7e:a4:7b:f0:9d:d2:43:45:f7:29:7e:de:b1:8d:1f:
fa:3f:df:65:e3:79:a2:7a:b9:68:76:e5:c5:2c:34:68:38:d0:
e0:6c:ab:08:91:54:f5:b8:ee:68:8e:89:0c:d1:d3:82:34:21:
c3:db:fc:cb:c2:a3:3d:54:4b:5e:47:b5:b3:49:8f:60:4b:bb:
52:1e:5f:43:ac:13:e9:9f:9e:da:c4:b2:d0:d2:6a:17:88:e8:
f7:f5:3f:01:60:9b:63:d8:01:b2:3d:cc:39:7b:27:12:6f:95:
22:66:ec:f5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzJvMzjAnbi+XmDEoXNW5a7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjQwMTAyMTAzNDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmFhOGVkYmFmMzAxMWMwMWM1YzFlNmRlMGYwZDVlNWUyNGY4OTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcegO/299FIS5wKyxdDUuiOKYQAD
K7f1XDul9iQwbWeQq/SyP7UYmgN+TC9EYjoq2lF5QEu6TcTw4Z2b3SOPc3aCyqpv
TpygWZ+OIibmwfJs+Y+ZrN+rp4jMZHjg6V1s8m3VFfMJzQP9P9spLhgn7W39mZ5X
QJSKef5Hc/R8f/yv5acUu27vzZAlvPXC+NOQSskjExA0f+YRAxk6It2kaqcG9Twk
x0U2r5X/xPhP8r/6AOdCM+/YRqW8aT0Gd/unbPwBhUsgbvjErVDV0mygXWoNp8wl
lkRihEq9ZbtaMk5NyqQzQcInFAH35vpzZvicyNKABAyF80tMmZNJeYiwuQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNuqjtuvMBHAHFwebeDw1eXiT4lNMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvMjZxTzI2OHdFY0FjWEI1dDRQRFY1ZUpQaVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUFrwAwQG
Vj5AAwQFwzbAAwQHw1uAMA0EAgACMAcDBQAqABTQMA0GCSqGSIb3DQEBCwUAA4IB
AQAq+3uk7K42nARDgFkOpRk9xt1SzZfDBZ7Wq8fmFAtCTo1DUL3ptKrSrAd1wq6u
vnAWMW2M6JZyUqAF0SNf8/ML+1Z+uoZD1xhn1Fhnaf7yDAL+xWwpEtsX0uCdEGlW
SvetHa7paZmlCuhbGP7T6V0IR4DEfPdCB7wq7DgzGTC8W8qYtkhxsFFNRq+MVaZo
rvy3pDR+pHvwndJDRfcpft6xjR/6P99l43mierloduXFLDRoONDgbKsIkVT1uO5o
jokM0dOCNCHD2/zLwqM9VEteR7WzSY9gS7tSHl9DrBPpn57axLLQ0moXiOj39T8B
YJtj2AGyPcw5eycSb5UiZuz1
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:13:54 2024 by rpki-client on console-ams.rpki-client.org