Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2d620e-5aa4-4759-b088-bac2002932d9/1/m2GJHQXuKSVB96shbLyIPgxY3_0.roa
File: m2GJHQXuKSVB96shbLyIPgxY3_0.roa (raw, json)
Hash identifier: Yi9DAMWPZU/Mx1Dz9Pa3XpdCHtUYbQY5YDWHxzZvEro=
Subject key identifier: 9B:61:89:1D:05:EE:29:25:41:F7:AB:21:6C:BC:88:3E:0C:58:DF:FD
Certificate issuer: /CN=4bf6ac0fb0392673454c3947f4357e4594ed266d
Certificate serial: 018CC795513761C7EF44158B8A0BAC6F47C8
Authority key identifier: 4B:F6:AC:0F:B0:39:26:73:45:4C:39:47:F4:35:7E:45:94:ED:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S_asD7A5JnNFTDlH9DV-RZTtJm0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2d620e-5aa4-4759-b088-bac2002932d9/1/m2GJHQXuKSVB96shbLyIPgxY3_0.roa
Signing time: Tue 02 Jan 2024 00:31:40 +0000
ROA not before: Tue 02 Jan 2024 00:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29221
IP address blocks: 195.85.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/2d620e-5aa4-4759-b088-bac2002932d9/1/S_asD7A5JnNFTDlH9DV-RZTtJm0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/2d620e-5aa4-4759-b088-bac2002932d9/1/S_asD7A5JnNFTDlH9DV-RZTtJm0.mft
rsync://rpki.ripe.net/repository/DEFAULT/S_asD7A5JnNFTDlH9DV-RZTtJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:51:37:61:c7:ef:44:15:8b:8a:0b:ac:6f:47:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bf6ac0fb0392673454c3947f4357e4594ed266d
Validity
Not Before: Jan 2 00:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b61891d05ee292541f7ab216cbc883e0c58dffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b0:0c:df:c7:c7:58:54:0b:55:7d:38:17:f0:
77:60:ab:fc:7b:20:c2:4b:9b:45:66:45:c5:51:63:
3d:57:3c:8a:b7:0f:f2:28:4b:fd:92:a8:b2:f4:e7:
52:42:ed:37:4f:c0:94:7d:62:4e:79:5b:23:ee:a9:
d4:b9:e0:23:93:54:60:0f:30:28:0b:f4:cc:e9:da:
b1:7e:92:24:13:ce:87:98:aa:90:32:1f:81:af:c6:
fd:3a:a4:bc:9a:1d:11:5b:85:73:b6:a1:9d:50:40:
f5:84:cb:3d:81:60:96:b4:28:74:ee:6a:a3:30:e5:
6a:4d:1d:d2:21:b1:26:00:13:be:c1:bb:19:8d:15:
ef:60:e4:e3:e2:f9:a6:81:d5:27:bb:df:3e:0d:b9:
d8:d2:80:8e:f8:1c:54:84:cf:7e:04:ef:a9:78:3a:
4a:ca:80:78:80:9d:82:84:b0:39:a0:eb:ed:42:9e:
b2:c3:c4:ad:c8:c4:07:ac:e0:c3:68:47:9e:f5:15:
b0:81:06:6f:37:e1:5c:bd:66:9d:e7:11:74:67:2e:
6f:ea:a3:4d:c8:a7:41:bb:30:c6:6e:65:21:bc:fd:
07:03:c2:f5:55:ca:90:60:e4:03:d8:05:9e:e2:9d:
90:51:83:26:fc:72:ed:cc:db:51:26:ec:0b:36:02:
a0:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:61:89:1D:05:EE:29:25:41:F7:AB:21:6C:BC:88:3E:0C:58:DF:FD
X509v3 Authority Key Identifier:
keyid:4B:F6:AC:0F:B0:39:26:73:45:4C:39:47:F4:35:7E:45:94:ED:26:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S_asD7A5JnNFTDlH9DV-RZTtJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2d620e-5aa4-4759-b088-bac2002932d9/1/m2GJHQXuKSVB96shbLyIPgxY3_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2d620e-5aa4-4759-b088-bac2002932d9/1/S_asD7A5JnNFTDlH9DV-RZTtJm0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.85.242.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:97:96:ed:4f:a9:94:a3:4c:18:24:34:51:62:ed:84:7d:88:
5e:72:27:6d:ca:c7:05:8e:24:f5:3d:6d:92:66:8e:06:de:11:
3c:02:ec:8f:57:16:e1:82:56:06:98:af:e9:64:46:cb:93:46:
2a:53:4c:91:d7:ee:7b:58:d5:f6:95:1c:59:1f:38:08:34:7f:
34:79:02:6e:68:73:4f:71:87:38:62:89:02:02:2f:b9:65:d1:
de:6a:23:4e:54:c2:36:6f:53:16:f7:ec:d0:52:15:fd:78:2d:
1a:0f:4b:33:b5:2d:ed:57:0a:24:2f:84:8a:4e:1a:92:d2:d9:
a3:36:08:77:1a:d1:b0:bc:ef:e4:a2:f8:fb:13:77:67:8b:f9:
ac:ef:a5:22:dd:f8:73:ff:5d:f9:78:5d:34:8e:85:9f:ca:d6:
00:4f:45:b1:96:63:43:e5:e9:93:02:42:c3:8b:9e:2f:ba:84:
2e:d0:94:b5:03:4a:f1:a9:99:e0:0c:6b:b1:18:ca:88:35:fd:
b6:8e:8e:28:fa:d2:52:80:bb:00:67:aa:d1:1e:13:44:2f:34:
e0:68:ee:a5:d2:f7:0d:39:cf:a2:eb:4a:3a:c5:10:68:1a:ec:
4c:08:e0:9a:39:1c:ef:a5:b4:36:ff:cd:1b:2f:df:97:c8:d0:
cf:e7:66:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlVE3YcfvRBWLigusb0fIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZjZhYzBmYjAzOTI2NzM0NTRjMzk0N2Y0MzU3ZTQ1OTRl
ZDI2NmQwHhcNMjQwMTAyMDAzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjYxODkxZDA1ZWUyOTI1NDFmN2FiMjE2Y2JjODgzZTBjNThkZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLAM38fHWFQLVX04F/B3YKv8eyDC
S5tFZkXFUWM9VzyKtw/yKEv9kqiy9OdSQu03T8CUfWJOeVsj7qnUueAjk1RgDzAo
C/TM6dqxfpIkE86HmKqQMh+Br8b9OqS8mh0RW4VztqGdUED1hMs9gWCWtCh07mqj
MOVqTR3SIbEmABO+wbsZjRXvYOTj4vmmgdUnu98+DbnY0oCO+BxUhM9+BO+peDpK
yoB4gJ2ChLA5oOvtQp6yw8StyMQHrODDaEee9RWwgQZvN+FcvWad5xF0Zy5v6qNN
yKdBuzDGbmUhvP0HA8L1VcqQYOQD2AWe4p2QUYMm/HLtzNtRJuwLNgKgEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJthiR0F7iklQferIWy8iD4MWN/9MB8GA1UdIwQY
MBaAFEv2rA+wOSZzRUw5R/Q1fkWU7SZtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU19hc0Q3QTVKbk5GVERsSDlEVi1SWlR0Sm0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yZDYyMGUtNWFhNC00NzU5LWIwODgt
YmFjMjAwMjkzMmQ5LzEvbTJHSkhRWHVLU1ZCOTZzaGJMeUlQZ3hZM18wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yZDYyMGUtNWFhNC00NzU5LWIwODgtYmFjMjAwMjkzMmQ5
LzEvU19hc0Q3QTVKbk5GVERsSDlEVi1SWlR0Sm0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1XyMA0G
CSqGSIb3DQEBCwUAA4IBAQBPl5btT6mUo0wYJDRRYu2EfYhecidtyscFjiT1PW2S
Zo4G3hE8AuyPVxbhglYGmK/pZEbLk0YqU0yR1+57WNX2lRxZHzgINH80eQJuaHNP
cYc4YokCAi+5ZdHeaiNOVMI2b1MW9+zQUhX9eC0aD0sztS3tVwokL4SKThqS0tmj
Ngh3GtGwvO/kovj7E3dni/ms76Ui3fhz/135eF00joWfytYAT0WxlmND5emTAkLD
i54vuoQu0JS1A0rxqZngDGuxGMqINf22jo4o+tJSgLsAZ6rRHhNELzTgaO6l0vcN
Oc+i60o6xRBoGuxMCOCaORzvpbQ2/80bL9+XyNDP52YF
-----END CERTIFICATE-----
Generated at Sun Jun 16 06:30:25 2024 by rpki-client on console-ams.rpki-client.org