Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3f63df-b6f7-4d42-a9a9-1a76784a0a21/1/BOd4X-gGHW9qfZrovTpTpCUu16o.roa
File: BOd4X-gGHW9qfZrovTpTpCUu16o.roa (raw, json)
Hash identifier: c75wuvMxn9qd8ioVmRljUDCwusi82rk/MB2SG13ABWY=
Subject key identifier: 04:E7:78:5F:E8:06:1D:6F:6A:7D:9A:E8:BD:3A:53:A4:25:2E:D7:AA
Certificate issuer: /CN=54913026f079cda241aef4514fd353c28330e461
Certificate serial: 018CC8DEA98BD271DD3EC0281A8837DDC63D
Authority key identifier: 54:91:30:26:F0:79:CD:A2:41:AE:F4:51:4F:D3:53:C2:83:30:E4:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VJEwJvB5zaJBrvRRT9NTwoMw5GE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3f63df-b6f7-4d42-a9a9-1a76784a0a21/1/BOd4X-gGHW9qfZrovTpTpCUu16o.roa
Signing time: Tue 02 Jan 2024 06:31:24 +0000
ROA not before: Tue 02 Jan 2024 06:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199245
IP address blocks: 195.85.44.0/24 maxlen: 24
2a12:b940::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/3f63df-b6f7-4d42-a9a9-1a76784a0a21/1/VJEwJvB5zaJBrvRRT9NTwoMw5GE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/3f63df-b6f7-4d42-a9a9-1a76784a0a21/1/VJEwJvB5zaJBrvRRT9NTwoMw5GE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VJEwJvB5zaJBrvRRT9NTwoMw5GE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:a9:8b:d2:71:dd:3e:c0:28:1a:88:37:dd:c6:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54913026f079cda241aef4514fd353c28330e461
Validity
Not Before: Jan 2 06:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04e7785fe8061d6f6a7d9ae8bd3a53a4252ed7aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b7:ff:1e:ac:54:6c:b1:ef:b1:58:63:ec:f1:
53:e4:6d:40:46:f8:9b:4d:29:70:44:eb:e1:a3:80:
cf:1e:d4:cf:e0:ae:69:68:e6:ec:07:68:72:2b:67:
85:34:9c:60:94:ba:18:16:40:f9:5c:eb:69:a0:89:
fc:26:58:49:9b:a9:a9:a7:2f:e4:44:e3:1f:ba:91:
61:2f:0f:d2:d4:a1:0b:40:c8:65:3a:bc:81:43:9d:
b5:10:37:d4:8c:34:dc:c5:f4:0b:8a:31:72:0a:15:
4a:20:05:8c:88:31:e6:3c:24:14:b4:4b:d7:22:ea:
fc:19:8b:2c:5b:83:df:ee:bc:a9:f3:30:5e:2d:7d:
bb:3d:3e:bb:aa:6f:38:0e:4d:06:81:ef:9d:11:70:
e3:95:63:3a:c0:de:cb:77:64:a7:75:07:18:96:39:
29:c0:56:31:69:f5:5a:59:a4:df:b2:31:54:50:2a:
88:b3:0a:86:54:c1:4b:b3:32:d9:d2:55:04:2d:e4:
47:84:4a:04:9e:05:20:38:15:8e:3e:d8:19:e0:91:
ac:29:91:46:f9:2d:d9:ab:3b:b2:47:d0:b6:70:16:
76:68:b7:c3:55:81:da:14:52:7f:3a:61:cd:b1:58:
4a:4d:49:85:63:f9:f5:f1:92:a5:25:a5:a0:39:75:
1b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:E7:78:5F:E8:06:1D:6F:6A:7D:9A:E8:BD:3A:53:A4:25:2E:D7:AA
X509v3 Authority Key Identifier:
keyid:54:91:30:26:F0:79:CD:A2:41:AE:F4:51:4F:D3:53:C2:83:30:E4:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VJEwJvB5zaJBrvRRT9NTwoMw5GE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3f63df-b6f7-4d42-a9a9-1a76784a0a21/1/BOd4X-gGHW9qfZrovTpTpCUu16o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3f63df-b6f7-4d42-a9a9-1a76784a0a21/1/VJEwJvB5zaJBrvRRT9NTwoMw5GE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.85.44.0/24
IPv6:
2a12:b940::/29
Signature Algorithm: sha256WithRSAEncryption
3e:43:b7:75:1f:82:5b:c8:2d:db:3e:a6:99:aa:9a:03:23:e4:
28:1e:b7:ea:02:ad:89:6e:58:08:9a:29:35:22:4e:8c:a8:15:
9f:f3:e5:73:91:6a:92:ba:99:d2:4b:38:9d:a9:e1:a0:6a:f6:
09:2a:9a:26:93:c2:97:62:0c:6e:b7:00:c0:e9:ea:63:77:22:
1a:73:5a:b2:0f:86:5e:14:dc:89:8e:c0:90:d8:d0:75:f5:05:
3c:71:6c:a4:26:ce:d3:f4:eb:99:ce:a5:ba:f0:9b:ee:c7:dd:
40:c2:8f:c1:97:6a:95:7a:5c:7d:57:e8:97:04:08:3a:1c:00:
d4:b9:ff:42:93:cb:09:8e:21:c9:01:8a:82:4e:64:83:4c:93:
44:f1:f3:c3:62:ca:2b:cb:8e:4c:5a:0a:9f:90:2b:46:0e:ba:
fe:c3:cf:2d:7b:32:8f:ec:a1:c0:ee:c6:07:44:f7:2e:91:93:
3c:41:01:53:5f:0e:f2:59:6b:56:10:5c:1b:74:36:cf:38:ef:
d9:eb:90:9c:40:2b:4f:c3:4c:34:f2:7f:f8:22:d7:e6:34:3a:
12:a8:c4:02:b5:b6:93:85:a3:1c:4b:cb:26:b0:d7:d2:f5:ae:
d2:1d:17:c8:82:96:f7:10:a3:cc:10:27:de:58:b8:8d:a6:7a:
05:cf:6c:1b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3qmL0nHdPsAoGog33cY9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0OTEzMDI2ZjA3OWNkYTI0MWFlZjQ1MTRmZDM1M2MyODMz
MGU0NjEwHhcNMjQwMTAyMDYzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGU3Nzg1ZmU4MDYxZDZmNmE3ZDlhZThiZDNhNTNhNDI1MmVkN2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7f/HqxUbLHvsVhj7PFT5G1ARvib
TSlwROvho4DPHtTP4K5paObsB2hyK2eFNJxglLoYFkD5XOtpoIn8JlhJm6mppy/k
ROMfupFhLw/S1KELQMhlOryBQ521EDfUjDTcxfQLijFyChVKIAWMiDHmPCQUtEvX
Iur8GYssW4Pf7ryp8zBeLX27PT67qm84Dk0Gge+dEXDjlWM6wN7Ld2SndQcYljkp
wFYxafVaWaTfsjFUUCqIswqGVMFLszLZ0lUELeRHhEoEngUgOBWOPtgZ4JGsKZFG
+S3ZqzuyR9C2cBZ2aLfDVYHaFFJ/OmHNsVhKTUmFY/n18ZKlJaWgOXUbfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFATneF/oBh1van2a6L06U6QlLteqMB8GA1UdIwQY
MBaAFFSRMCbwec2iQa70UU/TU8KDMORhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkpFd0p2QjV6YUpCcnZSUlQ5TlR3b013NUdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zZjYzZGYtYjZmNy00ZDQyLWE5YTkt
MWE3Njc4NGEwYTIxLzEvQk9kNFgtZ0dIVzlxZlpyb3ZUcFRwQ1V1MTZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zZjYzZGYtYjZmNy00ZDQyLWE5YTktMWE3Njc4NGEwYTIx
LzEvVkpFd0p2QjV6YUpCcnZSUlQ5TlR3b013NUdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw1UsMA0E
AgACMAcDBQMqErlAMA0GCSqGSIb3DQEBCwUAA4IBAQA+Q7d1H4JbyC3bPqaZqpoD
I+QoHrfqAq2JblgImik1Ik6MqBWf8+VzkWqSupnSSzidqeGgavYJKpomk8KXYgxu
twDA6epjdyIac1qyD4ZeFNyJjsCQ2NB19QU8cWykJs7T9OuZzqW68Jvux91Awo/B
l2qVelx9V+iXBAg6HADUuf9Ck8sJjiHJAYqCTmSDTJNE8fPDYsory45MWgqfkCtG
Drr+w88tezKP7KHA7sYHRPcukZM8QQFTXw7yWWtWEFwbdDbPOO/Z65CcQCtPw0w0
8n/4ItfmNDoSqMQCtbaThaMcS8smsNfS9a7SHRfIgpb3EKPMECfeWLiNpnoFz2wb
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:53:42 2024 by rpki-client on console-fra.rpki-client.org