Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/b27d45-08cc-47a1-ac5a-5f4836083a30/1/0BDdrw6Ls4SRAf7nIM9fvgIBYS8.roa
File: 0BDdrw6Ls4SRAf7nIM9fvgIBYS8.roa (raw, json)
Hash identifier: 4szWFJlhTqr1aSEYB54L1zx6Lwny5jShMQRfaNckYLg=
Subject key identifier: D0:10:DD:AF:0E:8B:B3:84:91:01:FE:E7:20:CF:5F:BE:02:01:61:2F
Certificate issuer: /CN=52056867e4d2885e99b549ed6fb786330adf8f44
Certificate serial: 018CC424CC46592A4D8ABF76D0A895594C43
Authority key identifier: 52:05:68:67:E4:D2:88:5E:99:B5:49:ED:6F:B7:86:33:0A:DF:8F:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UgVoZ-TSiF6ZtUntb7eGMwrfj0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/b27d45-08cc-47a1-ac5a-5f4836083a30/1/0BDdrw6Ls4SRAf7nIM9fvgIBYS8.roa
Signing time: Mon 01 Jan 2024 08:29:55 +0000
ROA not before: Mon 01 Jan 2024 08:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49143
IP address blocks: 195.88.186.0/24 maxlen: 24
195.88.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/b27d45-08cc-47a1-ac5a-5f4836083a30/1/UgVoZ-TSiF6ZtUntb7eGMwrfj0Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/b27d45-08cc-47a1-ac5a-5f4836083a30/1/UgVoZ-TSiF6ZtUntb7eGMwrfj0Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/UgVoZ-TSiF6ZtUntb7eGMwrfj0Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:03:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:cc:46:59:2a:4d:8a:bf:76:d0:a8:95:59:4c:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52056867e4d2885e99b549ed6fb786330adf8f44
Validity
Not Before: Jan 1 08:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d010ddaf0e8bb3849101fee720cf5fbe0201612f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6d:db:4b:1a:e0:b5:b7:88:cb:24:7d:4f:e1:
12:7c:b2:e7:f6:34:e5:13:fc:b5:dd:20:3e:f8:67:
11:f2:62:54:46:6f:5d:90:8e:3d:aa:82:97:12:1a:
20:b7:88:b1:2f:8e:66:35:40:77:59:03:cc:1d:68:
c6:cd:31:22:4f:e3:79:81:15:ff:91:ac:f0:5f:f7:
e8:5f:52:67:36:72:da:9a:43:bd:9c:9c:2e:88:f8:
36:e0:ba:41:88:70:3c:f5:40:37:67:eb:2b:45:82:
08:0e:90:89:47:22:65:37:d3:c6:4b:70:0a:6b:c2:
de:52:6f:15:f6:1b:2d:dc:4b:a0:d8:d2:12:00:a8:
2f:ec:69:da:8c:ae:95:97:ab:b9:e5:dd:f7:61:ba:
0d:1c:59:46:ef:30:c1:d9:69:5e:bc:b6:c0:cf:15:
84:a7:d2:9d:e0:b6:52:c4:a8:15:84:cc:54:25:a4:
26:01:16:78:fd:fd:63:cf:7a:fa:7a:a1:99:de:3b:
05:b4:dc:7f:f9:04:b1:8f:23:ff:dc:69:a5:af:42:
2d:3a:04:b0:48:b9:54:f1:eb:11:88:e9:08:07:d1:
b4:2d:0b:21:49:d4:cf:10:14:02:be:00:46:a7:ed:
21:df:13:33:0a:4b:35:d5:20:15:a3:3e:26:7e:7d:
51:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:10:DD:AF:0E:8B:B3:84:91:01:FE:E7:20:CF:5F:BE:02:01:61:2F
X509v3 Authority Key Identifier:
keyid:52:05:68:67:E4:D2:88:5E:99:B5:49:ED:6F:B7:86:33:0A:DF:8F:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UgVoZ-TSiF6ZtUntb7eGMwrfj0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b27d45-08cc-47a1-ac5a-5f4836083a30/1/0BDdrw6Ls4SRAf7nIM9fvgIBYS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b27d45-08cc-47a1-ac5a-5f4836083a30/1/UgVoZ-TSiF6ZtUntb7eGMwrfj0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.88.186.0/23
Signature Algorithm: sha256WithRSAEncryption
d6:c9:8e:be:e4:6e:31:a6:9e:63:ca:99:4d:8d:2b:4a:bb:e0:
1b:29:82:d1:d0:0e:ba:6b:7b:9e:f7:27:e4:33:8c:a2:f4:3b:
6e:54:18:19:0c:1c:dc:cb:b8:7d:85:46:b4:5a:f4:02:6a:40:
c3:49:e9:29:e5:49:ff:14:f2:85:2d:4c:21:9f:66:e9:4d:1c:
3f:21:57:30:bb:aa:1e:d6:2e:a6:96:85:c3:ef:ab:e5:a8:e4:
ee:7f:6c:11:40:61:11:1c:32:83:a2:02:67:ef:21:a5:35:e0:
47:13:0e:0d:cd:6c:5a:85:a7:9d:a4:40:21:5b:39:99:f4:11:
df:18:8c:62:d7:6e:1f:e2:e2:90:ed:be:93:7f:b3:78:23:dc:
f9:a1:e3:52:14:6f:b8:31:e6:8e:cf:2f:91:1e:b3:9b:c1:bd:
4f:79:13:ba:63:83:c7:16:2d:10:64:bd:c9:15:56:e0:cd:d1:
de:a8:90:de:b4:4a:72:c2:6b:8a:f1:39:cc:a0:a2:a8:e0:39:
ad:73:f2:69:c6:72:67:2b:8d:1c:d4:95:a4:92:23:fe:18:a8:
9d:ed:03:c2:73:b2:aa:16:37:a0:12:a9:73:e7:cc:b6:2f:b0:
10:bc:f9:59:4d:fe:ff:6b:c3:87:0e:b7:2f:fb:b3:63:24:6b:
59:ca:73:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJMxGWSpNir920KiVWUxDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMDU2ODY3ZTRkMjg4NWU5OWI1NDllZDZmYjc4NjMzMGFk
ZjhmNDQwHhcNMjQwMTAxMDgyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDEwZGRhZjBlOGJiMzg0OTEwMWZlZTcyMGNmNWZiZTAyMDE2MTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsW3bSxrgtbeIyyR9T+ESfLLn9jTl
E/y13SA++GcR8mJURm9dkI49qoKXEhogt4ixL45mNUB3WQPMHWjGzTEiT+N5gRX/
kazwX/foX1JnNnLamkO9nJwuiPg24LpBiHA89UA3Z+srRYIIDpCJRyJlN9PGS3AK
a8LeUm8V9hst3Eug2NISAKgv7GnajK6Vl6u55d33YboNHFlG7zDB2WlevLbAzxWE
p9Kd4LZSxKgVhMxUJaQmARZ4/f1jz3r6eqGZ3jsFtNx/+QSxjyP/3Gmlr0ItOgSw
SLlU8esRiOkIB9G0LQshSdTPEBQCvgBGp+0h3xMzCks11SAVoz4mfn1RwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNAQ3a8Oi7OEkQH+5yDPX74CAWEvMB8GA1UdIwQY
MBaAFFIFaGfk0ohembVJ7W+3hjMK349EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWdWb1otVFNpRjZadFVudGI3ZUdNd3JmajBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9iMjdkNDUtMDhjYy00N2ExLWFjNWEt
NWY0ODM2MDgzYTMwLzEvMEJEZHJ3NkxzNFNSQWY3bklNOWZ2Z0lCWVM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9iMjdkNDUtMDhjYy00N2ExLWFjNWEtNWY0ODM2MDgzYTMw
LzEvVWdWb1otVFNpRjZadFVudGI3ZUdNd3JmajBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw1i6MA0G
CSqGSIb3DQEBCwUAA4IBAQDWyY6+5G4xpp5jyplNjStKu+AbKYLR0A66a3ue9yfk
M4yi9DtuVBgZDBzcy7h9hUa0WvQCakDDSekp5Un/FPKFLUwhn2bpTRw/IVcwu6oe
1i6mloXD76vlqOTuf2wRQGERHDKDogJn7yGlNeBHEw4NzWxahaedpEAhWzmZ9BHf
GIxi124f4uKQ7b6Tf7N4I9z5oeNSFG+4MeaOzy+RHrObwb1PeRO6Y4PHFi0QZL3J
FVbgzdHeqJDetEpywmuK8TnMoKKo4Dmtc/JpxnJnK40c1JWkkiP+GKid7QPCc7Kq
FjegEqlz58y2L7AQvPlZTf7/a8OHDrcv+7NjJGtZynM7
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:35:55 2024 by rpki-client on console-ams.rpki-client.org