Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/b8bd3b-0026-4d56-bb25-6a5c9c0d91e9/1/Rdz2IeDR8FRdh_3nl3km5Lnv8js.roa
File: Rdz2IeDR8FRdh_3nl3km5Lnv8js.roa (raw, json)
Hash identifier: HJzZAlGXurpN/qQchiNfOe20MpWjwwZnoAEYG5je414=
Subject key identifier: 45:DC:F6:21:E0:D1:F0:54:5D:87:FD:E7:97:79:26:E4:B9:EF:F2:3B
Certificate issuer: /CN=283648aff886185ffce3626f090f119a3e4ede35
Certificate serial: 018CC26D6712B041D0A4BC369704C34FA767
Authority key identifier: 28:36:48:AF:F8:86:18:5F:FC:E3:62:6F:09:0F:11:9A:3E:4E:DE:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KDZIr_iGGF_842JvCQ8Rmj5O3jU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/b8bd3b-0026-4d56-bb25-6a5c9c0d91e9/1/Rdz2IeDR8FRdh_3nl3km5Lnv8js.roa
Signing time: Mon 01 Jan 2024 00:29:58 +0000
ROA not before: Mon 01 Jan 2024 00:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25365
IP address blocks: 195.190.136.0/24 maxlen: 24
2001:67c:2f24::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/b8bd3b-0026-4d56-bb25-6a5c9c0d91e9/1/KDZIr_iGGF_842JvCQ8Rmj5O3jU.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/b8bd3b-0026-4d56-bb25-6a5c9c0d91e9/1/KDZIr_iGGF_842JvCQ8Rmj5O3jU.mft
rsync://rpki.ripe.net/repository/DEFAULT/KDZIr_iGGF_842JvCQ8Rmj5O3jU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:67:12:b0:41:d0:a4:bc:36:97:04:c3:4f:a7:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=283648aff886185ffce3626f090f119a3e4ede35
Validity
Not Before: Jan 1 00:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45dcf621e0d1f0545d87fde7977926e4b9eff23b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b4:3a:37:86:01:b4:2c:fd:f6:74:8b:b1:99:
ab:7a:11:44:0f:6e:9f:99:79:8c:e1:4f:db:10:d5:
c5:fd:5c:86:e0:91:ca:58:ed:16:28:5f:13:f0:47:
4f:78:c8:e4:8f:63:d6:6e:95:88:60:ac:3b:81:d5:
bf:aa:a8:bd:dc:4a:60:5b:b4:09:5e:1c:bc:55:a4:
5d:db:8a:6d:64:88:61:20:c4:46:10:51:ea:4c:ed:
6d:3f:a1:b5:ce:70:0a:a3:f2:31:64:bc:fb:36:82:
d7:d0:9b:11:a5:02:14:94:e6:2b:da:6b:31:b9:b8:
bf:15:b2:53:9e:2f:05:e8:21:df:9a:58:7a:57:3e:
34:d2:fb:ce:8b:84:a1:66:d1:9e:c4:e3:cc:26:f4:
d3:c8:09:22:d4:b3:0d:fa:9c:f8:e5:10:d8:84:2b:
5a:0d:75:24:db:33:6c:8b:e0:83:31:c1:6f:47:18:
ee:4c:83:21:5d:ed:93:da:cd:b0:0b:4b:ba:e0:2c:
2b:4c:11:05:36:da:33:56:97:68:5b:8b:e3:9f:95:
b4:b6:75:08:08:e3:5d:d9:0f:13:b7:0b:6c:6e:65:
12:14:0f:a9:62:8d:be:ac:df:ac:c6:d8:f3:ed:d9:
f1:c6:34:04:ac:14:55:8d:1d:fe:31:cf:17:2c:1d:
b2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:DC:F6:21:E0:D1:F0:54:5D:87:FD:E7:97:79:26:E4:B9:EF:F2:3B
X509v3 Authority Key Identifier:
keyid:28:36:48:AF:F8:86:18:5F:FC:E3:62:6F:09:0F:11:9A:3E:4E:DE:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KDZIr_iGGF_842JvCQ8Rmj5O3jU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b8bd3b-0026-4d56-bb25-6a5c9c0d91e9/1/Rdz2IeDR8FRdh_3nl3km5Lnv8js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b8bd3b-0026-4d56-bb25-6a5c9c0d91e9/1/KDZIr_iGGF_842JvCQ8Rmj5O3jU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.190.136.0/24
IPv6:
2001:67c:2f24::/48
Signature Algorithm: sha256WithRSAEncryption
17:f6:36:e0:fc:68:1a:85:b3:e4:df:4f:14:1c:b5:fa:01:91:
7e:69:5d:49:f3:fd:df:38:d6:1b:82:d2:fb:c2:55:f5:36:db:
12:64:97:5a:2e:c4:4b:62:e8:20:05:93:82:db:98:83:67:71:
aa:5b:ec:4e:ff:62:a9:bb:8f:c6:52:5c:8c:03:7e:32:1c:f4:
4a:2a:de:c4:c2:4f:01:3f:ca:69:f0:fe:b5:38:56:a3:4f:8d:
28:ce:85:96:27:c2:75:74:7c:99:43:17:70:ad:48:15:c2:6d:
42:7a:5e:df:d8:df:85:09:3b:ed:e9:f2:80:ca:36:93:b2:bf:
2a:0e:5f:b1:12:04:f1:81:ac:89:b3:d4:2a:b5:fc:bf:c7:73:
00:06:44:6f:6a:ed:32:16:74:73:4d:58:74:82:92:5b:78:37:
c1:7c:f4:33:7d:6f:7b:41:a9:69:54:55:b0:62:5f:8e:01:97:
bc:25:6f:23:38:71:7d:e9:df:ee:93:d3:87:9e:7a:9d:87:e0:
97:09:64:34:17:b4:2e:1d:86:37:cb:3c:c6:74:f5:57:2d:40:
35:c3:43:0a:0f:cc:5f:c7:05:43:b1:e5:8e:39:0a:36:31:15:
3e:0b:94:17:5d:ff:07:fb:f3:e1:71:da:ee:75:46:03:39:59:
3f:bf:6e:e0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCbWcSsEHQpLw2lwTDT6dnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MzY0OGFmZjg4NjE4NWZmY2UzNjI2ZjA5MGYxMTlhM2U0
ZWRlMzUwHhcNMjQwMTAxMDAyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWRjZjYyMWUwZDFmMDU0NWQ4N2ZkZTc5Nzc5MjZlNGI5ZWZmMjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLQ6N4YBtCz99nSLsZmrehFED26f
mXmM4U/bENXF/VyG4JHKWO0WKF8T8EdPeMjkj2PWbpWIYKw7gdW/qqi93EpgW7QJ
Xhy8VaRd24ptZIhhIMRGEFHqTO1tP6G1znAKo/IxZLz7NoLX0JsRpQIUlOYr2msx
ubi/FbJTni8F6CHfmlh6Vz400vvOi4ShZtGexOPMJvTTyAki1LMN+pz45RDYhCta
DXUk2zNsi+CDMcFvRxjuTIMhXe2T2s2wC0u64CwrTBEFNtozVpdoW4vjn5W0tnUI
CONd2Q8TtwtsbmUSFA+pYo2+rN+sxtjz7dnxxjQErBRVjR3+Mc8XLB2ySwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEXc9iHg0fBUXYf955d5JuS57/I7MB8GA1UdIwQY
MBaAFCg2SK/4hhhf/ONibwkPEZo+Tt41MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0RaSXJfaUdHRl84NDJKdkNROFJtajVPM2pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9iOGJkM2ItMDAyNi00ZDU2LWJiMjUt
NmE1YzljMGQ5MWU5LzEvUmR6MkllRFI4RlJkaF8zbmwza201TG52OGpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9iOGJkM2ItMDAyNi00ZDU2LWJiMjUtNmE1YzljMGQ5MWU5
LzEvS0RaSXJfaUdHRl84NDJKdkNROFJtajVPM2pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw76IMA8E
AgACMAkDBwAgAQZ8LyQwDQYJKoZIhvcNAQELBQADggEBABf2NuD8aBqFs+TfTxQc
tfoBkX5pXUnz/d841huC0vvCVfU22xJkl1ouxEti6CAFk4LbmINncapb7E7/Yqm7
j8ZSXIwDfjIc9Eoq3sTCTwE/ymnw/rU4VqNPjSjOhZYnwnV0fJlDF3CtSBXCbUJ6
Xt/Y34UJO+3p8oDKNpOyvyoOX7ESBPGBrImz1Cq1/L/HcwAGRG9q7TIWdHNNWHSC
klt4N8F89DN9b3tBqWlUVbBiX44Bl7wlbyM4cX3p3+6T04eeep2H4JcJZDQXtC4d
hjfLPMZ09VctQDXDQwoPzF/HBUOx5Y45CjYxFT4LlBdd/wf78+Fx2u51RgM5WT+/
buA=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:38:04 2024 by rpki-client on console-fra.rpki-client.org