Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/fHwCt-TlVf83K-kCRpA3dmWLD34.roa
File: fHwCt-TlVf83K-kCRpA3dmWLD34.roa (raw, json)
Hash identifier: T2mNm5oydcBb0v82fzeOb+58gLjHLeCZZ6gNDvgoWGE=
Subject key identifier: 7C:7C:02:B7:E4:E5:55:FF:37:2B:E9:02:46:90:37:76:65:8B:0F:7E
Certificate issuer: /CN=4dd1b2587490ad061cb207176bdeec81a531588c
Certificate serial: 018CC86F1F3F7D5166161DFCEEBB271AA483
Authority key identifier: 4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/fHwCt-TlVf83K-kCRpA3dmWLD34.roa
Signing time: Tue 02 Jan 2024 04:29:34 +0000
ROA not before: Tue 02 Jan 2024 04:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8297
IP address blocks: 195.219.88.0/24 maxlen: 24
2a01:3e0:ff71::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:1f:3f:7d:51:66:16:1d:fc:ee:bb:27:1a:a4:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd1b2587490ad061cb207176bdeec81a531588c
Validity
Not Before: Jan 2 04:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c7c02b7e4e555ff372be90246903776658b0f7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4f:5c:3b:0d:a8:d9:29:97:8b:dd:46:a8:13:
bb:b2:c4:34:15:e0:fa:d4:87:0f:c2:e2:5b:32:ae:
21:37:99:bb:7d:f1:dd:59:a5:9b:b1:f2:b0:71:6c:
e7:ab:79:07:1f:7b:6e:e5:8c:fb:7a:a6:07:95:20:
fd:fa:81:5d:2b:17:63:02:9d:9f:27:56:17:ae:1e:
25:77:94:17:94:73:9f:79:3a:06:8e:a6:dd:0c:e1:
7a:2a:05:ed:a0:a6:39:9e:f0:c5:81:27:11:db:cf:
d7:8b:a9:1a:94:0a:74:e6:be:97:6a:01:ca:14:02:
de:f0:e2:5f:dc:81:46:82:d3:68:78:6a:91:35:8c:
15:8e:1e:8a:42:84:bf:8a:b2:59:a5:fe:82:12:8a:
52:a1:d2:e4:9b:7b:b1:82:92:72:69:9e:fd:77:15:
dc:7d:f0:de:f1:3b:79:75:61:3a:86:97:e3:1c:93:
1a:88:54:91:8e:32:f4:3c:65:81:9e:30:d2:72:94:
11:b0:0e:a4:71:0d:f5:24:86:7f:26:2b:e4:a1:86:
87:66:d9:b7:9c:d6:22:89:75:bd:0c:b6:39:f5:7c:
a3:7e:a8:e1:d6:a3:24:1e:42:61:59:ce:2d:44:fd:
a1:0b:c9:5d:9d:9c:58:8a:d4:57:5e:fc:05:c8:36:
aa:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:7C:02:B7:E4:E5:55:FF:37:2B:E9:02:46:90:37:76:65:8B:0F:7E
X509v3 Authority Key Identifier:
keyid:4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/fHwCt-TlVf83K-kCRpA3dmWLD34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.219.88.0/24
IPv6:
2a01:3e0:ff71::/48
Signature Algorithm: sha256WithRSAEncryption
d9:58:18:3f:a0:93:a6:fc:46:f1:88:a5:94:7b:32:4d:5a:11:
87:63:bb:53:1e:5e:10:4b:a6:47:34:63:c5:98:e0:d7:4a:42:
ef:81:e5:93:43:6e:3a:3f:b1:82:ac:3e:04:87:8d:ce:a4:56:
78:f6:18:9c:63:40:a6:73:9a:81:9c:c6:27:f4:cf:3b:98:81:
49:9c:53:ac:3e:a5:fb:17:18:37:1d:3e:0c:41:78:53:19:93:
cd:de:5a:76:6b:39:6f:88:c0:89:27:04:07:e7:7f:82:1f:55:
11:2e:5b:f9:cd:f2:c9:8a:77:fa:77:44:09:31:00:9d:64:48:
10:de:32:38:6f:80:91:ce:48:b9:2d:e6:78:11:dd:f1:8a:ca:
63:8e:fa:8d:c4:9f:e0:01:b5:0a:46:d4:f9:9c:1c:80:1a:c4:
77:f7:60:79:2a:ca:8e:01:97:d4:37:59:3a:e5:7a:18:02:0a:
10:1a:31:48:41:90:62:e4:3c:9b:d6:c6:37:e3:f1:61:40:d6:
31:93:2e:08:24:f5:0f:3e:90:74:1b:97:86:65:59:92:14:e9:
68:85:48:cf:e0:33:f7:97:36:22:da:33:59:ca:81:3b:6b:d0:
f6:06:45:4b:b4:0d:de:7f:df:03:e8:48:b1:61:60:ff:95:f8:
17:d1:8c:68
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIbx8/fVFmFh387rsnGqSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDFiMjU4NzQ5MGFkMDYxY2IyMDcxNzZiZGVlYzgxYTUz
MTU4OGMwHhcNMjQwMTAyMDQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzdjMDJiN2U0ZTU1NWZmMzcyYmU5MDI0NjkwMzc3NjY1OGIwZjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAok9cOw2o2SmXi91GqBO7ssQ0FeD6
1IcPwuJbMq4hN5m7ffHdWaWbsfKwcWznq3kHH3tu5Yz7eqYHlSD9+oFdKxdjAp2f
J1YXrh4ld5QXlHOfeToGjqbdDOF6KgXtoKY5nvDFgScR28/Xi6kalAp05r6XagHK
FALe8OJf3IFGgtNoeGqRNYwVjh6KQoS/irJZpf6CEopSodLkm3uxgpJyaZ79dxXc
ffDe8Tt5dWE6hpfjHJMaiFSRjjL0PGWBnjDScpQRsA6kcQ31JIZ/JivkoYaHZtm3
nNYiiXW9DLY59Xyjfqjh1qMkHkJhWc4tRP2hC8ldnZxYitRXXvwFyDaqnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHx8Arfk5VX/NyvpAkaQN3Zliw9+MB8GA1UdIwQY
MBaAFE3Rslh0kK0GHLIHF2ve7IGlMViMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUt
ZGI0NjNjNWZiMGI0LzEvZkh3Q3QtVGxWZjgzSy1rQ1JwQTNkbVdMRDM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUtZGI0NjNjNWZiMGI0
LzEvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw9tYMA8E
AgACMAkDBwAqAQPg/3EwDQYJKoZIhvcNAQELBQADggEBANlYGD+gk6b8RvGIpZR7
Mk1aEYdju1MeXhBLpkc0Y8WY4NdKQu+B5ZNDbjo/sYKsPgSHjc6kVnj2GJxjQKZz
moGcxif0zzuYgUmcU6w+pfsXGDcdPgxBeFMZk83eWnZrOW+IwIknBAfnf4IfVREu
W/nN8smKd/p3RAkxAJ1kSBDeMjhvgJHOSLkt5ngR3fGKymOO+o3En+ABtQpG1Pmc
HIAaxHf3YHkqyo4Bl9Q3WTrlehgCChAaMUhBkGLkPJvWxjfj8WFA1jGTLggk9Q8+
kHQbl4ZlWZIU6WiFSM/gM/eXNiLaM1nKgTtr0PYGRUu0Dd5/3wPoSLFhYP+V+BfR
jGg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:05:22 2024 by rpki-client on console-fra.rpki-client.org