Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/4LpcpGYrt6fVEGkSYSPiVQAEh2o.roa
File: 4LpcpGYrt6fVEGkSYSPiVQAEh2o.roa (raw, json)
Hash identifier: EQYBAvaLlThqGNht1ETCVYn/q8g5DYrLGGCVB17RAlc=
Subject key identifier: E0:BA:5C:A4:66:2B:B7:A7:D5:10:69:12:61:23:E2:55:00:04:87:6A
Certificate issuer: /CN=feb84d9f8f9e33156589a5ebf722203a899e0a51
Certificate serial: 018CC56E15F49A053001C145ED1064B73F57
Authority key identifier: FE:B8:4D:9F:8F:9E:33:15:65:89:A5:EB:F7:22:20:3A:89:9E:0A:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_rhNn4-eMxVliaXr9yIgOomeClE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/4LpcpGYrt6fVEGkSYSPiVQAEh2o.roa
Signing time: Mon 01 Jan 2024 14:29:35 +0000
ROA not before: Mon 01 Jan 2024 14:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206352
IP address blocks: 195.210.98.0/24 maxlen: 24
195.210.100.0/22 maxlen: 22
195.210.110.0/23 maxlen: 23
195.210.124.0/23 maxlen: 23
195.210.122.0/24 maxlen: 24
195.210.126.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/_rhNn4-eMxVliaXr9yIgOomeClE.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/_rhNn4-eMxVliaXr9yIgOomeClE.mft
rsync://rpki.ripe.net/repository/DEFAULT/_rhNn4-eMxVliaXr9yIgOomeClE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 08:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:15:f4:9a:05:30:01:c1:45:ed:10:64:b7:3f:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=feb84d9f8f9e33156589a5ebf722203a899e0a51
Validity
Not Before: Jan 1 14:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0ba5ca4662bb7a7d51069126123e2550004876a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b2:e4:84:93:8e:6e:e0:e5:82:5f:a0:b6:66:
50:f7:c0:0f:d1:f4:e9:c0:b6:a1:4c:2d:4e:0f:66:
2a:f5:b1:64:9e:19:49:33:2c:98:70:eb:70:27:c9:
8c:02:cd:f7:b7:a8:12:3f:7f:f1:5b:28:6e:f1:ba:
0c:de:59:20:e3:2a:79:53:a2:4d:3e:5b:e6:1b:18:
e5:a8:2b:9a:be:6e:90:2b:ea:12:ae:48:b2:38:4f:
25:d9:40:02:69:d8:4e:e2:9a:23:e7:87:db:e5:fd:
8f:95:58:fb:3f:3d:61:86:df:94:b4:9e:46:ec:ae:
05:e5:3a:86:be:c8:91:b0:fc:b0:11:c4:43:3c:91:
43:69:8c:28:69:51:cb:0d:4a:22:01:84:e0:00:df:
f3:46:b7:c8:5d:ac:5e:22:f1:10:8a:f1:7d:0d:c2:
b2:0d:54:33:d6:69:61:ba:a2:04:6a:d2:78:34:a9:
f2:9b:d3:68:3f:66:21:f9:72:8a:5e:62:4d:26:0c:
10:53:76:fa:6c:f1:33:57:86:b0:ed:6c:ef:7a:ed:
3f:eb:b4:d0:6a:d3:12:77:b7:48:59:09:dc:a6:e3:
c8:f3:30:c7:6e:94:1d:df:8a:7d:06:f2:b5:b3:39:
04:4f:ba:db:f6:07:b3:d8:01:84:da:6c:d7:b7:7b:
d7:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:BA:5C:A4:66:2B:B7:A7:D5:10:69:12:61:23:E2:55:00:04:87:6A
X509v3 Authority Key Identifier:
keyid:FE:B8:4D:9F:8F:9E:33:15:65:89:A5:EB:F7:22:20:3A:89:9E:0A:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_rhNn4-eMxVliaXr9yIgOomeClE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/4LpcpGYrt6fVEGkSYSPiVQAEh2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/_rhNn4-eMxVliaXr9yIgOomeClE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.210.98.0/24
195.210.100.0/22
195.210.110.0/23
195.210.122.0/24
195.210.124.0/22
Signature Algorithm: sha256WithRSAEncryption
45:f2:4f:53:b3:c4:2a:c7:cb:28:53:96:65:c7:50:70:f1:15:
e1:f8:33:22:f1:51:11:77:cc:46:c9:5c:a7:e1:d5:74:50:f3:
8c:95:d1:7e:cb:c8:eb:33:a2:c0:9a:f5:91:66:d7:41:63:57:
03:db:94:2f:a6:ff:8c:55:bd:1a:1b:91:ad:44:81:37:c6:86:
68:a3:09:b8:6b:cf:e4:6c:8a:86:57:1b:9b:db:ef:e0:dc:6b:
ce:c3:b5:6f:ca:4a:3a:58:fd:7d:40:45:cd:da:36:9c:31:cf:
d3:c2:56:94:15:83:fc:b7:ce:2f:bc:85:9c:46:1b:38:90:9f:
a5:94:25:ef:71:50:73:cc:9c:d2:e0:19:c6:77:51:56:37:0d:
7b:af:82:2f:34:33:5a:f1:72:43:ad:ee:e2:b0:ec:10:42:c5:
78:c7:00:fc:ae:5c:aa:7b:c8:d9:66:10:97:89:3a:98:c7:47:
ac:41:18:ed:72:c0:85:54:30:b1:99:c5:44:56:27:be:86:30:
0f:22:6c:c8:f3:23:18:3f:de:22:5e:cf:6a:c1:36:6b:08:09:
cd:b4:15:4f:7c:47:62:6a:c9:c3:2a:fe:5c:82:99:a8:e9:a9:
b1:37:62:67:c8:de:d5:19:91:2b:07:99:49:14:20:67:15:b1:
7e:f0:6f:07
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzFbhX0mgUwAcFF7RBktz9XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYjg0ZDlmOGY5ZTMzMTU2NTg5YTVlYmY3MjIyMDNhODk5
ZTBhNTEwHhcNMjQwMTAxMTQyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGJhNWNhNDY2MmJiN2E3ZDUxMDY5MTI2MTIzZTI1NTAwMDQ4NzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLLkhJOObuDlgl+gtmZQ98AP0fTp
wLahTC1OD2Yq9bFknhlJMyyYcOtwJ8mMAs33t6gSP3/xWyhu8boM3lkg4yp5U6JN
PlvmGxjlqCuavm6QK+oSrkiyOE8l2UACadhO4poj54fb5f2PlVj7Pz1hht+UtJ5G
7K4F5TqGvsiRsPywEcRDPJFDaYwoaVHLDUoiAYTgAN/zRrfIXaxeIvEQivF9DcKy
DVQz1mlhuqIEatJ4NKnym9NoP2Yh+XKKXmJNJgwQU3b6bPEzV4aw7Wzveu0/67TQ
atMSd7dIWQncpuPI8zDHbpQd34p9BvK1szkET7rb9gez2AGE2mzXt3vXrwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOC6XKRmK7en1RBpEmEj4lUABIdqMB8GA1UdIwQY
MBaAFP64TZ+PnjMVZYml6/ciIDqJngpRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3JoTm40LWVNeFZsaWFYcjl5SWdPb21lQ2xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82MTRlNWMtMjk5Yi00ZmQ0LWEwYmMt
YWYxY2MyMzE3ZTM5LzEvNExwY3BHWXJ0NmZWRUdrU1lTUGlWUUFFaDJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82MTRlNWMtMjk5Yi00ZmQ0LWEwYmMtYWYxY2MyMzE3ZTM5
LzEvX3JoTm40LWVNeFZsaWFYcjl5SWdPb21lQ2xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAw9JiAwQC
w9JkAwQBw9JuAwQAw9J6AwQCw9J8MA0GCSqGSIb3DQEBCwUAA4IBAQBF8k9Ts8Qq
x8soU5Zlx1Bw8RXh+DMi8VERd8xGyVyn4dV0UPOMldF+y8jrM6LAmvWRZtdBY1cD
25Qvpv+MVb0aG5GtRIE3xoZoowm4a8/kbIqGVxub2+/g3GvOw7Vvyko6WP19QEXN
2jacMc/TwlaUFYP8t84vvIWcRhs4kJ+llCXvcVBzzJzS4BnGd1FWNw17r4IvNDNa
8XJDre7isOwQQsV4xwD8rlyqe8jZZhCXiTqYx0esQRjtcsCFVDCxmcVEVie+hjAP
ImzI8yMYP94iXs9qwTZrCAnNtBVPfEdiasnDKv5cgpmo6amxN2JnyN7VGZErB5lJ
FCBnFbF+8G8H
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:41:53 2024 by rpki-client on console-fra.rpki-client.org