Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/f53da4-02e8-48f4-80b3-3a1595fc86ef/1/n4MwGtztoVDatiBkB_Vhs206CdI.roa
File: n4MwGtztoVDatiBkB_Vhs206CdI.roa (raw, json)
Hash identifier: LUYQxNvcTqubF002CqmWfwoXjEzxxdTGccJ7vPTkyQw=
Subject key identifier: 9F:83:30:1A:DC:ED:A1:50:DA:B6:20:64:07:F5:61:B3:6D:3A:09:D2
Certificate issuer: /CN=28ab22fb2da473c5426bfcc1f880861004017087
Certificate serial: 018CC79571570AE0D1356B7E28A95296C9D3
Authority key identifier: 28:AB:22:FB:2D:A4:73:C5:42:6B:FC:C1:F8:80:86:10:04:01:70:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KKsi-y2kc8VCa_zB-ICGEAQBcIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/f53da4-02e8-48f4-80b3-3a1595fc86ef/1/n4MwGtztoVDatiBkB_Vhs206CdI.roa
Signing time: Tue 02 Jan 2024 00:31:48 +0000
ROA not before: Tue 02 Jan 2024 00:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 195.85.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/f53da4-02e8-48f4-80b3-3a1595fc86ef/1/KKsi-y2kc8VCa_zB-ICGEAQBcIc.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/f53da4-02e8-48f4-80b3-3a1595fc86ef/1/KKsi-y2kc8VCa_zB-ICGEAQBcIc.mft
rsync://rpki.ripe.net/repository/DEFAULT/KKsi-y2kc8VCa_zB-ICGEAQBcIc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:71:57:0a:e0:d1:35:6b:7e:28:a9:52:96:c9:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28ab22fb2da473c5426bfcc1f880861004017087
Validity
Not Before: Jan 2 00:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f83301adceda150dab6206407f561b36d3a09d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:74:a2:75:86:33:62:15:b6:67:7e:96:e1:32:
4f:69:73:e5:f4:66:7f:d6:91:77:ad:f1:99:2a:78:
62:dd:89:bd:29:07:25:d6:3d:e4:10:5c:71:2b:34:
be:86:72:ce:72:15:cc:a9:ad:60:07:df:6a:44:d9:
aa:f0:66:75:ea:0b:4b:58:09:7f:2c:9e:e1:b9:86:
a9:69:10:a8:94:bd:14:ac:72:d5:a6:ab:6d:43:fa:
cb:aa:96:c6:64:ca:34:30:28:57:79:45:3c:d3:5a:
19:e6:a3:a8:68:c1:0a:f6:90:a8:08:b9:6c:62:64:
7f:c9:63:4c:5f:98:85:20:40:8b:13:58:ce:1f:d9:
7e:05:c8:4c:f7:9f:e5:9a:4e:c6:8a:b7:d6:3a:6f:
77:b0:8e:18:73:96:b6:5c:f3:15:ee:ab:17:15:f1:
54:bf:d0:b5:c3:7d:8e:35:87:f9:5f:93:70:5a:4e:
96:3e:e8:d2:b9:5d:da:44:ee:fc:3d:1a:2e:1d:35:
65:81:04:2b:44:bc:11:30:09:25:49:14:73:db:fd:
b4:bc:6d:f1:d3:75:ac:1f:62:49:5c:ed:40:45:3d:
d6:fe:0e:65:6f:68:a8:2b:88:63:c2:37:c3:4a:96:
9a:bc:0c:83:71:df:f4:02:a0:d4:02:6f:41:85:b2:
4c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:83:30:1A:DC:ED:A1:50:DA:B6:20:64:07:F5:61:B3:6D:3A:09:D2
X509v3 Authority Key Identifier:
keyid:28:AB:22:FB:2D:A4:73:C5:42:6B:FC:C1:F8:80:86:10:04:01:70:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KKsi-y2kc8VCa_zB-ICGEAQBcIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f53da4-02e8-48f4-80b3-3a1595fc86ef/1/n4MwGtztoVDatiBkB_Vhs206CdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f53da4-02e8-48f4-80b3-3a1595fc86ef/1/KKsi-y2kc8VCa_zB-ICGEAQBcIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.85.12.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:71:79:cb:21:13:01:bc:68:ef:1f:da:ef:3f:96:5f:e6:94:
72:b4:66:e4:67:14:97:27:35:22:4f:9e:1e:80:62:7f:5a:64:
74:39:78:8e:ef:f2:a8:0a:99:12:10:44:57:be:35:0f:7d:ad:
c0:ff:5c:78:81:3c:a9:92:f8:ea:83:2c:04:eb:b8:da:64:a1:
6a:63:ec:4f:69:ea:c5:5b:99:ee:61:55:5b:9d:89:d7:bf:7b:
bc:e7:29:b9:e3:91:63:0a:d4:89:0f:b0:ac:40:d5:4d:b0:49:
92:3b:ce:cb:25:53:cd:87:66:97:66:f1:0d:cd:97:ff:d3:10:
04:2a:cf:a6:ee:7f:46:1f:4a:cc:75:72:0e:98:bf:ed:e8:f8:
c0:5b:b3:c1:02:c9:b8:c2:19:96:1b:27:e8:42:ae:24:fd:75:
40:58:d8:bf:27:fc:52:22:b8:94:68:92:ba:f8:e4:78:28:02:
73:1e:cc:bd:47:04:8c:c9:7c:81:70:dc:e7:e4:4c:a0:1c:93:
28:7a:b1:e7:83:58:61:2c:07:b3:2e:7b:19:ee:9c:3d:34:6a:
9a:d6:e9:e7:d2:0f:db:f1:dc:c9:44:41:3a:7c:01:ae:f6:bb:
91:6f:ca:47:2c:0b:37:89:01:44:14:69:4e:05:da:cd:c1:a3:
7c:3d:50:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlXFXCuDRNWt+KKlSlsnTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YWIyMmZiMmRhNDczYzU0MjZiZmNjMWY4ODA4NjEwMDQw
MTcwODcwHhcNMjQwMTAyMDAzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjgzMzAxYWRjZWRhMTUwZGFiNjIwNjQwN2Y1NjFiMzZkM2EwOWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHSidYYzYhW2Z36W4TJPaXPl9GZ/
1pF3rfGZKnhi3Ym9KQcl1j3kEFxxKzS+hnLOchXMqa1gB99qRNmq8GZ16gtLWAl/
LJ7huYapaRColL0UrHLVpqttQ/rLqpbGZMo0MChXeUU801oZ5qOoaMEK9pCoCLls
YmR/yWNMX5iFIECLE1jOH9l+BchM95/lmk7GirfWOm93sI4Yc5a2XPMV7qsXFfFU
v9C1w32ONYf5X5NwWk6WPujSuV3aRO78PRouHTVlgQQrRLwRMAklSRRz2/20vG3x
03WsH2JJXO1ART3W/g5lb2ioK4hjwjfDSpaavAyDcd/0AqDUAm9BhbJMowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ+DMBrc7aFQ2rYgZAf1YbNtOgnSMB8GA1UdIwQY
MBaAFCirIvstpHPFQmv8wfiAhhAEAXCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0tzaS15MmtjOFZDYV96Qi1JQ0dFQVFCY0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mNTNkYTQtMDJlOC00OGY0LTgwYjMt
M2ExNTk1ZmM4NmVmLzEvbjRNd0d0enRvVkRhdGlCa0JfVmhzMjA2Q2RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9mNTNkYTQtMDJlOC00OGY0LTgwYjMtM2ExNTk1ZmM4NmVm
LzEvS0tzaS15MmtjOFZDYV96Qi1JQ0dFQVFCY0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1UMMA0G
CSqGSIb3DQEBCwUAA4IBAQBvcXnLIRMBvGjvH9rvP5Zf5pRytGbkZxSXJzUiT54e
gGJ/WmR0OXiO7/KoCpkSEERXvjUPfa3A/1x4gTypkvjqgywE67jaZKFqY+xPaerF
W5nuYVVbnYnXv3u85ym545FjCtSJD7CsQNVNsEmSO87LJVPNh2aXZvENzZf/0xAE
Ks+m7n9GH0rMdXIOmL/t6PjAW7PBAsm4whmWGyfoQq4k/XVAWNi/J/xSIriUaJK6
+OR4KAJzHsy9RwSMyXyBcNzn5EygHJMoerHng1hhLAezLnsZ7pw9NGqa1unn0g/b
8dzJREE6fAGu9ruRb8pHLAs3iQFEFGlOBdrNwaN8PVA2
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:20:14 2024 by rpki-client on console-fra.rpki-client.org