Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/h64eKlU_smUiE8JDC90BvItpl88.roa
File: h64eKlU_smUiE8JDC90BvItpl88.roa (raw, json)
Hash identifier: Xws+3ArN0UfAvAky9dn6PWTNADGfMHvsQ8vJE3oQQ3M=
Subject key identifier: 87:AE:1E:2A:55:3F:B2:65:22:13:C2:43:0B:DD:01:BC:8B:69:97:CF
Certificate issuer: /CN=9770bf2375d59ba81a9955c07a2f0a23264b61a8
Certificate serial: 018CC94D59B882BED360CE4B30B5411A9AAA
Authority key identifier: 97:70:BF:23:75:D5:9B:A8:1A:99:55:C0:7A:2F:0A:23:26:4B:61:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l3C_I3XVm6gamVXAei8KIyZLYag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/h64eKlU_smUiE8JDC90BvItpl88.roa
Signing time: Tue 02 Jan 2024 08:32:18 +0000
ROA not before: Tue 02 Jan 2024 08:32:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41040
IP address blocks: 195.189.95.0/24 maxlen: 24
195.189.94.0/24 maxlen: 24
195.189.93.0/24 maxlen: 24
195.189.92.0/24 maxlen: 24
194.127.180.0/24 maxlen: 24
2001:67c:2da8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/l3C_I3XVm6gamVXAei8KIyZLYag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/l3C_I3XVm6gamVXAei8KIyZLYag.mft
rsync://rpki.ripe.net/repository/DEFAULT/l3C_I3XVm6gamVXAei8KIyZLYag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:59:b8:82:be:d3:60:ce:4b:30:b5:41:1a:9a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9770bf2375d59ba81a9955c07a2f0a23264b61a8
Validity
Not Before: Jan 2 08:32:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87ae1e2a553fb2652213c2430bdd01bc8b6997cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:78:2c:09:49:da:53:03:96:63:39:a4:a9:75:
c4:a4:d4:19:69:0f:22:58:79:6c:71:9c:ed:37:57:
23:5f:a6:62:46:48:fe:23:1a:cc:c0:39:3b:af:b7:
26:8d:8e:d6:bb:5c:fa:dd:2a:9b:6b:56:b8:a3:26:
5d:7f:05:af:bb:65:ca:86:37:2e:9f:40:64:b5:7b:
ea:c6:42:e3:bf:8f:77:0f:56:30:16:f8:9d:2f:08:
92:bf:15:aa:42:fb:1d:37:d4:17:2f:1d:90:c8:64:
07:a6:d4:ce:2e:59:61:7d:a5:10:ff:6b:a5:54:82:
2c:66:d4:00:d1:f8:bd:e3:98:91:19:a0:bf:d4:43:
31:2c:07:85:08:1c:5d:64:72:b1:26:9a:7e:e4:2a:
00:bd:bd:17:52:9a:88:67:44:07:55:4c:68:1a:17:
fe:33:5c:2b:61:47:d4:08:de:9b:a3:cf:96:24:c8:
21:bb:25:29:2e:c3:53:c0:27:2a:f5:21:5b:e4:3b:
bb:3b:d0:02:96:7a:ff:54:51:53:1a:02:7d:32:02:
4d:ae:4b:4f:9a:96:9c:fb:9c:dc:36:ba:a7:83:6a:
aa:aa:d1:20:44:fd:cb:8c:11:3f:d6:34:13:8d:51:
ad:08:43:3f:3e:1e:e5:e8:92:ce:61:09:61:1f:f9:
ec:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:AE:1E:2A:55:3F:B2:65:22:13:C2:43:0B:DD:01:BC:8B:69:97:CF
X509v3 Authority Key Identifier:
keyid:97:70:BF:23:75:D5:9B:A8:1A:99:55:C0:7A:2F:0A:23:26:4B:61:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l3C_I3XVm6gamVXAei8KIyZLYag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/h64eKlU_smUiE8JDC90BvItpl88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/l3C_I3XVm6gamVXAei8KIyZLYag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.127.180.0/24
195.189.92.0/22
IPv6:
2001:67c:2da8::/48
Signature Algorithm: sha256WithRSAEncryption
54:32:9d:eb:f3:f8:0c:fb:d0:41:03:21:68:f4:a2:8d:7d:a9:
ff:3e:bc:5f:0d:7e:2b:59:b4:14:ce:6f:59:82:b5:c2:23:33:
7d:a5:f6:9a:b2:af:5a:cb:d0:e4:5f:4f:bb:53:ac:b5:f6:bc:
ef:ef:0d:b8:77:2f:e1:86:11:9e:e5:be:34:45:7b:71:47:32:
73:b7:84:a4:f4:4e:c4:22:cc:06:39:90:85:f8:7f:ad:eb:f0:
23:2e:ad:d6:ef:09:b8:91:15:61:3f:80:98:c2:ed:1e:08:00:
e7:01:11:0e:e5:f5:54:f9:09:b9:53:89:c7:99:db:8e:17:3f:
06:cb:a3:d2:82:6e:16:ba:a3:c2:de:62:16:98:dd:d8:a5:64:
b9:d4:16:11:f5:6e:cb:13:4b:93:35:d3:1b:08:0b:65:73:c8:
1a:27:18:d7:ec:c6:40:de:6f:9c:ea:ec:42:23:c6:64:b1:2a:
46:e9:e6:f2:7c:f0:53:ce:35:8f:07:ba:50:72:74:ca:da:52:
9b:37:e9:3a:d0:0e:64:5a:47:0b:b4:72:42:c4:9c:39:79:1a:
79:96:04:a6:86:7e:46:7a:5a:c1:b9:b7:e5:81:a2:48:c4:44:
c3:e1:29:c0:58:d9:d7:b2:43:be:7e:64:05:5c:30:b7:55:b1:
fa:a1:e7:55
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzJTVm4gr7TYM5LMLVBGpqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NzBiZjIzNzVkNTliYTgxYTk5NTVjMDdhMmYwYTIzMjY0
YjYxYTgwHhcNMjQwMTAyMDgzMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2FlMWUyYTU1M2ZiMjY1MjIxM2MyNDMwYmRkMDFiYzhiNjk5N2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzngsCUnaUwOWYzmkqXXEpNQZaQ8i
WHlscZztN1cjX6ZiRkj+IxrMwDk7r7cmjY7Wu1z63Sqba1a4oyZdfwWvu2XKhjcu
n0BktXvqxkLjv493D1YwFvidLwiSvxWqQvsdN9QXLx2QyGQHptTOLllhfaUQ/2ul
VIIsZtQA0fi945iRGaC/1EMxLAeFCBxdZHKxJpp+5CoAvb0XUpqIZ0QHVUxoGhf+
M1wrYUfUCN6bo8+WJMghuyUpLsNTwCcq9SFb5Du7O9AClnr/VFFTGgJ9MgJNrktP
mpac+5zcNrqng2qqqtEgRP3LjBE/1jQTjVGtCEM/Ph7l6JLOYQlhH/nsYQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIeuHipVP7JlIhPCQwvdAbyLaZfPMB8GA1UdIwQY
MBaAFJdwvyN11ZuoGplVwHovCiMmS2GoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDNDX0kzWFZtNmdhbVZYQWVpOEtJeVpMWWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9iZWVmMmYtZWM1YS00OWZmLTk3NWIt
OGQzNGY1NTc4MjJhLzEvaDY0ZUtsVV9zbVVpRThKREM5MEJ2SXRwbDg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9iZWVmMmYtZWM1YS00OWZmLTk3NWItOGQzNGY1NTc4MjJh
LzEvbDNDX0kzWFZtNmdhbVZYQWVpOEtJeVpMWWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwn+0AwQC
w71cMA8EAgACMAkDBwAgAQZ8LagwDQYJKoZIhvcNAQELBQADggEBAFQynevz+Az7
0EEDIWj0oo19qf8+vF8NfitZtBTOb1mCtcIjM32l9pqyr1rL0ORfT7tTrLX2vO/v
Dbh3L+GGEZ7lvjRFe3FHMnO3hKT0TsQizAY5kIX4f63r8CMurdbvCbiRFWE/gJjC
7R4IAOcBEQ7l9VT5CblTiceZ244XPwbLo9KCbha6o8LeYhaY3dilZLnUFhH1bssT
S5M10xsIC2VzyBonGNfsxkDeb5zq7EIjxmSxKkbp5vJ88FPONY8HulBydMraUps3
6TrQDmRaRwu0ckLEnDl5GnmWBKaGfkZ6WsG5t+WBokjERMPhKcBY2deyQ75+ZAVc
MLdVsfqh51U=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:38:48 2024 by rpki-client on console-fra.rpki-client.org