Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/v84WM5wcLHYYikGtwE7_oXoTatw.roa
File: v84WM5wcLHYYikGtwE7_oXoTatw.roa (raw, json)
Hash identifier: Q5kH3pDX+h3B45cYrAvKIdE3T5P++9UuzdCFSbFnX4A=
Subject key identifier: BF:CE:16:33:9C:1C:2C:76:18:8A:41:AD:C0:4E:FF:A1:7A:13:6A:DC
Certificate issuer: /CN=d248185956e443b55b062200f964537bc10bc130
Certificate serial: 019399AEAA60A235DBA10635107FC89FF202
Authority key identifier: D2:48:18:59:56:E4:43:B5:5B:06:22:00:F9:64:53:7B:C1:0B:C1:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/v84WM5wcLHYYikGtwE7_oXoTatw.roa
Signing time: Fri 06 Dec 2024 01:56:21 +0000
ROA not before: Fri 06 Dec 2024 01:56:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207788
IP address blocks: 195.43.159.0/24 maxlen: 24
195.47.210.0/24 maxlen: 24
195.47.212.0/24 maxlen: 24
195.47.216.0/24 maxlen: 24
2a0f:b6c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:99:ae:aa:60:a2:35:db:a1:06:35:10:7f:c8:9f:f2:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d248185956e443b55b062200f964537bc10bc130
Validity
Not Before: Dec 6 01:56:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfce16339c1c2c76188a41adc04effa17a136adc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c0:32:ee:e7:01:f2:2a:be:0c:3a:b1:a4:ff:
a8:03:82:8f:3c:42:cd:c7:6c:c7:92:22:ba:2e:e9:
6b:bd:8e:dc:3e:be:56:b1:5a:f5:8c:a5:88:3f:ba:
5c:08:20:d4:d0:f9:3f:48:15:14:50:e5:2f:b6:7c:
5e:23:77:7d:8f:a4:fb:e4:29:af:e6:1f:ec:4d:b9:
54:a8:b0:b2:fe:fe:5e:44:22:49:95:13:b6:af:bb:
8e:14:99:ea:db:e0:1e:17:53:3b:81:a8:c7:f4:57:
fe:04:e4:17:43:9f:f4:01:77:b1:60:e3:8f:e8:3b:
21:55:8f:0d:e5:62:21:00:92:1d:08:15:ab:1d:cd:
fd:1e:4c:cf:00:4f:e4:5a:87:5f:b3:6d:22:5c:87:
18:f9:2d:e7:57:e9:2a:37:1a:c3:1c:b0:fe:2a:71:
ad:f4:f0:b1:41:3e:57:b1:04:4b:b2:c3:dc:54:9f:
ee:75:df:f0:ae:81:1d:e6:1e:a8:cf:f7:21:a8:31:
e6:56:2b:20:46:4d:9d:58:55:48:fc:1a:b9:54:5e:
14:54:3b:8f:de:34:32:f9:14:4a:7b:9b:39:65:60:
74:7f:9d:44:5e:a8:cf:8f:cc:6a:42:04:0c:b6:f4:
a6:c1:87:37:33:f0:b6:83:d2:c5:1c:88:c2:99:87:
29:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:CE:16:33:9C:1C:2C:76:18:8A:41:AD:C0:4E:FF:A1:7A:13:6A:DC
X509v3 Authority Key Identifier:
keyid:D2:48:18:59:56:E4:43:B5:5B:06:22:00:F9:64:53:7B:C1:0B:C1:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/v84WM5wcLHYYikGtwE7_oXoTatw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.159.0/24
195.47.210.0/24
195.47.212.0/24
195.47.216.0/24
IPv6:
2a0f:b6c0::/29
Signature Algorithm: sha256WithRSAEncryption
0d:90:4b:bc:51:3d:0a:a1:d4:b2:66:d0:ff:ad:38:9b:8f:1c:
17:9d:7d:09:42:97:38:bd:12:4f:a1:95:6c:79:df:82:1b:f3:
dc:ab:55:aa:eb:9d:4b:5d:e5:ac:6d:b5:6d:a3:5b:50:51:84:
66:b8:b0:57:19:dc:4a:6a:44:87:99:08:86:da:11:60:79:15:
c0:9d:87:1c:a2:ab:3a:3d:99:e3:2f:ef:4c:f3:68:e8:ff:8a:
47:5b:66:90:7d:5e:70:fa:b8:91:f9:35:3b:ad:a4:ca:47:df:
ea:6d:24:c8:af:e2:3b:72:6b:3f:27:e8:45:9d:13:24:14:69:
8f:cf:1c:de:cf:11:2f:5b:c3:c9:75:8d:e9:be:85:e0:bc:f6:
5b:e4:19:0b:6d:c9:c1:ab:4d:5b:f9:5d:73:14:fc:b3:00:bb:
24:25:1f:85:42:c5:39:d0:be:b5:a1:03:83:65:a2:4a:93:8f:
48:5d:55:b0:27:10:3b:58:9f:52:b7:02:36:b4:60:0e:24:07:
49:fd:d9:78:09:5c:5e:9a:08:71:e4:8c:0f:a4:e1:d4:c8:a9:
65:0e:40:9b:72:cd:aa:8f:71:fd:7a:8e:d1:09:d5:d2:d5:ff:
ca:2b:dd:2d:bd:73:35:45:91:49:83:91:88:0a:31:51:74:71:
09:84:c5:01
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZOZrqpgojXboQY1EH/In/ICMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNDgxODU5NTZlNDQzYjU1YjA2MjIwMGY5NjQ1MzdiYzEw
YmMxMzAwHhcNMjQxMjA2MDE1NjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmNlMTYzMzljMWMyYzc2MTg4YTQxYWRjMDRlZmZhMTdhMTM2YWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2MAy7ucB8iq+DDqxpP+oA4KPPELN
x2zHkiK6LulrvY7cPr5WsVr1jKWIP7pcCCDU0Pk/SBUUUOUvtnxeI3d9j6T75Cmv
5h/sTblUqLCy/v5eRCJJlRO2r7uOFJnq2+AeF1M7gajH9Ff+BOQXQ5/0AXexYOOP
6DshVY8N5WIhAJIdCBWrHc39HkzPAE/kWodfs20iXIcY+S3nV+kqNxrDHLD+KnGt
9PCxQT5XsQRLssPcVJ/udd/wroEd5h6oz/chqDHmVisgRk2dWFVI/Bq5VF4UVDuP
3jQy+RRKe5s5ZWB0f51EXqjPj8xqQgQMtvSmwYc3M/C2g9LFHIjCmYcpkwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFL/OFjOcHCx2GIpBrcBO/6F6E2rcMB8GA1UdIwQY
MBaAFNJIGFlW5EO1WwYiAPlkU3vBC8EwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZTg3NWEtMDU3Ni00YTE1LWJlMjMt
YWVhMDU0Y2Y0M2JiLzEvdjg0V001d2NMSFlZaWtHdHdFN19vWG9UYXR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZTg3NWEtMDU3Ni00YTE1LWJlMjMtYWVhMDU0Y2Y0M2Ji
LzEvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwyufAwQA
wy/SAwQAwy/UAwQAwy/YMA0EAgACMAcDBQMqD7bAMA0GCSqGSIb3DQEBCwUAA4IB
AQANkEu8UT0KodSyZtD/rTibjxwXnX0JQpc4vRJPoZVsed+CG/Pcq1Wq651LXeWs
bbVto1tQUYRmuLBXGdxKakSHmQiG2hFgeRXAnYccoqs6PZnjL+9M82jo/4pHW2aQ
fV5w+riR+TU7raTKR9/qbSTIr+I7cms/J+hFnRMkFGmPzxzezxEvW8PJdY3pvoXg
vPZb5BkLbcnBq01b+V1zFPyzALskJR+FQsU50L61oQODZaJKk49IXVWwJxA7WJ9S
twI2tGAOJAdJ/dl4CVxemghx5IwPpOHUyKllDkCbcs2qj3H9eo7RCdXS1f/KK90t
vXM1RZFJg5GICjFRdHEJhMUB
-----END CERTIFICATE-----
Generated at Fri Dec 27 20:34:44 2024 by rpki-client on console-fra.rpki-client.org