Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e8be0e-a80d-4a4f-b52f-dff1cffb7b18/1/lZ-WuWuUhvUxfk35aL63Y75tHoM.roa
File: lZ-WuWuUhvUxfk35aL63Y75tHoM.roa (raw, json)
Hash identifier: 4W7gJSNr8tuPtomK7seknN5LAVfvfa9SxYx+Niql6TI=
Subject key identifier: 95:9F:96:B9:6B:94:86:F5:31:7E:4D:F9:68:BE:B7:63:BE:6D:1E:83
Certificate issuer: /CN=ba6d46b76bfd6d42bbd575e2f26fce136b9b6a6d
Certificate serial: 018CC4929F3B1AE609D529D6FAFBF1365ACF
Authority key identifier: BA:6D:46:B7:6B:FD:6D:42:BB:D5:75:E2:F2:6F:CE:13:6B:9B:6A:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um1Gt2v9bUK71XXi8m_OE2ubam0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e8be0e-a80d-4a4f-b52f-dff1cffb7b18/1/lZ-WuWuUhvUxfk35aL63Y75tHoM.roa
Signing time: Mon 01 Jan 2024 10:29:52 +0000
ROA not before: Mon 01 Jan 2024 10:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8220
IP address blocks: 195.245.247.0/24 maxlen: 24
195.43.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e8be0e-a80d-4a4f-b52f-dff1cffb7b18/1/um1Gt2v9bUK71XXi8m_OE2ubam0.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e8be0e-a80d-4a4f-b52f-dff1cffb7b18/1/um1Gt2v9bUK71XXi8m_OE2ubam0.mft
rsync://rpki.ripe.net/repository/DEFAULT/um1Gt2v9bUK71XXi8m_OE2ubam0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 22:03:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:9f:3b:1a:e6:09:d5:29:d6:fa:fb:f1:36:5a:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6d46b76bfd6d42bbd575e2f26fce136b9b6a6d
Validity
Not Before: Jan 1 10:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=959f96b96b9486f5317e4df968beb763be6d1e83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:17:0b:1d:ec:4e:c2:7e:ff:22:6b:7e:a9:ee:
b8:d0:b5:c8:01:da:8d:4e:47:64:c4:54:7a:76:55:
10:d2:2b:4d:60:63:bc:b8:78:b1:7f:67:f2:cc:45:
c6:e0:d3:72:66:5f:7d:89:e7:1b:0b:1d:c4:d2:72:
30:34:f5:a9:5c:3c:b3:03:f8:d3:51:bc:78:fb:13:
c9:02:e4:e5:ac:23:ef:6e:dc:c6:11:51:4e:29:c1:
6f:f4:4b:08:56:02:af:72:75:27:25:f0:88:21:c7:
cf:bb:2f:7f:74:ad:fb:56:8f:0d:75:fd:cb:2d:79:
b5:73:ad:ad:8d:1e:ce:c6:85:ef:b3:1c:dc:46:4c:
b6:93:42:20:44:10:a3:3b:72:aa:e6:27:14:25:df:
3b:b9:43:25:2a:74:aa:b1:bf:8a:fd:5a:5f:e3:d4:
a9:26:36:60:35:c5:a3:dd:c1:69:5f:97:83:af:97:
75:65:56:08:4c:63:25:0a:16:ba:ad:47:e2:16:72:
e5:1c:11:b9:3c:a9:a8:ee:de:f1:01:ad:6c:a3:c9:
75:ca:96:ef:ae:ca:3b:d4:ec:19:31:45:4a:35:72:
d5:44:69:07:04:ee:a7:7d:07:5e:b1:f8:3c:10:31:
55:f1:77:01:89:b0:99:6e:0b:3e:04:81:6e:2e:9e:
0a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:9F:96:B9:6B:94:86:F5:31:7E:4D:F9:68:BE:B7:63:BE:6D:1E:83
X509v3 Authority Key Identifier:
keyid:BA:6D:46:B7:6B:FD:6D:42:BB:D5:75:E2:F2:6F:CE:13:6B:9B:6A:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um1Gt2v9bUK71XXi8m_OE2ubam0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e8be0e-a80d-4a4f-b52f-dff1cffb7b18/1/lZ-WuWuUhvUxfk35aL63Y75tHoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e8be0e-a80d-4a4f-b52f-dff1cffb7b18/1/um1Gt2v9bUK71XXi8m_OE2ubam0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.130.0/24
195.245.247.0/24
Signature Algorithm: sha256WithRSAEncryption
46:bf:f8:d3:41:b0:85:d8:1f:19:a0:a2:6d:3c:2a:27:b6:64:
23:6c:e5:a8:78:f5:e2:81:6d:59:c3:47:97:a5:fd:e4:e5:2b:
b4:45:ba:0d:2c:7a:c7:9a:c4:15:e2:32:e8:d8:61:11:1e:50:
6c:c6:04:3d:2f:c1:a2:69:31:1f:3c:b8:ea:eb:af:2d:3c:a4:
b0:a6:75:b1:4c:b1:08:36:d2:ab:1d:5e:a3:43:7c:23:bb:cc:
ae:73:ac:41:94:ed:04:53:c4:3d:de:0f:5b:89:67:6c:60:01:
13:32:c4:87:a3:f4:d0:e7:89:80:7b:62:53:31:18:f8:2c:01:
ca:3a:ec:39:33:a6:81:9f:79:30:11:04:6e:c5:8c:9d:30:ff:
11:fe:4f:cf:25:f4:c9:8d:2a:88:a7:85:5e:3e:96:b5:62:20:
c0:4c:86:e4:4e:ff:33:1d:38:66:56:2f:c8:be:03:09:ab:57:
78:e7:65:65:d5:0b:6d:33:69:4f:4e:8b:ff:cd:75:55:bb:fa:
bf:a2:26:85:34:85:d9:a2:c1:8c:8a:72:35:7d:07:34:34:5c:
3d:5f:9f:f2:ad:48:9b:28:2f:f0:df:85:ce:6e:ce:73:b7:89:
fb:78:e0:29:38:ab:e5:83:09:d7:27:d3:8e:ce:b0:b3:8b:d7:
91:62:a5:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEkp87GuYJ1SnW+vvxNlrPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmQ0NmI3NmJmZDZkNDJiYmQ1NzVlMmYyNmZjZTEzNmI5
YjZhNmQwHhcNMjQwMTAxMTAyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTlmOTZiOTZiOTQ4NmY1MzE3ZTRkZjk2OGJlYjc2M2JlNmQxZTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BcLHexOwn7/Imt+qe640LXIAdqN
TkdkxFR6dlUQ0itNYGO8uHixf2fyzEXG4NNyZl99iecbCx3E0nIwNPWpXDyzA/jT
Ubx4+xPJAuTlrCPvbtzGEVFOKcFv9EsIVgKvcnUnJfCIIcfPuy9/dK37Vo8Ndf3L
LXm1c62tjR7OxoXvsxzcRky2k0IgRBCjO3Kq5icUJd87uUMlKnSqsb+K/Vpf49Sp
JjZgNcWj3cFpX5eDr5d1ZVYITGMlCha6rUfiFnLlHBG5PKmo7t7xAa1so8l1ypbv
rso71OwZMUVKNXLVRGkHBO6nfQdesfg8EDFV8XcBibCZbgs+BIFuLp4KdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJWflrlrlIb1MX5N+Wi+t2O+bR6DMB8GA1UdIwQY
MBaAFLptRrdr/W1Cu9V14vJvzhNrm2ptMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW0xR3QydjliVUs3MVhYaThtX09FMnViYW0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lOGJlMGUtYTgwZC00YTRmLWI1MmYt
ZGZmMWNmZmI3YjE4LzEvbFotV3VXdVVodlV4ZmszNWFMNjNZNzV0SG9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lOGJlMGUtYTgwZC00YTRmLWI1MmYtZGZmMWNmZmI3YjE4
LzEvdW0xR3QydjliVUs3MVhYaThtX09FMnViYW0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwyuCAwQA
w/X3MA0GCSqGSIb3DQEBCwUAA4IBAQBGv/jTQbCF2B8ZoKJtPContmQjbOWoePXi
gW1Zw0eXpf3k5Su0RboNLHrHmsQV4jLo2GERHlBsxgQ9L8GiaTEfPLjq668tPKSw
pnWxTLEINtKrHV6jQ3wju8yuc6xBlO0EU8Q93g9biWdsYAETMsSHo/TQ54mAe2JT
MRj4LAHKOuw5M6aBn3kwEQRuxYydMP8R/k/PJfTJjSqIp4VePpa1YiDATIbkTv8z
HThmVi/IvgMJq1d452Vl1QttM2lPTov/zXVVu/q/oiaFNIXZosGMinI1fQc0NFw9
X5/yrUibKC/w34XObs5zt4n7eOApOKvlgwnXJ9OOzrCzi9eRYqVM
-----END CERTIFICATE-----
Generated at Wed May 22 23:52:55 2024 by rpki-client on console-fra.rpki-client.org