Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/2fVx4hJNWrwAF_U4VuBLbABcDY0.roa
File: 2fVx4hJNWrwAF_U4VuBLbABcDY0.roa (raw, json)
Hash identifier: ZwYjSt/Eq3/lZII0RHTosem/7VtaY1708kcfiNbrRoM=
Subject key identifier: D9:F5:71:E2:12:4D:5A:BC:00:17:F5:38:56:E0:4B:6C:00:5C:0D:8D
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 018CC26CFADEF3C047178A9C1479A890C2B3
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/2fVx4hJNWrwAF_U4VuBLbABcDY0.roa
Signing time: Mon 01 Jan 2024 00:29:31 +0000
ROA not before: Mon 01 Jan 2024 00:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207185
IP address blocks: 185.157.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 14:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:fa:de:f3:c0:47:17:8a:9c:14:79:a8:90:c2:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Jan 1 00:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9f571e2124d5abc0017f53856e04b6c005c0d8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:cc:6c:8e:7c:57:fe:f8:95:54:2c:96:d3:c4:
fd:d9:ab:25:1f:4c:cc:a4:94:3a:6b:23:98:4c:2e:
93:9e:1d:e4:40:78:05:a2:19:c5:09:e2:c7:91:c2:
2e:96:84:30:fb:47:e7:85:cc:c5:82:b8:a1:09:96:
2c:d7:5a:ee:d6:0d:7f:cf:fd:7d:d7:f8:90:3e:04:
d9:9b:71:f2:ac:d1:37:a4:dd:12:82:2b:c3:84:e7:
f7:33:3c:03:05:8e:2d:14:ae:88:5a:6d:76:03:76:
33:b8:f9:4e:a3:be:60:38:66:f4:af:8d:e0:f2:ba:
4b:30:0b:6e:60:f5:c7:71:0e:ce:b9:73:88:3f:4b:
0d:d4:cb:83:cb:5f:ff:32:9c:f8:18:97:34:e2:a2:
61:23:7b:ff:66:a0:28:8a:8b:46:84:63:27:89:89:
cb:b6:9d:6d:56:d6:e7:9b:92:6b:d0:3e:00:a7:8e:
7c:16:c8:b9:f4:99:e3:6c:26:e3:f4:64:54:84:96:
79:08:fe:c6:a1:16:42:47:de:6c:9c:b8:0f:1d:1a:
78:60:84:90:9f:e4:7e:aa:12:a8:ce:59:c8:44:07:
bf:23:66:de:b0:3f:7f:0e:b4:06:86:43:0d:4a:f2:
5c:22:27:91:8b:20:fe:91:4e:72:06:37:4b:43:ac:
e7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F5:71:E2:12:4D:5A:BC:00:17:F5:38:56:E0:4B:6C:00:5C:0D:8D
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/2fVx4hJNWrwAF_U4VuBLbABcDY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.4.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:98:88:29:db:25:b3:02:ad:02:fa:af:d9:7c:7c:f1:45:43:
be:2d:02:25:57:63:ff:0e:6d:31:f7:99:53:e4:34:8c:d8:cf:
4b:5f:ff:d4:c4:6d:ec:ac:1c:6a:6d:46:38:fa:dd:e3:1e:e2:
86:f7:c8:bc:fa:08:35:3b:cc:98:28:2f:42:af:0b:66:7b:c5:
63:e9:2e:30:3f:27:c9:e3:ea:1e:2f:46:a6:25:4b:b7:49:26:
da:e6:fb:aa:66:33:0d:81:e0:45:42:d5:c1:40:cf:c8:d7:78:
9b:95:e7:ba:67:ea:30:c3:15:ce:c3:5d:0d:bc:b7:8a:b8:0a:
2e:cb:e6:b2:e2:d1:c3:b7:c5:44:e4:b1:55:83:03:40:96:7e:
0b:45:88:af:3b:15:14:63:53:6a:57:36:01:23:61:10:ce:d6:
9c:3b:1b:ae:3e:ef:14:bc:de:88:32:be:fa:ba:af:b3:da:de:
c4:2b:a0:59:fd:e5:ce:66:13:56:02:8c:8f:26:8d:c4:dd:07:
52:1b:db:47:f3:3a:76:d0:c6:22:b7:b7:af:95:54:b1:35:3b:
46:b6:ea:82:62:b4:15:aa:b7:d0:07:5f:06:be:58:50:33:51:
42:91:02:ee:95:a0:5a:73:c2:c5:84:63:8e:10:15:4b:6b:ab:
af:c2:f7:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbPre88BHF4qcFHmokMKzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjQwMTAxMDAyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWY1NzFlMjEyNGQ1YWJjMDAxN2Y1Mzg1NmUwNGI2YzAwNWMwZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocxsjnxX/viVVCyW08T92aslH0zM
pJQ6ayOYTC6Tnh3kQHgFohnFCeLHkcIuloQw+0fnhczFgrihCZYs11ru1g1/z/19
1/iQPgTZm3HyrNE3pN0SgivDhOf3MzwDBY4tFK6IWm12A3YzuPlOo75gOGb0r43g
8rpLMAtuYPXHcQ7OuXOIP0sN1MuDy1//Mpz4GJc04qJhI3v/ZqAoiotGhGMniYnL
tp1tVtbnm5Jr0D4Ap458Fsi59JnjbCbj9GRUhJZ5CP7GoRZCR95snLgPHRp4YISQ
n+R+qhKozlnIRAe/I2besD9/DrQGhkMNSvJcIieRiyD+kU5yBjdLQ6znFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNn1ceISTVq8ABf1OFbgS2wAXA2NMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvMmZWeDRoSk5XcndBRl9VNFZ1QkxiQUJjRFkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ0EMA0G
CSqGSIb3DQEBCwUAA4IBAQA+mIgp2yWzAq0C+q/ZfHzxRUO+LQIlV2P/Dm0x95lT
5DSM2M9LX//UxG3srBxqbUY4+t3jHuKG98i8+gg1O8yYKC9Crwtme8Vj6S4wPyfJ
4+oeL0amJUu3SSba5vuqZjMNgeBFQtXBQM/I13iblee6Z+owwxXOw10NvLeKuAou
y+ay4tHDt8VE5LFVgwNAln4LRYivOxUUY1NqVzYBI2EQztacOxuuPu8UvN6IMr76
uq+z2t7EK6BZ/eXOZhNWAoyPJo3E3QdSG9tH8zp20MYit7evlVSxNTtGtuqCYrQV
qrfQB18GvlhQM1FCkQLulaBac8LFhGOOEBVLa6uvwveH
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:24:31 2024 by rpki-client on console-ams.rpki-client.org