Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/b29c5c-d7c4-40dd-9639-55731c0a53a4/1/8k6GkAOae_jBFbQbLdXCkL41trs.roa
File: 8k6GkAOae_jBFbQbLdXCkL41trs.roa (raw, json)
Hash identifier: mDxeFwwYKV92WPAg0+nnbr5JYz2pP6RQagd/3AjluUQ=
Subject key identifier: F2:4E:86:90:03:9A:7B:F8:C1:15:B4:1B:2D:D5:C2:90:BE:35:B6:BB
Certificate issuer: /CN=72a759a825025241e1a8e012bf9ecc6f2a7c527b
Certificate serial: 018CC4936349B1A3FCE9CF05AF1839C4FC7B
Authority key identifier: 72:A7:59:A8:25:02:52:41:E1:A8:E0:12:BF:9E:CC:6F:2A:7C:52:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cqdZqCUCUkHhqOASv57Mbyp8Uns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/b29c5c-d7c4-40dd-9639-55731c0a53a4/1/8k6GkAOae_jBFbQbLdXCkL41trs.roa
Signing time: Mon 01 Jan 2024 10:30:42 +0000
ROA not before: Mon 01 Jan 2024 10:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29305
IP address blocks: 195.225.136.0/22 maxlen: 22
194.177.4.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/b29c5c-d7c4-40dd-9639-55731c0a53a4/1/cqdZqCUCUkHhqOASv57Mbyp8Uns.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/b29c5c-d7c4-40dd-9639-55731c0a53a4/1/cqdZqCUCUkHhqOASv57Mbyp8Uns.mft
rsync://rpki.ripe.net/repository/DEFAULT/cqdZqCUCUkHhqOASv57Mbyp8Uns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:63:49:b1:a3:fc:e9:cf:05:af:18:39:c4:fc:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72a759a825025241e1a8e012bf9ecc6f2a7c527b
Validity
Not Before: Jan 1 10:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f24e8690039a7bf8c115b41b2dd5c290be35b6bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:11:72:19:40:27:3d:65:cb:9b:04:76:8d:97:
c5:0b:76:c6:c1:ab:8f:9e:d1:b4:31:04:3c:a8:95:
0c:89:ba:be:b9:18:15:a6:ad:42:db:42:01:4b:68:
d4:48:69:22:99:48:c7:8b:17:54:36:1d:20:48:5c:
f9:d8:90:59:e2:2f:15:83:cb:46:6a:77:fb:b2:32:
7a:f5:49:9a:98:d7:0e:11:1d:eb:e8:89:41:e1:77:
3e:e9:7c:1d:88:b0:c0:49:43:65:03:c1:48:4a:ac:
f7:86:b5:87:30:07:77:80:9e:59:74:bf:d9:8a:53:
4f:60:d4:e2:f9:a0:05:52:0a:38:c6:ae:55:d9:63:
8d:05:36:5d:9c:bc:c8:90:4c:a5:05:44:42:0e:8a:
6e:18:c8:99:16:f6:6c:5d:a3:24:bd:6d:78:b8:4e:
82:28:77:ce:e8:a2:6b:45:2c:d5:86:88:50:ad:5d:
ee:02:fb:3f:b7:cc:41:a9:d3:ba:08:86:a0:16:02:
ca:15:67:d8:6a:4f:d7:2f:d7:bf:ec:06:31:18:c7:
55:db:1f:8d:d3:f0:86:37:d1:7e:58:07:2f:42:08:
97:bc:d9:12:3b:55:35:3a:34:64:a5:06:98:8a:8b:
00:c1:14:a5:d7:ff:8a:67:bb:c4:4c:41:4b:53:44:
b0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:4E:86:90:03:9A:7B:F8:C1:15:B4:1B:2D:D5:C2:90:BE:35:B6:BB
X509v3 Authority Key Identifier:
keyid:72:A7:59:A8:25:02:52:41:E1:A8:E0:12:BF:9E:CC:6F:2A:7C:52:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cqdZqCUCUkHhqOASv57Mbyp8Uns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/b29c5c-d7c4-40dd-9639-55731c0a53a4/1/8k6GkAOae_jBFbQbLdXCkL41trs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/b29c5c-d7c4-40dd-9639-55731c0a53a4/1/cqdZqCUCUkHhqOASv57Mbyp8Uns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.177.4.0/22
195.225.136.0/22
Signature Algorithm: sha256WithRSAEncryption
06:42:af:50:3d:9f:51:5a:d4:e2:dd:9a:04:e4:48:45:c9:a4:
e4:5e:38:ca:5e:82:49:f0:3f:47:ff:33:bb:76:7b:bf:a4:6b:
b6:be:54:1a:f6:32:6b:86:c5:71:9f:f3:36:33:27:46:93:62:
22:af:f1:de:b7:bd:bb:68:f8:47:56:81:e9:87:86:34:f6:fc:
cc:e8:e4:b7:19:be:bb:e8:45:4f:44:0e:a3:e0:71:fe:22:dd:
60:6a:c9:72:94:8e:25:dc:43:11:f9:a3:32:95:ab:18:06:cc:
e9:77:71:e6:dc:98:84:b1:9a:02:64:84:ee:7a:2c:96:55:19:
e6:27:be:61:c8:07:fd:0d:b8:db:d5:3c:ba:cc:ba:46:af:60:
c7:2c:bd:f3:e8:cc:bd:40:b7:ad:cb:b8:aa:89:3b:84:5b:a5:
af:ee:81:b6:76:7a:a1:99:2c:f2:d3:18:68:a7:68:78:ae:67:
c5:ba:9a:47:62:ea:dd:bb:96:df:5b:55:4d:03:63:69:24:fb:
9f:86:46:0f:39:37:2c:8d:9a:6f:9a:e9:c0:bd:0f:86:83:20:
13:4b:95:39:e6:b3:6a:45:73:b5:e2:45:6a:b7:bd:54:0a:11:
06:df:32:ed:8d:b3:08:b4:d2:74:af:8f:31:d2:d9:24:29:7a:
42:2a:db:06
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEk2NJsaP86c8Frxg5xPx7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYTc1OWE4MjUwMjUyNDFlMWE4ZTAxMmJmOWVjYzZmMmE3
YzUyN2IwHhcNMjQwMTAxMTAzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjRlODY5MDAzOWE3YmY4YzExNWI0MWIyZGQ1YzI5MGJlMzViNmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhFyGUAnPWXLmwR2jZfFC3bGwauP
ntG0MQQ8qJUMibq+uRgVpq1C20IBS2jUSGkimUjHixdUNh0gSFz52JBZ4i8Vg8tG
anf7sjJ69UmamNcOER3r6IlB4Xc+6XwdiLDASUNlA8FISqz3hrWHMAd3gJ5ZdL/Z
ilNPYNTi+aAFUgo4xq5V2WONBTZdnLzIkEylBURCDopuGMiZFvZsXaMkvW14uE6C
KHfO6KJrRSzVhohQrV3uAvs/t8xBqdO6CIagFgLKFWfYak/XL9e/7AYxGMdV2x+N
0/CGN9F+WAcvQgiXvNkSO1U1OjRkpQaYiosAwRSl1/+KZ7vETEFLU0SwuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPJOhpADmnv4wRW0Gy3VwpC+Nba7MB8GA1UdIwQY
MBaAFHKnWaglAlJB4ajgEr+ezG8qfFJ7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3FkWnFDVUNVa0hocU9BU3Y1N01ieXA4VW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9iMjljNWMtZDdjNC00MGRkLTk2Mzkt
NTU3MzFjMGE1M2E0LzEvOGs2R2tBT2FlX2pCRmJRYkxkWENrTDQxdHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9iMjljNWMtZDdjNC00MGRkLTk2MzktNTU3MzFjMGE1M2E0
LzEvY3FkWnFDVUNVa0hocU9BU3Y1N01ieXA4VW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwrEEAwQC
w+GIMA0GCSqGSIb3DQEBCwUAA4IBAQAGQq9QPZ9RWtTi3ZoE5EhFyaTkXjjKXoJJ
8D9H/zO7dnu/pGu2vlQa9jJrhsVxn/M2MydGk2Iir/Het727aPhHVoHph4Y09vzM
6OS3Gb676EVPRA6j4HH+It1gaslylI4l3EMR+aMylasYBszpd3Hm3JiEsZoCZITu
eiyWVRnmJ75hyAf9Dbjb1Ty6zLpGr2DHLL3z6My9QLety7iqiTuEW6Wv7oG2dnqh
mSzy0xhop2h4rmfFuppHYurdu5bfW1VNA2NpJPufhkYPOTcsjZpvmunAvQ+GgyAT
S5U55rNqRXO14kVqt71UChEG3zLtjbMItNJ0r48x0tkkKXpCKtsG
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:10:33 2024 by rpki-client on console-ams.rpki-client.org