Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/QbXdd9OVLLfktaGOhjSzN5A2Y-8.roa
File: QbXdd9OVLLfktaGOhjSzN5A2Y-8.roa (raw, json)
Hash identifier: 00SP+rc2Fpk6QELv0UwZfFkZQLtrjwrfih9xo6OZGsE=
Subject key identifier: 41:B5:DD:77:D3:95:2C:B7:E4:B5:A1:8E:86:34:B3:37:90:36:63:EF
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018CC2DACD48084B4CCAE718F48D6851E90A
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/QbXdd9OVLLfktaGOhjSzN5A2Y-8.roa
Signing time: Mon 01 Jan 2024 02:29:28 +0000
ROA not before: Mon 01 Jan 2024 02:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35115
IP address blocks: 195.136.68.0/23 maxlen: 23
195.136.74.0/23 maxlen: 23
195.136.80.0/23 maxlen: 23
195.136.80.0/22 maxlen: 24
195.136.188.0/23 maxlen: 23
195.136.96.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.mft
rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 09:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:cd:48:08:4b:4c:ca:e7:18:f4:8d:68:51:e9:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 02:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41b5dd77d3952cb7e4b5a18e8634b337903663ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5f:a9:3a:dd:d9:f4:60:b1:82:c9:2f:a7:09:
15:9c:b3:52:d5:52:c6:49:df:c7:ec:d3:b6:f4:2b:
2c:11:e0:0f:a2:41:88:5f:e5:6d:8b:78:f1:42:b6:
4a:49:ef:6d:d3:60:6a:03:26:30:0c:71:93:26:d7:
d2:6e:cd:0d:17:db:77:60:3d:59:a7:36:f9:cd:2d:
13:77:97:c5:df:af:c5:f8:96:94:4b:6c:e0:a2:6c:
3f:bc:b0:78:ea:ed:d3:99:9c:c7:e9:84:11:3b:b6:
6b:dd:cb:82:78:09:dd:06:9a:1c:f9:21:87:df:ab:
1f:b3:e7:f4:d9:3c:f2:7f:95:b4:ff:7b:80:12:5c:
df:9b:7d:19:01:cd:6a:9e:43:83:25:37:fe:2c:96:
b3:f8:98:fa:27:3b:48:09:38:a0:2a:ba:13:af:e3:
9f:20:71:a4:d1:4f:df:15:79:2c:45:bc:12:73:78:
da:57:98:8b:ed:ae:d5:c9:b5:ad:26:63:31:3f:03:
60:9e:53:fc:93:6a:c1:a6:31:c4:37:6f:ba:cc:8d:
5c:43:6f:a8:a6:c6:b9:46:38:81:83:b3:f6:1e:4a:
64:88:d2:fe:26:d7:c2:59:96:fa:13:48:b1:d8:60:
07:fc:25:8b:f6:e0:0c:8e:9c:8b:7a:c6:47:67:3b:
c3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:B5:DD:77:D3:95:2C:B7:E4:B5:A1:8E:86:34:B3:37:90:36:63:EF
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/QbXdd9OVLLfktaGOhjSzN5A2Y-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.136.68.0/23
195.136.74.0/23
195.136.80.0/22
195.136.96.0/22
195.136.188.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:75:bc:be:52:a7:d9:69:bf:f0:3b:c1:3a:c5:fb:f2:39:ce:
7c:f6:a2:47:45:03:4a:c2:06:7f:53:e4:f7:58:c1:c7:b8:b3:
7e:be:93:d1:9a:74:a9:90:b4:6d:9b:16:8f:27:b1:9b:d8:b7:
16:cc:0a:4e:08:05:c9:f2:52:0a:c9:fc:81:93:3a:ab:6a:30:
cc:eb:90:fb:a4:ac:a2:82:c6:17:ae:bc:f6:e0:55:4f:99:73:
d7:b9:cf:29:af:83:96:e6:1d:21:e1:99:d6:1d:39:2e:4e:43:
90:bd:f1:7f:51:8f:4c:fd:17:25:9f:30:e1:15:71:5a:16:09:
b5:79:f8:9e:79:0d:0c:72:fa:ed:64:79:6c:e8:33:78:fc:c4:
d6:c9:07:17:f1:df:bb:8a:21:90:05:c9:80:4c:7b:75:9f:b5:
0b:f1:3e:56:43:17:9f:8a:32:27:93:53:86:ee:05:1d:c3:e2:
44:e7:bf:56:cf:03:5b:f3:4a:b6:fc:45:8b:9e:39:eb:22:75:
f2:1f:47:6c:7d:28:b6:40:a5:41:77:62:78:af:2b:d7:3f:94:
48:cc:91:a9:ec:83:9e:33:27:51:da:d6:62:28:8f:88:3b:8c:
8f:8a:27:5c:96:67:96:32:21:df:b2:d3:88:a1:f9:b8:7b:9f:
06:b3:b7:d4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzC2s1ICEtMyucY9I1oUekKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjQwMTAxMDIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWI1ZGQ3N2QzOTUyY2I3ZTRiNWExOGU4NjM0YjMzNzkwMzY2M2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhF+pOt3Z9GCxgskvpwkVnLNS1VLG
Sd/H7NO29CssEeAPokGIX+Vti3jxQrZKSe9t02BqAyYwDHGTJtfSbs0NF9t3YD1Z
pzb5zS0Td5fF36/F+JaUS2zgomw/vLB46u3TmZzH6YQRO7Zr3cuCeAndBpoc+SGH
36sfs+f02Tzyf5W0/3uAElzfm30ZAc1qnkODJTf+LJaz+Jj6JztICTigKroTr+Of
IHGk0U/fFXksRbwSc3jaV5iL7a7VybWtJmMxPwNgnlP8k2rBpjHEN2+6zI1cQ2+o
psa5RjiBg7P2HkpkiNL+JtfCWZb6E0ix2GAH/CWL9uAMjpyLesZHZzvDdwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEG13XfTlSy35LWhjoY0szeQNmPvMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvUWJYZGQ5T1ZMTGZrdGFHT2hqU3pONUEyWS04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBw4hEAwQB
w4hKAwQCw4hQAwQCw4hgAwQBw4i8MA0GCSqGSIb3DQEBCwUAA4IBAQB/dby+UqfZ
ab/wO8E6xfvyOc589qJHRQNKwgZ/U+T3WMHHuLN+vpPRmnSpkLRtmxaPJ7Gb2LcW
zApOCAXJ8lIKyfyBkzqrajDM65D7pKyigsYXrrz24FVPmXPXuc8pr4OW5h0h4ZnW
HTkuTkOQvfF/UY9M/RclnzDhFXFaFgm1efieeQ0McvrtZHls6DN4/MTWyQcX8d+7
iiGQBcmATHt1n7UL8T5WQxefijInk1OG7gUdw+JE579WzwNb80q2/EWLnjnrInXy
H0dsfSi2QKVBd2J4ryvXP5RIzJGp7IOeMydR2tZiKI+IO4yPiidclmeWMiHfstOI
ofm4e58Gs7fU
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:32:45 2024 by rpki-client on console-ams.rpki-client.org