Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/x820M8Y5edzJiBhEyePXooj9rM4.roa
File: x820M8Y5edzJiBhEyePXooj9rM4.roa (raw, json)
Hash identifier: BBfBFp1A6hQFjGgFmSLBb3rF0Jsq3/V2PgkgRh4Dn+k=
Subject key identifier: C7:CD:B4:33:C6:39:79:DC:C9:88:18:44:C9:E3:D7:A2:88:FD:AC:CE
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018CC2DAD245F10A1C4629D8DFAD30E5337D
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/x820M8Y5edzJiBhEyePXooj9rM4.roa
Signing time: Mon 01 Jan 2024 02:29:29 +0000
ROA not before: Mon 01 Jan 2024 02:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43153
IP address blocks: 195.136.160.0/24 maxlen: 24
195.136.160.0/23 maxlen: 24
195.136.192.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.mft
rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:d2:45:f1:0a:1c:46:29:d8:df:ad:30:e5:33:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 02:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7cdb433c63979dcc9881844c9e3d7a288fdacce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:67:07:6f:01:bc:50:0b:b1:ff:81:c8:2a:7a:
61:05:83:0c:12:af:43:9a:32:fd:64:d9:bc:de:81:
55:9c:2a:e1:33:cb:f8:63:c9:34:f0:4a:e9:28:bb:
3e:c4:f5:e3:56:db:d0:4d:4a:52:c0:25:96:c6:2f:
0d:c6:00:a6:b7:a5:93:20:e0:e1:04:82:51:90:dc:
48:b3:5d:d3:c3:34:99:ec:c2:62:e8:6c:5f:82:80:
ed:47:e8:5c:b7:63:2b:6a:53:b4:cf:0d:06:7a:e2:
15:98:c4:03:02:65:e5:a3:6a:75:43:dd:5b:9e:4b:
6e:3f:9d:af:61:21:56:bf:16:ac:7a:8c:c9:e6:87:
20:ce:d6:2f:87:bd:95:df:aa:56:0e:0d:2d:d0:24:
46:af:d5:17:50:22:7c:ef:88:4b:97:96:cc:85:9c:
8d:60:c4:49:11:61:29:a1:b6:e8:38:fc:14:9c:68:
e0:c2:76:00:a9:6b:ed:75:ab:5b:8b:56:57:3d:7c:
90:94:9c:36:23:0f:e1:ae:a1:2f:55:41:80:c7:5d:
14:ba:fa:a1:57:a8:bf:45:e9:0c:b0:89:50:ca:69:
cd:00:ff:71:b7:2c:e0:a4:3e:6f:38:ba:3d:a1:1a:
a2:e4:ac:fe:a7:17:ab:73:7f:c4:f1:94:a2:5a:1f:
2b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:CD:B4:33:C6:39:79:DC:C9:88:18:44:C9:E3:D7:A2:88:FD:AC:CE
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/x820M8Y5edzJiBhEyePXooj9rM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.136.160.0/23
195.136.192.0/23
Signature Algorithm: sha256WithRSAEncryption
bd:ec:50:17:1b:0d:1d:df:31:e8:4b:69:d7:ac:06:ff:ad:31:
2c:40:b0:21:9c:2b:55:41:c1:49:c3:80:2d:90:fd:24:14:ae:
be:86:2a:88:ab:6f:0a:55:f1:13:ad:3c:5f:35:15:0a:da:fc:
f4:a1:13:30:c1:7b:34:4d:a7:37:08:0e:4e:7b:fb:cd:28:5e:
17:30:71:12:e2:ec:b7:f2:a4:16:e1:24:54:37:2a:e2:da:ef:
43:de:90:07:bd:eb:5f:00:32:0b:aa:34:38:79:0b:2f:74:cc:
19:dc:f1:b2:cd:0e:5f:4c:8a:9a:65:90:fb:9a:28:4c:db:e8:
e2:30:88:9e:63:18:5b:a3:30:b5:a9:83:e0:58:4b:ba:03:ee:
de:37:ea:74:41:52:2c:00:95:fd:8f:11:3e:51:75:68:5b:9f:
53:22:cc:7c:c0:11:b8:87:4c:71:7b:b0:a1:9f:38:2a:a3:ff:
e4:15:13:95:18:7a:af:59:e7:6d:21:fd:23:fa:7e:7b:d7:78:
5f:e7:db:aa:cd:63:7e:50:1d:aa:58:ad:22:20:22:34:2d:4a:
4e:18:74:8c:b0:b6:f6:ba:c0:7a:cd:2e:75:29:b7:18:6c:86:
62:28:da:92:2e:9c:59:7d:21:53:51:a3:2f:8c:51:1c:1e:2e:
12:97:86:15
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2tJF8QocRinY360w5TN9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjQwMTAxMDIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2NkYjQzM2M2Mzk3OWRjYzk4ODE4NDRjOWUzZDdhMjg4ZmRhY2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2cHbwG8UAux/4HIKnphBYMMEq9D
mjL9ZNm83oFVnCrhM8v4Y8k08ErpKLs+xPXjVtvQTUpSwCWWxi8NxgCmt6WTIODh
BIJRkNxIs13TwzSZ7MJi6GxfgoDtR+hct2MralO0zw0GeuIVmMQDAmXlo2p1Q91b
nktuP52vYSFWvxaseozJ5ocgztYvh72V36pWDg0t0CRGr9UXUCJ874hLl5bMhZyN
YMRJEWEpobboOPwUnGjgwnYAqWvtdatbi1ZXPXyQlJw2Iw/hrqEvVUGAx10Uuvqh
V6i/RekMsIlQymnNAP9xtyzgpD5vOLo9oRqi5Kz+pxerc3/E8ZSiWh8rHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMfNtDPGOXncyYgYRMnj16KI/azOMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEveDgyME04WTVlZHpKaUJoRXllUFhvb2o5ck00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw4igAwQB
w4jAMA0GCSqGSIb3DQEBCwUAA4IBAQC97FAXGw0d3zHoS2nXrAb/rTEsQLAhnCtV
QcFJw4AtkP0kFK6+hiqIq28KVfETrTxfNRUK2vz0oRMwwXs0Tac3CA5Oe/vNKF4X
MHES4uy38qQW4SRUNyri2u9D3pAHvetfADILqjQ4eQsvdMwZ3PGyzQ5fTIqaZZD7
mihM2+jiMIieYxhbozC1qYPgWEu6A+7eN+p0QVIsAJX9jxE+UXVoW59TIsx8wBG4
h0xxe7Chnzgqo//kFROVGHqvWedtIf0j+n5713hf59uqzWN+UB2qWK0iICI0LUpO
GHSMsLb2usB6zS51KbcYbIZiKNqSLpxZfSFTUaMvjFEcHi4Sl4YV
-----END CERTIFICATE-----
Generated at Sat Jun 1 05:04:54 2024 by rpki-client on console-fra.rpki-client.org