Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/4upvuXSbW0hxxb9T-C8Mww97yL0.roa
File: 4upvuXSbW0hxxb9T-C8Mww97yL0.roa (raw, json)
Hash identifier: UGaxmrn3kNBWri7SbtHWINc4WPp+TD8DuyafIiSc73Y=
Subject key identifier: E2:EA:6F:B9:74:9B:5B:48:71:C5:BF:53:F8:2F:0C:C3:0F:7B:C8:BD
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 018CCA2BB2355292875D02DA11A01C39E69A
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/4upvuXSbW0hxxb9T-C8Mww97yL0.roa
Signing time: Tue 02 Jan 2024 12:35:10 +0000
ROA not before: Tue 02 Jan 2024 12:35:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30898
IP address blocks: 195.168.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 19:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:b2:35:52:92:87:5d:02:da:11:a0:1c:39:e6:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Jan 2 12:35:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2ea6fb9749b5b4871c5bf53f82f0cc30f7bc8bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b3:e6:42:34:5b:ba:0e:d0:14:ae:2a:2c:10:
6e:69:c0:ea:bb:af:b8:ab:25:f5:b9:28:cf:32:37:
d4:a6:5b:0a:b9:23:49:6c:6e:c6:74:43:87:18:2c:
0d:16:73:61:d0:e7:f4:3d:59:83:a9:cd:f9:20:07:
2a:5d:96:f0:86:37:c2:7d:9f:16:b8:21:19:3e:f0:
07:9a:d5:d2:87:7f:99:99:db:41:2f:ba:e4:b7:a8:
4c:9c:0e:64:28:d4:59:7e:70:ba:05:3f:6f:78:96:
da:f6:25:cc:37:bd:d8:ab:2d:09:57:cd:fc:a4:8c:
db:6b:16:7e:c2:0d:2f:4f:78:a1:35:a0:5d:8c:bb:
aa:65:d9:a1:70:7c:ba:3a:c3:39:2d:cc:1b:c0:3d:
3b:00:30:d8:52:55:24:61:14:01:7a:4e:b1:da:32:
0b:ef:dc:77:ff:c7:7d:fa:7e:d7:b9:ae:4f:25:04:
dc:53:fc:de:a3:85:4b:18:63:58:30:d9:37:07:19:
91:62:46:ab:9b:21:6f:1d:78:0b:eb:1d:d3:17:c7:
a1:db:d4:c3:f4:c3:ce:1e:59:b0:0f:d8:ad:29:a7:
30:fe:3f:43:92:91:5e:a5:00:71:13:eb:be:fe:cd:
bb:a2:c2:14:1a:c8:de:cc:8d:50:6f:c4:11:1f:45:
90:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:EA:6F:B9:74:9B:5B:48:71:C5:BF:53:F8:2F:0C:C3:0F:7B:C8:BD
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/4upvuXSbW0hxxb9T-C8Mww97yL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.168.240.0/24
Signature Algorithm: sha256WithRSAEncryption
35:d1:28:ba:b9:74:b7:a8:e9:36:26:76:86:48:97:5f:26:8c:
80:f2:27:cc:0d:37:f2:03:d4:f9:16:ec:15:a9:3f:c1:78:27:
85:20:03:5b:f1:bb:c7:1c:a2:c4:3f:fd:41:24:39:ed:7a:67:
4e:1c:b7:2c:9f:b2:fc:4d:e7:45:57:d1:eb:01:09:67:a8:be:
22:9d:bc:b3:96:ca:55:46:0d:a1:b7:e8:32:d8:0f:60:28:27:
db:71:e3:7a:f3:37:22:94:fa:c2:81:5e:d0:22:11:dc:8b:db:
a3:4f:b1:f8:e4:a1:a3:c1:02:e0:f2:e7:8b:a1:2f:b8:e9:d0:
3f:56:e8:ba:97:b7:53:1d:4d:6e:7d:f3:fe:c5:0c:b8:0b:6d:
af:bb:ae:70:fb:ab:ab:71:1f:ed:c2:8c:f6:a2:30:3b:96:74:
81:59:da:94:8b:4f:ed:d9:39:28:6b:56:2e:7a:39:72:c8:03:
2e:ae:a9:d6:5e:10:ae:de:7d:45:d9:5b:15:81:0c:c4:aa:fb:
3c:b0:36:5f:ee:fc:44:35:d9:31:48:c6:8a:bf:b3:09:cc:dd:
09:34:09:4e:35:b0:6b:c0:8a:e8:be:20:77:4c:50:fd:36:58:
b3:86:16:1c:02:7a:c4:a9:d9:8b:58:bb:b3:be:a7:62:e3:b5:
ad:3a:64:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK7I1UpKHXQLaEaAcOeaaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Zjg4MTQwMWFiYWNjODhjOTQxZmRmNzQwZjFhYjE1MzZm
MDVkYmEwHhcNMjQwMTAyMTIzNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmVhNmZiOTc0OWI1YjQ4NzFjNWJmNTNmODJmMGNjMzBmN2JjOGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7PmQjRbug7QFK4qLBBuacDqu6+4
qyX1uSjPMjfUplsKuSNJbG7GdEOHGCwNFnNh0Of0PVmDqc35IAcqXZbwhjfCfZ8W
uCEZPvAHmtXSh3+ZmdtBL7rkt6hMnA5kKNRZfnC6BT9veJba9iXMN73Yqy0JV838
pIzbaxZ+wg0vT3ihNaBdjLuqZdmhcHy6OsM5LcwbwD07ADDYUlUkYRQBek6x2jIL
79x3/8d9+n7Xua5PJQTcU/zeo4VLGGNYMNk3BxmRYkarmyFvHXgL6x3TF8eh29TD
9MPOHlmwD9itKacw/j9DkpFepQBxE+u+/s27osIUGsjezI1Qb8QRH0WQ3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOLqb7l0m1tIccW/U/gvDMMPe8i9MB8GA1UdIwQY
MBaAFOf4gUAausyIyUH990DxqxU28F26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmIt
ZTJmYmMzYTY4ODAwLzEvNHVwdnVYU2JXMGh4eGI5VC1DOE13dzk3eUwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmItZTJmYmMzYTY4ODAw
LzEvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw6jwMA0G
CSqGSIb3DQEBCwUAA4IBAQA10Si6uXS3qOk2JnaGSJdfJoyA8ifMDTfyA9T5FuwV
qT/BeCeFIANb8bvHHKLEP/1BJDntemdOHLcsn7L8TedFV9HrAQlnqL4inbyzlspV
Rg2ht+gy2A9gKCfbceN68zcilPrCgV7QIhHci9ujT7H45KGjwQLg8ueLoS+46dA/
Vui6l7dTHU1uffP+xQy4C22vu65w+6urcR/twoz2ojA7lnSBWdqUi0/t2Tkoa1Yu
ejlyyAMurqnWXhCu3n1F2VsVgQzEqvs8sDZf7vxENdkxSMaKv7MJzN0JNAlONbBr
wIroviB3TFD9NlizhhYcAnrEqdmLWLuzvqdi47WtOmSF
-----END CERTIFICATE-----
Generated at Sat May 18 22:48:33 2024 by rpki-client on console-ams.rpki-client.org