Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/c28ebc-749f-48f6-89a2-edc316222644/1/aHi7jn9xGqekI1y5YDaLXdVdO00.roa
File: aHi7jn9xGqekI1y5YDaLXdVdO00.roa (raw, json)
Hash identifier: w3fIjy/SENIpRAJQv8zfTpc5W48FXtEJIMh7UrALvFE=
Subject key identifier: 68:78:BB:8E:7F:71:1A:A7:A4:23:5C:B9:60:36:8B:5D:D5:5D:3B:4D
Certificate issuer: /CN=985d472fa538204f1c23e8b6a758073b80cfc199
Certificate serial: 018CC2DB2F5F18FEEB84D137B3F03705E673
Authority key identifier: 98:5D:47:2F:A5:38:20:4F:1C:23:E8:B6:A7:58:07:3B:80:CF:C1:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mF1HL6U4IE8cI-i2p1gHO4DPwZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/c28ebc-749f-48f6-89a2-edc316222644/1/aHi7jn9xGqekI1y5YDaLXdVdO00.roa
Signing time: Mon 01 Jan 2024 02:29:53 +0000
ROA not before: Mon 01 Jan 2024 02:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212603
IP address blocks: 195.200.194.0/24 maxlen: 24
45.143.176.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/c28ebc-749f-48f6-89a2-edc316222644/1/mF1HL6U4IE8cI-i2p1gHO4DPwZk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/c28ebc-749f-48f6-89a2-edc316222644/1/mF1HL6U4IE8cI-i2p1gHO4DPwZk.mft
rsync://rpki.ripe.net/repository/DEFAULT/mF1HL6U4IE8cI-i2p1gHO4DPwZk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:2f:5f:18:fe:eb:84:d1:37:b3:f0:37:05:e6:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=985d472fa538204f1c23e8b6a758073b80cfc199
Validity
Not Before: Jan 1 02:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6878bb8e7f711aa7a4235cb960368b5dd55d3b4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d0:0d:05:b9:78:9e:04:8b:7f:25:c1:cb:9d:
9a:9f:9d:89:76:38:47:a2:05:be:78:32:cc:1c:f1:
7c:5a:0d:25:14:a8:ec:3f:22:15:26:93:4d:f8:7f:
fc:7a:75:0b:1c:2e:80:fc:5e:18:ca:23:44:93:72:
9b:77:bc:37:c1:fb:bc:69:c8:e6:2d:88:8e:2e:ba:
bf:08:54:6a:32:71:36:ce:b9:d6:10:f5:f7:49:84:
bc:39:fb:b9:7a:d1:c1:e3:95:6c:0e:84:9d:5a:ce:
4f:d6:32:f2:06:76:db:7d:c6:a1:d4:2e:c3:22:02:
e1:28:9d:c7:b6:c0:4d:65:ac:b0:f7:ce:18:70:20:
54:d5:69:75:00:dc:7c:ce:98:88:90:11:a7:b6:73:
38:42:9e:b7:92:37:16:35:3a:d3:dc:29:f4:fb:22:
78:68:69:c2:e4:bb:6e:00:6e:5b:9f:6e:be:c6:87:
f1:5b:d9:a6:e6:65:38:5d:ca:2b:2e:3b:22:1c:35:
9c:c9:27:89:31:a7:8e:f4:32:40:52:1e:07:7d:66:
94:ee:6c:1c:b2:e0:68:56:b4:9d:7b:07:01:0b:c0:
9d:34:cc:ae:3f:bd:58:62:00:e9:e7:78:71:72:a0:
ff:ee:ff:69:4f:0d:fd:af:7e:23:12:cc:70:72:75:
a8:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:78:BB:8E:7F:71:1A:A7:A4:23:5C:B9:60:36:8B:5D:D5:5D:3B:4D
X509v3 Authority Key Identifier:
keyid:98:5D:47:2F:A5:38:20:4F:1C:23:E8:B6:A7:58:07:3B:80:CF:C1:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mF1HL6U4IE8cI-i2p1gHO4DPwZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/c28ebc-749f-48f6-89a2-edc316222644/1/aHi7jn9xGqekI1y5YDaLXdVdO00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/c28ebc-749f-48f6-89a2-edc316222644/1/mF1HL6U4IE8cI-i2p1gHO4DPwZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.176.0/22
195.200.194.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:c0:0b:87:5a:87:ea:e8:4e:21:8f:d7:ff:c8:3d:71:c9:b8:
56:07:f3:7e:83:f8:9d:1a:6a:1a:de:27:ec:b0:d5:93:2d:a9:
ed:68:8b:3d:b9:bf:2f:18:b6:73:16:64:8d:ba:96:ad:4b:98:
c6:6f:07:93:6a:c2:c8:30:8e:e1:bb:8a:cb:50:b2:3b:59:f0:
b0:46:48:95:04:c5:37:95:ca:5a:01:c6:60:1f:40:5c:00:51:
8b:88:1b:14:5a:2a:e1:74:00:f0:06:87:1a:5c:e9:5b:61:4f:
2e:bc:ed:be:c3:8d:f8:67:18:70:98:4b:2b:16:35:dc:63:9c:
60:8f:16:2d:1c:23:82:33:66:c8:c1:05:4e:4c:eb:1d:f9:85:
8b:15:e5:62:e6:b9:f5:cf:0d:88:01:0d:f9:b9:13:a3:8c:fd:
b6:06:4b:2d:94:b0:a5:80:03:2f:91:ac:9e:c7:9e:1f:7f:dd:
2b:e8:49:ee:8a:63:95:f7:75:a9:9f:0a:80:78:ad:99:84:f2:
9f:2e:66:d1:62:6d:23:c9:73:0c:1f:ab:2b:1a:01:05:af:79:
af:0d:29:8d:8b:57:d7:de:5c:77:fe:63:a9:ab:23:9d:ab:ee:
84:99:c4:5b:cb:e1:00:6c:e7:70:eb:22:e9:ae:41:56:ad:30:
ff:57:e3:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2y9fGP7rhNE3s/A3BeZzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NWQ0NzJmYTUzODIwNGYxYzIzZThiNmE3NTgwNzNiODBj
ZmMxOTkwHhcNMjQwMTAxMDIyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODc4YmI4ZTdmNzExYWE3YTQyMzVjYjk2MDM2OGI1ZGQ1NWQzYjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNANBbl4ngSLfyXBy52an52JdjhH
ogW+eDLMHPF8Wg0lFKjsPyIVJpNN+H/8enULHC6A/F4YyiNEk3Kbd7w3wfu8acjm
LYiOLrq/CFRqMnE2zrnWEPX3SYS8Ofu5etHB45VsDoSdWs5P1jLyBnbbfcah1C7D
IgLhKJ3HtsBNZayw984YcCBU1Wl1ANx8zpiIkBGntnM4Qp63kjcWNTrT3Cn0+yJ4
aGnC5LtuAG5bn26+xofxW9mm5mU4XcorLjsiHDWcySeJMaeO9DJAUh4HfWaU7mwc
suBoVrSdewcBC8CdNMyuP71YYgDp53hxcqD/7v9pTw39r34jEsxwcnWoqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGh4u45/cRqnpCNcuWA2i13VXTtNMB8GA1UdIwQY
MBaAFJhdRy+lOCBPHCPotqdYBzuAz8GZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUYxSEw2VTRJRThjSS1pMnAxZ0hPNERQd1prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9jMjhlYmMtNzQ5Zi00OGY2LTg5YTIt
ZWRjMzE2MjIyNjQ0LzEvYUhpN2puOXhHcWVrSTF5NVlEYUxYZFZkTzAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9jMjhlYmMtNzQ5Zi00OGY2LTg5YTItZWRjMzE2MjIyNjQ0
LzEvbUYxSEw2VTRJRThjSS1pMnAxZ0hPNERQd1prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLY+wAwQA
w8jCMA0GCSqGSIb3DQEBCwUAA4IBAQChwAuHWofq6E4hj9f/yD1xybhWB/N+g/id
Gmoa3ifssNWTLantaIs9ub8vGLZzFmSNupatS5jGbweTasLIMI7hu4rLULI7WfCw
RkiVBMU3lcpaAcZgH0BcAFGLiBsUWirhdADwBocaXOlbYU8uvO2+w434ZxhwmEsr
FjXcY5xgjxYtHCOCM2bIwQVOTOsd+YWLFeVi5rn1zw2IAQ35uROjjP22BkstlLCl
gAMvkayex54ff90r6EnuimOV93WpnwqAeK2ZhPKfLmbRYm0jyXMMH6srGgEFr3mv
DSmNi1fX3lx3/mOpqyOdq+6EmcRby+EAbOdw6yLprkFWrTD/V+ML
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:00:19 2024 by rpki-client on console-fra.rpki-client.org