Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/08164a-8821-47c1-bd48-5f9e482f1bf4/1/fIMnLxVgJ4-cUaiFiASY-Jmx_Qg.roa
File: fIMnLxVgJ4-cUaiFiASY-Jmx_Qg.roa (raw, json)
Hash identifier: khchfw8SL7Xa3nKLZb4jElKD//MxXwaIWWzCjiRExjQ=
Subject key identifier: 7C:83:27:2F:15:60:27:8F:9C:51:A8:85:88:04:98:F8:99:B1:FD:08
Certificate issuer: /CN=d09363cfebbbf92a51e428533d3e8ad412aa3374
Certificate serial: 018CC64B258E91F6D8F63AC6C249F1E9B026
Authority key identifier: D0:93:63:CF:EB:BB:F9:2A:51:E4:28:53:3D:3E:8A:D4:12:AA:33:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0JNjz-u7-SpR5ChTPT6K1BKqM3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/08164a-8821-47c1-bd48-5f9e482f1bf4/1/fIMnLxVgJ4-cUaiFiASY-Jmx_Qg.roa
Signing time: Mon 01 Jan 2024 18:31:02 +0000
ROA not before: Mon 01 Jan 2024 18:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12779
IP address blocks: 195.238.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/08164a-8821-47c1-bd48-5f9e482f1bf4/1/0JNjz-u7-SpR5ChTPT6K1BKqM3Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/08164a-8821-47c1-bd48-5f9e482f1bf4/1/0JNjz-u7-SpR5ChTPT6K1BKqM3Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/0JNjz-u7-SpR5ChTPT6K1BKqM3Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:25:8e:91:f6:d8:f6:3a:c6:c2:49:f1:e9:b0:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d09363cfebbbf92a51e428533d3e8ad412aa3374
Validity
Not Before: Jan 1 18:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c83272f1560278f9c51a885880498f899b1fd08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:eb:ab:58:4b:13:b0:ab:bd:0e:97:d9:fb:35:
83:68:4e:00:88:ae:b6:ce:68:8c:22:ca:53:ed:5c:
c4:58:8d:6c:ae:90:9b:05:7a:48:d2:66:d8:76:d6:
d9:e3:26:cf:ab:74:bf:be:0d:65:2b:db:d2:4f:b4:
fe:fd:b6:27:c8:3c:08:7f:ea:f7:7d:53:e6:9c:68:
82:f3:42:56:3e:70:e6:26:26:e0:43:de:c2:ac:62:
f7:76:e0:3f:59:11:17:f9:56:93:36:45:10:c1:a1:
07:25:03:17:d7:9e:a5:37:b3:3a:8c:b8:b0:ac:5c:
16:8a:fb:3e:d2:94:37:8f:fa:1a:53:e7:e1:6d:19:
c7:67:ef:6c:a5:56:65:f8:fd:f9:83:1c:d0:9c:bb:
05:4d:44:84:c4:9c:56:25:11:fa:4c:c2:40:12:c2:
9b:4a:7a:5b:04:06:ef:ee:bf:c2:01:49:6e:58:ef:
1c:9b:94:d9:41:6b:06:27:05:49:d7:d8:a2:c1:56:
97:53:f1:3d:ed:b9:c1:5b:e3:bb:53:74:00:eb:3b:
32:80:6a:3e:a1:c7:86:fa:61:8d:de:3a:3b:22:9a:
84:7e:48:95:23:3a:81:1c:15:0f:72:e3:8e:6d:fb:
e1:46:26:9d:12:23:7c:d9:57:cd:e5:a3:15:f1:8e:
9a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:83:27:2F:15:60:27:8F:9C:51:A8:85:88:04:98:F8:99:B1:FD:08
X509v3 Authority Key Identifier:
keyid:D0:93:63:CF:EB:BB:F9:2A:51:E4:28:53:3D:3E:8A:D4:12:AA:33:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0JNjz-u7-SpR5ChTPT6K1BKqM3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/08164a-8821-47c1-bd48-5f9e482f1bf4/1/fIMnLxVgJ4-cUaiFiASY-Jmx_Qg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/08164a-8821-47c1-bd48-5f9e482f1bf4/1/0JNjz-u7-SpR5ChTPT6K1BKqM3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.238.235.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:75:bb:99:21:b0:6e:b6:0e:f4:55:88:4e:0b:0e:c2:bf:b5:
68:93:66:64:83:06:5a:9b:94:ff:5d:89:55:ab:e2:95:af:1e:
27:1e:97:57:ce:d4:67:cb:d8:c5:83:4f:f7:9b:a5:49:58:ac:
ad:c6:05:89:2d:bf:ca:5a:a9:ce:59:39:d0:bb:fb:c6:70:2f:
24:9d:36:b0:4e:aa:a4:a4:b7:57:00:9e:de:9d:2f:c3:d8:50:
67:39:5b:c5:3a:ee:83:3c:94:d2:9c:04:bd:43:70:67:24:2f:
2c:55:13:8c:b5:a3:ce:d1:59:34:55:89:dc:cb:6b:f9:de:32:
0c:a4:1a:e1:73:ed:b2:30:86:b7:da:a9:9a:18:77:cb:06:a2:
19:69:e6:aa:f7:76:d0:0e:f6:9a:59:96:de:12:62:b1:aa:a5:
73:e3:de:c5:c6:c3:b2:f6:7c:4d:77:22:b7:80:a8:e6:a3:1a:
96:36:a6:5b:76:33:a5:40:97:84:4a:85:f8:66:30:a0:54:ef:
ec:ba:25:2d:39:66:8b:93:76:00:8c:f2:17:35:12:a9:8a:21:
1d:54:fe:e1:61:30:27:e3:ea:ab:c3:c9:5e:df:e1:78:2d:b3:
1e:6d:41:65:6c:1a:93:21:8e:70:0d:9f:78:62:38:0c:19:e3:
0a:fd:91:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSyWOkfbY9jrGwknx6bAmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOTM2M2NmZWJiYmY5MmE1MWU0Mjg1MzNkM2U4YWQ0MTJh
YTMzNzQwHhcNMjQwMTAxMTgzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzgzMjcyZjE1NjAyNzhmOWM1MWE4ODU4ODA0OThmODk5YjFmZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+urWEsTsKu9DpfZ+zWDaE4AiK62
zmiMIspT7VzEWI1srpCbBXpI0mbYdtbZ4ybPq3S/vg1lK9vST7T+/bYnyDwIf+r3
fVPmnGiC80JWPnDmJibgQ97CrGL3duA/WREX+VaTNkUQwaEHJQMX156lN7M6jLiw
rFwWivs+0pQ3j/oaU+fhbRnHZ+9spVZl+P35gxzQnLsFTUSExJxWJRH6TMJAEsKb
SnpbBAbv7r/CAUluWO8cm5TZQWsGJwVJ19iiwVaXU/E97bnBW+O7U3QA6zsygGo+
oceG+mGN3jo7IpqEfkiVIzqBHBUPcuOObfvhRiadEiN82VfN5aMV8Y6aUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHyDJy8VYCePnFGohYgEmPiZsf0IMB8GA1UdIwQY
MBaAFNCTY8/ru/kqUeQoUz0+itQSqjN0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEpOanotdTctU3BSNUNoVFBUNksxQktxTTNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8wODE2NGEtODgyMS00N2MxLWJkNDgt
NWY5ZTQ4MmYxYmY0LzEvZklNbkx4VmdKNC1jVWFpRmlBU1ktSm14X1FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8wODE2NGEtODgyMS00N2MxLWJkNDgtNWY5ZTQ4MmYxYmY0
LzEvMEpOanotdTctU3BSNUNoVFBUNksxQktxTTNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+7rMA0G
CSqGSIb3DQEBCwUAA4IBAQAMdbuZIbButg70VYhOCw7Cv7Vok2ZkgwZam5T/XYlV
q+KVrx4nHpdXztRny9jFg0/3m6VJWKytxgWJLb/KWqnOWTnQu/vGcC8knTawTqqk
pLdXAJ7enS/D2FBnOVvFOu6DPJTSnAS9Q3BnJC8sVROMtaPO0Vk0VYncy2v53jIM
pBrhc+2yMIa32qmaGHfLBqIZaeaq93bQDvaaWZbeEmKxqqVz497FxsOy9nxNdyK3
gKjmoxqWNqZbdjOlQJeESoX4ZjCgVO/suiUtOWaLk3YAjPIXNRKpiiEdVP7hYTAn
4+qrw8le3+F4LbMebUFlbBqTIY5wDZ94YjgMGeMK/ZFu
-----END CERTIFICATE-----
Generated at Fri May 17 23:56:56 2024 by rpki-client on console-fra.rpki-client.org