Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/f10e0e-16ca-48b0-abdc-c14f6ba25cb0/1/0qXCVLpBSq-WDW0MnXg0patXs44.roa
File: 0qXCVLpBSq-WDW0MnXg0patXs44.roa (raw, json)
Hash identifier: D0PpxnjR+qURpVrLufhSCBXRmXc39MDSFnJaQHUu5r8=
Subject key identifier: D2:A5:C2:54:BA:41:4A:AF:96:0D:6D:0C:9D:78:34:A5:AB:57:B3:8E
Certificate issuer: /CN=26425863c309f2655b884c1600394c4338e7fb41
Certificate serial: 018CC94D2D2D5B20BF9D7396E4870394CE38
Authority key identifier: 26:42:58:63:C3:09:F2:65:5B:88:4C:16:00:39:4C:43:38:E7:FB:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JkJYY8MJ8mVbiEwWADlMQzjn-0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/f10e0e-16ca-48b0-abdc-c14f6ba25cb0/1/0qXCVLpBSq-WDW0MnXg0patXs44.roa
Signing time: Tue 02 Jan 2024 08:32:07 +0000
ROA not before: Tue 02 Jan 2024 08:32:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50300
IP address blocks: 195.60.172.0/24 maxlen: 24
195.60.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/f10e0e-16ca-48b0-abdc-c14f6ba25cb0/1/JkJYY8MJ8mVbiEwWADlMQzjn-0E.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/f10e0e-16ca-48b0-abdc-c14f6ba25cb0/1/JkJYY8MJ8mVbiEwWADlMQzjn-0E.mft
rsync://rpki.ripe.net/repository/DEFAULT/JkJYY8MJ8mVbiEwWADlMQzjn-0E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:2d:2d:5b:20:bf:9d:73:96:e4:87:03:94:ce:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26425863c309f2655b884c1600394c4338e7fb41
Validity
Not Before: Jan 2 08:32:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2a5c254ba414aaf960d6d0c9d7834a5ab57b38e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:15:d4:64:1b:50:76:df:3e:3b:3d:f9:d6:f0:
66:26:2c:5d:e6:b4:3c:24:a5:fb:82:b3:bd:1a:b8:
94:b8:5c:5c:5c:bc:ea:c7:7e:79:47:38:a9:2f:8d:
fd:7f:48:0b:b2:3d:e0:0e:18:46:2f:4b:86:89:64:
5c:b1:58:60:cb:26:de:8f:b8:43:4e:98:81:38:6b:
b5:fa:b0:d3:2b:62:d3:f2:47:6a:e2:68:60:60:01:
ae:a0:bf:4f:31:f7:cb:59:e5:33:53:7f:09:82:16:
15:e0:64:6b:3f:4d:55:4e:98:4c:4c:bb:02:31:e9:
09:93:f0:13:f9:b1:ce:c2:96:b4:5d:e0:56:56:ad:
73:0e:0e:b6:77:e9:6d:db:66:32:53:d1:09:39:20:
17:51:d2:19:10:1d:f3:61:31:f8:9f:c0:67:bc:f1:
31:66:49:28:c3:70:b7:a1:15:0b:1a:07:93:b6:64:
c0:b5:6c:c1:08:51:dc:28:16:bb:26:03:32:a2:95:
e0:ce:2a:3e:0b:ec:2c:2b:95:fd:64:7b:94:d7:0d:
5f:95:80:f7:3f:8e:3e:c4:62:d4:18:1c:d5:e9:2a:
d0:5f:94:79:ca:d8:a2:3c:a9:53:5f:f4:78:d9:fe:
8a:f3:10:03:04:f4:6a:be:78:c0:2d:43:dd:45:fb:
14:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:A5:C2:54:BA:41:4A:AF:96:0D:6D:0C:9D:78:34:A5:AB:57:B3:8E
X509v3 Authority Key Identifier:
keyid:26:42:58:63:C3:09:F2:65:5B:88:4C:16:00:39:4C:43:38:E7:FB:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JkJYY8MJ8mVbiEwWADlMQzjn-0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f10e0e-16ca-48b0-abdc-c14f6ba25cb0/1/0qXCVLpBSq-WDW0MnXg0patXs44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f10e0e-16ca-48b0-abdc-c14f6ba25cb0/1/JkJYY8MJ8mVbiEwWADlMQzjn-0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.172.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:4b:b3:ff:34:12:13:98:b8:34:93:ae:7e:18:34:35:17:ea:
1b:ac:a8:8d:71:24:5e:c1:1d:b8:62:6a:07:9c:6f:37:ca:8e:
05:cd:86:c1:af:9f:39:dc:64:2c:e6:c1:c4:cc:60:2f:0f:15:
14:7d:d0:bd:82:eb:79:df:2a:1b:fc:05:d4:34:06:a9:b4:b9:
f8:3a:37:cc:81:23:cd:45:49:e0:df:12:c8:9f:b2:6b:c9:3e:
23:f6:4e:ac:b2:8f:86:1a:7c:f5:b5:cd:e8:18:69:db:87:79:
5b:15:20:68:19:94:dc:2b:77:56:a2:5d:b0:99:a1:e5:82:c8:
8f:3c:2c:29:9e:25:9c:86:80:a4:7e:5a:95:7a:41:c7:75:42:
d7:57:51:9b:43:5e:c4:69:77:09:82:6d:95:99:3a:a2:7d:08:
ad:2b:bc:bf:bf:82:03:80:62:b3:7f:95:dd:6b:27:f0:f4:97:
74:1b:b7:77:80:6f:40:d2:ab:2d:01:35:c4:ad:4f:00:bc:06:
a5:c6:33:07:3b:8b:7f:f6:56:03:50:43:02:cc:fb:8b:34:ad:
cf:6e:bc:f9:48:7f:8f:ba:30:fa:70:1c:d0:7a:28:7c:3d:da:
6c:da:f6:7e:29:04:34:e2:30:c5:ca:ca:cd:d9:73:c3:ed:5e:
4e:31:c3:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTS0tWyC/nXOW5IcDlM44MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NDI1ODYzYzMwOWYyNjU1Yjg4NGMxNjAwMzk0YzQzMzhl
N2ZiNDEwHhcNMjQwMTAyMDgzMjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmE1YzI1NGJhNDE0YWFmOTYwZDZkMGM5ZDc4MzRhNWFiNTdiMzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBXUZBtQdt8+Oz351vBmJixd5rQ8
JKX7grO9GriUuFxcXLzqx355RzipL439f0gLsj3gDhhGL0uGiWRcsVhgyybej7hD
TpiBOGu1+rDTK2LT8kdq4mhgYAGuoL9PMffLWeUzU38JghYV4GRrP01VTphMTLsC
MekJk/AT+bHOwpa0XeBWVq1zDg62d+lt22YyU9EJOSAXUdIZEB3zYTH4n8BnvPEx
Zkkow3C3oRULGgeTtmTAtWzBCFHcKBa7JgMyopXgzio+C+wsK5X9ZHuU1w1flYD3
P44+xGLUGBzV6SrQX5R5ytiiPKlTX/R42f6K8xADBPRqvnjALUPdRfsUrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNKlwlS6QUqvlg1tDJ14NKWrV7OOMB8GA1UdIwQY
MBaAFCZCWGPDCfJlW4hMFgA5TEM45/tBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmtKWVk4TUo4bVZiaUV3V0FEbE1RempuLTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9mMTBlMGUtMTZjYS00OGIwLWFiZGMt
YzE0ZjZiYTI1Y2IwLzEvMHFYQ1ZMcEJTcS1XRFcwTW5YZzBwYXRYczQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9mMTBlMGUtMTZjYS00OGIwLWFiZGMtYzE0ZjZiYTI1Y2Iw
LzEvSmtKWVk4TUo4bVZiaUV3V0FEbE1RempuLTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwzysMA0G
CSqGSIb3DQEBCwUAA4IBAQCiS7P/NBITmLg0k65+GDQ1F+obrKiNcSRewR24YmoH
nG83yo4FzYbBr5853GQs5sHEzGAvDxUUfdC9gut53yob/AXUNAaptLn4OjfMgSPN
RUng3xLIn7JryT4j9k6sso+GGnz1tc3oGGnbh3lbFSBoGZTcK3dWol2wmaHlgsiP
PCwpniWchoCkflqVekHHdULXV1GbQ17EaXcJgm2VmTqifQitK7y/v4IDgGKzf5Xd
ayfw9Jd0G7d3gG9A0qstATXErU8AvAalxjMHO4t/9lYDUEMCzPuLNK3Pbrz5SH+P
ujD6cBzQeih8Pdps2vZ+KQQ04jDFysrN2XPD7V5OMcMD
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:10:38 2024 by rpki-client on console-fra.rpki-client.org