Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/TDxmdUodxC01LUCz-tTkywx87Sg.roa
File: TDxmdUodxC01LUCz-tTkywx87Sg.roa (raw, json)
Hash identifier: CQGzfI1i1yJkz1Smpy/O7ZObykHZ/tzRPlR5Rg93DD8=
Subject key identifier: 4C:3C:66:75:4A:1D:C4:2D:35:2D:40:B3:FA:D4:E4:CB:0C:7C:ED:28
Certificate issuer: /CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
Certificate serial: 018CC501072917C7D88B604CCF24C23A19D2
Authority key identifier: AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/TDxmdUodxC01LUCz-tTkywx87Sg.roa
Signing time: Mon 01 Jan 2024 12:30:28 +0000
ROA not before: Mon 01 Jan 2024 12:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8207
IP address blocks: 195.114.129.0/24 maxlen: 24
195.114.128.0/24 maxlen: 24
195.114.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:07:29:17:c7:d8:8b:60:4c:cf:24:c2:3a:19:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
Validity
Not Before: Jan 1 12:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c3c66754a1dc42d352d40b3fad4e4cb0c7ced28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:65:ea:f9:7e:f7:c3:2c:1d:b3:05:8a:8f:03:
09:4b:b1:06:22:44:bd:98:ab:4a:ad:51:ce:52:f3:
aa:de:5c:72:dd:6c:15:4d:0e:be:dd:06:c1:57:1a:
7a:dd:4e:c9:43:86:05:5c:8e:de:23:59:33:08:6e:
73:5f:95:ec:98:f0:ee:1a:4f:92:1a:06:93:65:b5:
cc:f0:7a:1c:cc:8d:15:88:6c:86:f7:45:38:21:df:
2c:5d:8f:72:68:c1:56:1e:c1:71:9b:f8:22:71:cb:
f0:41:05:62:be:c4:23:db:76:49:ef:bb:eb:cb:0e:
00:1b:eb:89:02:df:2d:1c:ed:7c:47:7d:98:69:9b:
5b:b3:31:c2:63:7d:21:b7:7e:92:7b:14:dd:3d:81:
d8:b5:c0:32:3e:10:61:d4:06:ba:f8:46:1d:31:e2:
25:02:5e:1b:0e:b9:23:11:68:e5:1d:5e:c5:cf:67:
f0:02:0f:1d:56:6b:eb:77:45:d5:93:ef:36:b9:34:
54:80:0b:75:f2:64:e9:47:03:30:7b:25:db:47:9b:
02:f9:c0:bd:d4:8f:36:a2:39:5f:ed:7e:ca:5e:24:
9e:93:f9:0e:76:2d:8d:8e:fe:df:8c:bb:21:29:75:
a5:0b:62:a0:13:5d:67:f8:ca:96:f6:ee:bd:16:1c:
be:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:3C:66:75:4A:1D:C4:2D:35:2D:40:B3:FA:D4:E4:CB:0C:7C:ED:28
X509v3 Authority Key Identifier:
keyid:AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/TDxmdUodxC01LUCz-tTkywx87Sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.114.128.0/23
195.114.135.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:86:10:a3:c2:66:77:6a:b5:53:1d:19:97:35:23:9d:d5:86:
44:cd:96:76:03:d7:da:f8:71:45:41:64:02:19:4f:e7:5a:db:
fc:9e:e1:af:9a:ff:58:62:89:98:ef:d3:cc:08:16:e5:95:4e:
9b:f8:55:e3:5e:f3:9e:30:a1:81:11:3d:1d:45:45:00:8e:af:
22:35:44:01:21:46:71:39:a5:0e:de:34:22:0c:b4:e2:2b:ab:
f8:d4:be:dc:67:2b:52:f5:23:b3:ed:56:14:de:5d:8e:e2:f5:
cd:6b:17:ca:e7:9d:5f:e7:c9:9d:ad:ed:0d:11:01:50:9c:40:
9a:02:96:6c:db:57:66:8e:2c:73:ab:7d:a4:ad:5c:66:ad:7b:
a7:75:67:0f:d2:32:ce:6f:7e:27:ee:25:f0:6d:d3:58:a1:34:
fa:38:3a:b5:3b:f1:98:70:2e:5d:91:02:6c:98:b4:5b:cb:32:
88:17:14:38:60:bf:6a:64:f7:e4:75:df:66:c9:3c:67:67:de:
9e:64:6b:b1:89:c0:79:7f:d2:68:9d:41:09:13:64:cc:e1:b8:
a4:86:8b:50:a4:da:e3:e7:36:66:fe:a6:e6:30:5d:16:a4:f7:
d6:ce:9d:a1:f6:87:13:7c:06:4c:80:5c:28:6e:87:b9:d2:01:
8d:98:b7:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFAQcpF8fYi2BMzyTCOhnSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYzhkYmU1MjA4M2FkMzM1YzlmMWZkZTYwMTZlYzhiNDky
OTMxNDAwHhcNMjQwMTAxMTIzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzNjNjY3NTRhMWRjNDJkMzUyZDQwYjNmYWQ0ZTRjYjBjN2NlZDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2Xq+X73wywdswWKjwMJS7EGIkS9
mKtKrVHOUvOq3lxy3WwVTQ6+3QbBVxp63U7JQ4YFXI7eI1kzCG5zX5XsmPDuGk+S
GgaTZbXM8HoczI0ViGyG90U4Id8sXY9yaMFWHsFxm/giccvwQQVivsQj23ZJ77vr
yw4AG+uJAt8tHO18R32YaZtbszHCY30ht36SexTdPYHYtcAyPhBh1Aa6+EYdMeIl
Al4bDrkjEWjlHV7Fz2fwAg8dVmvrd0XVk+82uTRUgAt18mTpRwMweyXbR5sC+cC9
1I82ojlf7X7KXiSek/kOdi2Njv7fjLshKXWlC2KgE11n+MqW9u69Fhy+twIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEw8ZnVKHcQtNS1As/rU5MsMfO0oMB8GA1UdIwQY
MBaAFKvI2+Ugg60zXJ8f3mAW7ItJKTFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcThqYjVTQ0RyVE5jbnhfZVlCYnNpMGtwTVVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jZTZjY2ItMjVjZi00OTE3LWIzY2Qt
MzA1NmFmOWEzMzVlLzEvVER4bWRVb2R4QzAxTFVDei10VGt5d3g4N1NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jZTZjY2ItMjVjZi00OTE3LWIzY2QtMzA1NmFmOWEzMzVl
LzEvcThqYjVTQ0RyVE5jbnhfZVlCYnNpMGtwTVVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw3KAAwQA
w3KHMA0GCSqGSIb3DQEBCwUAA4IBAQCjhhCjwmZ3arVTHRmXNSOd1YZEzZZ2A9fa
+HFFQWQCGU/nWtv8nuGvmv9YYomY79PMCBbllU6b+FXjXvOeMKGBET0dRUUAjq8i
NUQBIUZxOaUO3jQiDLTiK6v41L7cZytS9SOz7VYU3l2O4vXNaxfK551f58mdre0N
EQFQnECaApZs21dmjixzq32krVxmrXundWcP0jLOb34n7iXwbdNYoTT6ODq1O/GY
cC5dkQJsmLRbyzKIFxQ4YL9qZPfkdd9myTxnZ96eZGuxicB5f9JonUEJE2TM4bik
hotQpNrj5zZm/qbmMF0WpPfWzp2h9ocTfAZMgFwoboe50gGNmLcZ
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:44:24 2024 by rpki-client on console-ams.rpki-client.org