Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/vU41uo_hwgVmdbBFBQIZvGXER88.roa
File: vU41uo_hwgVmdbBFBQIZvGXER88.roa (raw, json)
Hash identifier: fANXktw44O4Jgqe6yPyS/YwgHF0cBh0EFMOr2tQWq8I=
Subject key identifier: BD:4E:35:BA:8F:E1:C2:05:66:75:B0:45:05:02:19:BC:65:C4:47:CF
Certificate issuer: /CN=e1e8f41f6b02b93f85d1a7b48b48cfa322f088f8
Certificate serial: 018CC80153F4B1CE82F085EC974DB19CBBF6
Authority key identifier: E1:E8:F4:1F:6B:02:B9:3F:85:D1:A7:B4:8B:48:CF:A3:22:F0:88:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4ej0H2sCuT-F0ae0i0jPoyLwiPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/vU41uo_hwgVmdbBFBQIZvGXER88.roa
Signing time: Tue 02 Jan 2024 02:29:39 +0000
ROA not before: Tue 02 Jan 2024 02:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28924
IP address blocks: 195.90.98.0/24 maxlen: 24
195.90.99.0/24 maxlen: 24
195.90.114.0/23 maxlen: 23
195.90.114.0/24 maxlen: 24
212.52.160.0/22 maxlen: 22
212.52.160.0/24 maxlen: 24
212.52.160.0/19 maxlen: 19
212.52.163.0/24 maxlen: 24
212.52.164.0/24 maxlen: 24
212.52.161.0/24 maxlen: 24
212.52.162.0/24 maxlen: 24
212.52.165.0/24 maxlen: 24
212.52.166.0/24 maxlen: 24
212.52.170.0/24 maxlen: 24
212.52.171.0/24 maxlen: 24
212.52.168.0/22 maxlen: 22
212.52.168.0/24 maxlen: 24
212.52.169.0/24 maxlen: 24
212.52.172.0/24 maxlen: 24
212.52.167.0/24 maxlen: 24
212.52.174.0/24 maxlen: 24
212.52.173.0/24 maxlen: 24
212.52.177.0/24 maxlen: 24
212.52.178.0/24 maxlen: 24
212.52.175.0/24 maxlen: 24
212.52.176.0/24 maxlen: 24
212.52.179.0/24 maxlen: 24
212.52.181.0/24 maxlen: 24
212.52.180.0/24 maxlen: 24
212.52.184.0/24 maxlen: 24
212.52.185.0/24 maxlen: 24
212.52.182.0/24 maxlen: 24
212.52.183.0/24 maxlen: 24
212.52.186.0/24 maxlen: 24
212.52.187.0/24 maxlen: 24
212.52.188.0/24 maxlen: 24
212.52.191.0/24 maxlen: 24
212.52.189.0/24 maxlen: 24
212.52.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/4ej0H2sCuT-F0ae0i0jPoyLwiPg.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/4ej0H2sCuT-F0ae0i0jPoyLwiPg.mft
rsync://rpki.ripe.net/repository/DEFAULT/4ej0H2sCuT-F0ae0i0jPoyLwiPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:53:f4:b1:ce:82:f0:85:ec:97:4d:b1:9c:bb:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1e8f41f6b02b93f85d1a7b48b48cfa322f088f8
Validity
Not Before: Jan 2 02:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd4e35ba8fe1c2056675b045050219bc65c447cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8e:4e:f1:cc:48:fe:26:cd:af:41:96:8b:38:
d5:1b:66:7d:a7:b5:3b:71:81:bc:51:57:1b:4a:f8:
75:b0:63:e3:a4:0e:69:6a:48:d0:5e:10:53:6d:7a:
0d:34:f4:77:81:07:43:03:9e:ae:1b:d0:73:e6:99:
d2:46:fc:bd:eb:b3:5f:b4:43:6f:6b:32:17:f8:57:
c4:f1:ba:71:5c:91:79:16:30:87:d9:33:75:a9:2f:
a0:b7:f0:01:45:72:dd:d6:8b:4f:2c:a4:b5:07:bb:
39:38:23:36:6b:d3:be:7e:8b:4c:64:a6:96:89:69:
39:17:65:53:9f:8b:ae:bb:04:25:07:1b:be:37:8f:
00:06:03:07:e3:ad:3c:8e:2f:16:dc:03:44:5a:53:
49:dd:77:76:c6:f5:c4:e6:3f:f0:bb:a0:c9:3b:42:
99:96:a0:c2:ae:6f:2a:da:7c:82:1f:68:b3:86:c0:
fa:b7:3e:97:a0:46:de:d3:1e:55:98:9c:66:7d:b2:
03:d4:63:d3:8b:90:59:e0:c4:29:68:23:7f:50:0a:
74:3a:c9:96:0b:38:28:e1:b9:78:ca:7a:c4:d3:a0:
0e:1a:50:c3:75:70:f8:3a:bb:e0:6e:35:21:81:50:
50:4a:c7:08:f9:f4:d9:5e:ca:cf:7e:bc:73:f6:b3:
1f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:4E:35:BA:8F:E1:C2:05:66:75:B0:45:05:02:19:BC:65:C4:47:CF
X509v3 Authority Key Identifier:
keyid:E1:E8:F4:1F:6B:02:B9:3F:85:D1:A7:B4:8B:48:CF:A3:22:F0:88:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ej0H2sCuT-F0ae0i0jPoyLwiPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/vU41uo_hwgVmdbBFBQIZvGXER88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/4ej0H2sCuT-F0ae0i0jPoyLwiPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.90.98.0/23
195.90.114.0/23
212.52.160.0/19
Signature Algorithm: sha256WithRSAEncryption
4c:40:18:54:42:f5:a0:a9:eb:08:54:cf:01:01:f1:f1:7e:0d:
b7:d9:ac:51:84:72:6b:01:58:38:e8:26:2b:ef:80:70:c1:a9:
ac:8c:60:5c:51:83:13:43:3c:12:0c:4a:a3:b2:20:8c:90:2c:
12:fd:c6:b8:98:cd:36:d1:16:33:63:36:09:07:cb:d7:2a:2d:
fa:3b:a5:df:a8:c6:28:07:36:3d:f5:8b:65:b5:63:48:76:00:
f6:1e:f8:2a:a6:65:41:a4:5f:fd:da:7f:a2:8b:f1:c5:41:cf:
6f:73:3b:16:98:8e:bf:38:b8:2b:14:fb:78:6a:9b:90:ae:ef:
43:83:ba:d2:4b:4c:c7:07:78:f4:9b:e9:85:6c:47:f2:dd:4d:
22:06:06:a3:d8:7c:e7:5c:99:36:20:60:f2:86:6c:d0:98:f6:
8c:ce:28:e0:b1:01:2a:bf:60:51:e0:65:db:66:31:99:75:7c:
05:b0:87:fd:7b:a3:79:2e:c5:28:0f:97:af:a1:f8:f6:42:b8:
0d:2d:75:55:19:78:5c:06:42:97:5b:3a:2a:97:52:e8:48:87:
8a:14:72:66:5f:1e:c6:d5:c5:b5:46:37:5f:70:c9:0e:37:0b:
20:e4:af:2a:25:29:73:00:08:32:b9:36:05:4d:ef:dc:4b:f1:
67:13:a5:21
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAVP0sc6C8IXsl02xnLv2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZThmNDFmNmIwMmI5M2Y4NWQxYTdiNDhiNDhjZmEzMjJm
MDg4ZjgwHhcNMjQwMTAyMDIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDRlMzViYThmZTFjMjA1NjY3NWIwNDUwNTAyMTliYzY1YzQ0N2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl45O8cxI/ibNr0GWizjVG2Z9p7U7
cYG8UVcbSvh1sGPjpA5pakjQXhBTbXoNNPR3gQdDA56uG9Bz5pnSRvy967NftENv
azIX+FfE8bpxXJF5FjCH2TN1qS+gt/ABRXLd1otPLKS1B7s5OCM2a9O+fotMZKaW
iWk5F2VTn4uuuwQlBxu+N48ABgMH4608ji8W3ANEWlNJ3Xd2xvXE5j/wu6DJO0KZ
lqDCrm8q2nyCH2izhsD6tz6XoEbe0x5VmJxmfbID1GPTi5BZ4MQpaCN/UAp0OsmW
Czgo4bl4ynrE06AOGlDDdXD4OrvgbjUhgVBQSscI+fTZXsrPfrxz9rMfqwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL1ONbqP4cIFZnWwRQUCGbxlxEfPMB8GA1UdIwQY
MBaAFOHo9B9rArk/hdGntItIz6Mi8Ij4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGVqMEgyc0N1VC1GMGFlMGkwalBveUx3aVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85YmE5NDAtMDA3OC00ZmQwLWFmZGUt
NTM3YTJiMGI0ZGRhLzEvdlU0MXVvX2h3Z1ZtZGJCRkJRSVp2R1hFUjg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85YmE5NDAtMDA3OC00ZmQwLWFmZGUtNTM3YTJiMGI0ZGRh
LzEvNGVqMEgyc0N1VC1GMGFlMGkwalBveUx3aVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBw1piAwQB
w1pyAwQF1DSgMA0GCSqGSIb3DQEBCwUAA4IBAQBMQBhUQvWgqesIVM8BAfHxfg23
2axRhHJrAVg46CYr74BwwamsjGBcUYMTQzwSDEqjsiCMkCwS/ca4mM020RYzYzYJ
B8vXKi36O6XfqMYoBzY99YtltWNIdgD2HvgqpmVBpF/92n+ii/HFQc9vczsWmI6/
OLgrFPt4apuQru9Dg7rSS0zHB3j0m+mFbEfy3U0iBgaj2HznXJk2IGDyhmzQmPaM
zijgsQEqv2BR4GXbZjGZdXwFsIf9e6N5LsUoD5evofj2QrgNLXVVGXhcBkKXWzoq
l1LoSIeKFHJmXx7G1cW1RjdfcMkONwsg5K8qJSlzAAgyuTYFTe/cS/FnE6Uh
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:24:24 2024 by rpki-client on console-fra.rpki-client.org