Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/434fed-877d-4a0f-a256-85345f660655/1/71jXUkXt0tWUoZlC2v5TE4H66xE.roa
File: 71jXUkXt0tWUoZlC2v5TE4H66xE.roa (raw, json)
Hash identifier: ML8SkBjln86EYkAXcteVDGMn96Od1WfCBDoinHfiO68=
Subject key identifier: EF:58:D7:52:45:ED:D2:D5:94:A1:99:42:DA:FE:53:13:81:FA:EB:11
Certificate issuer: /CN=ebdfa7c0ad7ef674dd5b4194960f2ffd4115f261
Certificate serial: 018CC4246667D5CEE503EFD5E5311CC8AF8C
Authority key identifier: EB:DF:A7:C0:AD:7E:F6:74:DD:5B:41:94:96:0F:2F:FD:41:15:F2:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/69-nwK1-9nTdW0GUlg8v_UEV8mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/434fed-877d-4a0f-a256-85345f660655/1/71jXUkXt0tWUoZlC2v5TE4H66xE.roa
Signing time: Mon 01 Jan 2024 08:29:28 +0000
ROA not before: Mon 01 Jan 2024 08:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43201
IP address blocks: 195.158.222.0/23 maxlen: 23
195.158.223.0/24 maxlen: 24
195.158.220.0/24 maxlen: 24
195.158.221.0/24 maxlen: 24
195.158.220.0/23 maxlen: 23
195.158.220.0/22 maxlen: 22
195.158.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/434fed-877d-4a0f-a256-85345f660655/1/69-nwK1-9nTdW0GUlg8v_UEV8mE.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/434fed-877d-4a0f-a256-85345f660655/1/69-nwK1-9nTdW0GUlg8v_UEV8mE.mft
rsync://rpki.ripe.net/repository/DEFAULT/69-nwK1-9nTdW0GUlg8v_UEV8mE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:66:67:d5:ce:e5:03:ef:d5:e5:31:1c:c8:af:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebdfa7c0ad7ef674dd5b4194960f2ffd4115f261
Validity
Not Before: Jan 1 08:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef58d75245edd2d594a19942dafe531381faeb11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e0:15:1d:b1:00:0d:da:e1:3e:0a:b1:33:bf:
e6:1c:c9:7c:e4:d3:93:3b:43:b8:77:c5:60:18:dc:
92:f5:ea:d0:fd:c9:c4:b4:85:bc:f6:f1:73:da:d0:
4b:81:c8:c7:13:f6:17:45:01:dd:d7:41:13:26:f8:
65:ad:2b:cc:00:2d:58:3c:f2:6f:84:a1:5e:f7:e6:
5f:3f:ec:74:07:8b:1d:d1:a4:f6:75:49:32:4c:3e:
4b:3d:d1:77:f8:6a:d9:08:bf:e8:c0:41:29:de:89:
c3:61:53:d2:69:68:60:f6:42:10:dd:b5:41:5d:85:
69:fd:42:66:43:0f:36:9a:56:21:65:e1:4f:f3:37:
36:a9:52:cb:31:c6:71:f2:7d:52:de:45:32:09:9b:
46:e3:34:ea:aa:cf:08:67:0d:3a:8b:ec:92:07:70:
66:eb:95:81:ca:12:07:52:81:e0:59:c9:35:31:cf:
99:e9:7b:9a:cc:47:00:1a:a6:04:0a:6e:e2:eb:37:
5c:66:a6:2e:af:83:69:91:67:ab:9b:90:4b:d7:45:
49:fb:ec:cc:c3:1e:60:bb:ea:d7:22:6c:73:07:5f:
84:cc:27:4f:b8:76:d3:43:e6:71:c1:6b:48:82:1d:
48:e0:05:06:93:4a:68:f0:2b:12:0d:ca:fe:c8:11:
5d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:58:D7:52:45:ED:D2:D5:94:A1:99:42:DA:FE:53:13:81:FA:EB:11
X509v3 Authority Key Identifier:
keyid:EB:DF:A7:C0:AD:7E:F6:74:DD:5B:41:94:96:0F:2F:FD:41:15:F2:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/69-nwK1-9nTdW0GUlg8v_UEV8mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/434fed-877d-4a0f-a256-85345f660655/1/71jXUkXt0tWUoZlC2v5TE4H66xE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/434fed-877d-4a0f-a256-85345f660655/1/69-nwK1-9nTdW0GUlg8v_UEV8mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.158.220.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:77:84:ed:75:c8:31:6f:73:99:7d:44:5c:fd:1d:09:93:28:
71:c4:c8:f4:c2:cd:14:82:73:50:17:fb:03:e8:75:ca:b5:96:
0e:48:9d:01:1e:fe:ed:11:12:87:92:e8:bb:e7:0c:e2:83:6e:
66:2a:32:22:66:d7:da:b9:72:d7:90:db:7c:10:e2:48:07:69:
63:ee:9f:85:2e:b5:9b:55:d9:45:0d:a9:ec:73:49:b8:aa:cb:
86:a0:4a:f2:d7:34:08:81:60:f1:67:92:15:8a:c1:37:45:98:
7a:49:19:f2:84:d7:a0:b1:94:54:eb:d2:b7:cb:66:56:ae:9c:
05:5e:41:b8:c3:eb:18:af:33:90:0f:61:3a:4c:d8:fe:92:c5:
e5:4a:b3:85:ae:c1:43:cf:d8:d3:82:b7:bb:b3:0c:c8:bd:7d:
e9:02:db:c8:90:ba:99:66:3d:63:f5:0d:04:f9:f0:8d:0f:64:
c7:49:4e:e0:1f:b9:24:6e:1f:6b:e3:e0:a8:66:05:a5:e8:f1:
b0:eb:20:84:0e:49:f1:d5:ea:2c:aa:59:1a:bb:56:3f:0f:ef:
62:0d:be:ad:93:41:78:66:61:45:a9:f5:70:7c:8b:ab:41:67:
94:f7:83:1a:cb:9f:58:00:d3:58:14:a9:91:28:14:57:78:32:
1a:f7:af:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJGZn1c7lA+/V5TEcyK+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZGZhN2MwYWQ3ZWY2NzRkZDViNDE5NDk2MGYyZmZkNDEx
NWYyNjEwHhcNMjQwMTAxMDgyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjU4ZDc1MjQ1ZWRkMmQ1OTRhMTk5NDJkYWZlNTMxMzgxZmFlYjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2uAVHbEADdrhPgqxM7/mHMl85NOT
O0O4d8VgGNyS9erQ/cnEtIW89vFz2tBLgcjHE/YXRQHd10ETJvhlrSvMAC1YPPJv
hKFe9+ZfP+x0B4sd0aT2dUkyTD5LPdF3+GrZCL/owEEp3onDYVPSaWhg9kIQ3bVB
XYVp/UJmQw82mlYhZeFP8zc2qVLLMcZx8n1S3kUyCZtG4zTqqs8IZw06i+ySB3Bm
65WByhIHUoHgWck1Mc+Z6XuazEcAGqYECm7i6zdcZqYur4NpkWerm5BL10VJ++zM
wx5gu+rXImxzB1+EzCdPuHbTQ+ZxwWtIgh1I4AUGk0po8CsSDcr+yBFdpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO9Y11JF7dLVlKGZQtr+UxOB+usRMB8GA1UdIwQY
MBaAFOvfp8CtfvZ03VtBlJYPL/1BFfJhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjktbndLMS05blRkVzBHVWxnOHZfVUVWOG1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny80MzRmZWQtODc3ZC00YTBmLWEyNTYt
ODUzNDVmNjYwNjU1LzEvNzFqWFVrWHQwdFdVb1psQzJ2NVRFNEg2NnhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny80MzRmZWQtODc3ZC00YTBmLWEyNTYtODUzNDVmNjYwNjU1
LzEvNjktbndLMS05blRkVzBHVWxnOHZfVUVWOG1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw57cMA0G
CSqGSIb3DQEBCwUAA4IBAQAsd4Ttdcgxb3OZfURc/R0JkyhxxMj0ws0UgnNQF/sD
6HXKtZYOSJ0BHv7tERKHkui75wzig25mKjIiZtfauXLXkNt8EOJIB2lj7p+FLrWb
VdlFDansc0m4qsuGoEry1zQIgWDxZ5IVisE3RZh6SRnyhNegsZRU69K3y2ZWrpwF
XkG4w+sYrzOQD2E6TNj+ksXlSrOFrsFDz9jTgre7swzIvX3pAtvIkLqZZj1j9Q0E
+fCND2THSU7gH7kkbh9r4+CoZgWl6PGw6yCEDknx1eosqlkau1Y/D+9iDb6tk0F4
ZmFFqfVwfIurQWeU94May59YANNYFKmRKBRXeDIa96+w
-----END CERTIFICATE-----
Generated at Wed May 8 21:09:35 2024 by rpki-client on console-ams.rpki-client.org