Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/11bf2e-b58a-4a31-89c0-155f42dcaa73/1/65fWnTSXqxJ1vsUZdxXVLmrqXkM.roa
File: 65fWnTSXqxJ1vsUZdxXVLmrqXkM.roa (raw, json)
Hash identifier: Q3RG4Kr7OzlSJvYFUCz+AFhFfc6P/XFom/fr9iJGmn0=
Subject key identifier: EB:97:D6:9D:34:97:AB:12:75:BE:C5:19:77:15:D5:2E:6A:EA:5E:43
Certificate issuer: /CN=b23eb849e0b6940e4ff547de0b41b003f9e1105c
Certificate serial: 019093B1B1DEDE984B54CF375C3F0F14571E
Authority key identifier: B2:3E:B8:49:E0:B6:94:0E:4F:F5:47:DE:0B:41:B0:03:F9:E1:10:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sj64SeC2lA5P9UfeC0GwA_nhEFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/11bf2e-b58a-4a31-89c0-155f42dcaa73/1/65fWnTSXqxJ1vsUZdxXVLmrqXkM.roa
Signing time: Mon 08 Jul 2024 18:53:34 +0000
ROA not before: Mon 08 Jul 2024 18:53:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8431
IP address blocks: 195.230.0.0/20 maxlen: 24
195.230.1.0/24 maxlen: 24
195.230.3.0/24 maxlen: 24
195.230.4.0/24 maxlen: 24
195.230.5.0/24 maxlen: 24
195.230.16.0/23 maxlen: 23
195.230.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/11bf2e-b58a-4a31-89c0-155f42dcaa73/1/sj64SeC2lA5P9UfeC0GwA_nhEFw.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/11bf2e-b58a-4a31-89c0-155f42dcaa73/1/sj64SeC2lA5P9UfeC0GwA_nhEFw.mft
rsync://rpki.ripe.net/repository/DEFAULT/sj64SeC2lA5P9UfeC0GwA_nhEFw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:93:b1:b1:de:de:98:4b:54:cf:37:5c:3f:0f:14:57:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b23eb849e0b6940e4ff547de0b41b003f9e1105c
Validity
Not Before: Jul 8 18:53:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb97d69d3497ab1275bec5197715d52e6aea5e43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:39:54:92:40:60:e7:f8:88:5f:61:5b:f1:4c:
32:67:34:ce:19:bc:c5:78:e6:7c:ee:3e:e7:90:d0:
6a:0d:02:2c:30:78:3a:43:88:c2:60:64:1d:24:0f:
1f:cd:92:2d:b2:54:da:7b:b6:5d:0a:cb:de:49:2f:
e8:40:41:a8:35:2e:18:60:d9:25:3f:ee:72:e3:f9:
ed:85:a1:7e:c7:a2:11:31:d5:ce:9d:4f:99:33:b4:
e0:6a:1a:85:8e:e1:df:b9:f5:b8:b3:50:5b:3d:c4:
27:0b:32:98:0b:f3:c6:40:03:e4:52:ec:a5:39:45:
44:d7:7f:b2:7c:58:c3:18:0f:1a:09:eb:28:fb:66:
e1:64:5c:35:4b:b2:4c:2f:0c:50:76:d8:90:11:9c:
73:72:c4:b0:45:62:52:70:d8:8a:66:f7:02:99:dc:
1f:14:86:9b:43:b2:be:8c:80:d9:28:8d:0f:05:8d:
7f:df:72:df:7e:92:10:54:ed:4a:9f:02:f9:53:d7:
e8:e6:8d:76:f0:57:4f:69:19:04:8c:86:c1:ff:5f:
8a:35:e4:b9:2f:48:d8:3a:24:68:fa:49:c6:07:74:
d5:7b:26:25:0c:26:15:28:02:4b:24:ae:db:f7:ac:
19:89:59:8e:88:e5:6c:c6:eb:fd:c6:e7:59:98:90:
0e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:97:D6:9D:34:97:AB:12:75:BE:C5:19:77:15:D5:2E:6A:EA:5E:43
X509v3 Authority Key Identifier:
keyid:B2:3E:B8:49:E0:B6:94:0E:4F:F5:47:DE:0B:41:B0:03:F9:E1:10:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sj64SeC2lA5P9UfeC0GwA_nhEFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/11bf2e-b58a-4a31-89c0-155f42dcaa73/1/65fWnTSXqxJ1vsUZdxXVLmrqXkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/11bf2e-b58a-4a31-89c0-155f42dcaa73/1/sj64SeC2lA5P9UfeC0GwA_nhEFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.230.0.0-195.230.18.255
Signature Algorithm: sha256WithRSAEncryption
6b:7c:2a:86:3e:4d:4d:51:93:81:6e:82:2b:d9:b9:58:2e:dd:
ac:63:20:8b:f8:a5:9e:af:62:16:d5:1b:93:8d:41:ce:81:b0:
e5:1a:6d:94:cf:dc:30:96:33:9a:7c:28:da:bc:ab:11:7f:76:
ca:6b:5f:92:44:9d:39:25:ce:e5:d9:f1:9a:a4:c8:14:49:f5:
f9:31:66:11:87:79:ed:c3:9d:64:17:97:96:f9:37:fe:3c:03:
7d:27:08:17:cc:90:2b:0e:af:01:fd:40:9f:00:2d:f1:6d:2b:
c8:8e:f8:2b:6d:3a:86:c9:3a:b4:36:b2:8b:75:c5:f1:6b:3c:
3d:56:6c:ae:b2:02:c8:7a:b7:9b:6d:8f:0d:bb:fb:cd:72:53:
8f:ae:2b:54:f5:4f:97:e0:d0:49:de:8b:d8:f5:14:17:eb:aa:
eb:0e:b2:6f:67:8c:8b:2b:39:4e:7c:f2:90:95:2e:27:a1:a3:
51:d2:3e:b3:21:7f:b8:15:eb:cf:03:29:4a:fb:ac:27:99:2a:
64:d8:21:98:c4:7a:74:e1:42:8b:72:c5:0e:b6:46:62:23:9a:
df:0d:61:45:55:0d:56:6e:93:0d:2e:a1:47:82:0e:27:7d:dd:
44:27:57:04:d9:7d:57:80:71:22:2f:67:29:f7:09:dc:75:3a:
cc:c7:a5:01
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZCTsbHe3phLVM83XD8PFFceMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyM2ViODQ5ZTBiNjk0MGU0ZmY1NDdkZTBiNDFiMDAzZjll
MTEwNWMwHhcNMjQwNzA4MTg1MzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjk3ZDY5ZDM0OTdhYjEyNzViZWM1MTk3NzE1ZDUyZTZhZWE1ZTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszlUkkBg5/iIX2Fb8UwyZzTOGbzF
eOZ87j7nkNBqDQIsMHg6Q4jCYGQdJA8fzZItslTae7ZdCsveSS/oQEGoNS4YYNkl
P+5y4/nthaF+x6IRMdXOnU+ZM7TgahqFjuHfufW4s1BbPcQnCzKYC/PGQAPkUuyl
OUVE13+yfFjDGA8aCeso+2bhZFw1S7JMLwxQdtiQEZxzcsSwRWJScNiKZvcCmdwf
FIabQ7K+jIDZKI0PBY1/33LffpIQVO1KnwL5U9fo5o128FdPaRkEjIbB/1+KNeS5
L0jYOiRo+knGB3TVeyYlDCYVKAJLJK7b96wZiVmOiOVsxuv9xudZmJAO1wIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFOuX1p00l6sSdb7FGXcV1S5q6l5DMB8GA1UdIwQY
MBaAFLI+uEngtpQOT/VH3gtBsAP54RBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2o2NFNlQzJsQTVQOVVmZUMwR3dBX25oRUZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8xMWJmMmUtYjU4YS00YTMxLTg5YzAt
MTU1ZjQyZGNhYTczLzEvNjVmV25UU1hxeEoxdnNVWmR4WFZMbXJxWGtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8xMWJmMmUtYjU4YS00YTMxLTg5YzAtMTU1ZjQyZGNhYTcz
LzEvc2o2NFNlQzJsQTVQOVVmZUMwR3dBX25oRUZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwHD5gME
AMPmEjANBgkqhkiG9w0BAQsFAAOCAQEAa3wqhj5NTVGTgW6CK9m5WC7drGMgi/il
nq9iFtUbk41BzoGw5RptlM/cMJYzmnwo2ryrEX92ymtfkkSdOSXO5dnxmqTIFEn1
+TFmEYd57cOdZBeXlvk3/jwDfScIF8yQKw6vAf1AnwAt8W0ryI74K206hsk6tDay
i3XF8Ws8PVZsrrICyHq3m22PDbv7zXJTj64rVPVPl+DQSd6L2PUUF+uq6w6yb2eM
iys5TnzykJUuJ6GjUdI+syF/uBXrzwMpSvusJ5kqZNghmMR6dOFCi3LFDrZGYiOa
3w1hRVUNVm6TDS6hR4IOJ33dRCdXBNl9V4BxIi9nKfcJ3HU6zMelAQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:09:47 2024 by rpki-client on console-ams.rpki-client.org