Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/wV2hMqn8--wHpBEbgaRSZAS6VEw.roa
File: wV2hMqn8--wHpBEbgaRSZAS6VEw.roa (raw, json)
Hash identifier: NE7dVcimL4Aoaoq8ftpQKtBVb7Y7IQeKfPD0Yypog2U=
Subject key identifier: C1:5D:A1:32:A9:FC:FB:EC:07:A4:11:1B:81:A4:52:64:04:BA:54:4C
Certificate issuer: /CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Certificate serial: 018CC9BC3AC6F7427783C3E32B7E777BF080
Authority key identifier: A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/wV2hMqn8--wHpBEbgaRSZAS6VEw.roa
Signing time: Tue 02 Jan 2024 10:33:25 +0000
ROA not before: Tue 02 Jan 2024 10:33:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34393
IP address blocks: 95.215.20.0/22 maxlen: 22
95.215.24.0/21 maxlen: 21
195.177.64.0/22 maxlen: 22
195.177.84.0/22 maxlen: 22
2001:67c:2f64::/48 maxlen: 48
2a0e:c980::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/qBGiyfyN6WebsVhYGxDOrukf95E.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/qBGiyfyN6WebsVhYGxDOrukf95E.mft
rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:3a:c6:f7:42:77:83:c3:e3:2b:7e:77:7b:f0:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Validity
Not Before: Jan 2 10:33:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c15da132a9fcfbec07a4111b81a4526404ba544c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:bc:1d:b3:bc:c3:4a:47:9e:d8:67:1a:46:19:
8e:c5:fb:ea:9a:db:4c:15:a6:82:96:62:9a:0a:c8:
de:af:81:8e:d2:13:7f:2d:e5:fc:e1:0c:e2:a2:c4:
46:11:b0:59:3c:fc:45:d9:fb:08:20:e4:01:d9:f4:
1f:53:19:f7:83:ec:66:b0:39:ac:55:23:5d:93:9c:
48:c6:29:2a:d7:31:22:0f:ec:7b:bd:82:00:bb:10:
6c:7e:99:2a:15:22:73:a2:de:3a:22:21:52:34:44:
5a:f5:3f:a4:20:3f:75:61:31:96:7f:55:96:c0:99:
e2:e5:72:d3:2f:8d:51:63:43:fe:40:de:54:87:cf:
27:42:66:3a:a2:dc:00:02:bb:01:a3:02:92:a4:85:
48:45:3d:a3:af:48:0f:8a:55:31:c0:0a:b7:27:29:
c6:79:fa:b1:db:49:26:57:70:ff:d5:72:a4:26:ed:
76:d3:55:66:0c:86:6d:e2:7a:9b:f7:73:61:59:30:
81:14:cb:41:c8:e7:39:b0:4d:b3:46:d6:42:e6:7a:
c0:03:b3:e6:1a:02:69:f6:17:45:36:34:e9:a1:df:
3b:44:e3:61:34:fb:ec:dd:b0:b9:86:09:d0:a1:b0:
25:d8:76:09:dc:04:cb:ac:fb:09:0f:ef:c4:22:35:
c6:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:5D:A1:32:A9:FC:FB:EC:07:A4:11:1B:81:A4:52:64:04:BA:54:4C
X509v3 Authority Key Identifier:
keyid:A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/wV2hMqn8--wHpBEbgaRSZAS6VEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/qBGiyfyN6WebsVhYGxDOrukf95E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.215.20.0-95.215.31.255
195.177.64.0/22
195.177.84.0/22
IPv6:
2001:67c:2f64::/48
2a0e:c980::/29
Signature Algorithm: sha256WithRSAEncryption
14:f7:c1:c7:76:03:24:b1:31:41:29:e7:54:e5:5c:28:94:22:
f7:52:3a:ee:33:39:a2:8c:e2:f5:b4:bf:25:c2:45:5f:f0:10:
0a:ac:dd:47:ea:89:30:62:34:b7:6b:a2:66:b6:b9:3a:c1:26:
b1:db:0f:62:e4:6f:4f:db:52:1d:e7:54:ea:1d:c8:8e:11:c0:
e7:1b:e3:00:07:21:55:da:de:17:21:3d:e4:89:91:1f:e6:16:
4e:02:bb:03:fd:3c:2b:ae:e2:0b:ae:20:bc:ea:2d:46:5a:78:
6d:b7:1e:a6:8e:58:22:22:c7:fa:c4:19:eb:9e:c6:fd:df:04:
ed:5a:9e:28:29:c6:59:02:6d:20:92:39:28:64:f7:4e:68:6e:
6d:c7:09:b1:bf:1a:13:99:17:17:b7:f1:98:ea:55:f6:39:0e:
d8:0d:c0:9c:08:11:d5:69:57:23:74:15:9c:95:05:c6:8a:ff:
f8:4f:a9:f4:8b:54:1a:64:40:ed:af:96:29:7f:38:54:66:af:
28:26:f7:9a:b9:7b:70:b9:ac:14:6f:39:0d:4a:0d:e4:08:94:
e8:e2:55:a5:cd:28:00:ce:48:b6:ef:05:6e:db:ee:87:a5:df:
b3:76:90:b0:c4:d2:57:11:bd:d3:58:ac:d1:e4:b6:e6:8c:a6:
fd:24:31:91
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzJvDrG90J3g8PjK353e/CAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MTFhMmM5ZmM4ZGU5Njc5YmIxNTg1ODFiMTBjZWFlZTkx
ZmY3OTEwHhcNMjQwMTAyMTAzMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTVkYTEzMmE5ZmNmYmVjMDdhNDExMWI4MWE0NTI2NDA0YmE1NDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLwds7zDSkee2GcaRhmOxfvqmttM
FaaClmKaCsjer4GO0hN/LeX84QziosRGEbBZPPxF2fsIIOQB2fQfUxn3g+xmsDms
VSNdk5xIxikq1zEiD+x7vYIAuxBsfpkqFSJzot46IiFSNERa9T+kID91YTGWf1WW
wJni5XLTL41RY0P+QN5Uh88nQmY6otwAArsBowKSpIVIRT2jr0gPilUxwAq3JynG
efqx20kmV3D/1XKkJu1201VmDIZt4nqb93NhWTCBFMtByOc5sE2zRtZC5nrAA7Pm
GgJp9hdFNjTpod87RONhNPvs3bC5hgnQobAl2HYJ3ATLrPsJD+/EIjXGDQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFMFdoTKp/PvsB6QRG4GkUmQEulRMMB8GA1UdIwQY
MBaAFKgRosn8jelnm7FYWBsQzq7pH/eRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUJHaXlmeU42V2Vic1ZoWUd4RE9ydWtmOTVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8xZGVjYjMtMTU5My00NWRiLWFmNTYt
MGNjNGMwMDAwODU4LzEvd1YyaE1xbjgtLXdIcEJFYmdhUlNaQVM2VkV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8xZGVjYjMtMTU5My00NWRiLWFmNTYtMGNjNGMwMDAwODU4
LzEvcUJHaXlmeU42V2Vic1ZoWUd4RE9ydWtmOTVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAgBAIAATAaMAwDBAJf1xQD
BAVf1wADBALDsUADBALDsVQwFgQCAAIwEAMHACABBnwvZAMFAyoOyYAwDQYJKoZI
hvcNAQELBQADggEBABT3wcd2AySxMUEp51TlXCiUIvdSOu4zOaKM4vW0vyXCRV/w
EAqs3UfqiTBiNLdroma2uTrBJrHbD2Lkb0/bUh3nVOodyI4RwOcb4wAHIVXa3hch
PeSJkR/mFk4CuwP9PCuu4guuILzqLUZaeG23HqaOWCIix/rEGeuexv3fBO1anigp
xlkCbSCSOShk905obm3HCbG/GhOZFxe38ZjqVfY5DtgNwJwIEdVpVyN0FZyVBcaK
//hPqfSLVBpkQO2vlil/OFRmrygm95q5e3C5rBRvOQ1KDeQIlOjiVaXNKADOSLbv
BW7b7oel37N2kLDE0lcRvdNYrNHktuaMpv0kMZE=
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:51:14 2024 by rpki-client on console-fra.rpki-client.org