Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/qLX5pl0nHD9CtP61VlWI8P7V0BA.roa
File: qLX5pl0nHD9CtP61VlWI8P7V0BA.roa (raw, json)
Hash identifier: 8xg5DWHnPxE1h3CxQQRtDmjqiAE+sviUoH0K61D7svs=
Subject key identifier: A8:B5:F9:A6:5D:27:1C:3F:42:B4:FE:B5:56:55:88:F0:FE:D5:D0:10
Certificate issuer: /CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Certificate serial: 018CC94D7C65FC4176171C3047DC65267885
Authority key identifier: 23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/qLX5pl0nHD9CtP61VlWI8P7V0BA.roa
Signing time: Tue 02 Jan 2024 08:32:27 +0000
ROA not before: Tue 02 Jan 2024 08:32:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205364
IP address blocks: 195.230.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/I3ikqcUjJahZIICboaTYniHALxc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/I3ikqcUjJahZIICboaTYniHALxc.mft
rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 11:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:7c:65:fc:41:76:17:1c:30:47:dc:65:26:78:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Validity
Not Before: Jan 2 08:32:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8b5f9a65d271c3f42b4feb5565588f0fed5d010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ce:c5:ef:7a:28:3a:b8:55:e5:4d:16:c0:00:
d0:8f:57:1a:3b:0a:e1:6f:d2:c2:7a:a0:25:62:cf:
28:cd:ef:e9:2f:e2:c8:dc:0a:fc:1c:06:fb:5d:5d:
73:3f:45:ea:86:93:56:2b:06:0a:98:61:5a:95:4e:
da:69:39:32:39:17:d4:00:70:7c:de:5a:5d:c8:e7:
e1:73:a0:31:32:59:49:5b:56:1b:c3:34:05:54:2c:
6d:70:13:3a:1e:b4:95:61:78:28:0a:05:82:35:5a:
ce:48:5d:2c:5b:9c:d6:1b:2e:3a:a0:3b:0c:25:ac:
cf:f7:3e:23:59:8d:89:fd:fe:e8:b1:33:5e:70:6a:
83:c6:65:ad:67:f9:ad:13:6e:c6:dd:b6:b2:11:8a:
94:d3:72:70:15:bf:03:fa:e5:3a:f1:66:9c:ec:02:
bd:f4:96:e3:d7:e2:9f:6f:dc:25:2e:e1:98:e9:9f:
12:ee:a8:1e:ee:e5:a9:2d:8c:79:46:63:ca:14:bd:
0f:1c:dd:35:91:f6:6e:15:23:79:97:5d:61:93:fa:
35:64:71:c7:c2:1a:f8:31:d7:83:89:4e:62:40:66:
ac:aa:7b:26:4a:c9:1b:d5:90:02:84:89:93:78:f8:
e8:ec:2e:5c:f7:97:33:2d:f6:8b:99:6e:54:a1:23:
d8:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:B5:F9:A6:5D:27:1C:3F:42:B4:FE:B5:56:55:88:F0:FE:D5:D0:10
X509v3 Authority Key Identifier:
keyid:23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/qLX5pl0nHD9CtP61VlWI8P7V0BA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/I3ikqcUjJahZIICboaTYniHALxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.230.148.0/24
Signature Algorithm: sha256WithRSAEncryption
54:fe:c7:1f:65:a0:eb:33:1d:01:5c:97:02:54:f8:7c:b5:68:
a1:ec:74:d4:ee:82:de:5e:62:e5:90:2f:c3:da:87:5a:c7:1f:
bf:9b:e2:ec:cc:e3:cf:9e:67:e0:e3:d4:ac:2b:27:ca:aa:05:
86:27:e5:0c:f8:dd:47:51:bd:bd:16:dd:b1:3c:fc:de:2e:c4:
98:4a:67:84:49:3c:9f:2a:b0:b1:1a:36:00:ad:08:87:80:ea:
dd:73:9f:24:40:8d:32:27:76:2f:a0:3e:bb:24:3c:04:4f:f4:
a8:ed:b9:0f:9b:30:5f:44:ce:39:1e:93:13:8d:87:29:af:a2:
9f:26:29:ae:e5:1a:8d:ee:40:22:bc:d1:c2:24:17:ec:81:20:
36:17:92:85:1c:08:d0:64:38:f4:27:d6:9a:8b:26:76:53:cc:
e9:8c:fc:56:52:eb:a2:9d:ac:79:69:ca:3d:c4:02:46:c8:f9:
d6:58:41:3e:2f:db:d9:b9:37:25:9d:67:a8:a6:f4:94:54:80:
73:cc:9b:b3:84:cc:5d:ed:57:94:eb:a1:5f:d4:0a:8e:d1:98:
08:06:54:93:c7:e8:d1:07:14:ee:bb:f3:e2:58:cb:6a:33:71:
3b:c2:e2:c8:cf:a5:61:ce:6f:b1:89:2a:a2:2d:15:a1:51:cd:
7d:f5:72:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTXxl/EF2FxwwR9xlJniFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNzhhNGE5YzUyMzI1YTg1OTIwODA5YmExYTRkODllMjFj
MDJmMTcwHhcNMjQwMTAyMDgzMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGI1ZjlhNjVkMjcxYzNmNDJiNGZlYjU1NjU1ODhmMGZlZDVkMDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgc7F73ooOrhV5U0WwADQj1caOwrh
b9LCeqAlYs8oze/pL+LI3Ar8HAb7XV1zP0XqhpNWKwYKmGFalU7aaTkyORfUAHB8
3lpdyOfhc6AxMllJW1YbwzQFVCxtcBM6HrSVYXgoCgWCNVrOSF0sW5zWGy46oDsM
JazP9z4jWY2J/f7osTNecGqDxmWtZ/mtE27G3bayEYqU03JwFb8D+uU68Wac7AK9
9Jbj1+Kfb9wlLuGY6Z8S7qge7uWpLYx5RmPKFL0PHN01kfZuFSN5l11hk/o1ZHHH
whr4MdeDiU5iQGasqnsmSskb1ZAChImTePjo7C5c95czLfaLmW5UoSPYLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKi1+aZdJxw/QrT+tVZViPD+1dAQMB8GA1UdIwQY
MBaAFCN4pKnFIyWoWSCAm6Gk2J4hwC8XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNpa3FjVWpKYWhaSUlDYm9hVFluaUhBTHhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kNjU0YmUtMTc0ZS00MWY3LTljZmIt
OTM3ZTI3ZWUxYjViLzEvcUxYNXBsMG5IRDlDdFA2MVZsV0k4UDdWMEJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kNjU0YmUtMTc0ZS00MWY3LTljZmItOTM3ZTI3ZWUxYjVi
LzEvSTNpa3FjVWpKYWhaSUlDYm9hVFluaUhBTHhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+aUMA0G
CSqGSIb3DQEBCwUAA4IBAQBU/scfZaDrMx0BXJcCVPh8tWih7HTU7oLeXmLlkC/D
2odaxx+/m+LszOPPnmfg49SsKyfKqgWGJ+UM+N1HUb29Ft2xPPzeLsSYSmeESTyf
KrCxGjYArQiHgOrdc58kQI0yJ3YvoD67JDwET/So7bkPmzBfRM45HpMTjYcpr6Kf
Jimu5RqN7kAivNHCJBfsgSA2F5KFHAjQZDj0J9aaiyZ2U8zpjPxWUuuinax5aco9
xAJGyPnWWEE+L9vZuTclnWeopvSUVIBzzJuzhMxd7VeU66Ff1AqO0ZgIBlSTx+jR
BxTuu/PiWMtqM3E7wuLIz6Vhzm+xiSqiLRWhUc199XKD
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:40:06 2024 by rpki-client on console-ams.rpki-client.org