Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/2tpHWzCwMZ38mQ-VM1cE2R0QXi4.roa
File: 2tpHWzCwMZ38mQ-VM1cE2R0QXi4.roa (raw, json)
Hash identifier: 7QkrRRfYJ+ZiX3aOJO1rNHu++xUZatE+ofPl5J+eWlk=
Subject key identifier: DA:DA:47:5B:30:B0:31:9D:FC:99:0F:95:33:57:04:D9:1D:10:5E:2E
Certificate issuer: /CN=2956584b70ce847c1a9b400548b14db031bedff2
Certificate serial: 018EC6FD1EA11BDB9C14B2914D18023301CD
Authority key identifier: 29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/2tpHWzCwMZ38mQ-VM1cE2R0QXi4.roa
Signing time: Wed 10 Apr 2024 07:51:00 +0000
ROA not before: Wed 10 Apr 2024 07:51:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50225
IP address blocks: 195.24.232.0/24 maxlen: 24
2a12:2500::/29 maxlen: 29
2a12:2700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c6:fd:1e:a1:1b:db:9c:14:b2:91:4d:18:02:33:01:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2956584b70ce847c1a9b400548b14db031bedff2
Validity
Not Before: Apr 10 07:51:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dada475b30b0319dfc990f95335704d91d105e2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:2f:78:1c:45:92:e4:4a:f1:6c:c2:6a:85:d8:
01:08:a6:39:fb:93:22:6e:88:50:e4:bb:8e:a4:fe:
1c:4a:f5:aa:ba:98:a7:2e:55:f7:10:20:91:b1:e1:
60:b5:20:5b:0f:d0:58:4b:d5:88:27:d6:b5:c7:50:
c5:cc:69:5c:4b:6f:80:b0:fc:d9:35:1f:0a:72:1d:
c6:33:bb:fd:0e:1a:18:46:00:c3:e5:e6:94:fc:43:
cf:1b:42:f2:48:45:8f:49:01:97:cb:71:db:a2:3f:
ee:7d:79:79:d9:1f:f1:f1:0b:5d:fa:7b:03:7b:54:
6b:9c:07:c6:f3:76:4d:61:20:27:8a:06:d5:60:91:
3d:93:26:a3:af:65:8d:39:9d:8c:30:ab:9a:b6:b9:
4c:e9:fd:67:a0:9f:5b:ad:ef:91:6b:97:5b:ce:21:
01:56:cf:41:0a:04:6a:28:b5:2d:2e:e7:b6:82:8c:
5d:a2:34:a7:25:b0:44:7a:d2:2d:f6:db:f9:d0:e5:
8e:0f:95:3e:1a:fb:58:2a:d7:e8:9c:f5:af:92:0d:
66:b6:63:d9:98:a4:c5:19:17:17:cf:ab:91:09:fb:
4f:f8:24:05:e6:e9:3e:7a:72:3b:f0:6e:f1:49:9e:
4f:1d:26:d7:01:ce:a8:3e:30:3c:78:85:a7:b8:52:
30:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:DA:47:5B:30:B0:31:9D:FC:99:0F:95:33:57:04:D9:1D:10:5E:2E
X509v3 Authority Key Identifier:
keyid:29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/2tpHWzCwMZ38mQ-VM1cE2R0QXi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.24.232.0/24
IPv6:
2a12:2500::/29
2a12:2700::/29
Signature Algorithm: sha256WithRSAEncryption
21:27:fe:dd:44:69:1f:16:d1:ae:c3:1e:c4:43:e6:23:f6:be:
56:98:2b:38:16:8a:9d:d9:a3:fb:eb:6e:98:40:04:8a:8f:1e:
f7:fc:24:0a:a5:b3:e9:1f:2d:a0:e2:4f:64:bc:61:df:44:cc:
41:88:13:7e:9e:1f:e6:a2:96:7d:e7:a7:6d:b6:bb:f6:58:4a:
28:38:3f:df:ee:05:24:79:93:6d:b3:a3:94:24:bf:36:da:8f:
dc:32:75:67:d4:78:aa:41:a7:de:b3:f9:02:a9:3a:7c:b4:76:
bc:0b:44:aa:70:2c:9a:f3:f7:06:2d:d4:c9:8d:63:e6:e8:0b:
ec:0a:83:58:bc:18:4c:a1:13:47:97:24:40:14:f5:b0:52:24:
e0:dd:7c:48:f2:00:65:6c:c0:db:15:c2:96:f6:c3:8f:ba:0a:
47:45:01:aa:3a:34:47:2d:8d:59:d2:2b:2c:02:61:9f:52:aa:
4a:e4:b0:ef:34:43:fd:5b:bb:4f:c3:3a:1d:c0:dc:6f:d0:8b:
df:6e:97:b3:32:d7:77:d8:1a:4a:26:91:07:7a:78:cb:84:15:
b0:78:0b:46:9c:cb:ca:04:ff:d9:fd:e5:a3:16:6d:d5:40:4e:
46:2e:ec:56:93:28:d6:8f:f5:c3:2f:83:83:b0:65:83:56:55:
02:a7:5b:68
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY7G/R6hG9ucFLKRTRgCMwHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NTY1ODRiNzBjZTg0N2MxYTliNDAwNTQ4YjE0ZGIwMzFi
ZWRmZjIwHhcNMjQwNDEwMDc1MTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWRhNDc1YjMwYjAzMTlkZmM5OTBmOTUzMzU3MDRkOTFkMTA1ZTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgC94HEWS5ErxbMJqhdgBCKY5+5Mi
bohQ5LuOpP4cSvWqupinLlX3ECCRseFgtSBbD9BYS9WIJ9a1x1DFzGlcS2+AsPzZ
NR8Kch3GM7v9DhoYRgDD5eaU/EPPG0LySEWPSQGXy3Hboj/ufXl52R/x8Qtd+nsD
e1RrnAfG83ZNYSAnigbVYJE9kyajr2WNOZ2MMKuatrlM6f1noJ9bre+Ra5dbziEB
Vs9BCgRqKLUtLue2goxdojSnJbBEetIt9tv50OWOD5U+GvtYKtfonPWvkg1mtmPZ
mKTFGRcXz6uRCftP+CQF5uk+enI78G7xSZ5PHSbXAc6oPjA8eIWnuFIwFQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFNraR1swsDGd/JkPlTNXBNkdEF4uMB8GA1UdIwQY
MBaAFClWWEtwzoR8GptABUixTbAxvt/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAt
MDZiNDFlZjEzOThkLzEvMnRwSFd6Q3dNWjM4bVEtVk0xY0UyUjBRWGk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAtMDZiNDFlZjEzOThk
LzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQAwxjoMBQE
AgACMA4DBQMqEiUAAwUDKhInADANBgkqhkiG9w0BAQsFAAOCAQEAISf+3URpHxbR
rsMexEPmI/a+VpgrOBaKndmj++tumEAEio8e9/wkCqWz6R8toOJPZLxh30TMQYgT
fp4f5qKWfeenbba79lhKKDg/3+4FJHmTbbOjlCS/NtqP3DJ1Z9R4qkGn3rP5Aqk6
fLR2vAtEqnAsmvP3Bi3UyY1j5ugL7AqDWLwYTKETR5ckQBT1sFIk4N18SPIAZWzA
2xXClvbDj7oKR0UBqjo0Ry2NWdIrLAJhn1KqSuSw7zRD/Vu7T8M6HcDcb9CL326X
szLXd9gaSiaRB3p4y4QVsHgLRpzLygT/2f3loxZt1UBORi7sVpMo1o/1wy+Dg7Bl
g1ZVAqdbaA==
-----END CERTIFICATE-----
Generated at Fri May 17 20:10:49 2024 by rpki-client on console-ams.rpki-client.org