Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/bXgx8l_gJyZ7vQo8YBqUlMpa5MQ.roa
File: bXgx8l_gJyZ7vQo8YBqUlMpa5MQ.roa (raw, json)
Hash identifier: pAfwoE/kzqpfvMGe8tbS+xHEUrQjp2YsKLVS2rm22uM=
Subject key identifier: 6D:78:31:F2:5F:E0:27:26:7B:BD:0A:3C:60:1A:94:94:CA:5A:E4:C4
Certificate issuer: /CN=2956584b70ce847c1a9b400548b14db031bedff2
Certificate serial: 01904E38A88D6D0723B2EE1DEEFB25064CDC
Authority key identifier: 29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/bXgx8l_gJyZ7vQo8YBqUlMpa5MQ.roa
Signing time: Tue 25 Jun 2024 07:07:34 +0000
ROA not before: Tue 25 Jun 2024 07:07:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48678
IP address blocks: 195.24.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4e:38:a8:8d:6d:07:23:b2:ee:1d:ee:fb:25:06:4c:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2956584b70ce847c1a9b400548b14db031bedff2
Validity
Not Before: Jun 25 07:07:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d7831f25fe027267bbd0a3c601a9494ca5ae4c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:7e:e0:d2:05:84:99:f7:a6:c5:f7:15:51:d0:
92:32:d9:25:76:bf:76:9f:32:ff:03:01:b9:f5:35:
9b:09:95:45:8c:0e:2c:90:0f:86:7f:5c:26:2d:d5:
50:1b:8a:4f:e5:ca:d4:61:fc:ee:b4:e6:bf:b8:2a:
6d:cf:b3:6f:77:0c:b6:f1:12:79:db:e5:f9:ee:f4:
7a:3c:3d:4a:42:ba:e7:c2:c5:91:ed:63:b8:f0:68:
0f:73:12:28:22:5d:99:09:2e:9c:23:9d:94:47:07:
71:d5:e7:c4:d2:a9:b7:05:42:bc:79:62:6c:ae:93:
05:8f:4a:15:f7:46:db:16:b8:7e:1c:6a:85:dd:28:
65:18:b5:67:09:21:1e:33:e3:a3:48:6e:81:73:15:
7b:6d:c0:a8:b2:0c:b2:c6:cb:b8:ad:1b:aa:9c:71:
b6:11:b1:c0:c9:d9:55:f8:64:b7:7a:31:db:c7:9a:
1f:78:12:e7:47:bb:db:7e:39:29:b0:10:4a:92:08:
2e:6a:d6:bb:0d:84:b3:9b:a9:1d:c3:dc:f9:a2:c7:
a7:3b:69:57:d8:f7:d6:3a:65:40:2f:d4:d6:d9:6a:
22:f3:40:94:31:29:49:80:e7:a2:92:c6:44:f5:29:
8a:54:ca:f4:59:ff:0c:fd:16:25:82:5f:4f:a4:7a:
4a:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:78:31:F2:5F:E0:27:26:7B:BD:0A:3C:60:1A:94:94:CA:5A:E4:C4
X509v3 Authority Key Identifier:
keyid:29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/bXgx8l_gJyZ7vQo8YBqUlMpa5MQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.24.232.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:44:17:25:39:b2:17:6a:d0:d9:d8:12:04:d7:62:b6:45:d0:
7f:be:bb:ff:71:61:bf:75:77:b3:50:e2:1c:c2:b7:2f:ff:d9:
68:1c:2e:50:9e:aa:37:ac:9b:3e:95:61:8c:01:55:d7:0b:67:
92:8e:e4:5a:77:38:23:c5:e6:e8:cf:44:49:96:d4:8a:97:6e:
b6:f2:d7:b7:df:49:13:40:fe:d2:23:6c:7d:67:f9:61:d0:01:
a6:20:81:d8:96:b8:f5:69:a7:b8:20:1d:6a:4a:62:b2:bd:85:
8c:7e:74:f1:1e:28:95:db:a5:9c:68:e3:9e:90:1a:0e:2b:a4:
22:d1:00:9f:0b:4a:ba:66:55:7b:4e:00:af:76:29:6e:09:7c:
42:3a:2d:26:98:7c:54:78:db:34:d0:ff:c5:0f:1e:2a:01:f6:
83:44:3a:7c:71:f1:12:96:ee:b1:1e:af:cb:c1:f4:51:06:48:
67:09:fc:9e:27:db:a9:5d:2d:99:d2:af:e8:b4:a0:d9:04:7a:
93:bf:9d:27:25:cc:55:e9:5f:13:14:8f:99:4f:3a:f7:19:6a:
49:5b:b6:df:08:0a:31:ba:2b:1d:08:be:92:e7:ec:c9:75:7f:
fe:a5:9e:d0:82:2f:0c:b7:82:b1:95:3c:24:44:bf:ab:43:81:
bf:f2:66:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBOOKiNbQcjsu4d7vslBkzcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NTY1ODRiNzBjZTg0N2MxYTliNDAwNTQ4YjE0ZGIwMzFi
ZWRmZjIwHhcNMjQwNjI1MDcwNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDc4MzFmMjVmZTAyNzI2N2JiZDBhM2M2MDFhOTQ5NGNhNWFlNGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5n7g0gWEmfemxfcVUdCSMtkldr92
nzL/AwG59TWbCZVFjA4skA+Gf1wmLdVQG4pP5crUYfzutOa/uCptz7Nvdwy28RJ5
2+X57vR6PD1KQrrnwsWR7WO48GgPcxIoIl2ZCS6cI52URwdx1efE0qm3BUK8eWJs
rpMFj0oV90bbFrh+HGqF3ShlGLVnCSEeM+OjSG6BcxV7bcCosgyyxsu4rRuqnHG2
EbHAydlV+GS3ejHbx5ofeBLnR7vbfjkpsBBKkgguata7DYSzm6kdw9z5osenO2lX
2PfWOmVAL9TW2Woi80CUMSlJgOeiksZE9SmKVMr0Wf8M/RYlgl9PpHpKJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG14MfJf4Ccme70KPGAalJTKWuTEMB8GA1UdIwQY
MBaAFClWWEtwzoR8GptABUixTbAxvt/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAt
MDZiNDFlZjEzOThkLzEvYlhneDhsX2dKeVo3dlFvOFlCcVVsTXBhNU1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAtMDZiNDFlZjEzOThk
LzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxjoMA0G
CSqGSIb3DQEBCwUAA4IBAQAbRBclObIXatDZ2BIE12K2RdB/vrv/cWG/dXezUOIc
wrcv/9loHC5Qnqo3rJs+lWGMAVXXC2eSjuRadzgjxeboz0RJltSKl2628te330kT
QP7SI2x9Z/lh0AGmIIHYlrj1aae4IB1qSmKyvYWMfnTxHiiV26WcaOOekBoOK6Qi
0QCfC0q6ZlV7TgCvdiluCXxCOi0mmHxUeNs00P/FDx4qAfaDRDp8cfESlu6xHq/L
wfRRBkhnCfyeJ9upXS2Z0q/otKDZBHqTv50nJcxV6V8TFI+ZTzr3GWpJW7bfCAox
uisdCL6S5+zJdX/+pZ7Qgi8Mt4KxlTwkRL+rQ4G/8mai
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:37:56 2024 by rpki-client on console-fra.rpki-client.org