Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/05a1ca-33c5-4aef-9c9a-f50fd99373ec/1/nZl9d6u8qHTu-EBTlVttvy-LnjM.roa
File: nZl9d6u8qHTu-EBTlVttvy-LnjM.roa (raw, json)
Hash identifier: nOOBqmgGupDyTYFWJNCFdwccyXyIlpVnP/XaC9Os81w=
Subject key identifier: 9D:99:7D:77:AB:BC:A8:74:EE:F8:40:53:95:5B:6D:BF:2F:8B:9E:33
Certificate issuer: /CN=7e5555f1a2cee89b7134656086f054d796353c1e
Certificate serial: 018CC5000DD900D0735C786D329CE1F54C8C
Authority key identifier: 7E:55:55:F1:A2:CE:E8:9B:71:34:65:60:86:F0:54:D7:96:35:3C:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/flVV8aLO6JtxNGVghvBU15Y1PB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/05a1ca-33c5-4aef-9c9a-f50fd99373ec/1/nZl9d6u8qHTu-EBTlVttvy-LnjM.roa
Signing time: Mon 01 Jan 2024 12:29:24 +0000
ROA not before: Mon 01 Jan 2024 12:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25577
IP address blocks: 195.135.208.0/22 maxlen: 22
195.210.54.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/05a1ca-33c5-4aef-9c9a-f50fd99373ec/1/flVV8aLO6JtxNGVghvBU15Y1PB4.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/05a1ca-33c5-4aef-9c9a-f50fd99373ec/1/flVV8aLO6JtxNGVghvBU15Y1PB4.mft
rsync://rpki.ripe.net/repository/DEFAULT/flVV8aLO6JtxNGVghvBU15Y1PB4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:0d:d9:00:d0:73:5c:78:6d:32:9c:e1:f5:4c:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e5555f1a2cee89b7134656086f054d796353c1e
Validity
Not Before: Jan 1 12:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d997d77abbca874eef84053955b6dbf2f8b9e33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:6d:c9:ed:73:c4:6c:32:b0:8c:8d:67:42:d3:
d3:10:24:9d:33:94:0f:89:36:6a:52:1e:0a:59:30:
69:a6:e9:35:89:92:13:50:19:2d:4a:66:42:bd:54:
87:9c:98:ee:82:58:36:04:1c:fd:10:71:11:fe:c0:
86:16:a7:c3:b6:4d:cc:a2:f2:80:35:73:ee:75:22:
c3:c3:62:0d:4f:a4:f7:26:82:58:f2:ea:2b:33:1e:
07:07:00:db:85:b3:3b:44:7a:4e:53:e6:60:c3:cf:
ed:fb:cf:24:a4:5c:bd:ed:57:68:42:c3:1a:cd:95:
1e:86:d7:f1:8c:02:cc:b4:4c:6f:74:1b:4c:d7:2f:
6b:0c:a2:26:f6:bb:dc:19:eb:89:1c:9f:3d:95:36:
ea:d6:c2:5f:58:b4:4b:fc:1a:c7:33:dd:1d:c2:5d:
37:81:4e:67:59:13:69:42:0d:2e:15:2e:13:be:14:
cc:24:1f:61:41:34:57:22:e3:98:3c:6b:47:5d:05:
af:2b:43:1f:ed:19:2d:46:be:5b:e5:bb:25:f4:ee:
fe:81:a5:58:78:fd:df:cf:26:07:ed:a9:3d:76:5b:
fe:5e:d6:c4:d5:79:5e:f4:b6:a4:ce:52:ae:15:e6:
80:e6:12:4c:5d:22:65:c1:8c:c6:e3:7a:a7:30:56:
0b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:99:7D:77:AB:BC:A8:74:EE:F8:40:53:95:5B:6D:BF:2F:8B:9E:33
X509v3 Authority Key Identifier:
keyid:7E:55:55:F1:A2:CE:E8:9B:71:34:65:60:86:F0:54:D7:96:35:3C:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/flVV8aLO6JtxNGVghvBU15Y1PB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/05a1ca-33c5-4aef-9c9a-f50fd99373ec/1/nZl9d6u8qHTu-EBTlVttvy-LnjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/05a1ca-33c5-4aef-9c9a-f50fd99373ec/1/flVV8aLO6JtxNGVghvBU15Y1PB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.135.208.0/22
195.210.54.0/23
Signature Algorithm: sha256WithRSAEncryption
96:48:91:9b:7b:b2:53:24:42:42:dc:c2:9f:3d:84:cb:45:bf:
9f:c9:9c:0f:b4:8a:cd:28:6f:68:3b:96:09:49:c3:94:31:89:
5a:33:f8:db:87:93:a5:cd:1e:ce:79:52:33:d5:22:da:05:35:
cf:98:44:34:8d:91:2a:f4:ae:20:f5:4c:16:f1:2e:5e:e9:49:
0a:7f:d6:4f:d8:d0:46:6b:fc:b0:7e:be:7b:d1:24:3b:8e:2f:
41:ee:c5:cf:8a:fd:a4:3c:37:73:d6:b2:97:c0:a7:ab:b6:66:
b8:08:b9:3e:c3:aa:aa:f2:66:a5:0d:2a:35:8b:8a:5e:e6:88:
b9:45:00:f8:83:c9:ad:a7:21:1e:cd:0c:03:6b:30:fa:b1:94:
2b:41:0f:d0:f7:8a:db:35:0a:1a:03:da:de:a9:d2:68:84:af:
9a:e7:2b:96:8e:f8:b2:63:7c:00:70:49:cf:aa:23:f0:ea:39:
d2:c4:9e:14:df:1d:5c:64:b7:3d:de:03:ba:52:8a:b5:4f:3f:
00:6c:00:09:4f:7a:2a:33:47:a8:b4:01:f2:fd:fa:3b:63:03:
f9:02:9f:77:65:97:01:8a:51:8e:3c:46:14:20:70:9a:21:25:
13:76:09:bd:42:51:2d:96:fd:9b:a9:3d:fd:a6:c0:92:03:6a:
dd:d5:2b:2e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFAA3ZANBzXHhtMpzh9UyMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlNTU1NWYxYTJjZWU4OWI3MTM0NjU2MDg2ZjA1NGQ3OTYz
NTNjMWUwHhcNMjQwMTAxMTIyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDk5N2Q3N2FiYmNhODc0ZWVmODQwNTM5NTViNmRiZjJmOGI5ZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2G3J7XPEbDKwjI1nQtPTECSdM5QP
iTZqUh4KWTBppuk1iZITUBktSmZCvVSHnJjuglg2BBz9EHER/sCGFqfDtk3MovKA
NXPudSLDw2INT6T3JoJY8uorMx4HBwDbhbM7RHpOU+Zgw8/t+88kpFy97VdoQsMa
zZUehtfxjALMtExvdBtM1y9rDKIm9rvcGeuJHJ89lTbq1sJfWLRL/BrHM90dwl03
gU5nWRNpQg0uFS4TvhTMJB9hQTRXIuOYPGtHXQWvK0Mf7RktRr5b5bsl9O7+gaVY
eP3fzyYH7ak9dlv+XtbE1Xle9LakzlKuFeaA5hJMXSJlwYzG43qnMFYLQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ2ZfXervKh07vhAU5Vbbb8vi54zMB8GA1UdIwQY
MBaAFH5VVfGizuibcTRlYIbwVNeWNTweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmxWVjhhTE82SnR4TkdWZ2h2QlUxNVkxUEI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8wNWExY2EtMzNjNS00YWVmLTljOWEt
ZjUwZmQ5OTM3M2VjLzEvblpsOWQ2dThxSFR1LUVCVGxWdHR2eS1MbmpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8wNWExY2EtMzNjNS00YWVmLTljOWEtZjUwZmQ5OTM3M2Vj
LzEvZmxWVjhhTE82SnR4TkdWZ2h2QlUxNVkxUEI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCw4fQAwQB
w9I2MA0GCSqGSIb3DQEBCwUAA4IBAQCWSJGbe7JTJEJC3MKfPYTLRb+fyZwPtIrN
KG9oO5YJScOUMYlaM/jbh5OlzR7OeVIz1SLaBTXPmEQ0jZEq9K4g9UwW8S5e6UkK
f9ZP2NBGa/ywfr570SQ7ji9B7sXPiv2kPDdz1rKXwKertma4CLk+w6qq8malDSo1
i4pe5oi5RQD4g8mtpyEezQwDazD6sZQrQQ/Q94rbNQoaA9reqdJohK+a5yuWjviy
Y3wAcEnPqiPw6jnSxJ4U3x1cZLc93gO6Uoq1Tz8AbAAJT3oqM0eotAHy/fo7YwP5
Ap93ZZcBilGOPEYUIHCaISUTdgm9QlEtlv2bqT39psCSA2rd1Ssu
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:03:50 2024 by rpki-client on console-fra.rpki-client.org