Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/b4c74a-e3b2-4e09-867c-f9967c3ad3e4/1/f2ucMYd3qJKsilduk7DK0LN-MKs.roa
File: f2ucMYd3qJKsilduk7DK0LN-MKs.roa (raw, json)
Hash identifier: du1a6n/60BqkqDDV6RnzE4PHLtlWPyj7LEGA8hUiyX4=
Subject key identifier: 7F:6B:9C:31:87:77:A8:92:AC:8A:57:6E:93:B0:CA:D0:B3:7E:30:AB
Certificate issuer: /CN=5643415c22e141972c0d7e76c24e88b22427b024
Certificate serial: 018CC2DB12E18B2E718F3BBBD2035010450C
Authority key identifier: 56:43:41:5C:22:E1:41:97:2C:0D:7E:76:C2:4E:88:B2:24:27:B0:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VkNBXCLhQZcsDX52wk6IsiQnsCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/b4c74a-e3b2-4e09-867c-f9967c3ad3e4/1/f2ucMYd3qJKsilduk7DK0LN-MKs.roa
Signing time: Mon 01 Jan 2024 02:29:46 +0000
ROA not before: Mon 01 Jan 2024 02:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8265
IP address blocks: 195.96.192.0/19 maxlen: 24
185.28.52.0/22 maxlen: 24
2a02:2888::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/b4c74a-e3b2-4e09-867c-f9967c3ad3e4/1/VkNBXCLhQZcsDX52wk6IsiQnsCQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/b4c74a-e3b2-4e09-867c-f9967c3ad3e4/1/VkNBXCLhQZcsDX52wk6IsiQnsCQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/VkNBXCLhQZcsDX52wk6IsiQnsCQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:12:e1:8b:2e:71:8f:3b:bb:d2:03:50:10:45:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5643415c22e141972c0d7e76c24e88b22427b024
Validity
Not Before: Jan 1 02:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f6b9c318777a892ac8a576e93b0cad0b37e30ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1e:d4:d6:ee:a8:62:bd:42:22:a6:37:ea:27:
09:bb:af:51:eb:43:bd:cd:a6:94:c4:93:e9:70:bd:
e7:bd:8e:d3:9c:f6:43:70:1e:d1:45:70:43:77:a8:
25:23:b6:69:4f:cb:5f:db:5f:82:56:d3:30:d3:de:
74:45:4a:62:75:98:da:95:59:95:13:e3:d2:6a:73:
26:64:33:2c:8b:28:46:25:53:4b:b4:fc:f8:1e:49:
03:8a:f9:4c:a9:b8:b4:37:c7:12:b6:cb:17:8d:0d:
0a:4d:1c:fd:91:80:d3:07:a9:b8:88:c9:a7:0c:5e:
f0:b3:7f:0f:9e:24:e1:97:05:5a:20:1f:b7:e5:c8:
d3:18:19:eb:20:f1:76:10:8d:e8:64:d8:39:bf:e7:
3c:54:24:e2:01:a0:91:f8:c5:ff:c6:1e:f1:0a:a5:
93:7f:96:56:7c:a5:b2:92:2a:0e:e4:cd:a1:52:f4:
92:d9:a7:3a:07:3b:b6:e9:44:dc:12:78:59:c9:ee:
42:d6:32:22:65:94:9a:98:8f:22:8d:76:b4:e4:b9:
b2:fa:51:ee:4a:a5:15:04:df:39:5f:ce:69:ba:8e:
34:3b:b9:9a:29:5c:26:c2:48:fc:ce:ff:98:35:f1:
a2:07:3c:4c:d1:c6:f3:fa:2c:66:8e:a7:2f:f0:bd:
94:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:6B:9C:31:87:77:A8:92:AC:8A:57:6E:93:B0:CA:D0:B3:7E:30:AB
X509v3 Authority Key Identifier:
keyid:56:43:41:5C:22:E1:41:97:2C:0D:7E:76:C2:4E:88:B2:24:27:B0:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VkNBXCLhQZcsDX52wk6IsiQnsCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b4c74a-e3b2-4e09-867c-f9967c3ad3e4/1/f2ucMYd3qJKsilduk7DK0LN-MKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b4c74a-e3b2-4e09-867c-f9967c3ad3e4/1/VkNBXCLhQZcsDX52wk6IsiQnsCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.52.0/22
195.96.192.0/19
IPv6:
2a02:2888::/32
Signature Algorithm: sha256WithRSAEncryption
af:08:63:7d:7a:a0:7f:d8:bb:1d:f7:e9:e7:22:85:39:9b:0e:
6c:d5:1a:30:d2:39:45:64:20:63:e5:c0:72:4c:66:b3:cc:7d:
94:e0:1d:04:74:bd:d6:02:87:74:9b:19:0e:60:ab:0d:66:8a:
19:4e:69:06:0e:60:7d:ef:d4:73:37:7a:db:85:f4:d4:6c:f5:
ee:78:24:9e:74:6f:3b:81:d6:2a:6e:19:3f:60:a7:1d:b3:9e:
1f:48:ce:56:67:f4:27:2e:1f:ad:81:0a:a7:89:ef:01:1f:72:
1a:da:30:fb:56:a2:16:49:36:e7:eb:b3:03:2b:5b:a5:76:c1:
6c:77:1c:8f:88:51:c8:86:fb:d9:fa:d4:d7:01:41:18:ed:18:
aa:48:60:7e:9b:04:9b:1d:76:a8:7d:86:b4:4e:fe:97:d2:b1:
b1:ac:a4:b7:81:98:43:7b:65:62:04:4b:67:fd:ce:74:8b:44:
1e:a3:af:b9:28:d9:5d:00:b8:99:d7:ef:6f:89:83:aa:4c:c1:
2f:04:a1:2b:d2:8f:2e:67:c3:12:4c:96:26:62:1f:4f:0f:35:
9f:2d:08:4f:29:1e:c6:fd:59:17:64:d8:df:94:ab:20:21:39:
31:8e:5f:47:53:0c:15:d4:23:7c:99:0d:d8:b1:5f:3d:68:52:
10:fe:03:bf
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzC2xLhiy5xjzu70gNQEEUMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NDM0MTVjMjJlMTQxOTcyYzBkN2U3NmMyNGU4OGIyMjQy
N2IwMjQwHhcNMjQwMTAxMDIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjZiOWMzMTg3NzdhODkyYWM4YTU3NmU5M2IwY2FkMGIzN2UzMGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhR7U1u6oYr1CIqY36icJu69R60O9
zaaUxJPpcL3nvY7TnPZDcB7RRXBDd6glI7ZpT8tf21+CVtMw0950RUpidZjalVmV
E+PSanMmZDMsiyhGJVNLtPz4HkkDivlMqbi0N8cStssXjQ0KTRz9kYDTB6m4iMmn
DF7ws38PniThlwVaIB+35cjTGBnrIPF2EI3oZNg5v+c8VCTiAaCR+MX/xh7xCqWT
f5ZWfKWykioO5M2hUvSS2ac6Bzu26UTcEnhZye5C1jIiZZSamI8ijXa05Lmy+lHu
SqUVBN85X85puo40O7maKVwmwkj8zv+YNfGiBzxM0cbz+ixmjqcv8L2UXwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFH9rnDGHd6iSrIpXbpOwytCzfjCrMB8GA1UdIwQY
MBaAFFZDQVwi4UGXLA1+dsJOiLIkJ7AkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmtOQlhDTGhRWmNzRFg1MndrNklzaVFuc0NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9iNGM3NGEtZTNiMi00ZTA5LTg2N2Mt
Zjk5NjdjM2FkM2U0LzEvZjJ1Y01ZZDNxSktzaWxkdWs3REswTE4tTUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9iNGM3NGEtZTNiMi00ZTA5LTg2N2MtZjk5NjdjM2FkM2U0
LzEvVmtOQlhDTGhRWmNzRFg1MndrNklzaVFuc0NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRw0AwQF
w2DAMA0EAgACMAcDBQAqAiiIMA0GCSqGSIb3DQEBCwUAA4IBAQCvCGN9eqB/2Lsd
9+nnIoU5mw5s1Row0jlFZCBj5cByTGazzH2U4B0EdL3WAod0mxkOYKsNZooZTmkG
DmB979RzN3rbhfTUbPXueCSedG87gdYqbhk/YKcds54fSM5WZ/QnLh+tgQqnie8B
H3Ia2jD7VqIWSTbn67MDK1uldsFsdxyPiFHIhvvZ+tTXAUEY7RiqSGB+mwSbHXao
fYa0Tv6X0rGxrKS3gZhDe2ViBEtn/c50i0Qeo6+5KNldALiZ1+9viYOqTMEvBKEr
0o8uZ8MSTJYmYh9PDzWfLQhPKR7G/VkXZNjflKsgITkxjl9HUwwV1CN8mQ3YsV89
aFIQ/gO/
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:52:05 2024 by rpki-client on console-fra.rpki-client.org