Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/s--ORwJvEPT2doqV0F3BlR9f2mw.roa
File: s--ORwJvEPT2doqV0F3BlR9f2mw.roa (raw, json)
Hash identifier: RwaJbekSVQ6179gJc/fpKHsf7pp7S9dUG9SGcdvXAHQ=
Subject key identifier: B3:EF:8E:47:02:6F:10:F4:F6:76:8A:95:D0:5D:C1:95:1F:5F:DA:6C
Certificate issuer: /CN=617252ebbb33484adcec7405adea4de08a0afb04
Certificate serial: 018CC72583873A8F39240C98444B67EC951E
Authority key identifier: 61:72:52:EB:BB:33:48:4A:DC:EC:74:05:AD:EA:4D:E0:8A:0A:FB:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YXJS67szSErc7HQFrepN4IoK-wQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/s--ORwJvEPT2doqV0F3BlR9f2mw.roa
Signing time: Mon 01 Jan 2024 22:29:33 +0000
ROA not before: Mon 01 Jan 2024 22:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34420
IP address blocks: 195.149.119.0/24 maxlen: 24
195.170.167.0/24 maxlen: 24
2a0b:8bc7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/YXJS67szSErc7HQFrepN4IoK-wQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/YXJS67szSErc7HQFrepN4IoK-wQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/YXJS67szSErc7HQFrepN4IoK-wQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:83:87:3a:8f:39:24:0c:98:44:4b:67:ec:95:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=617252ebbb33484adcec7405adea4de08a0afb04
Validity
Not Before: Jan 1 22:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3ef8e47026f10f4f6768a95d05dc1951f5fda6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d7:7b:ce:a9:44:f4:34:bb:52:2b:30:43:7e:
73:9f:44:73:85:10:bf:6b:dd:05:a6:69:79:86:f5:
5e:b4:9d:0d:8d:66:76:47:9f:d7:df:77:0d:53:66:
bd:91:74:d3:da:d2:d1:57:7a:dd:67:a3:70:3d:9d:
fc:4e:56:ca:58:20:7c:d3:a3:8f:9f:79:91:70:02:
93:df:ae:5e:1a:b6:38:d1:4b:10:e8:e6:4f:9e:2b:
76:65:ab:fc:93:0b:48:ab:aa:1d:56:2f:34:9a:d9:
98:80:33:74:19:3b:58:a7:ac:21:b5:0f:7c:70:bd:
35:13:f8:0e:c0:50:3f:22:18:fe:2b:b8:f4:34:12:
13:1b:e5:56:97:b2:7c:57:4b:d8:df:1a:23:a8:76:
f4:aa:6b:8a:02:b1:a7:ba:c7:c2:6d:87:c2:a3:b3:
30:a6:20:30:7e:fa:85:0f:06:6c:13:80:13:db:1a:
c7:2e:f1:85:8f:59:bf:1c:ff:97:37:68:a9:d7:f1:
24:ce:4e:46:4e:5a:c6:b3:f3:0e:17:d9:a1:e7:b9:
43:84:29:99:46:38:bf:ab:ba:b6:da:57:9f:56:3d:
a0:66:cf:57:2b:86:0c:e8:19:27:2c:33:aa:48:7d:
40:32:c0:dc:16:13:af:1e:9a:67:27:82:b7:3f:06:
f9:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:EF:8E:47:02:6F:10:F4:F6:76:8A:95:D0:5D:C1:95:1F:5F:DA:6C
X509v3 Authority Key Identifier:
keyid:61:72:52:EB:BB:33:48:4A:DC:EC:74:05:AD:EA:4D:E0:8A:0A:FB:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YXJS67szSErc7HQFrepN4IoK-wQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/s--ORwJvEPT2doqV0F3BlR9f2mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/YXJS67szSErc7HQFrepN4IoK-wQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.149.119.0/24
195.170.167.0/24
IPv6:
2a0b:8bc7::/32
Signature Algorithm: sha256WithRSAEncryption
6e:73:25:08:ba:e3:86:70:8b:75:55:29:0c:f1:21:fb:9e:74:
c0:4b:26:18:df:88:a8:9d:dc:d1:cf:35:d8:9a:74:47:78:76:
c1:a3:26:e7:2c:52:80:92:f9:2c:e3:d8:d2:69:a8:bd:f2:ce:
a3:ab:f2:fd:4d:ca:dd:46:32:19:d1:ab:31:25:a9:e0:0c:bd:
8c:39:06:84:90:4c:25:3b:c1:fd:07:c6:ec:d2:9d:c7:1b:8b:
e7:59:32:b5:67:6d:d6:f1:12:fa:85:b8:60:63:64:9a:a9:26:
e0:39:84:e5:67:cb:e2:12:dc:7d:84:4f:33:27:d0:86:f2:ca:
19:2f:a2:d9:eb:7d:93:b4:26:29:c0:a3:d2:5d:29:a5:05:04:
00:44:6c:aa:48:f4:49:ea:a9:2e:7d:1c:0a:82:3e:21:68:bb:
4c:86:7f:1a:ca:22:c1:95:22:c9:78:7b:8b:3d:1c:56:5a:bd:
74:b0:55:2f:48:50:1f:bb:32:1b:0d:f6:04:5f:3f:73:b6:8b:
9b:b4:bd:24:5c:a9:81:62:b4:2d:84:de:05:3d:25:13:e5:37:
41:21:47:01:6d:a5:77:04:5d:00:96:75:64:1f:b0:1f:90:12:
d0:28:7a:26:c9:3f:cc:cb:3e:e1:0f:b7:d2:45:7e:b4:f8:b7:
36:8d:02:44
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJYOHOo85JAyYREtn7JUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNzI1MmViYmIzMzQ4NGFkY2VjNzQwNWFkZWE0ZGUwOGEw
YWZiMDQwHhcNMjQwMTAxMjIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2VmOGU0NzAyNmYxMGY0ZjY3NjhhOTVkMDVkYzE5NTFmNWZkYTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtd7zqlE9DS7UiswQ35zn0RzhRC/
a90Fpml5hvVetJ0NjWZ2R5/X33cNU2a9kXTT2tLRV3rdZ6NwPZ38TlbKWCB806OP
n3mRcAKT365eGrY40UsQ6OZPnit2Zav8kwtIq6odVi80mtmYgDN0GTtYp6whtQ98
cL01E/gOwFA/Ihj+K7j0NBITG+VWl7J8V0vY3xojqHb0qmuKArGnusfCbYfCo7Mw
piAwfvqFDwZsE4AT2xrHLvGFj1m/HP+XN2ip1/Ekzk5GTlrGs/MOF9mh57lDhCmZ
Rji/q7q22lefVj2gZs9XK4YM6BknLDOqSH1AMsDcFhOvHppnJ4K3Pwb5CQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLPvjkcCbxD09naKldBdwZUfX9psMB8GA1UdIwQY
MBaAFGFyUuu7M0hK3Ox0Ba3qTeCKCvsEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVhKUzY3c3pTRXJjN0hRRnJlcE40SW9LLXdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8zN2E5M2ItODdiNS00OTk1LTllOGMt
NjYzNWRlYmMzOTVjLzEvcy0tT1J3SnZFUFQyZG9xVjBGM0JsUjlmMm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8zN2E5M2ItODdiNS00OTk1LTllOGMtNjYzNWRlYmMzOTVj
LzEvWVhKUzY3c3pTRXJjN0hRRnJlcE40SW9LLXdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAw5V3AwQA
w6qnMA0EAgACMAcDBQAqC4vHMA0GCSqGSIb3DQEBCwUAA4IBAQBucyUIuuOGcIt1
VSkM8SH7nnTASyYY34iondzRzzXYmnRHeHbBoybnLFKAkvks49jSaai98s6jq/L9
TcrdRjIZ0asxJangDL2MOQaEkEwlO8H9B8bs0p3HG4vnWTK1Z23W8RL6hbhgY2Sa
qSbgOYTlZ8viEtx9hE8zJ9CG8soZL6LZ632TtCYpwKPSXSmlBQQARGyqSPRJ6qku
fRwKgj4haLtMhn8ayiLBlSLJeHuLPRxWWr10sFUvSFAfuzIbDfYEXz9ztoubtL0k
XKmBYrQthN4FPSUT5TdBIUcBbaV3BF0AlnVkH7AfkBLQKHomyT/Myz7hD7fSRX60
+Lc2jQJE
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:04:19 2024 by rpki-client on console-fra.rpki-client.org