Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/h5D5ZNvsG-b_i23iSFDsjGsNdE8.roa
File: h5D5ZNvsG-b_i23iSFDsjGsNdE8.roa (raw, json)
Hash identifier: Ke2KtQ3Sz72/RobyWvYyH61ZTqS+0GdOTxXDb01a4J4=
Subject key identifier: 87:90:F9:64:DB:EC:1B:E6:FF:8B:6D:E2:48:50:EC:8C:6B:0D:74:4F
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 018CC5DC3E75A9E31F846A6022C1CA95990F
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/h5D5ZNvsG-b_i23iSFDsjGsNdE8.roa
Signing time: Mon 01 Jan 2024 16:29:54 +0000
ROA not before: Mon 01 Jan 2024 16:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3216
IP address blocks: 195.209.160.0/20 maxlen: 20
194.85.128.0/19 maxlen: 19
194.85.129.0/28 maxlen: 28
194.85.129.16/28 maxlen: 28
194.85.154.0/24 maxlen: 24
194.85.153.240/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:3e:75:a9:e3:1f:84:6a:60:22:c1:ca:95:99:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 1 16:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8790f964dbec1be6ff8b6de24850ec8c6b0d744f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:5d:aa:df:c4:92:24:81:03:97:3d:68:0d:d4:
30:7e:ff:19:c8:0a:76:f7:02:ab:fc:20:91:08:c5:
a2:37:32:8b:39:29:4a:7e:21:f7:02:7e:eb:c0:8c:
f4:f1:87:23:e2:74:3e:fb:a7:c4:c9:90:3c:2e:b0:
32:04:22:8f:23:77:c7:19:e4:25:c5:eb:81:16:31:
0e:7a:e0:c6:af:aa:fd:4c:ba:76:ea:bb:19:62:10:
5c:31:e2:67:88:88:fd:ba:11:87:f7:26:48:99:8f:
ac:fb:e3:06:61:4c:8d:c7:d8:04:11:6c:a1:a6:31:
00:71:7b:6c:92:eb:05:55:00:bb:6d:18:39:d7:e9:
ad:ec:73:9a:cc:07:89:f3:e9:8f:79:e3:03:f2:4c:
f8:4a:49:6a:f3:12:38:8c:60:e0:13:c5:98:49:66:
fe:4e:f2:de:26:bb:3b:fc:68:0c:85:39:6c:be:d0:
ef:70:c4:dd:68:69:40:f7:25:26:d3:c4:f6:4e:12:
4f:c4:43:89:e2:40:84:0a:e4:7d:af:81:96:c0:91:
3e:98:ca:5b:93:33:83:4a:3b:01:5b:25:47:5a:b1:
fd:23:5d:5b:86:b6:bc:51:36:7f:7c:fb:2b:f2:99:
d7:ed:9a:a4:62:94:cf:64:4a:88:ae:79:01:17:e6:
89:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:90:F9:64:DB:EC:1B:E6:FF:8B:6D:E2:48:50:EC:8C:6B:0D:74:4F
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/h5D5ZNvsG-b_i23iSFDsjGsNdE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.128.0/19
195.209.160.0/20
Signature Algorithm: sha256WithRSAEncryption
4c:d3:b6:c6:c0:04:c0:5b:35:ed:c1:cb:29:84:a0:3b:65:8d:
5c:93:44:f7:fe:43:65:71:eb:a4:b6:48:6d:d5:be:72:10:b1:
b4:56:78:37:4c:e9:5d:ca:3e:93:19:34:ca:b2:0b:43:45:23:
a4:98:03:fc:10:2a:3e:23:3b:5b:4e:1a:ef:c0:86:7b:94:34:
25:c3:22:dc:0d:c0:da:68:0b:08:47:7a:b5:5d:f4:c4:39:74:
91:bb:da:30:2d:6a:5d:80:ab:0a:8e:ef:dd:f0:41:6d:f4:2f:
03:11:51:65:1b:fd:62:59:91:a8:00:53:00:7d:87:71:fb:c3:
68:0e:d0:72:ed:4b:f2:21:e0:d2:fd:a5:56:f5:46:ce:9a:61:
88:b0:6f:c3:f8:87:1b:2d:41:a9:27:48:04:f4:ac:3b:40:97:
df:d6:d3:d7:b3:0c:db:77:91:2d:25:8a:6c:b4:82:c2:ee:90:
98:81:bc:52:41:a2:b3:a2:c6:9c:ad:c4:70:76:d8:17:ae:37:
e6:ce:57:8a:5f:50:8f:92:c5:0c:a1:89:34:4e:f1:61:5c:e1:
89:8a:b3:c5:0f:e4:f8:cd:e7:01:55:39:58:e7:74:e0:9b:a4:
11:50:ce:29:72:62:43:d4:c9:1f:d5:1b:eb:fc:53:42:e9:8e:
c7:b6:f7:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3D51qeMfhGpgIsHKlZkPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjQwMTAxMTYyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzkwZjk2NGRiZWMxYmU2ZmY4YjZkZTI0ODUwZWM4YzZiMGQ3NDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxV2q38SSJIEDlz1oDdQwfv8ZyAp2
9wKr/CCRCMWiNzKLOSlKfiH3An7rwIz08Ycj4nQ++6fEyZA8LrAyBCKPI3fHGeQl
xeuBFjEOeuDGr6r9TLp26rsZYhBcMeJniIj9uhGH9yZImY+s++MGYUyNx9gEEWyh
pjEAcXtskusFVQC7bRg51+mt7HOazAeJ8+mPeeMD8kz4Sklq8xI4jGDgE8WYSWb+
TvLeJrs7/GgMhTlsvtDvcMTdaGlA9yUm08T2ThJPxEOJ4kCECuR9r4GWwJE+mMpb
kzODSjsBWyVHWrH9I11bhra8UTZ/fPsr8pnX7ZqkYpTPZEqIrnkBF+aJ/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIeQ+WTb7Bvm/4tt4khQ7IxrDXRPMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvaDVENVpOdnNHLWJfaTIzaVNGRHNqR3NOZEU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFwlWAAwQE
w9GgMA0GCSqGSIb3DQEBCwUAA4IBAQBM07bGwATAWzXtwcsphKA7ZY1ck0T3/kNl
ceuktkht1b5yELG0Vng3TOldyj6TGTTKsgtDRSOkmAP8ECo+IztbThrvwIZ7lDQl
wyLcDcDaaAsIR3q1XfTEOXSRu9owLWpdgKsKju/d8EFt9C8DEVFlG/1iWZGoAFMA
fYdx+8NoDtBy7UvyIeDS/aVW9UbOmmGIsG/D+IcbLUGpJ0gE9Kw7QJff1tPXswzb
d5EtJYpstILC7pCYgbxSQaKzosacrcRwdtgXrjfmzleKX1CPksUMoYk0TvFhXOGJ
irPFD+T4zecBVTlY53Tgm6QRUM4pcmJD1Mkf1Rvr/FNC6Y7Htves
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:43:03 2024 by rpki-client on console-fra.rpki-client.org