Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/10boupFvI1XULQNro2UN6lTac7g.roa
File: 10boupFvI1XULQNro2UN6lTac7g.roa (raw, json)
Hash identifier: TeSlzV5XfscAlltaInqH0+tXc9GXKbl3p81v+qesFug=
Subject key identifier: D7:46:E8:BA:91:6F:23:55:D4:2D:03:6B:A3:65:0D:EA:54:DA:73:B8
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 019421B21518E8DFD8C714B7E82D5B0F5721
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/10boupFvI1XULQNro2UN6lTac7g.roa
Signing time: Wed 01 Jan 2025 11:48:26 +0000
ROA not before: Wed 01 Jan 2025 11:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48430
IP address blocks: 195.95.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.mft
rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 23:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:15:18:e8:df:d8:c7:14:b7:e8:2d:5b:0f:57:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Jan 1 11:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d746e8ba916f2355d42d036ba3650dea54da73b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:fe:aa:57:c0:d6:db:16:11:e7:57:24:e6:42:
28:45:e5:e2:0f:b5:a3:21:69:7b:cd:52:50:a2:3a:
6d:a9:84:c8:d5:1d:52:ec:ea:4a:a4:29:f6:d6:13:
01:1f:20:79:fe:c9:db:54:07:1c:92:73:00:d3:92:
7c:fa:cf:c9:44:48:3e:12:72:d6:74:9a:61:43:f4:
a2:a6:59:34:33:92:02:ca:2e:9f:e8:fd:37:4d:7b:
86:d9:d4:d5:5d:72:17:7e:f3:0c:34:2b:51:d8:b2:
48:9e:43:96:74:fd:83:57:f9:d0:2e:69:cd:f0:a3:
c2:08:1b:c6:f5:70:3b:d9:73:fa:aa:a2:be:86:54:
1a:b5:28:b4:b9:3e:25:fc:81:17:a9:d7:d8:6a:ce:
7d:c2:d6:65:6f:a8:ad:94:ce:ef:47:55:8a:a3:1c:
1a:4d:95:2b:f4:87:65:95:39:9f:d3:a3:6d:fd:a4:
02:89:51:cc:c5:e4:04:df:8c:22:6f:ec:9e:61:b2:
47:a8:66:d2:a7:d5:21:4a:fc:40:96:2f:f0:b0:6d:
d1:c8:e8:69:97:50:6e:07:3c:82:22:32:a9:c6:80:
c9:73:59:e1:58:aa:9b:ff:b5:dc:0a:05:1d:f0:0d:
44:14:68:6a:ac:ef:1c:f8:2f:55:e2:a6:8f:3f:57:
a8:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:46:E8:BA:91:6F:23:55:D4:2D:03:6B:A3:65:0D:EA:54:DA:73:B8
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/10boupFvI1XULQNro2UN6lTac7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.95.204.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:37:f0:94:b7:91:90:ef:ce:ac:92:ac:bd:1a:8e:5c:e3:2a:
48:25:2b:78:6d:b2:42:87:2f:5c:5f:86:3a:39:eb:e8:4c:cf:
df:f8:e7:a1:c8:c2:e5:35:93:cb:e9:e9:b6:61:e6:83:a8:7e:
f7:95:76:80:82:39:18:a2:e0:fc:49:01:38:63:4f:8b:de:c5:
71:3b:99:45:8c:ae:08:94:84:f3:0a:fa:0c:ff:db:6c:97:71:
a8:8d:26:0f:14:7a:5e:53:d1:f4:44:02:4b:0f:c5:27:56:50:
d6:a2:30:74:99:49:0d:ed:dd:08:a8:3d:c7:ec:b7:22:8d:3d:
cc:89:79:e5:da:5e:09:ab:c3:5e:ba:70:4d:8b:8f:98:bc:03:
ed:21:73:e7:0d:5b:8a:f7:9f:f3:62:0c:37:0b:ef:97:34:1f:
63:0d:e6:26:48:66:79:82:3f:24:9b:d0:12:4f:bf:26:ee:4b:
f4:99:4e:bc:9e:0f:ab:68:28:37:93:88:d7:f3:b0:40:c3:99:
19:6f:93:a4:72:44:92:f1:15:1a:f3:28:12:97:f1:83:a1:af:
8d:97:17:55:37:56:d9:26:cf:0e:02:4a:c3:ab:4a:f5:2a:83:
43:cb:cd:1b:ad:8e:87:73:e8:b9:51:a8:a8:92:5d:30:3b:c8:
45:03:3e:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhshUY6N/YxxS36C1bD1chMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjUwMTAxMTE0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzQ2ZThiYTkxNmYyMzU1ZDQyZDAzNmJhMzY1MGRlYTU0ZGE3M2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlf6qV8DW2xYR51ck5kIoReXiD7Wj
IWl7zVJQojptqYTI1R1S7OpKpCn21hMBHyB5/snbVAccknMA05J8+s/JREg+EnLW
dJphQ/Siplk0M5ICyi6f6P03TXuG2dTVXXIXfvMMNCtR2LJInkOWdP2DV/nQLmnN
8KPCCBvG9XA72XP6qqK+hlQatSi0uT4l/IEXqdfYas59wtZlb6itlM7vR1WKoxwa
TZUr9IdllTmf06Nt/aQCiVHMxeQE34wib+yeYbJHqGbSp9UhSvxAli/wsG3RyOhp
l1BuBzyCIjKpxoDJc1nhWKqb/7XcCgUd8A1EFGhqrO8c+C9V4qaPP1eomwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNdG6LqRbyNV1C0Da6NlDepU2nO4MB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvMTBib3VwRnZJMVhVTFFOcm8yVU42bFRhYzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1/MMA0G
CSqGSIb3DQEBCwUAA4IBAQDBN/CUt5GQ786skqy9Go5c4ypIJSt4bbJChy9cX4Y6
OevoTM/f+OehyMLlNZPL6em2YeaDqH73lXaAgjkYouD8SQE4Y0+L3sVxO5lFjK4I
lITzCvoM/9tsl3GojSYPFHpeU9H0RAJLD8UnVlDWojB0mUkN7d0IqD3H7LcijT3M
iXnl2l4Jq8NeunBNi4+YvAPtIXPnDVuK95/zYgw3C++XNB9jDeYmSGZ5gj8km9AS
T78m7kv0mU68ng+raCg3k4jX87BAw5kZb5OkckSS8RUa8ygSl/GDoa+NlxdVN1bZ
Js8OAkrDq0r1KoNDy80brY6Hc+i5Uaiokl0wO8hFAz5+
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:41:04 2025 by rpki-client