Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/qmWhU9oSEBDjE-FOvGwIa6R3RXE.roa
File: qmWhU9oSEBDjE-FOvGwIa6R3RXE.roa (raw, json)
Hash identifier: 4fDY8YWfH9CDwRSj8KqKMypD/mbrgmjgl3/U4T+qkSI=
Subject key identifier: AA:65:A1:53:DA:12:10:10:E3:13:E1:4E:BC:6C:08:6B:A4:77:45:71
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 018CC56EB641C81CA6EF83B7E3C13CBD4DDA
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/qmWhU9oSEBDjE-FOvGwIa6R3RXE.roa
Signing time: Mon 01 Jan 2024 14:30:16 +0000
ROA not before: Mon 01 Jan 2024 14:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212609
IP address blocks: 195.95.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.mft
rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:b6:41:c8:1c:a6:ef:83:b7:e3:c1:3c:bd:4d:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Jan 1 14:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa65a153da121010e313e14ebc6c086ba4774571
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ea:9c:ba:d7:9e:49:c1:1a:81:b5:01:8e:ec:
35:ce:19:a4:8e:71:9e:6b:e8:f6:40:96:3f:88:c2:
0c:e7:57:78:09:c2:3a:a3:1c:2f:14:19:2a:85:e2:
ef:da:c5:7a:45:b0:d4:32:48:8a:bb:72:a3:bd:4f:
35:1b:12:77:c6:07:92:3b:44:68:bc:06:42:d3:73:
88:57:65:0e:61:11:63:4e:24:4b:05:86:19:19:06:
e3:19:fc:f3:58:a7:5c:6f:05:35:73:12:76:fc:a2:
ef:1a:3b:23:d3:df:d3:d6:cc:99:d2:0e:04:1b:e7:
54:1a:ea:50:bf:22:62:2c:ac:d2:db:ce:a3:66:a8:
ff:72:9f:3c:f6:43:ba:47:ac:82:a4:ad:f6:b5:71:
32:c7:ad:cd:82:51:60:0a:8e:59:a1:b6:bc:e4:03:
ad:17:2f:ff:6c:e4:ff:26:d7:dd:2b:9a:99:56:67:
04:ff:f7:ee:9f:b3:14:9f:0a:af:2d:eb:5f:42:44:
27:83:92:03:82:a8:44:20:3c:08:bb:30:ba:92:24:
ed:60:b0:ae:5f:33:93:da:73:25:9b:c4:22:68:f1:
4a:bf:18:06:c0:e9:85:b4:42:22:6c:72:7a:cf:2c:
a6:73:60:76:2b:ca:cd:83:ad:96:5d:0b:6a:e7:6e:
36:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:65:A1:53:DA:12:10:10:E3:13:E1:4E:BC:6C:08:6B:A4:77:45:71
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/qmWhU9oSEBDjE-FOvGwIa6R3RXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.95.205.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:7f:29:5f:42:a2:a2:e3:be:6f:c8:a3:32:b5:fe:34:33:47:
f0:e8:58:20:27:c9:a8:b8:b7:87:cc:6b:aa:f6:37:8a:84:fe:
ef:3c:0e:0c:a6:1a:03:73:98:28:13:d5:f8:6e:02:4c:74:3c:
15:ba:7e:3f:b4:c3:b5:a5:82:29:23:9a:1d:9c:ad:ec:62:81:
59:f4:e8:00:16:36:dc:9a:ee:77:75:fa:4c:1a:2b:73:79:33:
0f:ce:aa:8d:87:1b:f3:1e:e5:ad:c8:79:28:5a:26:8a:d1:d6:
43:c7:c0:6b:d9:34:22:4b:5a:de:5f:de:18:e3:bf:2b:ee:a2:
6f:e3:a2:c9:a0:e9:be:45:9e:c5:ed:28:ab:a8:cf:2c:d3:9a:
c1:dd:80:0c:50:2c:a7:b0:c6:f4:ee:17:1f:f1:b4:a0:8c:9c:
cb:a7:2c:10:af:10:d0:24:71:1e:b7:f5:29:45:5b:0e:6a:1a:
a1:aa:bb:aa:8f:62:bc:8a:07:35:23:3c:54:8e:c1:76:42:c5:
72:1e:14:e3:ba:3a:2e:84:8c:6d:08:e5:8d:89:76:31:ae:48:
3a:ac:01:da:f8:4b:89:04:c9:92:77:92:36:16:a9:59:60:46:
79:92:af:61:0f:2b:97:8f:d9:33:a6:3c:d7:30:56:64:35:d8:
01:e4:2d:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbrZByBym74O348E8vU3aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjQwMTAxMTQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTY1YTE1M2RhMTIxMDEwZTMxM2UxNGViYzZjMDg2YmE0Nzc0NTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+qcuteeScEagbUBjuw1zhmkjnGe
a+j2QJY/iMIM51d4CcI6oxwvFBkqheLv2sV6RbDUMkiKu3KjvU81GxJ3xgeSO0Ro
vAZC03OIV2UOYRFjTiRLBYYZGQbjGfzzWKdcbwU1cxJ2/KLvGjsj09/T1syZ0g4E
G+dUGupQvyJiLKzS286jZqj/cp889kO6R6yCpK32tXEyx63NglFgCo5Zoba85AOt
Fy//bOT/JtfdK5qZVmcE//fun7MUnwqvLetfQkQng5IDgqhEIDwIuzC6kiTtYLCu
XzOT2nMlm8QiaPFKvxgGwOmFtEIibHJ6zyymc2B2K8rNg62WXQtq5242EwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKploVPaEhAQ4xPhTrxsCGukd0VxMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvcW1XaFU5b1NFQkRqRS1GT3ZHd0lhNlIzUlhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1/NMA0G
CSqGSIb3DQEBCwUAA4IBAQBufylfQqKi475vyKMytf40M0fw6FggJ8mouLeHzGuq
9jeKhP7vPA4MphoDc5goE9X4bgJMdDwVun4/tMO1pYIpI5odnK3sYoFZ9OgAFjbc
mu53dfpMGitzeTMPzqqNhxvzHuWtyHkoWiaK0dZDx8Br2TQiS1reX94Y478r7qJv
46LJoOm+RZ7F7SirqM8s05rB3YAMUCynsMb07hcf8bSgjJzLpywQrxDQJHEet/Up
RVsOahqhqruqj2K8igc1IzxUjsF2QsVyHhTjujouhIxtCOWNiXYxrkg6rAHa+EuJ
BMmSd5I2FqlZYEZ5kq9hDyuXj9kzpjzXMFZkNdgB5C1/
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:03:19 2024 by rpki-client on console-ams.rpki-client.org