Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/8jyJkG0cHiEgO53L0BQEbStP710.roa
File: 8jyJkG0cHiEgO53L0BQEbStP710.roa (raw, json)
Hash identifier: nrp8TB0+XKfMkXKMWT/I9qOg7u9dET21trlCQmUVIlk=
Subject key identifier: F2:3C:89:90:6D:1C:1E:21:20:3B:9D:CB:D0:14:04:6D:2B:4F:EF:5D
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 018CC9BCBCB2ABC5A70554C2B7DCF9C9CDFE
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/8jyJkG0cHiEgO53L0BQEbStP710.roa
Signing time: Tue 02 Jan 2024 10:33:58 +0000
ROA not before: Tue 02 Jan 2024 10:33:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201976
IP address blocks: 195.53.40.0/24 maxlen: 24
195.53.40.0/23 maxlen: 23
195.53.41.0/24 maxlen: 24
195.53.43.0/24 maxlen: 24
195.53.42.0/23 maxlen: 23
195.53.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.mft
rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:bc:b2:ab:c5:a7:05:54:c2:b7:dc:f9:c9:cd:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Jan 2 10:33:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f23c89906d1c1e21203b9dcbd014046d2b4fef5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f9:98:a3:46:2e:d0:7b:58:a0:b5:b2:02:81:
7f:f0:71:fc:f7:f5:24:43:8e:6e:5f:d7:54:87:e5:
0c:5f:3b:01:52:46:00:db:27:c5:cf:99:b2:47:b5:
c7:b6:20:f8:7c:55:38:68:69:7f:e7:58:14:85:a1:
66:f6:7e:e6:f9:ff:cd:7a:e9:46:1d:f2:3d:c8:6a:
c3:c1:c5:de:32:f0:ce:d1:cb:ec:7a:9c:4a:10:95:
1f:e4:b4:f3:2f:48:3c:88:9e:95:3b:dd:84:b7:56:
a2:e2:27:64:8e:9e:e7:86:07:79:40:cc:9d:e1:a2:
40:3c:b3:4c:06:86:f0:1d:b9:87:3c:ec:1e:af:b8:
1d:e9:3b:44:44:c1:85:14:36:09:43:9d:d7:9d:1d:
20:3d:1f:54:05:09:c3:dd:36:55:75:68:55:86:3c:
a1:45:e2:d6:f5:37:4d:cd:96:b5:1c:86:17:a3:eb:
b6:83:d2:61:db:9b:64:74:a3:f9:24:7f:ce:1b:fe:
3e:84:ce:75:c7:1d:f8:28:09:f6:55:0e:7d:40:88:
87:a0:74:e2:da:63:d1:95:74:71:3b:3f:a4:78:5e:
38:f2:81:3a:c0:c4:9e:c3:64:19:2b:dc:52:f9:cd:
cc:18:b5:83:9c:3c:2a:37:a3:3a:4a:d6:81:a7:34:
bf:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:3C:89:90:6D:1C:1E:21:20:3B:9D:CB:D0:14:04:6D:2B:4F:EF:5D
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/8jyJkG0cHiEgO53L0BQEbStP710.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.53.40.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:a7:21:37:25:fd:98:80:f8:c7:90:22:03:73:ec:6c:11:35:
cb:cd:c3:0f:53:03:d2:c7:66:f2:0e:6b:0f:be:d8:75:37:0b:
62:0b:1f:bf:6d:6c:91:da:28:71:65:cd:4f:af:79:89:c5:56:
d8:9b:db:12:bd:12:5a:b4:ad:11:c9:2c:cb:c2:a8:9a:07:75:
70:51:de:a0:51:58:11:99:4d:c9:10:e5:d2:3a:8a:d3:e8:64:
cc:81:0e:e8:5c:b8:12:67:cf:e2:98:3a:cd:28:01:bb:80:9c:
83:93:f1:b1:96:db:32:04:33:a9:59:cc:37:33:cd:2e:1e:50:
7f:1d:ab:5f:4d:95:ee:eb:28:80:1f:a4:57:02:56:98:b8:b9:
d5:5e:de:ce:72:34:48:77:9d:14:5a:93:84:5b:fa:5b:af:0d:
c2:58:e7:75:2e:be:ff:8e:b1:91:e0:bd:2c:3f:33:22:f3:64:
29:fe:39:a9:96:19:94:aa:90:f9:5d:a8:37:c2:95:66:38:e5:
3b:c2:63:19:77:9c:10:99:bd:60:42:50:3b:ca:34:95:fe:33:
3c:ca:c6:ec:f7:37:41:29:18:db:d8:b4:d7:44:03:57:a5:22:
ac:3a:29:4c:02:ad:22:c9:f5:5f:c1:1a:0b:1f:dd:39:6d:a3:
75:1a:6f:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvLyyq8WnBVTCt9z5yc3+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjQwMTAyMTAzMzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjNjODk5MDZkMWMxZTIxMjAzYjlkY2JkMDE0MDQ2ZDJiNGZlZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPmYo0Yu0HtYoLWyAoF/8HH89/Uk
Q45uX9dUh+UMXzsBUkYA2yfFz5myR7XHtiD4fFU4aGl/51gUhaFm9n7m+f/NeulG
HfI9yGrDwcXeMvDO0cvsepxKEJUf5LTzL0g8iJ6VO92Et1ai4idkjp7nhgd5QMyd
4aJAPLNMBobwHbmHPOwer7gd6TtERMGFFDYJQ53XnR0gPR9UBQnD3TZVdWhVhjyh
ReLW9TdNzZa1HIYXo+u2g9Jh25tkdKP5JH/OG/4+hM51xx34KAn2VQ59QIiHoHTi
2mPRlXRxOz+keF448oE6wMSew2QZK9xS+c3MGLWDnDwqN6M6StaBpzS/TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPI8iZBtHB4hIDudy9AUBG0rT+9dMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvOGp5SmtHMGNIaUVnTzUzTDBCUUViU3RQNzEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwzUoMA0G
CSqGSIb3DQEBCwUAA4IBAQC7pyE3Jf2YgPjHkCIDc+xsETXLzcMPUwPSx2byDmsP
vth1NwtiCx+/bWyR2ihxZc1Pr3mJxVbYm9sSvRJatK0RySzLwqiaB3VwUd6gUVgR
mU3JEOXSOorT6GTMgQ7oXLgSZ8/imDrNKAG7gJyDk/GxltsyBDOpWcw3M80uHlB/
HatfTZXu6yiAH6RXAlaYuLnVXt7OcjRId50UWpOEW/pbrw3CWOd1Lr7/jrGR4L0s
PzMi82Qp/jmplhmUqpD5Xag3wpVmOOU7wmMZd5wQmb1gQlA7yjSV/jM8ysbs9zdB
KRjb2LTXRANXpSKsOilMAq0iyfVfwRoLH905baN1Gm9S
-----END CERTIFICATE-----
Generated at Sat Jun 1 22:17:49 2024 by rpki-client on console-fra.rpki-client.org