Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/d0cc41-c8f1-4a44-91f0-d1a4599cb0e5/1/K56MJOdkulZwfqa8qSGFigvd-F4.roa
File: K56MJOdkulZwfqa8qSGFigvd-F4.roa (raw, json)
Hash identifier: bH8deZLhxicH2Hv+VsR2fJXQeFQOfY/vBW/LY34el0A=
Subject key identifier: 2B:9E:8C:24:E7:64:BA:56:70:7E:A6:BC:A9:21:85:8A:0B:DD:F8:5E
Certificate issuer: /CN=f7d32e75294187d46e8eae0f8fe72b5fd7abf886
Certificate serial: 018CC5DC363D1069A4D673A645781CD97532
Authority key identifier: F7:D3:2E:75:29:41:87:D4:6E:8E:AE:0F:8F:E7:2B:5F:D7:AB:F8:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/99MudSlBh9Rujq4Pj-crX9er-IY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/d0cc41-c8f1-4a44-91f0-d1a4599cb0e5/1/K56MJOdkulZwfqa8qSGFigvd-F4.roa
Signing time: Mon 01 Jan 2024 16:29:52 +0000
ROA not before: Mon 01 Jan 2024 16:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6895
IP address blocks: 193.149.0.0/23 maxlen: 24
195.95.153.0/24 maxlen: 24
185.79.172.0/22 maxlen: 24
2001:7f8:f::/48 maxlen: 48
2a03:5e60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/d0cc41-c8f1-4a44-91f0-d1a4599cb0e5/1/99MudSlBh9Rujq4Pj-crX9er-IY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/d0cc41-c8f1-4a44-91f0-d1a4599cb0e5/1/99MudSlBh9Rujq4Pj-crX9er-IY.mft
rsync://rpki.ripe.net/repository/DEFAULT/99MudSlBh9Rujq4Pj-crX9er-IY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 23:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:36:3d:10:69:a4:d6:73:a6:45:78:1c:d9:75:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7d32e75294187d46e8eae0f8fe72b5fd7abf886
Validity
Not Before: Jan 1 16:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b9e8c24e764ba56707ea6bca921858a0bddf85e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:71:f5:7c:c5:74:dc:71:c2:de:d6:17:c7:81:
45:6d:9f:f6:b7:9d:a9:5e:55:91:41:d6:48:5c:ee:
1c:49:ec:3c:37:2a:8b:34:c1:81:17:69:a4:dd:19:
41:28:fd:10:fe:db:65:77:61:ee:2b:14:19:ec:1c:
58:a4:86:e7:ca:fa:ab:a1:cb:ac:c9:ed:37:33:ef:
b7:fd:58:cd:5e:3a:c8:ce:46:bc:e3:21:e7:68:04:
a0:10:53:01:93:e8:5c:c1:af:a7:32:20:67:86:eb:
dc:f5:85:91:d4:b2:08:00:dc:ed:7b:7b:61:72:77:
f8:b2:80:5c:fb:18:6f:37:e4:e6:c0:c6:73:95:8d:
05:f1:0d:a3:a1:6e:05:c5:c2:df:d5:86:ad:49:18:
cb:f6:e1:22:f8:d9:00:58:49:e2:38:bf:8b:a1:37:
3f:2a:47:8b:1b:28:78:ac:6d:1f:b3:92:8b:32:5d:
0e:de:de:35:fc:9c:97:16:5d:dd:33:8e:43:0f:88:
33:4a:ae:32:ab:ae:eb:8f:29:37:44:fa:3f:07:f2:
0d:50:5c:b0:f3:b3:af:b7:37:45:54:b2:3d:c8:7f:
31:9e:76:53:b6:28:65:28:cc:9e:f7:c8:55:fd:99:
be:50:c2:a2:bd:c4:7c:4a:ea:32:02:1a:17:c2:fe:
df:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:9E:8C:24:E7:64:BA:56:70:7E:A6:BC:A9:21:85:8A:0B:DD:F8:5E
X509v3 Authority Key Identifier:
keyid:F7:D3:2E:75:29:41:87:D4:6E:8E:AE:0F:8F:E7:2B:5F:D7:AB:F8:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/99MudSlBh9Rujq4Pj-crX9er-IY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d0cc41-c8f1-4a44-91f0-d1a4599cb0e5/1/K56MJOdkulZwfqa8qSGFigvd-F4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d0cc41-c8f1-4a44-91f0-d1a4599cb0e5/1/99MudSlBh9Rujq4Pj-crX9er-IY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.172.0/22
193.149.0.0/23
195.95.153.0/24
IPv6:
2001:7f8:f::/48
2a03:5e60::/32
Signature Algorithm: sha256WithRSAEncryption
30:6e:ad:78:5a:50:50:3a:e7:b2:4b:eb:15:10:2e:83:16:0a:
c1:e6:d6:06:7e:1e:f2:b5:92:25:5b:90:27:ad:6c:c0:f6:21:
cc:d2:2c:d5:25:43:4b:91:31:de:8e:3e:7e:7b:96:0f:1d:b9:
44:ba:2c:bf:3f:cd:42:6a:fe:4d:21:2c:17:80:1d:8f:c9:c6:
fe:81:ac:74:4c:7c:87:4f:86:1a:6a:41:b9:7f:4d:07:d4:26:
28:79:0a:dd:ca:54:d8:28:b0:58:29:a0:4b:7d:56:6c:46:d6:
83:e0:8a:d8:d7:f4:2b:cc:91:87:10:30:d4:0f:2f:32:49:ad:
db:d6:9e:ec:7e:c9:57:89:bd:01:97:7b:73:d6:77:3e:6b:a8:
35:a4:54:7b:59:69:23:cf:10:4b:63:47:81:01:00:bd:83:ee:
73:ee:df:77:f9:ef:94:38:91:e0:79:a3:0e:01:9e:e8:4a:e5:
99:61:ab:91:7e:de:a8:b0:63:a3:39:41:5d:7b:f8:1a:7b:56:
45:48:f5:af:6a:93:d3:ac:2f:e5:13:45:64:b4:91:8b:e1:7c:
65:f4:67:70:51:06:12:a9:2a:85:05:18:89:2a:84:99:bc:8f:
48:60:d2:99:f6:0e:3d:ab:9a:94:06:69:2a:26:f8:2a:43:e1:
f6:c3:91:8d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzF3DY9EGmk1nOmRXgc2XUyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3ZDMyZTc1Mjk0MTg3ZDQ2ZThlYWUwZjhmZTcyYjVmZDdh
YmY4ODYwHhcNMjQwMTAxMTYyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjllOGMyNGU3NjRiYTU2NzA3ZWE2YmNhOTIxODU4YTBiZGRmODVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3H1fMV03HHC3tYXx4FFbZ/2t52p
XlWRQdZIXO4cSew8NyqLNMGBF2mk3RlBKP0Q/ttld2HuKxQZ7BxYpIbnyvqrocus
ye03M++3/VjNXjrIzka84yHnaASgEFMBk+hcwa+nMiBnhuvc9YWR1LIIANzte3th
cnf4soBc+xhvN+TmwMZzlY0F8Q2joW4FxcLf1YatSRjL9uEi+NkAWEniOL+LoTc/
KkeLGyh4rG0fs5KLMl0O3t41/JyXFl3dM45DD4gzSq4yq67rjyk3RPo/B/INUFyw
87OvtzdFVLI9yH8xnnZTtihlKMye98hV/Zm+UMKivcR8SuoyAhoXwv7fRwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCuejCTnZLpWcH6mvKkhhYoL3fheMB8GA1UdIwQY
MBaAFPfTLnUpQYfUbo6uD4/nK1/Xq/iGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTlNdWRTbEJoOVJ1anE0UGotY3JYOWVyLUlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9kMGNjNDEtYzhmMS00YTQ0LTkxZjAt
ZDFhNDU5OWNiMGU1LzEvSzU2TUpPZGt1bFp3ZnFhOHFTR0ZpZ3ZkLUY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9kMGNjNDEtYzhmMS00YTQ0LTkxZjAtZDFhNDU5OWNiMGU1
LzEvOTlNdWRTbEJoOVJ1anE0UGotY3JYOWVyLUlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQCuU+sAwQB
wZUAAwQAw1+ZMBYEAgACMBADBwAgAQf4AA8DBQAqA15gMA0GCSqGSIb3DQEBCwUA
A4IBAQAwbq14WlBQOueyS+sVEC6DFgrB5tYGfh7ytZIlW5AnrWzA9iHM0izVJUNL
kTHejj5+e5YPHblEuiy/P81Cav5NISwXgB2Pycb+gax0THyHT4YaakG5f00H1CYo
eQrdylTYKLBYKaBLfVZsRtaD4IrY1/QrzJGHEDDUDy8ySa3b1p7sfslXib0Bl3tz
1nc+a6g1pFR7WWkjzxBLY0eBAQC9g+5z7t93+e+UOJHgeaMOAZ7oSuWZYauRft6o
sGOjOUFde/gae1ZFSPWvapPTrC/lE0VktJGL4Xxl9GdwUQYSqSqFBRiJKoSZvI9I
YNKZ9g49q5qUBmkqJvgqQ+H2w5GN
-----END CERTIFICATE-----
Generated at Tue May 21 07:35:40 2024 by rpki-client on console-fra.rpki-client.org