Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/647f28-59cf-4d68-a50f-1764b03618fc/1/L80iubnLrB6HYtoni9kSz1WqbDo.roa
File: L80iubnLrB6HYtoni9kSz1WqbDo.roa (raw, json)
Hash identifier: Pel1dW8qwtIoSRwoxsDO7tFtugoOBen1LdrGlhb+Pl0=
Subject key identifier: 2F:CD:22:B9:B9:CB:AC:1E:87:62:DA:27:8B:D9:12:CF:55:AA:6C:3A
Certificate issuer: /CN=e23c0c3e0106c965d460cd0c3cbc5e234f82a6b4
Certificate serial: 018CC94ABD84C9A2B9D59788A2D1DEEFA0FE
Authority key identifier: E2:3C:0C:3E:01:06:C9:65:D4:60:CD:0C:3C:BC:5E:23:4F:82:A6:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4jwMPgEGyWXUYM0MPLxeI0-CprQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/647f28-59cf-4d68-a50f-1764b03618fc/1/L80iubnLrB6HYtoni9kSz1WqbDo.roa
Signing time: Tue 02 Jan 2024 08:29:27 +0000
ROA not before: Tue 02 Jan 2024 08:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39762
IP address blocks: 195.60.71.0/24 maxlen: 24
195.60.70.0/23 maxlen: 23
195.60.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/647f28-59cf-4d68-a50f-1764b03618fc/1/4jwMPgEGyWXUYM0MPLxeI0-CprQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/647f28-59cf-4d68-a50f-1764b03618fc/1/4jwMPgEGyWXUYM0MPLxeI0-CprQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/4jwMPgEGyWXUYM0MPLxeI0-CprQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:bd:84:c9:a2:b9:d5:97:88:a2:d1:de:ef:a0:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e23c0c3e0106c965d460cd0c3cbc5e234f82a6b4
Validity
Not Before: Jan 2 08:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2fcd22b9b9cbac1e8762da278bd912cf55aa6c3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6e:35:16:f0:2d:cf:f5:2d:a3:ad:be:53:e3:
b2:3e:34:98:8d:d0:a5:b1:fc:37:43:87:e5:c2:61:
1d:14:9e:5b:af:fa:6a:f0:bb:2b:17:3a:99:f1:ca:
af:76:c3:36:f7:32:49:45:95:02:6f:2f:7c:57:75:
01:c7:89:70:ca:7d:84:fb:a7:14:9b:c7:af:15:d7:
06:bd:29:09:be:e9:0f:32:c8:1d:82:dc:b4:1c:34:
56:ce:06:0f:f9:cd:01:d3:ac:52:e4:37:48:6d:5f:
0d:b9:68:5c:79:b7:41:91:37:b5:86:6d:e2:be:f6:
24:5d:68:de:30:ad:36:9d:66:7c:d4:3c:da:de:53:
da:82:a8:e1:fa:6d:9f:3d:60:3a:7c:2c:2c:6e:dd:
dc:3e:3c:36:82:64:f2:d9:c6:52:a3:5f:3b:e0:d8:
8b:08:33:01:9b:ed:da:6f:ed:f2:9a:f7:c0:4d:07:
24:02:53:f1:8a:5a:e0:2a:c7:28:49:b9:ee:c2:4f:
3e:c0:a5:03:67:9e:17:3c:66:a5:32:b4:ab:2d:a2:
b2:91:72:e8:fe:ca:25:45:63:36:3a:d1:73:ce:73:
c5:d3:48:b4:05:bc:1f:7a:71:72:a9:73:40:21:9f:
b6:39:d4:6b:06:3a:07:35:20:49:8e:af:a9:4d:06:
40:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:CD:22:B9:B9:CB:AC:1E:87:62:DA:27:8B:D9:12:CF:55:AA:6C:3A
X509v3 Authority Key Identifier:
keyid:E2:3C:0C:3E:01:06:C9:65:D4:60:CD:0C:3C:BC:5E:23:4F:82:A6:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4jwMPgEGyWXUYM0MPLxeI0-CprQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/647f28-59cf-4d68-a50f-1764b03618fc/1/L80iubnLrB6HYtoni9kSz1WqbDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/647f28-59cf-4d68-a50f-1764b03618fc/1/4jwMPgEGyWXUYM0MPLxeI0-CprQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.70.0/23
Signature Algorithm: sha256WithRSAEncryption
32:94:3f:55:13:ff:a7:41:eb:86:63:9d:3c:58:06:c4:da:c7:
ac:58:64:a0:ca:1b:86:0f:7c:ea:25:1f:02:35:f7:90:83:6f:
ce:44:5d:ff:ca:28:6b:63:33:97:74:59:05:02:d9:20:c3:ee:
8d:34:e6:ee:0f:94:9f:4b:40:64:dc:da:00:92:b7:79:b5:5a:
ac:da:7d:24:28:58:54:16:7d:d2:93:f6:42:15:5e:a7:37:19:
7c:26:53:11:c1:7f:42:e8:1d:5f:0a:39:8f:98:03:96:e6:e4:
fb:8b:68:37:ce:2d:dc:e0:8f:ef:0d:ea:72:d1:02:38:8b:7a:
fa:02:44:e4:8e:bd:c8:89:9d:3b:3a:7e:42:4f:5a:d8:31:72:
a4:2c:af:6e:67:e0:ba:17:35:44:74:2f:55:3e:a6:88:4e:7b:
d5:63:c2:d9:0b:4b:d6:1c:b0:d5:2a:bf:1c:7e:07:d8:7f:51:
ae:a5:12:0f:4e:0f:87:1d:00:8a:fa:65:12:41:d2:91:6d:40:
47:ec:c2:ab:60:50:54:3a:e0:6a:4c:da:64:d9:f8:57:4c:5c:
8c:7d:f5:d4:61:46:64:8f:2a:4d:fb:4e:07:26:2a:f0:52:0f:
0a:86:0a:5d:3a:90:dd:c1:38:8b:1d:2d:eb:0f:20:46:53:20:
d7:5b:5d:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJSr2EyaK51ZeIotHe76D+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyM2MwYzNlMDEwNmM5NjVkNDYwY2QwYzNjYmM1ZTIzNGY4
MmE2YjQwHhcNMjQwMTAyMDgyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmNkMjJiOWI5Y2JhYzFlODc2MmRhMjc4YmQ5MTJjZjU1YWE2YzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlG41FvAtz/Uto62+U+OyPjSYjdCl
sfw3Q4flwmEdFJ5br/pq8LsrFzqZ8cqvdsM29zJJRZUCby98V3UBx4lwyn2E+6cU
m8evFdcGvSkJvukPMsgdgty0HDRWzgYP+c0B06xS5DdIbV8NuWhcebdBkTe1hm3i
vvYkXWjeMK02nWZ81Dza3lPagqjh+m2fPWA6fCwsbt3cPjw2gmTy2cZSo1874NiL
CDMBm+3ab+3ymvfATQckAlPxilrgKscoSbnuwk8+wKUDZ54XPGalMrSrLaKykXLo
/solRWM2OtFzznPF00i0BbwfenFyqXNAIZ+2OdRrBjoHNSBJjq+pTQZAtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC/NIrm5y6weh2LaJ4vZEs9Vqmw6MB8GA1UdIwQY
MBaAFOI8DD4BBsll1GDNDDy8XiNPgqa0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGp3TVBnRUd5V1hVWU0wTVBMeGVJMC1DcHJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82NDdmMjgtNTljZi00ZDY4LWE1MGYt
MTc2NGIwMzYxOGZjLzEvTDgwaXVibkxyQjZIWXRvbmk5a1N6MVdxYkRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82NDdmMjgtNTljZi00ZDY4LWE1MGYtMTc2NGIwMzYxOGZj
LzEvNGp3TVBnRUd5V1hVWU0wTVBMeGVJMC1DcHJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwzxGMA0G
CSqGSIb3DQEBCwUAA4IBAQAylD9VE/+nQeuGY508WAbE2sesWGSgyhuGD3zqJR8C
NfeQg2/ORF3/yihrYzOXdFkFAtkgw+6NNObuD5SfS0Bk3NoAkrd5tVqs2n0kKFhU
Fn3Sk/ZCFV6nNxl8JlMRwX9C6B1fCjmPmAOW5uT7i2g3zi3c4I/vDepy0QI4i3r6
AkTkjr3IiZ07On5CT1rYMXKkLK9uZ+C6FzVEdC9VPqaITnvVY8LZC0vWHLDVKr8c
fgfYf1GupRIPTg+HHQCK+mUSQdKRbUBH7MKrYFBUOuBqTNpk2fhXTFyMffXUYUZk
jypN+04HJirwUg8KhgpdOpDdwTiLHS3rDyBGUyDXW12W
-----END CERTIFICATE-----
Generated at Tue May 28 21:09:47 2024 by rpki-client on console-ams.rpki-client.org