Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/0vhbry9267z1bycFaeKiv2Y1xGk.roa
File: 0vhbry9267z1bycFaeKiv2Y1xGk.roa (raw, json)
Hash identifier: 5eGxNGd4irinhUhREjnfSFwjMcYS8D+uMIZwb4U9zIo=
Subject key identifier: D2:F8:5B:AF:2F:76:EB:BC:F5:6F:27:05:69:E2:A2:BF:66:35:C4:69
Certificate issuer: /CN=2ef957aba2ef00352850e202464c71d33ca81448
Certificate serial: 018CC49306450782CA4815708003CC96FF57
Authority key identifier: 2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/0vhbry9267z1bycFaeKiv2Y1xGk.roa
Signing time: Mon 01 Jan 2024 10:30:18 +0000
ROA not before: Mon 01 Jan 2024 10:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2198
IP address blocks: 195.221.84.0/24 maxlen: 24
194.214.55.0/24 maxlen: 24
194.254.189.0/24 maxlen: 24
193.51.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:06:45:07:82:ca:48:15:70:80:03:cc:96:ff:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ef957aba2ef00352850e202464c71d33ca81448
Validity
Not Before: Jan 1 10:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2f85baf2f76ebbcf56f270569e2a2bf6635c469
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:84:96:23:04:ae:ac:dc:8a:c3:c3:07:66:6c:
0b:50:d4:3a:79:95:62:68:94:60:d4:44:d3:52:b1:
62:7e:c2:a2:ed:5f:50:62:ae:b3:69:84:d9:aa:e8:
e8:b3:b9:13:f9:d4:54:c7:6c:3f:d6:ed:d2:6a:8d:
b7:a6:14:7d:0c:55:ec:87:4e:0d:5c:27:13:5f:92:
9f:fe:af:33:1c:fa:b8:78:b5:31:73:01:26:60:9f:
1b:70:db:a2:22:33:e4:2c:d5:78:82:57:a4:fa:f9:
ae:4b:18:67:13:6e:46:6e:31:f5:b5:02:a9:dd:32:
01:ad:ae:65:35:76:99:66:27:a1:4f:ee:c1:f7:3f:
50:65:83:02:66:71:34:79:30:a1:ed:73:0c:eb:64:
c3:06:b6:f4:b0:e7:c0:37:4c:10:45:6f:21:c5:95:
8d:83:d8:ca:db:54:a8:81:ed:a6:b6:d0:08:f5:e0:
41:42:a3:86:32:fb:91:28:f3:2a:8b:6b:e3:7b:10:
fa:26:fe:dd:d3:b4:40:f7:e1:9b:20:d5:f6:8d:aa:
6d:47:a1:e8:c3:09:00:07:9a:a0:33:f2:61:65:a1:
2f:7a:36:38:1a:26:9a:23:96:d3:a3:47:0b:76:f4:
23:1a:a1:3f:9f:fe:1b:81:4a:1e:75:15:97:eb:be:
c6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:F8:5B:AF:2F:76:EB:BC:F5:6F:27:05:69:E2:A2:BF:66:35:C4:69
X509v3 Authority Key Identifier:
keyid:2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/0vhbry9267z1bycFaeKiv2Y1xGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.51.249.0/24
194.214.55.0/24
194.254.189.0/24
195.221.84.0/24
Signature Algorithm: sha256WithRSAEncryption
53:98:85:53:e7:77:a6:c4:ee:fe:e1:af:60:be:08:df:8e:fb:
5a:9d:70:c6:ce:6b:c8:3b:b7:50:4c:d7:7d:ef:40:70:f3:6a:
bb:43:d5:2e:8f:b2:e7:1f:13:a7:7a:5f:ea:cd:39:c9:3a:93:
df:fe:64:df:91:b4:bd:68:96:f0:6d:eb:46:2a:b8:a4:67:96:
4a:59:d7:f7:90:2c:d1:7e:86:90:75:20:78:79:82:27:00:9a:
0c:f1:7e:46:59:0e:3d:e3:67:09:b5:b0:29:15:70:b2:b3:37:
7b:f7:e1:64:76:bd:6d:3e:2b:56:60:66:8a:f0:98:5a:d4:1d:
7a:fa:65:89:96:e0:a2:60:25:fe:be:d9:69:a2:8b:16:91:1b:
b3:0f:44:0b:40:9f:f4:97:ff:17:b6:f5:17:cb:22:53:cc:db:
dc:b0:cc:6b:a6:b6:0a:86:e0:8d:c4:5c:4c:8f:db:95:0e:1e:
86:39:3c:69:a8:1d:0f:0f:38:0f:bb:8c:13:73:d7:e2:59:0a:
45:f9:f6:3b:b9:df:1a:22:5d:8b:ea:d9:e7:25:7f:f5:07:c3:
9f:31:80:e4:23:e6:66:68:f2:0c:9b:31:45:5b:83:54:60:ae:
70:04:37:1f:99:34:c4:31:5b:8b:33:45:ad:34:9a:c0:84:28:
42:9f:83:c2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkwZFB4LKSBVwgAPMlv9XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZjk1N2FiYTJlZjAwMzUyODUwZTIwMjQ2NGM3MWQzM2Nh
ODE0NDgwHhcNMjQwMTAxMTAzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmY4NWJhZjJmNzZlYmJjZjU2ZjI3MDU2OWUyYTJiZjY2MzVjNDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4SWIwSurNyKw8MHZmwLUNQ6eZVi
aJRg1ETTUrFifsKi7V9QYq6zaYTZqujos7kT+dRUx2w/1u3Sao23phR9DFXsh04N
XCcTX5Kf/q8zHPq4eLUxcwEmYJ8bcNuiIjPkLNV4glek+vmuSxhnE25GbjH1tQKp
3TIBra5lNXaZZiehT+7B9z9QZYMCZnE0eTCh7XMM62TDBrb0sOfAN0wQRW8hxZWN
g9jK21Soge2mttAI9eBBQqOGMvuRKPMqi2vjexD6Jv7d07RA9+GbINX2japtR6Ho
wwkAB5qgM/JhZaEvejY4GiaaI5bTo0cLdvQjGqE/n/4bgUoedRWX677GRQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNL4W68vduu89W8nBWnior9mNcRpMB8GA1UdIwQY
MBaAFC75V6ui7wA1KFDiAkZMcdM8qBRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYt
MDRhMjdjNGQ1NDUzLzEvMHZoYnJ5OTI2N3oxYnljRmFlS2l2MlkxeEdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYtMDRhMjdjNGQ1NDUz
LzEvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwTP5AwQA
wtY3AwQAwv69AwQAw91UMA0GCSqGSIb3DQEBCwUAA4IBAQBTmIVT53emxO7+4a9g
vgjfjvtanXDGzmvIO7dQTNd970Bw82q7Q9Uuj7LnHxOnel/qzTnJOpPf/mTfkbS9
aJbwbetGKrikZ5ZKWdf3kCzRfoaQdSB4eYInAJoM8X5GWQ4942cJtbApFXCyszd7
9+Fkdr1tPitWYGaK8Jha1B16+mWJluCiYCX+vtlpoosWkRuzD0QLQJ/0l/8XtvUX
yyJTzNvcsMxrprYKhuCNxFxMj9uVDh6GOTxpqB0PDzgPu4wTc9fiWQpF+fY7ud8a
Il2L6tnnJX/1B8OfMYDkI+ZmaPIMmzFFW4NUYK5wBDcfmTTEMVuLM0WtNJrAhChC
n4PC
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:19:35 2024 by rpki-client on console-fra.rpki-client.org