Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/AVukTnzRYIwsMdLGlQ_cOHMeZsM.roa
File: AVukTnzRYIwsMdLGlQ_cOHMeZsM.roa (raw, json)
Hash identifier: 9jbPC965zXP2O9a7lpwqOIKiCovFmWKWbhcKlCN7QvI=
Subject key identifier: 01:5B:A4:4E:7C:D1:60:8C:2C:31:D2:C6:95:0F:DC:38:73:1E:66:C3
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 018CC348F1E85FC5BF7B3A70B630699B5BB4
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/AVukTnzRYIwsMdLGlQ_cOHMeZsM.roa
Signing time: Mon 01 Jan 2024 04:29:46 +0000
ROA not before: Mon 01 Jan 2024 04:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5489
IP address blocks: 195.251.120.0/22 maxlen: 22
195.251.240.0/22 maxlen: 22
195.251.238.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 08:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f1:e8:5f:c5:bf:7b:3a:70:b6:30:69:9b:5b:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 1 04:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=015ba44e7cd1608c2c31d2c6950fdc38731e66c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:65:b0:bd:62:c7:a8:f7:7a:28:aa:7e:05:40:
03:9f:23:8d:28:d9:6c:a0:40:1f:c8:7a:da:f9:86:
bb:e7:c5:6d:7f:48:7d:ad:bc:f3:71:fa:2d:39:0b:
f6:12:16:d9:b0:f0:03:c4:fd:ad:55:2c:4e:c1:29:
ad:3f:ef:81:2e:13:c5:d2:53:52:62:5d:f2:5e:9b:
e4:7a:8b:fa:47:42:33:0c:c4:f1:0f:79:53:6f:ee:
e4:5d:47:e9:fd:77:ba:9e:db:9c:69:4a:07:a5:d7:
a8:1e:bb:f0:61:0c:89:65:93:ea:8a:f3:f6:57:a2:
31:fc:46:c2:4c:02:1b:26:0a:bf:9b:ff:5d:57:3a:
82:eb:25:38:cc:14:07:4e:6c:3c:37:0a:18:63:cc:
69:2b:47:08:21:ae:b1:ee:3f:7a:e4:6e:9d:8d:da:
98:10:f1:ef:6a:4c:84:05:dc:0c:4c:44:2b:61:0e:
96:90:a1:2c:87:c3:ff:53:85:4b:ca:3d:63:12:dc:
b9:ff:17:bf:d9:8a:cc:55:f0:f3:ef:df:77:11:04:
8c:f7:2c:c5:2a:20:f4:24:05:24:6a:28:79:9e:82:
e9:bf:6f:c3:de:71:4d:06:73:8c:9d:57:a0:42:25:
de:fe:d7:c7:6f:a1:ae:bc:d1:8f:7f:27:d8:80:c3:
4b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:5B:A4:4E:7C:D1:60:8C:2C:31:D2:C6:95:0F:DC:38:73:1E:66:C3
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/AVukTnzRYIwsMdLGlQ_cOHMeZsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.251.120.0/22
195.251.238.0-195.251.243.255
Signature Algorithm: sha256WithRSAEncryption
6b:72:2b:ec:61:a3:85:ca:a0:ea:1a:1e:ea:a4:cc:71:8a:b7:
52:92:72:3b:d6:f3:01:98:a7:a0:c1:16:46:ba:75:08:de:70:
40:b1:d7:f8:51:fb:73:ad:21:14:58:bd:c8:3d:d4:89:2b:16:
37:10:2b:f7:48:45:28:00:21:c9:38:92:1b:1c:51:f7:9a:b4:
aa:7c:49:ce:70:2f:ad:38:9b:d0:d4:e0:a4:03:9c:b2:3a:be:
40:33:89:0a:14:d1:7e:d4:ad:5e:7f:0d:65:7c:81:b1:6b:2a:
7c:f0:c5:fe:30:14:02:12:aa:fd:5a:1f:2d:80:3e:66:e6:d0:
92:85:35:f8:4c:e9:05:9d:db:10:7f:a3:bd:d2:95:62:5d:ce:
15:ce:3e:3b:50:81:93:29:e4:fb:f8:ce:77:e4:60:5f:47:9b:
c1:c1:a3:e0:b7:bd:f0:4b:99:01:af:17:ab:46:77:d6:77:73:
0c:55:d1:fc:b7:60:2c:34:d0:5f:26:2d:19:54:c2:c1:88:9a:
8b:96:ec:1e:1c:9f:34:97:47:e6:eb:fb:9a:84:bb:aa:54:df:
ed:f5:af:6c:a7:18:c6:36:e4:3e:5c:55:d0:9c:2b:90:6f:2e:
4b:31:81:da:a2:28:74:00:c5:6f:00:55:f6:da:d5:f5:5d:07:
a1:bb:e1:4b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzDSPHoX8W/ezpwtjBpm1u0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjQwMTAxMDQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTViYTQ0ZTdjZDE2MDhjMmMzMWQyYzY5NTBmZGMzODczMWU2NmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWWwvWLHqPd6KKp+BUADnyONKNls
oEAfyHra+Ya758Vtf0h9rbzzcfotOQv2EhbZsPADxP2tVSxOwSmtP++BLhPF0lNS
Yl3yXpvkeov6R0IzDMTxD3lTb+7kXUfp/Xe6ntucaUoHpdeoHrvwYQyJZZPqivP2
V6Ix/EbCTAIbJgq/m/9dVzqC6yU4zBQHTmw8NwoYY8xpK0cIIa6x7j965G6djdqY
EPHvakyEBdwMTEQrYQ6WkKEsh8P/U4VLyj1jEty5/xe/2YrMVfDz7993EQSM9yzF
KiD0JAUkaih5noLpv2/D3nFNBnOMnVegQiXe/tfHb6GuvNGPfyfYgMNLcwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAFbpE580WCMLDHSxpUP3DhzHmbDMB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEvQVZ1a1RuelJZSXdzTWRMR2xRX2NPSE1lWnNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCw/t4MAwD
BAHD++4DBALD+/AwDQYJKoZIhvcNAQELBQADggEBAGtyK+xho4XKoOoaHuqkzHGK
t1KScjvW8wGYp6DBFka6dQjecECx1/hR+3OtIRRYvcg91IkrFjcQK/dIRSgAIck4
khscUfeatKp8Sc5wL604m9DU4KQDnLI6vkAziQoU0X7UrV5/DWV8gbFrKnzwxf4w
FAISqv1aHy2APmbm0JKFNfhM6QWd2xB/o73SlWJdzhXOPjtQgZMp5Pv4znfkYF9H
m8HBo+C3vfBLmQGvF6tGd9Z3cwxV0fy3YCw00F8mLRlUwsGImouW7B4cnzSXR+br
+5qEu6pU3+31r2ynGMY25D5cVdCcK5BvLksxgdqiKHQAxW8AVfba1fVdB6G74Us=
-----END CERTIFICATE-----
Generated at Mon Jul 1 11:33:26 2024 by rpki-client on console-fra.rpki-client.org