Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/V4D-CKZXey1sg1-PqiHw3qO4S_Q.roa
File: V4D-CKZXey1sg1-PqiHw3qO4S_Q.roa (raw, json)
Hash identifier: LUEGEjkVulONmTU/BQcqR/iAbrwQRKAXkebwaTyHf6I=
Subject key identifier: 57:80:FE:08:A6:57:7B:2D:6C:83:5F:8F:AA:21:F0:DE:A3:B8:4B:F4
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 018CC348F5F6929DFAA0592BFDDC013B6689
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/V4D-CKZXey1sg1-PqiHw3qO4S_Q.roa
Signing time: Mon 01 Jan 2024 04:29:47 +0000
ROA not before: Mon 01 Jan 2024 04:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8643
IP address blocks: 195.130.123.0/24 maxlen: 24
195.130.64.0/23 maxlen: 23
2001:648:2010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 01:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f5:f6:92:9d:fa:a0:59:2b:fd:dc:01:3b:66:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 1 04:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5780fe08a6577b2d6c835f8faa21f0dea3b84bf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:8a:f4:33:cd:54:5e:73:e5:36:83:03:03:c5:
df:af:d7:5c:09:fe:98:11:f8:f6:e5:9b:22:7d:06:
44:19:d9:91:73:2d:30:e0:7b:9a:9c:08:c3:33:be:
a3:4b:4b:16:90:9e:80:bb:24:dd:db:77:84:dc:12:
1f:64:35:13:97:f6:c3:8b:fc:c1:59:df:9e:54:39:
ee:93:60:7a:82:26:80:6f:48:78:11:fa:b0:07:ca:
bd:b9:51:35:8b:f5:e9:8d:d8:57:33:57:a3:41:cd:
cc:89:f9:d3:fa:91:96:23:6e:3e:9b:10:69:79:dc:
fe:16:93:0d:de:c9:a4:0b:06:29:12:ab:fb:19:79:
fc:06:ad:ed:bf:92:79:8e:fb:35:e1:a1:ce:ce:7e:
32:ba:81:1c:8d:60:2d:5a:b0:b8:93:4e:d6:6e:69:
58:90:a5:65:58:d0:c3:e4:eb:ca:54:60:36:fb:81:
15:03:20:65:91:8c:a7:7e:44:6b:d3:00:6e:48:87:
0c:cb:c8:26:2e:13:30:de:01:e6:a8:42:a6:8e:4a:
98:51:b8:e5:9b:9e:11:e2:f6:9a:38:c4:6d:92:90:
25:f3:61:ca:20:17:aa:3a:dc:9a:4e:a5:d3:55:c1:
c7:3e:30:d8:07:fd:e4:5f:8e:ff:50:12:ba:56:92:
8c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:80:FE:08:A6:57:7B:2D:6C:83:5F:8F:AA:21:F0:DE:A3:B8:4B:F4
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/V4D-CKZXey1sg1-PqiHw3qO4S_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.130.64.0/23
195.130.123.0/24
IPv6:
2001:648:2010::/48
Signature Algorithm: sha256WithRSAEncryption
73:01:aa:07:96:23:ab:ed:f9:f9:70:9a:a2:b7:27:ba:91:e5:
63:75:1f:a4:dc:a4:12:0e:f8:47:48:0d:16:bd:1a:9a:7d:b9:
ca:b4:83:55:98:ac:9d:b9:04:42:60:c5:dc:58:e4:82:c4:d9:
44:09:c2:a9:2e:a5:b9:ec:19:30:a5:16:cb:ae:c1:70:7a:92:
57:2e:a1:61:22:b6:05:c8:b6:ce:06:f5:7e:11:3f:3c:d9:a7:
e8:e6:57:35:82:94:b8:ef:9b:74:2f:bb:03:f3:22:84:38:a4:
56:4a:ba:39:5e:10:6d:77:0e:a9:46:ae:cc:5c:4b:1c:41:a2:
23:df:cf:94:97:49:95:1a:5d:9b:ae:8e:41:86:bd:3f:a8:6a:
3d:77:f9:95:45:96:e8:d2:aa:09:ef:38:56:15:da:9d:ba:36:
b8:67:32:3e:8f:33:6c:41:75:c6:02:4e:08:e7:60:1c:99:80:
d2:86:40:45:24:96:6a:28:3a:09:a4:c5:bd:f9:74:d5:cc:5f:
d4:71:96:9d:14:f8:4f:2c:77:50:98:2e:4e:a9:e2:3f:79:15:
e2:32:05:f5:83:25:cb:2e:3b:3f:d2:4d:63:ea:29:b3:dd:b1:
4f:ff:08:35:b8:d7:10:4c:30:7c:53:dd:fd:55:84:c7:c7:16:
3e:06:a1:d4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzDSPX2kp36oFkr/dwBO2aJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjQwMTAxMDQyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzgwZmUwOGE2NTc3YjJkNmM4MzVmOGZhYTIxZjBkZWEzYjg0YmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIr0M81UXnPlNoMDA8Xfr9dcCf6Y
Efj25ZsifQZEGdmRcy0w4HuanAjDM76jS0sWkJ6AuyTd23eE3BIfZDUTl/bDi/zB
Wd+eVDnuk2B6giaAb0h4EfqwB8q9uVE1i/XpjdhXM1ejQc3MifnT+pGWI24+mxBp
edz+FpMN3smkCwYpEqv7GXn8Bq3tv5J5jvs14aHOzn4yuoEcjWAtWrC4k07WbmlY
kKVlWNDD5OvKVGA2+4EVAyBlkYynfkRr0wBuSIcMy8gmLhMw3gHmqEKmjkqYUbjl
m54R4vaaOMRtkpAl82HKIBeqOtyaTqXTVcHHPjDYB/3kX47/UBK6VpKMKQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFeA/gimV3stbINfj6oh8N6juEv0MB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEvVjRELUNLWlhleTFzZzEtUHFpSHczcU80U19RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBw4JAAwQA
w4J7MA8EAgACMAkDBwAgAQZIIBAwDQYJKoZIhvcNAQELBQADggEBAHMBqgeWI6vt
+flwmqK3J7qR5WN1H6TcpBIO+EdIDRa9Gpp9ucq0g1WYrJ25BEJgxdxY5ILE2UQJ
wqkupbnsGTClFsuuwXB6klcuoWEitgXIts4G9X4RPzzZp+jmVzWClLjvm3QvuwPz
IoQ4pFZKujleEG13DqlGrsxcSxxBoiPfz5SXSZUaXZuujkGGvT+oaj13+ZVFlujS
qgnvOFYV2p26NrhnMj6PM2xBdcYCTgjnYByZgNKGQEUklmooOgmkxb35dNXMX9Rx
lp0U+E8sd1CYLk6p4j95FeIyBfWDJcsuOz/STWPqKbPdsU//CDW41xBMMHxT3f1V
hMfHFj4GodQ=
-----END CERTIFICATE-----
Generated at Mon Jul 1 10:47:43 2024 by rpki-client on console-ams.rpki-client.org