Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/_lD4qzQRtfv24I-UTlO97x4jmuI.roa
File: _lD4qzQRtfv24I-UTlO97x4jmuI.roa (raw, json)
Hash identifier: yGduBYpcYdxAvsFPf25W0w6vcTeCOgUDW+SJQVeHJdo=
Subject key identifier: FE:50:F8:AB:34:11:B5:FB:F6:E0:8F:94:4E:53:BD:EF:1E:23:9A:E2
Certificate issuer: /CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Certificate serial: 018CC8DD006CD0A5EEE2706427CA39061627
Authority key identifier: 0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/_lD4qzQRtfv24I-UTlO97x4jmuI.roa
Signing time: Tue 02 Jan 2024 06:29:35 +0000
ROA not before: Tue 02 Jan 2024 06:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210289
IP address blocks: 195.177.230.0/24 maxlen: 24
195.177.231.0/24 maxlen: 24
195.178.104.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.mft
rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:00:6c:d0:a5:ee:e2:70:64:27:ca:39:06:16:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Validity
Not Before: Jan 2 06:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe50f8ab3411b5fbf6e08f944e53bdef1e239ae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f5:f1:c6:a4:3d:cb:29:e4:3d:7c:44:7b:5e:
49:a8:b1:98:d1:09:85:1c:a5:c1:28:bd:43:63:29:
34:1b:bd:e3:96:99:d5:e6:98:4c:c2:c1:d5:8f:a2:
17:65:44:70:d5:38:7d:e2:ac:b3:9c:12:4a:8d:df:
d8:68:9c:99:6f:68:bf:ab:9b:d0:5f:15:29:08:fc:
b9:de:61:b8:77:fc:21:5b:72:10:58:06:82:4f:e5:
ff:5f:6c:30:8d:2a:f3:e1:f0:53:04:06:f5:e4:c3:
76:70:b9:50:12:8f:4b:c4:ea:7e:35:15:88:ee:b5:
67:65:20:76:36:7c:9b:d8:68:6a:46:25:0e:14:b6:
ae:70:49:e0:43:9b:58:22:91:e5:17:90:f9:84:52:
65:62:8a:6e:8b:79:b1:37:0c:6a:45:1a:f0:10:1a:
47:69:6d:d4:de:da:8d:92:39:f0:dc:c8:04:3f:92:
f1:ae:e9:38:c0:22:df:30:73:5d:ca:95:e2:51:be:
b0:31:9e:3c:73:db:b3:4e:d3:cb:2e:a2:e6:61:e9:
81:67:cf:58:d6:bf:d2:8e:e7:8c:ff:6b:3e:59:24:
d2:7e:f7:7d:bc:23:5a:bf:49:19:34:72:ce:80:31:
7d:4a:09:c1:c3:b0:07:16:22:b1:bd:5a:8f:b2:00:
ef:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:50:F8:AB:34:11:B5:FB:F6:E0:8F:94:4E:53:BD:EF:1E:23:9A:E2
X509v3 Authority Key Identifier:
keyid:0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/_lD4qzQRtfv24I-UTlO97x4jmuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.177.230.0/23
195.178.104.0/23
Signature Algorithm: sha256WithRSAEncryption
94:99:1d:22:d7:09:bd:f6:dd:83:e7:3e:aa:cb:fc:b1:33:5b:
e3:ed:b6:ca:7a:e5:76:bd:87:17:f6:b4:66:33:5a:0a:65:0f:
66:4e:27:70:46:b3:a1:ca:3d:6d:71:02:ed:5b:f8:2e:6e:d5:
5e:8c:c3:af:4c:30:a5:af:09:8f:b7:27:ff:7d:4b:dd:78:f7:
de:63:98:e1:f2:b7:33:a1:dc:7d:7b:d6:76:44:82:ef:73:28:
5d:ed:b4:dd:66:2f:a4:ef:a6:a0:26:4c:a9:0e:cd:17:71:8d:
00:75:30:02:15:d8:53:36:e0:5f:11:63:7f:e5:f4:96:80:f5:
0d:32:6c:de:2e:08:03:1b:86:f2:ad:fd:07:b0:66:f6:79:9f:
5b:b3:b6:09:b1:11:c6:ea:7b:0c:2b:2a:bb:37:61:44:19:f4:
ec:e1:66:55:57:28:97:35:f0:0c:3b:1f:0d:d5:fd:2b:02:9b:
28:08:39:3d:e6:fa:8b:64:73:a3:a2:cd:b0:25:d7:d1:cd:79:
8a:f6:e8:16:cf:26:bb:da:d7:80:85:65:f3:90:2a:4d:87:ea:
5d:85:3e:b6:f1:1b:af:e7:e3:2a:14:0c:d1:53:34:29:d0:75:
0e:0e:4b:fe:cf:57:be:69:2e:97:eb:fa:a7:2d:b5:c3:81:33:
7d:08:9e:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3QBs0KXu4nBkJ8o5BhYnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOWM3N2ExZGNkYjhlZWQ2MmNkM2NhODBhNTE0NGRjNGUy
NDNmNGUwHhcNMjQwMTAyMDYyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTUwZjhhYjM0MTFiNWZiZjZlMDhmOTQ0ZTUzYmRlZjFlMjM5YWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/XxxqQ9yynkPXxEe15JqLGY0QmF
HKXBKL1DYyk0G73jlpnV5phMwsHVj6IXZURw1Th94qyznBJKjd/YaJyZb2i/q5vQ
XxUpCPy53mG4d/whW3IQWAaCT+X/X2wwjSrz4fBTBAb15MN2cLlQEo9LxOp+NRWI
7rVnZSB2Nnyb2GhqRiUOFLaucEngQ5tYIpHlF5D5hFJlYopui3mxNwxqRRrwEBpH
aW3U3tqNkjnw3MgEP5Lxruk4wCLfMHNdypXiUb6wMZ48c9uzTtPLLqLmYemBZ89Y
1r/SjueM/2s+WSTSfvd9vCNav0kZNHLOgDF9SgnBw7AHFiKxvVqPsgDvgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP5Q+Ks0EbX79uCPlE5Tve8eI5riMB8GA1UdIwQY
MBaAFA+cd6Hc247tYs08qApRRNxOJD9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgt
YWNjNTY5NzdiNmY0LzEvX2xENHF6UVJ0ZnYyNEktVVRsTzk3eDRqbXVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgtYWNjNTY5NzdiNmY0
LzEvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw7HmAwQB
w7JoMA0GCSqGSIb3DQEBCwUAA4IBAQCUmR0i1wm99t2D5z6qy/yxM1vj7bbKeuV2
vYcX9rRmM1oKZQ9mTidwRrOhyj1tcQLtW/gubtVejMOvTDClrwmPtyf/fUvdePfe
Y5jh8rczodx9e9Z2RILvcyhd7bTdZi+k76agJkypDs0XcY0AdTACFdhTNuBfEWN/
5fSWgPUNMmzeLggDG4byrf0HsGb2eZ9bs7YJsRHG6nsMKyq7N2FEGfTs4WZVVyiX
NfAMOx8N1f0rApsoCDk95vqLZHOjos2wJdfRzXmK9ugWzya72teAhWXzkCpNh+pd
hT628Ruv5+MqFAzRUzQp0HUODkv+z1e+aS6X6/qnLbXDgTN9CJ7y
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:14:50 2024 by rpki-client on console-fra.rpki-client.org