Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/se2VMrdwJ7lMTDTYchtZ_rqrwWk.roa
File: se2VMrdwJ7lMTDTYchtZ_rqrwWk.roa (raw, json)
Hash identifier: 0metrOFI/CLhyYIWonhAodhEqxzBJKBGM9QlUwIyhJU=
Subject key identifier: B1:ED:95:32:B7:70:27:B9:4C:4C:34:D8:72:1B:59:FE:BA:AB:C1:69
Certificate issuer: /CN=0b1c6d0de70cc51805b63a5e2327622525d075b1
Certificate serial: 01909C73D2980A12733D0C0665683FB84B7C
Authority key identifier: 0B:1C:6D:0D:E7:0C:C5:18:05:B6:3A:5E:23:27:62:25:25:D0:75:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CxxtDecMxRgFtjpeIydiJSXQdbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/se2VMrdwJ7lMTDTYchtZ_rqrwWk.roa
Signing time: Wed 10 Jul 2024 11:42:34 +0000
ROA not before: Wed 10 Jul 2024 11:42:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 85.158.140.0/24 maxlen: 24
85.158.141.0/24 maxlen: 24
85.158.142.0/24 maxlen: 24
85.158.143.0/24 maxlen: 24
195.245.230.0/24 maxlen: 24
195.245.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/CxxtDecMxRgFtjpeIydiJSXQdbE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/CxxtDecMxRgFtjpeIydiJSXQdbE.mft
rsync://rpki.ripe.net/repository/DEFAULT/CxxtDecMxRgFtjpeIydiJSXQdbE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9c:73:d2:98:0a:12:73:3d:0c:06:65:68:3f:b8:4b:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1c6d0de70cc51805b63a5e2327622525d075b1
Validity
Not Before: Jul 10 11:42:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1ed9532b77027b94c4c34d8721b59febaabc169
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c0:0c:ba:f0:bc:c1:22:d2:0b:f7:51:65:01:
64:be:35:ff:74:69:8a:6c:6e:d5:4f:00:96:40:0e:
24:4d:60:a4:3c:e3:94:82:57:1f:24:54:0b:e0:90:
ac:54:82:8c:96:03:6a:62:26:b9:c0:72:3e:69:28:
f5:fc:7f:32:1b:ab:cd:fe:62:f0:45:95:1f:34:a9:
4e:13:9e:3c:a4:06:ec:44:8b:ce:b3:57:50:52:6a:
f8:78:96:38:53:70:c4:0b:28:4d:f2:a3:ed:ef:ef:
23:4b:60:92:88:85:3e:58:d5:ec:2f:da:4d:0a:17:
7e:c7:47:a2:4d:54:c0:3b:05:46:11:e2:aa:84:2c:
3c:e3:12:14:5d:e3:8c:3f:6b:97:e2:53:eb:c4:a4:
06:1c:09:33:93:b6:d9:e6:e9:29:5f:23:fc:2f:a0:
02:02:c7:1f:8b:dd:aa:22:45:6c:7c:9b:ba:cc:4d:
03:cc:ca:38:09:d6:a7:cb:10:cf:65:ef:31:14:42:
2b:eb:8a:98:35:ad:a9:e3:70:d7:be:94:6f:0a:14:
af:89:43:e7:fb:9f:98:a3:02:f8:44:09:a8:f3:85:
3b:a1:b3:51:71:d0:56:d9:33:f4:10:a3:83:0a:be:
9d:5f:57:d5:e9:c2:64:46:f5:c5:9c:4e:c6:1e:82:
1d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:ED:95:32:B7:70:27:B9:4C:4C:34:D8:72:1B:59:FE:BA:AB:C1:69
X509v3 Authority Key Identifier:
keyid:0B:1C:6D:0D:E7:0C:C5:18:05:B6:3A:5E:23:27:62:25:25:D0:75:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CxxtDecMxRgFtjpeIydiJSXQdbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/se2VMrdwJ7lMTDTYchtZ_rqrwWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/CxxtDecMxRgFtjpeIydiJSXQdbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.140.0/22
195.245.230.0/23
Signature Algorithm: sha256WithRSAEncryption
22:07:b0:55:63:bb:5d:02:3f:7d:0a:27:0a:d1:ac:c3:e3:a9:
d3:7b:28:18:6f:d0:c4:63:ba:3a:39:21:d5:b1:88:87:01:f3:
bf:0d:db:a8:9b:c9:e5:70:61:47:c1:26:9c:71:3a:8f:2b:57:
3d:0c:00:c0:67:b8:e0:ce:70:ec:16:8b:89:82:5b:7e:46:2e:
38:4d:93:70:41:17:eb:ae:f5:a1:1f:c1:10:13:82:bd:0b:a3:
96:57:b9:ce:ec:fe:3f:e5:aa:18:1b:cc:dd:78:3a:a9:44:11:
1d:9c:63:ca:fc:6b:4b:7e:82:d6:29:50:6d:3b:8c:0c:5f:fb:
56:19:f6:cc:68:7c:f1:57:d5:88:b1:cb:33:0a:26:50:8a:23:
57:56:1b:97:cf:01:82:cd:98:93:91:93:33:c4:37:ee:09:8d:
e1:6e:53:21:9e:23:d6:5a:fc:42:67:6a:98:2c:73:05:ca:4c:
97:ab:39:8f:00:49:c4:02:86:3f:c9:e7:04:43:7f:30:62:fa:
ca:46:48:9e:df:85:15:56:bd:a8:45:40:a6:2c:eb:42:50:64:
d1:3a:64:be:3f:c3:02:8a:7a:9c:aa:c4:92:8d:4d:60:bd:79:
90:18:a6:b4:8d:d5:1f:39:31:23:94:ae:f6:69:aa:a1:04:ae:
f5:69:98:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZCcc9KYChJzPQwGZWg/uEt8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMWM2ZDBkZTcwY2M1MTgwNWI2M2E1ZTIzMjc2MjI1MjVk
MDc1YjEwHhcNMjQwNzEwMTE0MjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWVkOTUzMmI3NzAyN2I5NGM0YzM0ZDg3MjFiNTlmZWJhYWJjMTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sAMuvC8wSLSC/dRZQFkvjX/dGmK
bG7VTwCWQA4kTWCkPOOUglcfJFQL4JCsVIKMlgNqYia5wHI+aSj1/H8yG6vN/mLw
RZUfNKlOE548pAbsRIvOs1dQUmr4eJY4U3DECyhN8qPt7+8jS2CSiIU+WNXsL9pN
Chd+x0eiTVTAOwVGEeKqhCw84xIUXeOMP2uX4lPrxKQGHAkzk7bZ5ukpXyP8L6AC
Ascfi92qIkVsfJu6zE0DzMo4CdanyxDPZe8xFEIr64qYNa2p43DXvpRvChSviUPn
+5+YowL4RAmo84U7obNRcdBW2TP0EKODCr6dX1fV6cJkRvXFnE7GHoIdlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLHtlTK3cCe5TEw02HIbWf66q8FpMB8GA1UdIwQY
MBaAFAscbQ3nDMUYBbY6XiMnYiUl0HWxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3h4dERlY014UmdGdGpwZUl5ZGlKU1hRZGJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hMTk3MmEtOWUxOC00NzkxLTg1MzAt
Zjc3NGYxZWFmYmZmLzEvc2UyVk1yZHdKN2xNVERUWWNodFpfcnFyd1drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9hMTk3MmEtOWUxOC00NzkxLTg1MzAtZjc3NGYxZWFmYmZm
LzEvQ3h4dERlY014UmdGdGpwZUl5ZGlKU1hRZGJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVZ6MAwQB
w/XmMA0GCSqGSIb3DQEBCwUAA4IBAQAiB7BVY7tdAj99CicK0azD46nTeygYb9DE
Y7o6OSHVsYiHAfO/Dduom8nlcGFHwSaccTqPK1c9DADAZ7jgznDsFouJglt+Ri44
TZNwQRfrrvWhH8EQE4K9C6OWV7nO7P4/5aoYG8zdeDqpRBEdnGPK/GtLfoLWKVBt
O4wMX/tWGfbMaHzxV9WIscszCiZQiiNXVhuXzwGCzZiTkZMzxDfuCY3hblMhniPW
WvxCZ2qYLHMFykyXqzmPAEnEAoY/yecEQ38wYvrKRkie34UVVr2oRUCmLOtCUGTR
OmS+P8MCinqcqsSSjU1gvXmQGKa0jdUfOTEjlK72aaqhBK71aZh8
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:49:42 2024 by rpki-client on console-fra.rpki-client.org