Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/476034-527d-4939-ad75-4f3c33c08884/1/1-QbTMJLLKzhnCi8dnis7s69kL8M.roa
File: 1-QbTMJLLKzhnCi8dnis7s69kL8M.roa (raw, json)
Hash identifier: 5YcJz68koD27szy6FZSiW4F9LJjvvdfQdgmi+XrCIlg=
Subject key identifier: F9:06:D3:30:92:CB:2B:38:67:0A:2F:1D:9E:2B:3B:B3:AF:64:2F:C3
Certificate issuer: /CN=ee0882e79174142d4e54cd11f71c15ba6e397213
Certificate serial: 018CC64B51A922214DD382F5F7A85CD71577
Authority key identifier: EE:08:82:E7:91:74:14:2D:4E:54:CD:11:F7:1C:15:BA:6E:39:72:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7giC55F0FC1OVM0R9xwVum45chM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/476034-527d-4939-ad75-4f3c33c08884/1/1-QbTMJLLKzhnCi8dnis7s69kL8M.roa
Signing time: Mon 01 Jan 2024 18:31:14 +0000
ROA not before: Mon 01 Jan 2024 18:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44254
IP address blocks: 195.93.151.0/24 maxlen: 24
195.93.150.0/23 maxlen: 23
195.93.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/476034-527d-4939-ad75-4f3c33c08884/1/7giC55F0FC1OVM0R9xwVum45chM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/476034-527d-4939-ad75-4f3c33c08884/1/7giC55F0FC1OVM0R9xwVum45chM.mft
rsync://rpki.ripe.net/repository/DEFAULT/7giC55F0FC1OVM0R9xwVum45chM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:02:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:51:a9:22:21:4d:d3:82:f5:f7:a8:5c:d7:15:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee0882e79174142d4e54cd11f71c15ba6e397213
Validity
Not Before: Jan 1 18:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f906d33092cb2b38670a2f1d9e2b3bb3af642fc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c8:aa:18:aa:b1:2b:06:0b:b6:8e:79:47:61:
a7:e9:de:b2:a6:80:54:c4:43:c8:34:30:af:d3:32:
e0:56:08:b2:ad:9d:af:31:cb:cd:3a:a4:bd:90:22:
bb:a8:68:e9:48:d9:11:4d:7c:40:11:0d:80:67:53:
0a:37:f7:20:e8:68:a3:f7:dd:fa:04:57:3e:94:d3:
0e:85:64:7d:d9:36:5d:51:e2:71:08:46:00:98:38:
8b:80:d7:e7:bd:4f:14:c6:0b:70:38:32:f9:9e:5c:
38:c5:2d:24:2d:ae:f2:0b:bc:7c:98:8b:c6:22:3a:
70:b9:2a:56:55:62:04:fc:07:d5:5c:3e:a0:16:16:
76:43:d4:86:61:0c:79:b9:76:18:c1:73:ab:3f:4d:
84:32:3e:ab:ab:e1:c1:21:5c:53:78:72:bd:b6:6a:
27:ff:d1:a4:00:07:dd:eb:05:e8:36:40:d3:53:d7:
75:04:52:2a:a6:50:dc:10:e6:d0:f1:b3:b4:ec:2c:
b4:f8:77:bd:1b:f1:6b:70:06:3f:a0:2a:b6:85:2b:
fa:6c:61:c2:f5:51:03:19:66:3c:63:aa:63:21:2e:
b3:6f:94:86:40:41:73:05:96:f9:9e:22:4a:08:51:
46:58:25:3f:b5:3d:48:b7:4b:0a:9e:74:a8:ef:e5:
fe:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:06:D3:30:92:CB:2B:38:67:0A:2F:1D:9E:2B:3B:B3:AF:64:2F:C3
X509v3 Authority Key Identifier:
keyid:EE:08:82:E7:91:74:14:2D:4E:54:CD:11:F7:1C:15:BA:6E:39:72:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7giC55F0FC1OVM0R9xwVum45chM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/476034-527d-4939-ad75-4f3c33c08884/1/1-QbTMJLLKzhnCi8dnis7s69kL8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/476034-527d-4939-ad75-4f3c33c08884/1/7giC55F0FC1OVM0R9xwVum45chM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.93.150.0/23
Signature Algorithm: sha256WithRSAEncryption
c0:34:1d:5c:bb:8a:19:c3:a3:11:21:6b:2a:9c:35:0b:12:5f:
e6:9b:7f:e2:d7:16:c7:9d:4a:bf:6d:bd:0c:8f:be:69:8a:82:
88:0d:0b:9b:28:74:e4:41:82:bf:de:28:e7:cf:0f:c8:19:25:
bd:84:d3:dd:81:4b:7c:fc:77:ea:4b:b8:7a:d6:dd:78:fb:d5:
35:a2:73:f8:07:ee:af:71:f7:60:76:e2:c9:ac:3d:78:e4:6f:
47:17:28:ae:77:62:93:b9:42:73:9a:b1:bc:92:d8:97:c7:b1:
b8:2d:5b:a8:93:70:8e:64:ee:bf:2d:cd:6f:81:8a:06:1d:34:
69:09:8b:7c:ff:b5:9a:1d:dd:75:ad:c2:e1:82:87:97:c1:17:
c8:a6:ca:53:45:38:17:4c:2c:5f:56:86:d0:66:4a:f0:54:75:
9d:de:95:99:cd:38:55:ae:78:a3:04:39:94:d4:c2:03:17:0f:
22:05:2e:c9:e6:0a:c8:7a:28:51:8c:58:4b:c4:65:a5:70:88:
4f:4a:d4:7b:f9:81:b7:96:1c:a7:e8:e3:63:05:f3:2e:3b:85:
fb:59:3e:04:41:89:55:1b:41:29:87:5e:14:e3:1b:dd:1a:65:
92:da:3a:73:ae:43:2d:78:81:9e:7e:ed:9c:9c:cf:9e:a0:07:
c1:7a:ea:5f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzGS1GpIiFN04L196hc1xV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMDg4MmU3OTE3NDE0MmQ0ZTU0Y2QxMWY3MWMxNWJhNmUz
OTcyMTMwHhcNMjQwMTAxMTgzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTA2ZDMzMDkyY2IyYjM4NjcwYTJmMWQ5ZTJiM2JiM2FmNjQyZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMiqGKqxKwYLto55R2Gn6d6ypoBU
xEPINDCv0zLgVgiyrZ2vMcvNOqS9kCK7qGjpSNkRTXxAEQ2AZ1MKN/cg6Gij9936
BFc+lNMOhWR92TZdUeJxCEYAmDiLgNfnvU8UxgtwODL5nlw4xS0kLa7yC7x8mIvG
IjpwuSpWVWIE/AfVXD6gFhZ2Q9SGYQx5uXYYwXOrP02EMj6rq+HBIVxTeHK9tmon
/9GkAAfd6wXoNkDTU9d1BFIqplDcEObQ8bO07Cy0+He9G/FrcAY/oCq2hSv6bGHC
9VEDGWY8Y6pjIS6zb5SGQEFzBZb5niJKCFFGWCU/tT1It0sKnnSo7+X+nwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPkG0zCSyys4ZwovHZ4rO7OvZC/DMB8GA1UdIwQY
MBaAFO4IgueRdBQtTlTNEfccFbpuOXITMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2dpQzU1RjBGQzFPVk0wUjl4d1Z1bTQ1Y2hNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS80NzYwMzQtNTI3ZC00OTM5LWFkNzUt
NGYzYzMzYzA4ODg0LzEvMS1RYlRNSkxMS3pobkNpOGRuaXM3czY5a0w4TS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDEvNDc2MDM0LTUyN2QtNDkzOS1hZDc1LTRmM2MzM2MwODg4
NC8xLzdnaUM1NUYwRkMxT1ZNMFI5eHdWdW00NWNoTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcNdljAN
BgkqhkiG9w0BAQsFAAOCAQEAwDQdXLuKGcOjESFrKpw1CxJf5pt/4tcWx51Kv229
DI++aYqCiA0Lmyh05EGCv94o588PyBklvYTT3YFLfPx36ku4etbdePvVNaJz+Afu
r3H3YHbiyaw9eORvRxcorndik7lCc5qxvJLYl8exuC1bqJNwjmTuvy3Nb4GKBh00
aQmLfP+1mh3dda3C4YKHl8EXyKbKU0U4F0wsX1aG0GZK8FR1nd6Vmc04Va54owQ5
lNTCAxcPIgUuyeYKyHooUYxYS8RlpXCIT0rUe/mBt5Ycp+jjYwXzLjuF+1k+BEGJ
VRtBKYdeFOMb3Rplkto6c65DLXiBnn7tnJzPnqAHwXrqXw==
-----END CERTIFICATE-----
Generated at Sun May 19 06:45:17 2024 by rpki-client on console-fra.rpki-client.org