Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/90a5cf-e484-4bb2-a285-6a49b5a31294/1/lIXtrHGS948vk6cSievb8AvHCWQ.roa
File: lIXtrHGS948vk6cSievb8AvHCWQ.roa (raw, json)
Hash identifier: 5XLn5evbGCW+DfdgfiH/wbML6PyoSdzwNc8nL9Q3mA8=
Subject key identifier: 94:85:ED:AC:71:92:F7:8F:2F:93:A7:12:89:EB:DB:F0:0B:C7:09:64
Certificate issuer: /CN=b4f33f6fd29baf03cc4d485af5f6b70da6b0099f
Certificate serial: 0191374B41CB95099C4465AB2C459AA83D7A
Authority key identifier: B4:F3:3F:6F:D2:9B:AF:03:CC:4D:48:5A:F5:F6:B7:0D:A6:B0:09:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPM_b9KbrwPMTUha9fa3DaawCZ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/90a5cf-e484-4bb2-a285-6a49b5a31294/1/lIXtrHGS948vk6cSievb8AvHCWQ.roa
Signing time: Fri 09 Aug 2024 13:19:24 +0000
ROA not before: Fri 09 Aug 2024 13:19:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8511
IP address blocks: 195.38.160.0/19 maxlen: 19
195.38.179.0/24 maxlen: 24
2a11:a380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/90a5cf-e484-4bb2-a285-6a49b5a31294/1/tPM_b9KbrwPMTUha9fa3DaawCZ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/90a5cf-e484-4bb2-a285-6a49b5a31294/1/tPM_b9KbrwPMTUha9fa3DaawCZ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPM_b9KbrwPMTUha9fa3DaawCZ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 07:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:37:4b:41:cb:95:09:9c:44:65:ab:2c:45:9a:a8:3d:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f33f6fd29baf03cc4d485af5f6b70da6b0099f
Validity
Not Before: Aug 9 13:19:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9485edac7192f78f2f93a71289ebdbf00bc70964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6f:e3:c4:0d:34:7b:89:59:79:1c:49:4c:33:
97:30:92:ea:e7:c9:5d:19:80:bb:1b:c8:14:d8:24:
cc:c6:71:06:fa:fb:2f:d7:9d:99:1b:1b:ee:cc:3f:
13:15:df:15:84:a2:e7:7f:4f:3e:75:61:63:ca:c0:
77:0f:41:30:36:a0:f5:0d:78:09:81:f8:1e:fc:7a:
07:19:0a:06:a7:19:9a:d9:12:a7:ae:b9:7d:8f:44:
99:16:12:cb:e1:5c:d2:61:18:04:3e:d3:5a:05:15:
f2:15:9b:18:b7:8e:ba:6f:ce:db:0d:87:8e:c0:92:
4d:90:fe:0e:ca:c6:ef:f4:cc:d6:e4:e1:3d:82:44:
8c:62:d4:0c:04:a4:03:08:34:b2:0b:15:d6:bf:04:
ef:3d:cd:87:8e:cc:5f:8b:7c:94:23:54:ee:9a:d1:
bd:8e:75:74:0b:b3:ed:92:c1:98:80:27:aa:f1:b6:
8d:f7:7e:2b:ea:09:d7:7b:3e:07:01:01:a7:60:d2:
c7:d7:ed:5c:71:06:10:b3:91:31:c6:01:8f:42:a7:
20:3e:50:18:c6:0a:8f:c0:b7:ba:cc:26:f3:9b:86:
7d:e7:4c:fe:b5:10:9d:14:1e:d6:f5:5c:4f:05:9f:
31:e8:82:bc:9b:49:9a:02:80:ab:90:a3:6a:21:89:
9e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:85:ED:AC:71:92:F7:8F:2F:93:A7:12:89:EB:DB:F0:0B:C7:09:64
X509v3 Authority Key Identifier:
keyid:B4:F3:3F:6F:D2:9B:AF:03:CC:4D:48:5A:F5:F6:B7:0D:A6:B0:09:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPM_b9KbrwPMTUha9fa3DaawCZ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/90a5cf-e484-4bb2-a285-6a49b5a31294/1/lIXtrHGS948vk6cSievb8AvHCWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/90a5cf-e484-4bb2-a285-6a49b5a31294/1/tPM_b9KbrwPMTUha9fa3DaawCZ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.38.160.0/19
IPv6:
2a11:a380::/29
Signature Algorithm: sha256WithRSAEncryption
67:09:d6:65:1f:ed:23:a4:05:c6:a3:d1:c0:bf:1f:3f:7e:28:
53:31:2d:3a:11:52:c6:de:bf:25:a1:e2:c4:27:b4:ed:9a:c5:
a1:15:9e:1d:dd:49:74:c7:d1:8f:9e:bc:dc:fc:cd:c0:f5:3c:
6f:62:fe:e3:3a:2a:c1:be:a6:82:85:8c:fb:0c:7b:ce:82:ea:
35:7b:a6:c8:29:d5:c0:99:ac:59:77:40:0f:87:d6:06:d5:0d:
f4:92:70:b7:8d:e3:88:29:a0:39:c4:36:b7:0f:3e:ec:95:e6:
fe:e4:4b:8a:01:be:55:24:1d:85:b5:a8:f2:9d:4c:34:d6:b6:
09:a2:cf:60:84:9e:dc:7d:b1:69:b3:ab:d6:31:ac:45:47:13:
d9:f9:7a:0b:bf:4a:1e:8a:66:38:17:ff:0c:a6:19:49:bd:62:
40:e3:6f:51:d3:51:79:e9:85:40:7b:0e:5e:2b:ea:4b:92:7e:
f8:7d:ff:89:af:2b:1a:4b:bd:d0:f9:3c:8c:a3:9e:1a:67:92:
3d:0b:30:b2:39:e8:de:2b:80:fa:8c:86:15:8b:3d:01:33:ff:
aa:24:e7:08:69:28:02:37:c0:e3:fa:57:db:bc:98:1b:ca:d7:
fe:69:ca:a9:47:ab:12:a3:51:ba:91:2c:45:f5:4b:50:22:6c:
cc:1e:db:1b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZE3S0HLlQmcRGWrLEWaqD16MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZjMzZjZmZDI5YmFmMDNjYzRkNDg1YWY1ZjZiNzBkYTZi
MDA5OWYwHhcNMjQwODA5MTMxOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDg1ZWRhYzcxOTJmNzhmMmY5M2E3MTI4OWViZGJmMDBiYzcwOTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2/jxA00e4lZeRxJTDOXMJLq58ld
GYC7G8gU2CTMxnEG+vsv152ZGxvuzD8TFd8VhKLnf08+dWFjysB3D0EwNqD1DXgJ
gfge/HoHGQoGpxma2RKnrrl9j0SZFhLL4VzSYRgEPtNaBRXyFZsYt466b87bDYeO
wJJNkP4Oysbv9MzW5OE9gkSMYtQMBKQDCDSyCxXWvwTvPc2Hjsxfi3yUI1TumtG9
jnV0C7PtksGYgCeq8baN934r6gnXez4HAQGnYNLH1+1ccQYQs5ExxgGPQqcgPlAY
xgqPwLe6zCbzm4Z950z+tRCdFB7W9VxPBZ8x6IK8m0maAoCrkKNqIYmeiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJSF7axxkvePL5OnEonr2/ALxwlkMB8GA1UdIwQY
MBaAFLTzP2/Sm68DzE1IWvX2tw2msAmfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBNX2I5S2Jyd1BNVFVoYTlmYTNEYWF3Q1o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC85MGE1Y2YtZTQ4NC00YmIyLWEyODUt
NmE0OWI1YTMxMjk0LzEvbElYdHJIR1M5NDh2azZjU2lldmI4QXZIQ1dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC85MGE1Y2YtZTQ4NC00YmIyLWEyODUtNmE0OWI1YTMxMjk0
LzEvdFBNX2I5S2Jyd1BNVFVoYTlmYTNEYWF3Q1o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFwyagMA0E
AgACMAcDBQMqEaOAMA0GCSqGSIb3DQEBCwUAA4IBAQBnCdZlH+0jpAXGo9HAvx8/
fihTMS06EVLG3r8loeLEJ7TtmsWhFZ4d3Ul0x9GPnrzc/M3A9TxvYv7jOirBvqaC
hYz7DHvOguo1e6bIKdXAmaxZd0APh9YG1Q30knC3jeOIKaA5xDa3Dz7sleb+5EuK
Ab5VJB2FtajynUw01rYJos9ghJ7cfbFps6vWMaxFRxPZ+XoLv0oeimY4F/8MphlJ
vWJA429R01F56YVAew5eK+pLkn74ff+JrysaS73Q+TyMo54aZ5I9CzCyOejeK4D6
jIYViz0BM/+qJOcIaSgCN8Dj+lfbvJgbytf+acqpR6sSo1G6kSxF9UtQImzMHtsb
-----END CERTIFICATE-----
Generated at Tue Nov 26 17:55:55 2024 by rpki-client on console-ams.rpki-client.org