Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/H7D4NxIq3cwWhYwnkb38aUb187I.roa
File: H7D4NxIq3cwWhYwnkb38aUb187I.roa (raw, json)
Hash identifier: DDMkcPpIgdxXpLjYPn/JVx819LJ+9sJeuJPgZBOiLus=
Subject key identifier: 1F:B0:F8:37:12:2A:DD:CC:16:85:8C:27:91:BD:FC:69:46:F5:F3:B2
Certificate issuer: /CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Certificate serial: 018D553E40891EEE4FBB2D1B2A100A759753
Authority key identifier: C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/H7D4NxIq3cwWhYwnkb38aUb187I.roa
Signing time: Mon 29 Jan 2024 12:42:39 +0000
ROA not before: Mon 29 Jan 2024 12:42:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197726
IP address blocks: 195.123.176.0/24 maxlen: 24
195.123.178.0/24 maxlen: 24
195.123.179.0/24 maxlen: 24
195.123.187.0/24 maxlen: 24
195.123.188.0/24 maxlen: 24
195.123.189.0/24 maxlen: 24
195.123.190.0/24 maxlen: 24
195.123.191.0/24 maxlen: 24
195.123.193.0/24 maxlen: 24
195.123.194.0/24 maxlen: 24
195.123.195.0/24 maxlen: 24
195.123.196.0/22 maxlen: 22
195.123.248.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:55:3e:40:89:1e:ee:4f:bb:2d:1b:2a:10:0a:75:97:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Validity
Not Before: Jan 29 12:42:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1fb0f837122addcc16858c2791bdfc6946f5f3b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:27:69:ea:0e:20:4d:cc:01:b4:44:47:5e:82:
b2:5e:eb:fe:04:79:de:b8:ef:17:bb:2b:39:ca:28:
0e:9b:74:0c:6d:19:3d:84:4e:cf:b7:6c:19:87:74:
f8:00:9f:8d:34:6a:08:66:94:55:23:f0:26:81:96:
01:8e:c5:de:1b:27:9f:06:cd:e6:97:d4:d3:9d:c4:
17:48:19:e1:79:1b:c7:2b:65:b8:7b:7f:e9:2f:7d:
29:c2:d2:21:33:03:b6:20:14:d6:c4:48:2b:83:0d:
8e:9e:77:d8:07:c8:fc:ae:89:57:08:26:29:ef:af:
c5:c6:20:ad:3a:80:ce:98:e5:97:27:85:10:0b:16:
d5:c7:5e:40:4d:2d:5a:d3:af:3b:0a:22:c4:f7:93:
9f:d1:fe:60:63:f5:ab:07:0b:40:24:2f:96:a0:61:
97:14:6c:46:10:b8:3c:2f:e3:6a:c0:1b:16:99:62:
d3:bd:01:ee:47:e4:79:40:84:4f:21:5f:ee:a3:1c:
99:be:19:48:7c:91:75:6e:8d:f0:fe:fc:7b:ed:27:
3e:3f:56:b4:b5:9e:66:e7:58:8f:e7:9d:8a:70:86:
07:5c:51:20:16:ea:6c:cf:ce:46:5a:9d:da:0f:d7:
8e:97:2c:6c:7a:5b:c4:db:73:80:81:4c:96:e3:df:
f0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:B0:F8:37:12:2A:DD:CC:16:85:8C:27:91:BD:FC:69:46:F5:F3:B2
X509v3 Authority Key Identifier:
keyid:C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/H7D4NxIq3cwWhYwnkb38aUb187I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.123.176.0/24
195.123.178.0/23
195.123.187.0-195.123.191.255
195.123.193.0-195.123.199.255
195.123.248.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:c1:6a:bf:cc:69:33:ba:d6:ac:88:ee:4a:45:64:92:a7:d3:
9a:05:7a:53:f0:6c:43:19:24:6b:56:37:1b:9f:e9:03:95:21:
40:dc:4d:5f:4d:13:37:3c:71:83:88:bf:0b:ac:34:d9:d7:25:
cf:09:61:50:1a:4d:14:88:a9:8c:6d:cb:e4:54:f3:dc:06:64:
92:81:63:52:fe:5e:e3:bd:20:1d:0e:c8:32:c3:2b:2c:30:25:
38:47:c9:3a:e2:ca:17:ac:28:33:2f:5d:23:73:ce:ab:ce:62:
33:ba:f8:bb:f6:60:62:23:0b:03:57:b8:96:d4:d6:cb:00:b6:
32:cd:d8:94:42:d6:b8:8d:d7:d6:42:06:25:db:ec:d4:5f:24:
db:78:9d:bd:d0:8b:85:d9:66:70:6e:2d:fd:1c:d9:4d:3e:21:
55:2c:6f:36:bf:0f:48:7c:09:0a:b0:ff:56:d7:ed:62:69:54:
e9:a9:73:e2:ff:3c:f4:f4:9d:93:67:a4:c4:c6:6c:40:4c:23:
07:17:1e:fa:db:71:db:76:e0:0a:c1:da:d3:c7:ba:6a:0e:f3:
bb:b4:3b:3e:ed:75:73:f1:33:b0:9a:aa:6e:2c:bb:e4:14:42:
93:04:f6:74:4c:23:ec:44:d8:80:d0:06:db:85:9d:56:4f:8e:
00:b3:07:b8
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAY1VPkCJHu5Puy0bKhAKdZdTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDVhZGM1YzQyNjJkZmY2YjNmM2U2MDY4MzBjN2Y5NzFk
NzY2Y2UwHhcNMjQwMTI5MTI0MjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmIwZjgzNzEyMmFkZGNjMTY4NThjMjc5MWJkZmM2OTQ2ZjVmM2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlydp6g4gTcwBtERHXoKyXuv+BHne
uO8Xuys5yigOm3QMbRk9hE7Pt2wZh3T4AJ+NNGoIZpRVI/AmgZYBjsXeGyefBs3m
l9TTncQXSBnheRvHK2W4e3/pL30pwtIhMwO2IBTWxEgrgw2OnnfYB8j8rolXCCYp
76/FxiCtOoDOmOWXJ4UQCxbVx15ATS1a0687CiLE95Of0f5gY/WrBwtAJC+WoGGX
FGxGELg8L+NqwBsWmWLTvQHuR+R5QIRPIV/uoxyZvhlIfJF1bo3w/vx77Sc+P1a0
tZ5m51iP552KcIYHXFEgFupsz85GWp3aD9eOlyxselvE23OAgUyW49/wYQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFB+w+DcSKt3MFoWMJ5G9/GlG9fOyMB8GA1UdIwQY
MBaAFMEFrcXEJi3/az8+YGgwx/lx12bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODkt
NTE1ODQ1ZTZjMzE3LzEvSDdENE54SXEzY3dXaFl3bmtiMzhhVWIxODdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODktNTE1ODQ1ZTZjMzE3
LzEvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQAw3uwAwQB
w3uyMAwDBADDe7sDBAbDe4AwDAMEAMN7wQMEA8N7wAMEAsN7+DANBgkqhkiG9w0B
AQsFAAOCAQEAqcFqv8xpM7rWrIjuSkVkkqfTmgV6U/BsQxkka1Y3G5/pA5UhQNxN
X00TNzxxg4i/C6w02dclzwlhUBpNFIipjG3L5FTz3AZkkoFjUv5e470gHQ7IMsMr
LDAlOEfJOuLKF6woMy9dI3POq85iM7r4u/ZgYiMLA1e4ltTWywC2Ms3YlELWuI3X
1kIGJdvs1F8k23idvdCLhdlmcG4t/RzZTT4hVSxvNr8PSHwJCrD/VtftYmlU6alz
4v889PSdk2ekxMZsQEwjBxce+ttx23bgCsHa08e6ag7zu7Q7Pu11c/EzsJqqbiy7
5BRCkwT2dEwj7ETYgNAG24WdVk+OALMHuA==
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:58:37 2024 by rpki-client on console-ams.rpki-client.org