Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/01f08c-065e-4ac1-8e80-b15e3f09e01b/1/sldKW6VOM3Iq688A_CcRObQBSDw.roa
File: sldKW6VOM3Iq688A_CcRObQBSDw.roa (raw, json)
Hash identifier: mGXuCrVT2lJRa/zpheg4IxqphdmWhIf/NvxLlHFcteE=
Subject key identifier: B2:57:4A:5B:A5:4E:33:72:2A:EB:CF:00:FC:27:11:39:B4:01:48:3C
Certificate issuer: /CN=0c7161e622f63c0db8568d8cb4c4d7c0d9808346
Certificate serial: 018CC9BBFC5859587C3EA878A75D57C22684
Authority key identifier: 0C:71:61:E6:22:F6:3C:0D:B8:56:8D:8C:B4:C4:D7:C0:D9:80:83:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DHFh5iL2PA24Vo2MtMTXwNmAg0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/01f08c-065e-4ac1-8e80-b15e3f09e01b/1/sldKW6VOM3Iq688A_CcRObQBSDw.roa
Signing time: Tue 02 Jan 2024 10:33:09 +0000
ROA not before: Tue 02 Jan 2024 10:33:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210162
IP address blocks: 195.7.8.0/24 maxlen: 24
195.7.9.0/24 maxlen: 24
195.7.10.0/24 maxlen: 24
195.7.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/01f08c-065e-4ac1-8e80-b15e3f09e01b/1/DHFh5iL2PA24Vo2MtMTXwNmAg0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/01f08c-065e-4ac1-8e80-b15e3f09e01b/1/DHFh5iL2PA24Vo2MtMTXwNmAg0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/DHFh5iL2PA24Vo2MtMTXwNmAg0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:fc:58:59:58:7c:3e:a8:78:a7:5d:57:c2:26:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c7161e622f63c0db8568d8cb4c4d7c0d9808346
Validity
Not Before: Jan 2 10:33:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2574a5ba54e33722aebcf00fc271139b401483c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1e:bc:bd:c3:eb:24:e9:99:ee:f7:35:0a:6a:
68:3b:d1:84:e2:b4:cc:b9:60:3d:59:fa:a0:d4:f4:
b2:9e:fc:82:b5:d3:d0:32:c4:4f:a4:5c:e8:c4:d4:
ae:14:b5:92:51:b3:56:d6:d6:aa:8d:a4:d9:25:74:
1e:f2:e6:78:d1:b2:4c:eb:62:5a:6d:7f:8f:27:57:
99:f0:91:d5:2f:77:68:bf:12:92:4c:69:52:f3:19:
32:c7:ff:8b:e8:40:cc:4a:b9:53:1b:39:52:58:43:
0f:38:46:ae:81:8a:ac:7e:8a:1d:bb:b8:d4:36:cc:
9e:cc:81:69:47:77:96:c5:e2:a4:45:f6:7f:7b:e2:
90:69:f2:49:13:dd:df:7f:9b:49:7e:ea:73:b5:64:
50:19:ab:0c:fb:5c:43:87:53:73:54:98:20:50:82:
a2:07:83:3b:66:a2:a7:89:9f:35:cf:52:30:03:a0:
26:68:ea:cd:04:e3:a1:cc:73:28:e2:8b:f2:9e:37:
96:ea:07:48:a2:31:15:1f:86:d5:ee:9e:17:52:d6:
b7:6b:5c:63:ad:be:e2:d5:e1:e8:d9:f6:41:c9:fe:
d4:4d:99:2b:fb:4d:b5:69:58:1a:8f:dd:e3:e6:e4:
7f:64:27:ab:f5:e4:2c:8d:36:99:17:b3:ed:d5:0e:
ee:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:57:4A:5B:A5:4E:33:72:2A:EB:CF:00:FC:27:11:39:B4:01:48:3C
X509v3 Authority Key Identifier:
keyid:0C:71:61:E6:22:F6:3C:0D:B8:56:8D:8C:B4:C4:D7:C0:D9:80:83:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DHFh5iL2PA24Vo2MtMTXwNmAg0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01f08c-065e-4ac1-8e80-b15e3f09e01b/1/sldKW6VOM3Iq688A_CcRObQBSDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01f08c-065e-4ac1-8e80-b15e3f09e01b/1/DHFh5iL2PA24Vo2MtMTXwNmAg0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.7.8.0/22
Signature Algorithm: sha256WithRSAEncryption
95:8f:91:16:3d:86:75:96:ae:bf:df:98:49:5d:3c:7e:83:2e:
61:c8:c5:ba:4f:ae:ff:a4:4c:02:d8:32:53:36:d7:f5:d5:c5:
e2:e7:fb:a9:e8:bd:ab:db:87:3e:9c:59:aa:3f:37:d1:97:1c:
f9:4e:d4:ba:9d:04:a7:8a:27:fa:de:0d:f5:f8:47:aa:6d:8c:
d4:37:3f:bb:ef:91:4b:14:1c:e3:98:75:71:1b:b8:b4:f6:2a:
6a:d5:b4:06:89:36:7a:0f:12:71:15:b7:2d:2c:00:d3:60:15:
69:94:55:40:65:99:1f:33:e8:8a:e8:77:92:f4:44:5d:a3:ae:
18:2c:0f:3f:d5:7e:77:b3:e9:ae:d5:84:9c:21:cb:eb:b2:68:
1e:0a:d0:a7:f8:86:31:62:e5:83:ff:a6:94:ff:8a:48:7c:46:
78:6b:1a:cb:e1:cf:b3:c2:1a:16:0e:b3:1a:0b:11:fa:99:2f:
54:b5:38:d3:ab:74:d5:41:f4:b2:1d:08:8a:fb:05:95:4d:92:
89:93:ba:cd:05:4f:72:83:a7:25:74:24:4c:3f:4f:90:5d:d7:
ea:db:d2:cd:dc:c0:41:94:e8:f4:55:56:13:42:18:98:77:9e:
c0:d2:7a:4a:f2:b1:cf:2c:e3:ea:e4:18:3d:43:0c:18:64:e2:
f3:72:47:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu/xYWVh8Pqh4p11XwiaEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNzE2MWU2MjJmNjNjMGRiODU2OGQ4Y2I0YzRkN2MwZDk4
MDgzNDYwHhcNMjQwMTAyMTAzMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjU3NGE1YmE1NGUzMzcyMmFlYmNmMDBmYzI3MTEzOWI0MDE0ODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxB68vcPrJOmZ7vc1CmpoO9GE4rTM
uWA9Wfqg1PSynvyCtdPQMsRPpFzoxNSuFLWSUbNW1taqjaTZJXQe8uZ40bJM62Ja
bX+PJ1eZ8JHVL3dovxKSTGlS8xkyx/+L6EDMSrlTGzlSWEMPOEaugYqsfoodu7jU
NsyezIFpR3eWxeKkRfZ/e+KQafJJE93ff5tJfupztWRQGasM+1xDh1NzVJggUIKi
B4M7ZqKniZ81z1IwA6AmaOrNBOOhzHMo4ovynjeW6gdIojEVH4bV7p4XUta3a1xj
rb7i1eHo2fZByf7UTZkr+021aVgaj93j5uR/ZCer9eQsjTaZF7Pt1Q7uVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLJXSlulTjNyKuvPAPwnETm0AUg8MB8GA1UdIwQY
MBaAFAxxYeYi9jwNuFaNjLTE18DZgINGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREhGaDVpTDJQQTI0Vm8yTXRNVFh3Tm1BZzBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMWYwOGMtMDY1ZS00YWMxLThlODAt
YjE1ZTNmMDllMDFiLzEvc2xkS1c2Vk9NM0lxNjg4QV9DY1JPYlFCU0R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMWYwOGMtMDY1ZS00YWMxLThlODAtYjE1ZTNmMDllMDFi
LzEvREhGaDVpTDJQQTI0Vm8yTXRNVFh3Tm1BZzBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwwcIMA0G
CSqGSIb3DQEBCwUAA4IBAQCVj5EWPYZ1lq6/35hJXTx+gy5hyMW6T67/pEwC2DJT
Ntf11cXi5/up6L2r24c+nFmqPzfRlxz5TtS6nQSniif63g31+EeqbYzUNz+775FL
FBzjmHVxG7i09ipq1bQGiTZ6DxJxFbctLADTYBVplFVAZZkfM+iK6HeS9ERdo64Y
LA8/1X53s+mu1YScIcvrsmgeCtCn+IYxYuWD/6aU/4pIfEZ4axrL4c+zwhoWDrMa
CxH6mS9UtTjTq3TVQfSyHQiK+wWVTZKJk7rNBU9yg6cldCRMP0+QXdfq29LN3MBB
lOj0VVYTQhiYd57A0npK8rHPLOPq5Bg9QwwYZOLzckfO
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:01:27 2024 by rpki-client on console-fra.rpki-client.org