Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ab23ff-e53b-4d08-8392-9af993b0343e/1/AjOuCJyXQ10AFVM5FxxJqGwF_xY.roa
File: AjOuCJyXQ10AFVM5FxxJqGwF_xY.roa (raw, json)
Hash identifier: fvsoZHundr5WgSaOuIq+PAxDspNpypqcHTBZ14qU004=
Subject key identifier: 02:33:AE:08:9C:97:43:5D:00:15:53:39:17:1C:49:A8:6C:05:FF:16
Certificate issuer: /CN=9304eba2a97a09c9b3b08cff83dfb477141bc1cb
Certificate serial: 018CC8DF3967169A1AE01A06C2A2C0867AD6
Authority key identifier: 93:04:EB:A2:A9:7A:09:C9:B3:B0:8C:FF:83:DF:B4:77:14:1B:C1:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kwTroql6CcmzsIz_g9-0dxQbwcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ab23ff-e53b-4d08-8392-9af993b0343e/1/AjOuCJyXQ10AFVM5FxxJqGwF_xY.roa
Signing time: Tue 02 Jan 2024 06:32:01 +0000
ROA not before: Tue 02 Jan 2024 06:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198408
IP address blocks: 195.245.105.0/24 maxlen: 24
195.245.104.0/24 maxlen: 24
195.245.104.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/ab23ff-e53b-4d08-8392-9af993b0343e/1/kwTroql6CcmzsIz_g9-0dxQbwcs.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/ab23ff-e53b-4d08-8392-9af993b0343e/1/kwTroql6CcmzsIz_g9-0dxQbwcs.mft
rsync://rpki.ripe.net/repository/DEFAULT/kwTroql6CcmzsIz_g9-0dxQbwcs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:39:67:16:9a:1a:e0:1a:06:c2:a2:c0:86:7a:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9304eba2a97a09c9b3b08cff83dfb477141bc1cb
Validity
Not Before: Jan 2 06:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0233ae089c97435d00155339171c49a86c05ff16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:27:b8:e1:3f:7f:20:4e:db:49:25:57:90:5f:
41:cf:8e:b8:17:d2:05:7f:65:8e:8b:85:1a:66:47:
2f:3c:87:7a:a6:96:1b:b2:ae:6a:d0:91:f2:50:ab:
80:b0:96:2f:8a:80:dd:42:0c:46:63:30:04:c0:75:
d5:b3:78:4e:43:76:8a:25:6f:76:a6:b3:39:98:3c:
8d:b4:39:3c:29:6b:b9:9c:15:5f:d9:c7:98:fc:7f:
fc:fb:fc:4e:a7:ba:cd:24:76:ef:a3:4a:6f:cf:c3:
a5:8f:30:23:0d:2d:04:da:65:b5:2c:f0:2d:44:ae:
cf:fe:b3:dc:16:6f:6c:66:59:aa:8f:79:7c:07:ef:
af:7d:92:34:ff:74:92:d2:4d:9c:d2:5b:c6:7a:da:
46:a5:60:1e:3a:02:8f:c3:f8:a4:06:b7:30:96:e0:
64:77:c7:99:b2:21:9e:9e:fa:3f:92:ab:53:41:98:
15:68:6a:8b:76:a7:5f:c6:0f:43:24:39:2d:6d:e8:
9f:b8:68:de:cc:29:a0:cc:a5:d9:4c:48:62:0b:0b:
99:d1:42:49:64:55:49:ab:d4:97:58:e3:a2:37:1c:
81:11:33:c0:bd:2f:a4:ee:68:ad:22:18:c1:91:03:
34:a4:f3:9d:a9:c6:ca:9e:11:23:4b:7e:42:ec:47:
f4:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:33:AE:08:9C:97:43:5D:00:15:53:39:17:1C:49:A8:6C:05:FF:16
X509v3 Authority Key Identifier:
keyid:93:04:EB:A2:A9:7A:09:C9:B3:B0:8C:FF:83:DF:B4:77:14:1B:C1:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kwTroql6CcmzsIz_g9-0dxQbwcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ab23ff-e53b-4d08-8392-9af993b0343e/1/AjOuCJyXQ10AFVM5FxxJqGwF_xY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ab23ff-e53b-4d08-8392-9af993b0343e/1/kwTroql6CcmzsIz_g9-0dxQbwcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.245.104.0/23
Signature Algorithm: sha256WithRSAEncryption
25:d3:54:15:7c:d3:19:04:45:4c:9c:6b:63:c5:04:be:ec:a7:
37:52:de:aa:1b:4c:64:ee:31:8c:7e:1e:ca:79:3c:20:55:62:
45:11:c1:71:ef:b4:87:02:c4:b3:44:12:0d:86:f6:03:d1:d7:
b4:9a:13:13:39:e9:58:ed:45:44:8f:50:47:75:3d:ab:8d:d5:
50:f1:30:01:9f:b4:7b:ea:3b:da:f8:29:d7:da:f9:84:6a:de:
8a:71:74:c9:f8:52:5a:e3:a9:9b:3d:39:62:ec:3f:3c:1d:bb:
85:6b:7d:12:b0:08:2d:f5:55:2e:75:cc:40:68:60:04:58:51:
20:f9:f2:c4:94:d9:11:06:f2:4d:a8:2b:c7:43:b5:74:0b:28:
71:5f:47:45:01:e0:04:c4:c5:04:4b:2e:36:96:80:ba:07:55:
76:35:1b:60:57:7a:c7:c1:bd:2b:f0:5b:62:d4:e5:ea:a0:99:
2c:f3:94:f0:31:96:fa:e9:4a:55:93:20:93:f4:e1:ba:63:32:
21:56:ca:b4:99:d9:07:35:9f:c7:5b:b2:15:f2:ad:c9:5a:b4:
ed:c6:a8:fa:b9:fc:a4:95:6b:77:40:78:aa:30:b4:e2:61:8f:
fc:34:f0:07:52:67:9b:67:e0:e5:1b:5e:35:c8:37:12:e8:fb:
3d:bc:69:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3zlnFpoa4BoGwqLAhnrWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMDRlYmEyYTk3YTA5YzliM2IwOGNmZjgzZGZiNDc3MTQx
YmMxY2IwHhcNMjQwMTAyMDYzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjMzYWUwODljOTc0MzVkMDAxNTUzMzkxNzFjNDlhODZjMDVmZjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSe44T9/IE7bSSVXkF9Bz464F9IF
f2WOi4UaZkcvPId6ppYbsq5q0JHyUKuAsJYvioDdQgxGYzAEwHXVs3hOQ3aKJW92
prM5mDyNtDk8KWu5nBVf2ceY/H/8+/xOp7rNJHbvo0pvz8OljzAjDS0E2mW1LPAt
RK7P/rPcFm9sZlmqj3l8B++vfZI0/3SS0k2c0lvGetpGpWAeOgKPw/ikBrcwluBk
d8eZsiGenvo/kqtTQZgVaGqLdqdfxg9DJDktbeifuGjezCmgzKXZTEhiCwuZ0UJJ
ZFVJq9SXWOOiNxyBETPAvS+k7mitIhjBkQM0pPOdqcbKnhEjS35C7Ef0awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAIzrgicl0NdABVTORccSahsBf8WMB8GA1UdIwQY
MBaAFJME66KpegnJs7CM/4PftHcUG8HLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3dUcm9xbDZDY216c0l6X2c5LTBkeFFid2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hYjIzZmYtZTUzYi00ZDA4LTgzOTIt
OWFmOTkzYjAzNDNlLzEvQWpPdUNKeVhRMTBBRlZNNUZ4eEpxR3dGX3hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hYjIzZmYtZTUzYi00ZDA4LTgzOTItOWFmOTkzYjAzNDNl
LzEva3dUcm9xbDZDY216c0l6X2c5LTBkeFFid2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw/VoMA0G
CSqGSIb3DQEBCwUAA4IBAQAl01QVfNMZBEVMnGtjxQS+7Kc3Ut6qG0xk7jGMfh7K
eTwgVWJFEcFx77SHAsSzRBINhvYD0de0mhMTOelY7UVEj1BHdT2rjdVQ8TABn7R7
6jva+CnX2vmEat6KcXTJ+FJa46mbPTli7D88HbuFa30SsAgt9VUudcxAaGAEWFEg
+fLElNkRBvJNqCvHQ7V0CyhxX0dFAeAExMUESy42loC6B1V2NRtgV3rHwb0r8Fti
1OXqoJks85TwMZb66UpVkyCT9OG6YzIhVsq0mdkHNZ/HW7IV8q3JWrTtxqj6ufyk
lWt3QHiqMLTiYY/8NPAHUmebZ+DlG141yDcS6Ps9vGmN
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:29:07 2024 by rpki-client on console-ams.rpki-client.org