Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/96b597-ca2b-4a9c-bb82-5bbe7b20f3fc/1/r29FHqJtP2aQGohaoJtsi1mP70o.roa
File: r29FHqJtP2aQGohaoJtsi1mP70o.roa (raw, json)
Hash identifier: 7AgfdxIqwEes+Pa+544p4ZE8ASsUALUM0EoZ0sV13uA=
Subject key identifier: AF:6F:45:1E:A2:6D:3F:66:90:1A:88:5A:A0:9B:6C:8B:59:8F:EF:4A
Certificate issuer: /CN=9672fe8715b63a120ed7d067eb525fe4b6de90f7
Certificate serial: 018CC7271D929012777784ED1A09627F1E6B
Authority key identifier: 96:72:FE:87:15:B6:3A:12:0E:D7:D0:67:EB:52:5F:E4:B6:DE:90:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lnL-hxW2OhIO19Bn61Jf5LbekPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/96b597-ca2b-4a9c-bb82-5bbe7b20f3fc/1/r29FHqJtP2aQGohaoJtsi1mP70o.roa
Signing time: Mon 01 Jan 2024 22:31:18 +0000
ROA not before: Mon 01 Jan 2024 22:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25419
IP address blocks: 195.190.138.0/24 maxlen: 24
2001:678:22c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/96b597-ca2b-4a9c-bb82-5bbe7b20f3fc/1/lnL-hxW2OhIO19Bn61Jf5LbekPc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/96b597-ca2b-4a9c-bb82-5bbe7b20f3fc/1/lnL-hxW2OhIO19Bn61Jf5LbekPc.mft
rsync://rpki.ripe.net/repository/DEFAULT/lnL-hxW2OhIO19Bn61Jf5LbekPc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:1d:92:90:12:77:77:84:ed:1a:09:62:7f:1e:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9672fe8715b63a120ed7d067eb525fe4b6de90f7
Validity
Not Before: Jan 1 22:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af6f451ea26d3f66901a885aa09b6c8b598fef4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:37:c4:cc:38:3c:bd:9a:3a:5f:0f:53:36:a2:
59:1a:3c:ee:7f:8f:a8:3a:03:6d:67:f0:6a:7e:65:
2c:52:2b:89:96:bb:67:1c:c3:eb:df:0a:59:5c:b3:
cb:63:8d:a7:b2:c7:20:22:54:f4:f0:b6:f8:dc:5b:
8d:8a:0d:91:3e:0c:39:ea:78:69:f8:57:b8:60:13:
54:cf:cf:29:95:39:67:95:d4:03:02:59:6e:ba:f6:
50:d3:fb:eb:b8:04:43:a1:a1:80:74:91:14:8b:c7:
90:6a:1f:13:58:ce:63:7f:87:fa:97:6f:5e:2b:8a:
f3:61:a2:fa:6e:8c:d7:bf:a1:a7:78:73:0d:2b:27:
26:bb:48:67:33:16:75:ad:1c:dc:09:ec:cd:7f:6c:
be:88:02:85:bf:63:83:fb:d2:19:32:7d:bc:36:61:
6e:1a:16:46:3b:f7:e1:18:8d:4e:fa:db:8f:7c:05:
fe:74:04:c8:9e:32:7e:aa:1d:a1:95:2a:1b:93:78:
11:25:63:57:b1:4f:4c:c5:8a:db:9d:d5:22:7d:63:
5a:d9:19:17:a0:10:eb:90:99:49:ac:17:87:f7:fe:
a6:76:8d:00:98:02:0f:26:cd:0b:ad:b8:95:99:cb:
94:78:7e:7c:91:ee:b5:23:81:b3:87:fe:23:e6:ef:
07:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:6F:45:1E:A2:6D:3F:66:90:1A:88:5A:A0:9B:6C:8B:59:8F:EF:4A
X509v3 Authority Key Identifier:
keyid:96:72:FE:87:15:B6:3A:12:0E:D7:D0:67:EB:52:5F:E4:B6:DE:90:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lnL-hxW2OhIO19Bn61Jf5LbekPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/96b597-ca2b-4a9c-bb82-5bbe7b20f3fc/1/r29FHqJtP2aQGohaoJtsi1mP70o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/96b597-ca2b-4a9c-bb82-5bbe7b20f3fc/1/lnL-hxW2OhIO19Bn61Jf5LbekPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.190.138.0/24
IPv6:
2001:678:22c::/48
Signature Algorithm: sha256WithRSAEncryption
20:a6:72:c8:04:ad:95:48:e4:29:98:e9:23:a7:8a:d9:0a:20:
b2:51:16:88:19:34:c4:11:1f:9d:03:8b:34:4a:ce:2d:15:84:
bb:55:a6:41:41:f9:b8:bd:07:b7:f9:d3:6d:8f:e5:15:1b:7d:
a4:e9:7e:6e:45:b3:b1:ee:fb:c6:ff:24:69:38:5a:00:d0:86:
36:17:48:ba:33:2e:0e:51:71:f3:76:4a:9c:96:b9:0e:12:33:
b6:7b:c2:85:2f:15:1c:ef:aa:df:8c:90:30:f3:35:4f:5f:87:
6c:fd:87:60:21:63:fd:20:63:ca:e9:b0:15:79:8e:fc:1e:67:
01:a2:94:84:e3:00:15:d9:96:42:1d:87:f3:45:45:ff:ee:92:
0b:69:ce:8b:54:ae:e9:cf:d8:49:9a:e9:aa:c5:f2:f5:49:d3:
bc:07:9e:8d:87:e3:ff:25:cd:e2:f1:dc:6b:2a:24:16:54:9a:
aa:1d:11:5d:a7:52:2c:66:cb:81:f6:3d:ce:11:b3:fd:c6:0c:
49:0e:9b:31:3f:41:09:0e:21:16:72:6f:cc:86:65:ac:f2:a5:
1a:d4:ef:31:91:c2:0f:06:b2:91:8b:a1:fa:b8:fc:eb:05:f3:
1a:d0:57:05:3c:7e:f7:5a:e7:dd:79:95:db:ac:ad:52:c0:b8:
47:6e:44:e4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzHJx2SkBJ3d4TtGglifx5rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NzJmZTg3MTViNjNhMTIwZWQ3ZDA2N2ViNTI1ZmU0YjZk
ZTkwZjcwHhcNMjQwMTAxMjIzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjZmNDUxZWEyNmQzZjY2OTAxYTg4NWFhMDliNmM4YjU5OGZlZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TfEzDg8vZo6Xw9TNqJZGjzuf4+o
OgNtZ/BqfmUsUiuJlrtnHMPr3wpZXLPLY42nsscgIlT08Lb43FuNig2RPgw56nhp
+Fe4YBNUz88plTlnldQDAlluuvZQ0/vruARDoaGAdJEUi8eQah8TWM5jf4f6l29e
K4rzYaL6bozXv6GneHMNKycmu0hnMxZ1rRzcCezNf2y+iAKFv2OD+9IZMn28NmFu
GhZGO/fhGI1O+tuPfAX+dATInjJ+qh2hlSobk3gRJWNXsU9MxYrbndUifWNa2RkX
oBDrkJlJrBeH9/6mdo0AmAIPJs0LrbiVmcuUeH58ke61I4Gzh/4j5u8H2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK9vRR6ibT9mkBqIWqCbbItZj+9KMB8GA1UdIwQY
MBaAFJZy/ocVtjoSDtfQZ+tSX+S23pD3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbG5MLWh4VzJPaElPMTlCbjYxSmY1TGJla1BjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC85NmI1OTctY2EyYi00YTljLWJiODIt
NWJiZTdiMjBmM2ZjLzEvcjI5RkhxSnRQMmFRR29oYW9KdHNpMW1QNzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC85NmI1OTctY2EyYi00YTljLWJiODItNWJiZTdiMjBmM2Zj
LzEvbG5MLWh4VzJPaElPMTlCbjYxSmY1TGJla1BjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw76KMA8E
AgACMAkDBwAgAQZ4AiwwDQYJKoZIhvcNAQELBQADggEBACCmcsgErZVI5CmY6SOn
itkKILJRFogZNMQRH50DizRKzi0VhLtVpkFB+bi9B7f5022P5RUbfaTpfm5Fs7Hu
+8b/JGk4WgDQhjYXSLozLg5RcfN2SpyWuQ4SM7Z7woUvFRzvqt+MkDDzNU9fh2z9
h2AhY/0gY8rpsBV5jvweZwGilITjABXZlkIdh/NFRf/ukgtpzotUrunP2Ema6arF
8vVJ07wHno2H4/8lzeLx3GsqJBZUmqodEV2nUixmy4H2Pc4Rs/3GDEkOmzE/QQkO
IRZyb8yGZazypRrU7zGRwg8GspGLofq4/OsF8xrQVwU8fvda5915ldusrVLAuEdu
ROQ=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:40:22 2024 by rpki-client on console-fra.rpki-client.org