Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/e8o5LWUIpxXQK0WFCwxpzXz8n_w.roa
File: e8o5LWUIpxXQK0WFCwxpzXz8n_w.roa (raw, json)
Hash identifier: J+UI0TzvlWssykkSbDqLTiFuy5C4JgClnPmYFkJ4TZs=
Subject key identifier: 7B:CA:39:2D:65:08:A7:15:D0:2B:45:85:0B:0C:69:CD:7C:FC:9F:FC
Certificate issuer: /CN=d24adecd84bb1748bd35b99ecea46772e01ec935
Certificate serial: 018CC72712E44799585575DBE771F17309EF
Authority key identifier: D2:4A:DE:CD:84:BB:17:48:BD:35:B9:9E:CE:A4:67:72:E0:1E:C9:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/e8o5LWUIpxXQK0WFCwxpzXz8n_w.roa
Signing time: Mon 01 Jan 2024 22:31:15 +0000
ROA not before: Mon 01 Jan 2024 22:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8244
IP address blocks: 195.230.192.0/22 maxlen: 22
195.230.200.0/21 maxlen: 21
2a01:ac40:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 May 2024 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:12:e4:47:99:58:55:75:db:e7:71:f1:73:09:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d24adecd84bb1748bd35b99ecea46772e01ec935
Validity
Not Before: Jan 1 22:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7bca392d6508a715d02b45850b0c69cd7cfc9ffc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:aa:dc:f2:29:32:32:c9:c4:25:60:bb:5e:42:
a8:f7:c0:fd:63:09:85:15:14:fa:8a:e7:ac:db:70:
18:f6:66:18:f2:2a:19:19:77:61:41:63:21:4c:10:
3f:15:6f:85:2b:89:10:7c:ad:5e:ef:55:46:f6:b6:
15:29:5f:00:04:e9:bd:a2:4d:0f:67:82:ab:48:c4:
82:c5:1a:7f:1f:5a:3e:87:a7:de:d5:2a:49:11:2d:
d8:23:27:84:ff:2b:52:e8:17:79:40:5a:5b:34:6b:
df:fe:69:e7:3f:dc:4b:6d:f4:d8:19:a4:89:50:e6:
93:6b:a9:77:f2:16:f2:6d:bd:7d:d7:fa:f9:3f:0b:
64:33:6c:99:b3:2d:8a:87:11:9c:63:38:1a:62:1f:
6a:c6:e2:4d:d0:b5:e5:98:24:99:c3:c2:d0:11:b4:
e2:45:69:83:08:13:24:86:11:70:2c:0f:2a:ff:87:
22:b6:55:36:21:c1:0b:b4:a7:f5:27:0a:91:ed:fe:
02:ea:a4:c9:ba:3f:1a:17:6a:1c:68:58:e6:6e:a5:
1d:8d:be:ba:90:0d:ce:df:ee:f6:40:d0:d7:32:5a:
fc:3a:0e:7c:99:e3:ff:10:7a:23:e9:e7:d9:b3:6c:
6e:86:dd:fc:23:02:a4:70:be:b5:a5:77:11:ca:2a:
be:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:CA:39:2D:65:08:A7:15:D0:2B:45:85:0B:0C:69:CD:7C:FC:9F:FC
X509v3 Authority Key Identifier:
keyid:D2:4A:DE:CD:84:BB:17:48:BD:35:B9:9E:CE:A4:67:72:E0:1E:C9:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/e8o5LWUIpxXQK0WFCwxpzXz8n_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.230.192.0/22
195.230.200.0/21
IPv6:
2a01:ac40:2000::/36
Signature Algorithm: sha256WithRSAEncryption
80:84:15:a1:7d:42:8c:a1:d4:63:6c:6c:54:21:c5:98:3a:89:
b4:02:87:5d:49:3b:a7:a7:f1:e2:23:9c:31:16:93:a2:62:75:
47:06:fc:2c:f0:0f:01:94:ef:0b:ac:3f:0b:bd:86:7a:aa:5b:
54:20:41:b7:b8:36:11:3f:90:91:28:d1:b1:da:a2:dd:a3:dc:
b4:33:fc:40:8e:7c:09:5d:fc:36:25:a1:af:89:24:6d:72:ce:
44:e6:1d:e1:70:67:ab:b0:d6:b5:ef:c8:c2:0f:32:80:cf:7e:
fa:17:ab:ba:88:0d:60:75:55:1b:67:ad:bb:9c:90:7b:f9:e8:
1a:15:18:ef:f4:6a:04:23:fc:71:2e:ab:ba:5b:d7:0c:0d:34:
6e:8e:0e:ec:a6:fe:f2:77:51:52:79:04:01:76:75:e4:ac:6c:
e7:7a:20:9e:11:57:36:6e:51:83:df:62:3f:81:cc:57:e7:36:
c4:ea:88:60:36:37:64:69:7d:3f:79:b3:fc:23:3d:9c:4b:5c:
03:56:86:0b:88:17:66:2e:60:1a:07:c9:4b:23:ba:0a:69:52:
36:14:a6:25:f9:89:60:cb:ac:28:a5:40:64:48:83:d0:38:35:
d2:1d:3d:56:95:bd:6b:2f:bf:3b:a1:f6:80:52:b3:9c:32:5b:
ff:91:e6:70
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzHJxLkR5lYVXXb53HxcwnvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNGFkZWNkODRiYjE3NDhiZDM1Yjk5ZWNlYTQ2NzcyZTAx
ZWM5MzUwHhcNMjQwMTAxMjIzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmNhMzkyZDY1MDhhNzE1ZDAyYjQ1ODUwYjBjNjljZDdjZmM5ZmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvarc8ikyMsnEJWC7XkKo98D9YwmF
FRT6iues23AY9mYY8ioZGXdhQWMhTBA/FW+FK4kQfK1e71VG9rYVKV8ABOm9ok0P
Z4KrSMSCxRp/H1o+h6fe1SpJES3YIyeE/ytS6Bd5QFpbNGvf/mnnP9xLbfTYGaSJ
UOaTa6l38hbybb191/r5PwtkM2yZsy2KhxGcYzgaYh9qxuJN0LXlmCSZw8LQEbTi
RWmDCBMkhhFwLA8q/4citlU2IcELtKf1JwqR7f4C6qTJuj8aF2ocaFjmbqUdjb66
kA3O3+72QNDXMlr8Og58meP/EHoj6efZs2xuht38IwKkcL61pXcRyiq+RwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHvKOS1lCKcV0CtFhQsMac18/J/8MB8GA1UdIwQY
MBaAFNJK3s2EuxdIvTW5ns6kZ3LgHsk1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGtyZXpZUzdGMGk5TmJtZXpxUm5jdUFleVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS82M2E4NDUtOGMwOS00ZDY5LWE3NzEt
NDhhNjA3YmJlMjVlLzEvZThvNUxXVUlweFhRSzBXRkN3eHB6WHo4bl93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS82M2E4NDUtOGMwOS00ZDY5LWE3NzEtNDhhNjA3YmJlMjVl
LzEvMGtyZXpZUzdGMGk5TmJtZXpxUm5jdUFleVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCw+bAAwQD
w+bIMA4EAgACMAgDBgQqAaxAIDANBgkqhkiG9w0BAQsFAAOCAQEAgIQVoX1CjKHU
Y2xsVCHFmDqJtAKHXUk7p6fx4iOcMRaTomJ1Rwb8LPAPAZTvC6w/C72GeqpbVCBB
t7g2ET+QkSjRsdqi3aPctDP8QI58CV38NiWhr4kkbXLOROYd4XBnq7DWte/Iwg8y
gM9++heruogNYHVVG2etu5yQe/noGhUY7/RqBCP8cS6rulvXDA00bo4O7Kb+8ndR
UnkEAXZ15Kxs53ognhFXNm5Rg99iP4HMV+c2xOqIYDY3ZGl9P3mz/CM9nEtcA1aG
C4gXZi5gGgfJSyO6CmlSNhSmJfmJYMusKKVAZEiD0Dg10h09VpW9ay+/O6H2gFKz
nDJb/5HmcA==
-----END CERTIFICATE-----
Generated at Thu May 23 12:43:04 2024 by rpki-client on console-fra.rpki-client.org