Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/L8OdT17jJApyEKqWvbgR95D1d8g.roa
File: L8OdT17jJApyEKqWvbgR95D1d8g.roa (raw, json)
Hash identifier: 4D+01V42oCIHdZuqog5TSo1Wa9t0OYVPj8pBW3i2Mns=
Subject key identifier: 2F:C3:9D:4F:5E:E3:24:0A:72:10:AA:96:BD:B8:11:F7:90:F5:77:C8
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 018CC8DEDC404121AEEBE7FED7DB37C701F9
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/L8OdT17jJApyEKqWvbgR95D1d8g.roa
Signing time: Tue 02 Jan 2024 06:31:37 +0000
ROA not before: Tue 02 Jan 2024 06:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44341
IP address blocks: 195.211.160.0/24 maxlen: 24
194.140.228.0/24 maxlen: 24
195.211.162.0/24 maxlen: 24
195.211.161.0/24 maxlen: 24
195.211.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 15:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:dc:40:41:21:ae:eb:e7:fe:d7:db:37:c7:01:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 2 06:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2fc39d4f5ee3240a7210aa96bdb811f790f577c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ea:77:d8:17:44:eb:96:f7:13:2f:4f:78:ca:
9f:ea:67:87:f0:d4:38:9a:7d:f5:46:1c:83:24:80:
b0:58:d8:30:2e:78:7f:94:af:98:8c:4a:20:f4:c1:
10:40:96:96:b2:d4:a9:ac:25:58:36:10:b9:fd:02:
27:aa:16:99:5b:cb:29:1e:63:b1:00:c6:e4:47:d5:
ae:66:0f:85:eb:90:1a:44:ad:b7:49:29:ab:a6:aa:
4e:74:4e:39:32:dd:0e:72:7c:ad:31:11:ab:9f:b9:
91:b7:ee:01:b0:7c:f0:e3:6a:6b:5a:97:0e:c9:30:
b9:0c:60:00:7a:32:29:84:d7:ee:86:69:48:77:40:
9f:19:c3:44:7f:01:d3:5e:1f:c4:94:07:0c:cc:65:
60:29:a3:72:3d:5d:9b:a0:04:4b:c3:c6:b3:19:73:
3d:14:cb:4f:88:44:fc:d7:08:4a:79:91:da:03:b8:
22:63:e3:3d:bd:74:c2:9e:96:52:66:23:d2:ab:6a:
6c:b2:02:96:90:69:94:32:da:70:1f:46:0a:c5:f8:
58:59:96:9f:e5:1b:f3:0b:a9:53:4e:32:2d:44:68:
2e:85:2f:a6:40:71:62:65:6f:45:9a:fd:5a:ee:f1:
a6:87:1f:c5:39:dd:8c:ea:e4:2e:0d:94:42:b4:c6:
68:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:C3:9D:4F:5E:E3:24:0A:72:10:AA:96:BD:B8:11:F7:90:F5:77:C8
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/L8OdT17jJApyEKqWvbgR95D1d8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.140.228.0/24
195.211.160.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:f9:22:d0:34:f2:3f:0a:33:93:c9:ef:12:ad:f5:9b:fe:4e:
de:92:51:1d:96:2c:f5:b4:c2:d8:c7:70:9f:32:39:ee:cc:77:
d7:a9:05:d5:a1:5b:40:b9:6b:15:eb:f2:91:6c:f3:81:55:89:
d8:5a:3e:3f:0c:1c:5c:f9:bf:60:bc:70:8a:0c:6a:4a:52:49:
5d:ca:4c:dd:75:68:9b:cd:be:eb:ff:70:96:08:6c:65:22:63:
58:f3:d5:f9:64:71:47:9a:88:59:38:02:31:b5:24:30:33:40:
0c:46:ba:5f:70:49:47:50:72:4b:10:6e:0a:e9:4a:4a:d2:9e:
84:e4:c9:47:85:d8:93:1a:c2:c5:f7:60:b3:af:64:4e:f5:88:
ca:d1:7a:7b:d0:b1:d3:d2:17:53:03:95:e9:87:6d:dd:c4:85:
b1:b6:b6:b8:34:42:0a:ad:58:5a:03:8c:4d:e2:c2:d4:3b:78:
0f:bd:91:a1:f9:0e:7e:21:dc:fa:46:a4:55:0d:ad:34:63:94:
d6:7f:65:b9:2b:d1:99:2c:8c:f4:20:35:cf:46:f2:0b:48:f0:
ee:ea:78:5e:5c:26:d5:86:46:6a:fc:a1:fb:f0:49:3e:44:78:
1f:f2:4e:61:65:19:b1:b7:3b:ec:72:3a:7e:1c:a7:d8:14:6b:
e4:90:e2:1e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3txAQSGu6+f+19s3xwH5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjQwMTAyMDYzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmMzOWQ0ZjVlZTMyNDBhNzIxMGFhOTZiZGI4MTFmNzkwZjU3N2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOp32BdE65b3Ey9PeMqf6meH8NQ4
mn31RhyDJICwWNgwLnh/lK+YjEog9MEQQJaWstSprCVYNhC5/QInqhaZW8spHmOx
AMbkR9WuZg+F65AaRK23SSmrpqpOdE45Mt0OcnytMRGrn7mRt+4BsHzw42prWpcO
yTC5DGAAejIphNfuhmlId0CfGcNEfwHTXh/ElAcMzGVgKaNyPV2boARLw8azGXM9
FMtPiET81whKeZHaA7giY+M9vXTCnpZSZiPSq2pssgKWkGmUMtpwH0YKxfhYWZaf
5RvzC6lTTjItRGguhS+mQHFiZW9Fmv1a7vGmhx/FOd2M6uQuDZRCtMZohwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC/DnU9e4yQKchCqlr24EfeQ9XfIMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvTDhPZFQxN2pKQXB5RUtxV3ZiZ1I5NUQxZDhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwozkAwQC
w9OgMA0GCSqGSIb3DQEBCwUAA4IBAQAf+SLQNPI/CjOTye8SrfWb/k7eklEdliz1
tMLYx3CfMjnuzHfXqQXVoVtAuWsV6/KRbPOBVYnYWj4/DBxc+b9gvHCKDGpKUkld
ykzddWibzb7r/3CWCGxlImNY89X5ZHFHmohZOAIxtSQwM0AMRrpfcElHUHJLEG4K
6UpK0p6E5MlHhdiTGsLF92Czr2RO9YjK0Xp70LHT0hdTA5Xph23dxIWxtra4NEIK
rVhaA4xN4sLUO3gPvZGh+Q5+Idz6RqRVDa00Y5TWf2W5K9GZLIz0IDXPRvILSPDu
6nheXCbVhkZq/KH78Ek+RHgf8k5hZRmxtzvscjp+HKfYFGvkkOIe
-----END CERTIFICATE-----
Generated at Fri Jun 28 22:51:36 2024 by rpki-client on console-ams.rpki-client.org