Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/11bf2e-b58a-4a31-89c0-155f42dcaa73/1/vQ9UL51OE8GzHHPHT3jItcboPeU.roa
File: vQ9UL51OE8GzHHPHT3jItcboPeU.roa (raw, json)
Hash identifier: IhH8qeMoiRPmT8AMKR99JNzt1kuuqTPS2JlTTlGGpnY=
Subject key identifier: BD:0F:54:2F:9D:4E:13:C1:B3:1C:73:C7:4F:78:C8:B5:C6:E8:3D:E5
Certificate issuer: /CN=b23eb849e0b6940e4ff547de0b41b003f9e1105c
Certificate serial: 018CC8015C17D0C9E997A39A988EF51E1736
Authority key identifier: B2:3E:B8:49:E0:B6:94:0E:4F:F5:47:DE:0B:41:B0:03:F9:E1:10:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sj64SeC2lA5P9UfeC0GwA_nhEFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/11bf2e-b58a-4a31-89c0-155f42dcaa73/1/vQ9UL51OE8GzHHPHT3jItcboPeU.roa
Signing time: Tue 02 Jan 2024 02:29:41 +0000
ROA not before: Tue 02 Jan 2024 02:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8431
IP address blocks: 195.230.1.0/24 maxlen: 24
195.230.4.0/24 maxlen: 24
195.230.3.0/24 maxlen: 24
195.230.0.0/20 maxlen: 20
195.230.5.0/24 maxlen: 24
195.230.16.0/23 maxlen: 23
195.230.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/11bf2e-b58a-4a31-89c0-155f42dcaa73/1/sj64SeC2lA5P9UfeC0GwA_nhEFw.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/11bf2e-b58a-4a31-89c0-155f42dcaa73/1/sj64SeC2lA5P9UfeC0GwA_nhEFw.mft
rsync://rpki.ripe.net/repository/DEFAULT/sj64SeC2lA5P9UfeC0GwA_nhEFw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jul 2024 18:45:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:5c:17:d0:c9:e9:97:a3:9a:98:8e:f5:1e:17:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b23eb849e0b6940e4ff547de0b41b003f9e1105c
Validity
Not Before: Jan 2 02:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd0f542f9d4e13c1b31c73c74f78c8b5c6e83de5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:75:66:6b:c6:37:18:c3:f6:93:7c:f4:d7:0b:
c5:03:dc:eb:56:5e:4f:0e:4c:54:c5:4e:4a:95:e2:
ac:40:c6:44:8c:1a:f0:fb:a7:7a:71:0e:31:50:38:
2f:20:f3:f2:29:7a:ea:6e:e9:d5:08:e9:c2:a0:f2:
b6:e9:d8:ec:24:62:5a:47:0b:b6:a8:56:8e:d7:f6:
53:4d:28:94:96:30:31:0a:4f:0e:67:66:f5:b8:2c:
38:4b:9a:a5:bb:40:ff:99:7b:33:01:59:c2:17:3d:
d8:8a:c0:9f:a5:77:89:f4:e6:88:59:18:e4:6d:98:
fe:57:5e:fa:78:aa:3b:16:0b:f5:f1:62:0d:96:4e:
3c:4d:fa:34:00:8b:42:35:55:a5:a7:49:84:62:5b:
4b:4a:9b:a4:c0:27:36:48:9b:2a:47:bc:d6:32:c7:
4b:0b:0a:09:0d:47:23:c8:4b:13:75:0c:99:2c:57:
c3:af:e6:68:c3:fc:e9:11:90:68:b6:36:70:37:69:
26:02:a5:4c:ac:47:b1:70:86:ae:88:25:ad:fd:de:
09:54:d5:eb:88:09:13:cb:69:9a:1e:0d:e6:df:dc:
5f:79:93:bb:ea:d5:8d:d1:90:7f:a6:dd:ee:6c:5b:
06:16:2a:aa:1d:96:d5:9a:ae:4a:9b:22:0d:82:57:
7a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:0F:54:2F:9D:4E:13:C1:B3:1C:73:C7:4F:78:C8:B5:C6:E8:3D:E5
X509v3 Authority Key Identifier:
keyid:B2:3E:B8:49:E0:B6:94:0E:4F:F5:47:DE:0B:41:B0:03:F9:E1:10:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sj64SeC2lA5P9UfeC0GwA_nhEFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/11bf2e-b58a-4a31-89c0-155f42dcaa73/1/vQ9UL51OE8GzHHPHT3jItcboPeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/11bf2e-b58a-4a31-89c0-155f42dcaa73/1/sj64SeC2lA5P9UfeC0GwA_nhEFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.230.0.0-195.230.18.255
Signature Algorithm: sha256WithRSAEncryption
04:a9:94:31:8d:2e:d6:2b:f2:f3:9a:53:1d:e9:17:6d:3d:58:
bf:69:74:61:cc:a5:ec:dc:e9:df:79:5a:a0:39:81:17:76:24:
c0:18:7d:3d:a6:47:bd:a4:01:98:2c:4f:44:67:4a:ea:2f:f9:
43:85:0c:fe:07:77:f1:6b:57:ae:3a:af:29:0e:e2:6a:d4:b5:
c8:98:07:ea:2c:a3:e2:86:4e:87:bb:6f:f5:c9:22:c0:ea:79:
3e:88:5c:03:b2:53:12:33:e4:ad:12:0f:d0:86:3c:25:10:f2:
1f:66:da:a5:96:31:85:df:93:6d:09:f8:2e:77:fd:1c:ea:44:
eb:7d:de:93:f0:f9:d6:43:bf:4b:a9:5e:ff:da:2d:8a:7a:be:
84:82:af:3e:e0:92:7a:f8:5d:17:4a:ac:b3:9b:ad:2b:d8:e5:
3d:a5:c9:59:d7:59:41:69:34:5d:f0:c0:44:4a:9a:6b:21:e5:
99:ba:d7:23:dc:eb:84:90:79:e1:d6:ef:ee:05:47:42:37:a6:
c3:1a:0d:f9:ea:ce:68:61:c3:a9:49:8b:de:72:60:2b:3e:0a:
1b:01:ce:08:c1:e5:8b:32:60:8e:0a:3a:ed:f5:f6:77:40:4d:
2c:2a:4b:46:e9:af:35:12:4b:64:85:41:f8:ed:6c:6b:16:c0:
f4:2e:34:26
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzIAVwX0Mnpl6OamI71Hhc2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyM2ViODQ5ZTBiNjk0MGU0ZmY1NDdkZTBiNDFiMDAzZjll
MTEwNWMwHhcNMjQwMTAyMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDBmNTQyZjlkNGUxM2MxYjMxYzczYzc0Zjc4YzhiNWM2ZTgzZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3Vma8Y3GMP2k3z01wvFA9zrVl5P
DkxUxU5KleKsQMZEjBrw+6d6cQ4xUDgvIPPyKXrqbunVCOnCoPK26djsJGJaRwu2
qFaO1/ZTTSiUljAxCk8OZ2b1uCw4S5qlu0D/mXszAVnCFz3YisCfpXeJ9OaIWRjk
bZj+V176eKo7Fgv18WINlk48Tfo0AItCNVWlp0mEYltLSpukwCc2SJsqR7zWMsdL
CwoJDUcjyEsTdQyZLFfDr+Zow/zpEZBotjZwN2kmAqVMrEexcIauiCWt/d4JVNXr
iAkTy2maHg3m39xfeZO76tWN0ZB/pt3ubFsGFiqqHZbVmq5KmyINgld6GwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFL0PVC+dThPBsxxzx094yLXG6D3lMB8GA1UdIwQY
MBaAFLI+uEngtpQOT/VH3gtBsAP54RBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2o2NFNlQzJsQTVQOVVmZUMwR3dBX25oRUZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8xMWJmMmUtYjU4YS00YTMxLTg5YzAt
MTU1ZjQyZGNhYTczLzEvdlE5VUw1MU9FOEd6SEhQSFQzakl0Y2JvUGVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8xMWJmMmUtYjU4YS00YTMxLTg5YzAtMTU1ZjQyZGNhYTcz
LzEvc2o2NFNlQzJsQTVQOVVmZUMwR3dBX25oRUZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwHD5gME
AMPmEjANBgkqhkiG9w0BAQsFAAOCAQEABKmUMY0u1ivy85pTHekXbT1Yv2l0Ycyl
7Nzp33laoDmBF3YkwBh9PaZHvaQBmCxPRGdK6i/5Q4UM/gd38WtXrjqvKQ7iatS1
yJgH6iyj4oZOh7tv9ckiwOp5PohcA7JTEjPkrRIP0IY8JRDyH2bapZYxhd+TbQn4
Lnf9HOpE633ek/D51kO/S6le/9otinq+hIKvPuCSevhdF0qss5utK9jlPaXJWddZ
QWk0XfDAREqaayHlmbrXI9zrhJB54dbv7gVHQjemwxoN+erOaGHDqUmL3nJgKz4K
GwHOCMHlizJgjgo67fX2d0BNLCpLRumvNRJLZIVB+O1saxbA9C40Jg==
-----END CERTIFICATE-----
Generated at Thu Jul 4 03:40:43 2024 by rpki-client on console.sobornost.net