Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/0c4650-7964-48af-985a-34018d5c9df5/1/dc5Dbe8UHPP4kBv0du3Kpxe75mU.roa
File: dc5Dbe8UHPP4kBv0du3Kpxe75mU.roa (raw, json)
Hash identifier: jedOgTQucS2D7GZvPtvyGkpH2DdXHQpZKBfmOnYjy7E=
Subject key identifier: 75:CE:43:6D:EF:14:1C:F3:F8:90:1B:F4:76:ED:CA:A7:17:BB:E6:65
Certificate issuer: /CN=03ceb09d5eea6a18e58dfdefebf29b4105e0267c
Certificate serial: 018F14AB67923D5BFDDF034173BE69710D2A
Authority key identifier: 03:CE:B0:9D:5E:EA:6A:18:E5:8D:FD:EF:EB:F2:9B:41:05:E0:26:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A86wnV7qahjljf3v6_KbQQXgJnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/0c4650-7964-48af-985a-34018d5c9df5/1/dc5Dbe8UHPP4kBv0du3Kpxe75mU.roa
Signing time: Thu 25 Apr 2024 09:52:08 +0000
ROA not before: Thu 25 Apr 2024 09:52:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51849
IP address blocks: 95.215.72.0/24 maxlen: 24
95.215.73.0/24 maxlen: 24
95.215.74.0/24 maxlen: 24
95.215.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/0c4650-7964-48af-985a-34018d5c9df5/1/A86wnV7qahjljf3v6_KbQQXgJnw.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/0c4650-7964-48af-985a-34018d5c9df5/1/A86wnV7qahjljf3v6_KbQQXgJnw.mft
rsync://rpki.ripe.net/repository/DEFAULT/A86wnV7qahjljf3v6_KbQQXgJnw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:14:ab:67:92:3d:5b:fd:df:03:41:73:be:69:71:0d:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03ceb09d5eea6a18e58dfdefebf29b4105e0267c
Validity
Not Before: Apr 25 09:52:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75ce436def141cf3f8901bf476edcaa717bbe665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8e:35:a5:de:c5:de:0d:88:bd:5d:49:9f:4a:
74:f8:e9:5f:15:77:b8:4d:36:71:0f:66:9d:b4:60:
77:46:69:d3:82:1b:d1:ce:44:de:41:d6:cf:2b:ff:
fa:da:1c:e2:13:1e:dc:49:33:1d:b7:42:6b:43:90:
20:c2:25:71:6d:6f:b5:25:c0:ea:d3:53:63:e9:2e:
7d:44:79:9e:0d:cd:bd:2d:f5:9d:17:43:13:5b:53:
c7:a2:f1:8e:05:ca:88:55:fa:ba:db:d1:87:4b:20:
eb:55:00:4d:fc:55:b3:8a:da:97:aa:0f:c8:fb:6f:
68:05:1d:ff:d5:db:55:ca:53:6b:b1:8f:0e:17:1c:
eb:5c:a7:4f:ad:c7:d0:6d:91:1e:02:26:c4:78:f6:
db:de:56:d0:22:ef:3d:0a:98:2a:74:28:63:9f:be:
c2:35:e0:49:11:3e:f7:57:52:ee:01:10:8d:88:98:
1c:0c:cb:1e:64:d1:c0:4b:6f:94:23:ca:0e:33:08:
f9:52:79:29:a8:34:9f:29:c0:b2:2a:41:9b:d1:2c:
03:93:b6:b3:71:82:da:20:37:b0:02:d3:37:6e:4a:
fb:17:c8:3a:60:9e:35:60:00:40:eb:b7:87:a4:45:
b7:fb:64:36:0b:6d:e5:2a:22:08:33:6d:0f:ef:d0:
1b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:CE:43:6D:EF:14:1C:F3:F8:90:1B:F4:76:ED:CA:A7:17:BB:E6:65
X509v3 Authority Key Identifier:
keyid:03:CE:B0:9D:5E:EA:6A:18:E5:8D:FD:EF:EB:F2:9B:41:05:E0:26:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A86wnV7qahjljf3v6_KbQQXgJnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0c4650-7964-48af-985a-34018d5c9df5/1/dc5Dbe8UHPP4kBv0du3Kpxe75mU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0c4650-7964-48af-985a-34018d5c9df5/1/A86wnV7qahjljf3v6_KbQQXgJnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.215.72.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:b6:6e:91:9d:6d:80:43:2a:cc:5c:13:7a:bc:9e:bc:ce:21:
31:1b:29:28:96:47:50:72:df:92:23:78:7b:05:e8:c0:ca:56:
87:bf:b4:3b:0f:d2:c7:54:e1:e4:fe:64:9e:a4:3e:85:9d:00:
e9:b1:b0:41:2e:01:40:1b:73:a0:dd:93:5d:dc:0a:84:86:8c:
47:b0:d5:ee:b8:ee:13:2a:57:3c:f6:d6:f9:1b:79:b0:5d:28:
e2:b0:1c:12:bf:d7:36:55:d8:22:05:7f:59:53:b4:97:9d:04:
27:29:99:5d:bb:8a:f1:6c:ea:88:8c:05:46:99:8d:a8:b9:20:
d1:fa:17:06:46:a1:e7:62:00:33:ad:da:b2:2b:5e:be:09:3f:
e9:7a:ea:71:5d:18:64:cb:57:92:5c:88:ca:d3:87:a3:d1:d1:
31:3f:68:2f:7f:b7:b3:72:a3:b8:c9:bb:2e:ca:c3:f4:73:37:
7e:a0:a9:6d:e0:3d:ad:4c:35:e8:f5:8a:14:65:87:19:95:83:
bd:d5:01:53:b0:ac:0e:b8:16:4a:47:14:ad:6b:bd:43:db:32:
68:49:af:3e:ac:63:9e:c6:f4:e3:39:7d:81:d2:15:aa:57:6e:
bc:5a:00:05:12:96:63:fd:ce:fc:84:62:c2:55:52:ff:8a:7c:
46:42:17:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8Uq2eSPVv93wNBc75pcQ0qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzY2ViMDlkNWVlYTZhMThlNThkZmRlZmViZjI5YjQxMDVl
MDI2N2MwHhcNMjQwNDI1MDk1MjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWNlNDM2ZGVmMTQxY2YzZjg5MDFiZjQ3NmVkY2FhNzE3YmJlNjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl441pd7F3g2IvV1Jn0p0+OlfFXe4
TTZxD2adtGB3RmnTghvRzkTeQdbPK//62hziEx7cSTMdt0JrQ5AgwiVxbW+1JcDq
01Nj6S59RHmeDc29LfWdF0MTW1PHovGOBcqIVfq629GHSyDrVQBN/FWzitqXqg/I
+29oBR3/1dtVylNrsY8OFxzrXKdPrcfQbZEeAibEePbb3lbQIu89CpgqdChjn77C
NeBJET73V1LuARCNiJgcDMseZNHAS2+UI8oOMwj5UnkpqDSfKcCyKkGb0SwDk7az
cYLaIDewAtM3bkr7F8g6YJ41YABA67eHpEW3+2Q2C23lKiIIM20P79AbgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHXOQ23vFBzz+JAb9HbtyqcXu+ZlMB8GA1UdIwQY
MBaAFAPOsJ1e6moY5Y397+vym0EF4CZ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTg2d25WN3FhaGpsamYzdjZfS2JRUVhnSm53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wYzQ2NTAtNzk2NC00OGFmLTk4NWEt
MzQwMThkNWM5ZGY1LzEvZGM1RGJlOFVIUFA0a0J2MGR1M0tweGU3NW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wYzQ2NTAtNzk2NC00OGFmLTk4NWEtMzQwMThkNWM5ZGY1
LzEvQTg2d25WN3FhaGpsamYzdjZfS2JRUVhnSm53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCX9dIMA0G
CSqGSIb3DQEBCwUAA4IBAQBOtm6RnW2AQyrMXBN6vJ68ziExGykolkdQct+SI3h7
BejAylaHv7Q7D9LHVOHk/mSepD6FnQDpsbBBLgFAG3Og3ZNd3AqEhoxHsNXuuO4T
Klc89tb5G3mwXSjisBwSv9c2VdgiBX9ZU7SXnQQnKZldu4rxbOqIjAVGmY2ouSDR
+hcGRqHnYgAzrdqyK16+CT/peupxXRhky1eSXIjK04ej0dExP2gvf7ezcqO4ybsu
ysP0czd+oKlt4D2tTDXo9YoUZYcZlYO91QFTsKwOuBZKRxSta71D2zJoSa8+rGOe
xvTjOX2B0hWqV268WgAFEpZj/c78hGLCVVL/inxGQhdl
-----END CERTIFICATE-----
Generated at Sat Sep 28 10:56:24 2024 by rpki-client on console-fra.rpki-client.org