Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/NFzd28TspxNAwWlHuQyXFZhvkFw.roa
File: NFzd28TspxNAwWlHuQyXFZhvkFw.roa (raw, json)
Hash identifier: p0iK2VVs1MZ7sbYXd7+CAHS0qLB1GxFogZ18tXBPhFA=
Subject key identifier: 34:5C:DD:DB:C4:EC:A7:13:40:C1:69:47:B9:0C:97:15:98:6F:90:5C
Certificate issuer: /CN=272ed090acf7c829a22bbfbe2b0e998cd20ad826
Certificate serial: 018CC8DE694A4C4B0C3C7E2A6CC9558259B9
Authority key identifier: 27:2E:D0:90:AC:F7:C8:29:A2:2B:BF:BE:2B:0E:99:8C:D2:0A:D8:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/NFzd28TspxNAwWlHuQyXFZhvkFw.roa
Signing time: Tue 02 Jan 2024 06:31:08 +0000
ROA not before: Tue 02 Jan 2024 06:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57391
IP address blocks: 95.81.83.0/24 maxlen: 24
95.81.82.0/24 maxlen: 24
95.81.89.0/24 maxlen: 24
95.81.87.0/24 maxlen: 24
95.81.86.0/24 maxlen: 24
95.81.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jul 2024 23:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:69:4a:4c:4b:0c:3c:7e:2a:6c:c9:55:82:59:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=272ed090acf7c829a22bbfbe2b0e998cd20ad826
Validity
Not Before: Jan 2 06:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=345cdddbc4eca71340c16947b90c9715986f905c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:00:1b:8f:af:97:e7:e9:97:49:5a:a9:c4:12:
d2:3e:1f:f0:24:3a:bc:f9:ed:f7:65:b0:88:28:eb:
70:43:5d:57:8f:ff:d4:f4:b3:5e:61:3b:24:51:83:
cd:b0:de:65:6d:14:cf:76:e9:09:21:0f:fa:6e:4e:
b6:dc:28:8d:47:97:4a:e2:49:e9:59:19:1c:39:df:
39:b5:1a:36:99:0a:b7:55:fb:c1:e1:74:ed:16:0f:
cd:a0:97:52:c0:08:a9:4e:90:00:5b:ea:e7:79:2e:
f3:ef:e9:2a:64:66:3c:02:59:ee:24:1e:2e:74:87:
01:e7:7e:6d:b5:72:22:0d:df:58:04:e1:d3:1c:12:
75:61:e0:fb:8d:ed:00:d7:73:09:c6:b8:f7:98:86:
13:85:fa:79:15:e9:5b:99:f2:71:7c:0f:20:c7:e3:
e8:8a:c1:b4:d5:7f:3b:86:d2:7d:dc:90:b6:fb:bf:
e5:5a:84:67:32:c2:61:86:c3:68:76:4c:bb:c5:56:
e5:d1:b8:f2:69:25:b7:6d:70:94:06:e5:6a:33:a1:
48:51:80:df:52:05:25:44:3c:04:e3:fd:61:e2:0c:
20:e0:fe:b3:dc:59:bc:74:d8:8a:d4:e8:7e:bf:39:
da:5a:77:ac:be:51:2b:e8:82:83:22:6e:41:2f:c1:
34:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:5C:DD:DB:C4:EC:A7:13:40:C1:69:47:B9:0C:97:15:98:6F:90:5C
X509v3 Authority Key Identifier:
keyid:27:2E:D0:90:AC:F7:C8:29:A2:2B:BF:BE:2B:0E:99:8C:D2:0A:D8:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/NFzd28TspxNAwWlHuQyXFZhvkFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.81.82.0/23
95.81.86.0/23
95.81.89.0/24
95.81.95.0/24
Signature Algorithm: sha256WithRSAEncryption
54:7e:c4:e1:ce:a8:29:94:a7:81:0f:e7:f2:39:ac:d5:27:6c:
cd:9d:b4:13:1c:08:25:86:74:75:e9:de:85:4b:9a:be:b4:d3:
19:c4:8f:7b:6e:38:da:e6:a9:b9:88:29:36:8f:66:ab:2a:59:
91:4d:4b:05:6d:1b:e1:76:3a:7c:70:8e:03:8f:26:19:ac:4a:
3c:b3:59:c7:bc:d8:95:1a:45:4e:3b:4f:1f:c9:93:8d:ab:32:
96:95:74:5e:7d:13:a1:27:8f:af:af:b2:ba:d3:9e:54:27:ae:
b2:f9:79:5f:18:36:cd:a1:01:c1:dc:27:a4:a1:16:b9:47:5c:
ae:88:38:c5:d6:0f:7f:87:30:85:83:85:78:bf:0a:73:8c:59:
cb:08:74:f7:05:7b:15:b5:e6:3a:fe:f4:b2:8b:25:66:69:e1:
b7:7d:b6:4c:9a:c7:13:0c:02:21:a8:44:77:c5:7e:11:50:b9:
8a:f3:85:02:a7:15:e7:1d:4f:73:4a:10:a4:6f:36:ef:15:79:
0f:c5:36:0a:3c:b3:3a:84:99:22:37:56:31:fd:f3:6f:63:65:
b9:c5:41:10:92:e6:73:75:3d:bc:bf:f6:6e:c2:76:ac:8a:2f:
7b:00:c1:90:2b:5e:6c:26:d5:4e:2a:a8:be:98:21:b8:45:31:
5b:17:d2:08
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzI3mlKTEsMPH4qbMlVglm5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MmVkMDkwYWNmN2M4MjlhMjJiYmZiZTJiMGU5OThjZDIw
YWQ4MjYwHhcNMjQwMTAyMDYzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDVjZGRkYmM0ZWNhNzEzNDBjMTY5NDdiOTBjOTcxNTk4NmY5MDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQAbj6+X5+mXSVqpxBLSPh/wJDq8
+e33ZbCIKOtwQ11Xj//U9LNeYTskUYPNsN5lbRTPdukJIQ/6bk623CiNR5dK4knp
WRkcOd85tRo2mQq3VfvB4XTtFg/NoJdSwAipTpAAW+rneS7z7+kqZGY8AlnuJB4u
dIcB535ttXIiDd9YBOHTHBJ1YeD7je0A13MJxrj3mIYThfp5FelbmfJxfA8gx+Po
isG01X87htJ93JC2+7/lWoRnMsJhhsNodky7xVbl0bjyaSW3bXCUBuVqM6FIUYDf
UgUlRDwE4/1h4gwg4P6z3Fm8dNiK1Oh+vznaWnesvlEr6IKDIm5BL8E0aQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDRc3dvE7KcTQMFpR7kMlxWYb5BcMB8GA1UdIwQY
MBaAFCcu0JCs98gpoiu/visOmYzSCtgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnk3UWtLejN5Q21pSzctLUt3NlpqTklLMkNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9hMTVmOTYtZWMxOC00NjQ0LTg5YjMt
YWNjMjJiYjRkY2VkLzEvTkZ6ZDI4VHNweE5Bd1dsSHVReVhGWmh2a0Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9hMTVmOTYtZWMxOC00NjQ0LTg5YjMtYWNjMjJiYjRkY2Vk
LzEvSnk3UWtLejN5Q21pSzctLUt3NlpqTklLMkNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBX1FSAwQB
X1FWAwQAX1FZAwQAX1FfMA0GCSqGSIb3DQEBCwUAA4IBAQBUfsThzqgplKeBD+fy
OazVJ2zNnbQTHAglhnR16d6FS5q+tNMZxI97bjja5qm5iCk2j2arKlmRTUsFbRvh
djp8cI4DjyYZrEo8s1nHvNiVGkVOO08fyZONqzKWlXRefROhJ4+vr7K6055UJ66y
+XlfGDbNoQHB3CekoRa5R1yuiDjF1g9/hzCFg4V4vwpzjFnLCHT3BXsVteY6/vSy
iyVmaeG3fbZMmscTDAIhqER3xX4RULmK84UCpxXnHU9zShCkbzbvFXkPxTYKPLM6
hJkiN1Yx/fNvY2W5xUEQkuZzdT28v/Zuwnasii97AMGQK15sJtVOKqi+mCG4RTFb
F9II
-----END CERTIFICATE-----
Generated at Thu Jul 4 04:17:16 2024 by rpki-client on console-fra.rpki-client.org