Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/E96Gx2HLnx0fMAKJAdRtm69Dct8.roa
File: E96Gx2HLnx0fMAKJAdRtm69Dct8.roa (raw, json)
Hash identifier: GyqnZkViv5cjj6e7DGwHPHj8/XhBu/byP3TuO68fmlQ=
Subject key identifier: 13:DE:86:C7:61:CB:9F:1D:1F:30:02:89:01:D4:6D:9B:AF:43:72:DF
Certificate issuer: /CN=a0a647dac729f47b06369c4c9741cf943953dc59
Certificate serial: 01929A5B7176FD2BD762A4D9AD7C830789C7
Authority key identifier: A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/E96Gx2HLnx0fMAKJAdRtm69Dct8.roa
Signing time: Thu 17 Oct 2024 12:02:17 +0000
ROA not before: Thu 17 Oct 2024 12:02:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214640
IP address blocks: 95.141.241.0/24 maxlen: 24
2a13:7c80::/32 maxlen: 32
2a13:7c81::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft
rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9a:5b:71:76:fd:2b:d7:62:a4:d9:ad:7c:83:07:89:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0a647dac729f47b06369c4c9741cf943953dc59
Validity
Not Before: Oct 17 12:02:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=13de86c761cb9f1d1f30028901d46d9baf4372df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d1:8b:06:57:99:5d:ec:7e:36:96:b7:06:95:
be:39:99:59:da:bd:c6:6c:f9:7e:57:40:50:24:1b:
58:85:aa:1c:99:76:6f:df:47:9c:c2:f3:3e:4f:d5:
4d:fb:a7:14:56:28:29:83:92:47:e5:46:0d:ed:33:
be:38:88:31:bc:32:ad:fd:c3:9e:f8:0b:ff:67:c9:
7a:71:cc:3d:28:71:ca:ee:7e:d0:84:e2:c6:09:db:
1a:49:4f:ea:47:fd:7e:37:e6:a8:d6:84:fc:7b:f8:
4a:7f:15:b8:8e:cd:74:f3:ad:8a:6c:07:6f:aa:c3:
5c:6f:a2:c2:39:88:00:97:e6:72:ae:3c:98:b5:83:
41:a3:b8:e4:8a:2f:80:35:fa:2d:aa:b3:54:2c:69:
2b:ec:f7:9b:33:36:b9:ba:51:35:2f:8f:05:e4:cc:
25:cb:ca:4a:7f:a7:13:42:b3:93:3d:99:93:fe:f9:
13:62:95:8c:94:84:07:c0:5a:5a:e7:fa:83:47:b3:
9e:e9:e1:9f:81:09:dc:76:a4:92:55:26:79:8a:77:
c2:98:f2:c1:77:08:b0:10:cc:93:3f:da:62:0f:51:
6d:c3:c9:a8:fb:9f:32:36:f7:02:81:8a:9c:c5:cd:
15:c3:06:8e:e6:1e:79:da:87:b8:e4:ba:a1:e3:db:
8d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:DE:86:C7:61:CB:9F:1D:1F:30:02:89:01:D4:6D:9B:AF:43:72:DF
X509v3 Authority Key Identifier:
keyid:A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/E96Gx2HLnx0fMAKJAdRtm69Dct8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.141.241.0/24
IPv6:
2a13:7c80::/31
Signature Algorithm: sha256WithRSAEncryption
2c:b9:de:42:a0:7c:00:ee:e7:00:15:7d:cc:2b:c8:9d:c6:37:
9c:5a:6b:e8:66:14:38:d9:d0:68:c2:22:b2:fa:e4:8c:71:8e:
00:1e:1e:10:a9:9b:ee:09:38:e4:a0:91:d3:a4:18:67:19:b0:
e0:c3:01:2b:ed:f2:d0:7d:44:fc:cf:e4:ab:3c:a2:1c:80:19:
b2:b9:d4:09:1e:cb:e4:37:bb:ad:02:70:81:c4:47:b1:6d:fd:
0f:b6:f3:d7:fa:58:cf:18:9a:c9:22:a7:95:5e:47:25:70:46:
f7:fe:71:15:46:f0:ac:59:bb:fc:b7:d5:80:e1:cb:78:9e:a0:
38:61:8a:44:87:65:44:61:dc:b7:c8:e4:79:6a:e6:7e:ed:29:
29:ec:73:a7:5f:87:b1:7e:4d:fc:99:01:ed:eb:c8:1e:0f:53:
02:26:be:ad:f7:ca:fc:a7:08:5c:20:b5:68:aa:30:6e:d3:63:
46:21:eb:82:0a:20:7d:d1:97:68:aa:2f:bd:43:29:25:f0:1d:
35:49:d5:00:90:90:36:49:74:4f:1f:d3:4d:92:ed:10:3a:20:
81:c3:3d:7e:41:e1:8e:10:ca:f0:a0:22:d5:2e:e3:ab:04:cf:
9c:de:cc:fd:53:c7:f4:c2:56:be:c6:72:87:de:5e:9f:f9:99:
0a:c0:05:c5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZKaW3F2/SvXYqTZrXyDB4nHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTY0N2RhYzcyOWY0N2IwNjM2OWM0Yzk3NDFjZjk0Mzk1
M2RjNTkwHhcNMjQxMDE3MTIwMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2RlODZjNzYxY2I5ZjFkMWYzMDAyODkwMWQ0NmQ5YmFmNDM3MmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNGLBleZXex+Npa3BpW+OZlZ2r3G
bPl+V0BQJBtYhaocmXZv30ecwvM+T9VN+6cUVigpg5JH5UYN7TO+OIgxvDKt/cOe
+Av/Z8l6ccw9KHHK7n7QhOLGCdsaSU/qR/1+N+ao1oT8e/hKfxW4js10862KbAdv
qsNcb6LCOYgAl+ZyrjyYtYNBo7jkii+ANfotqrNULGkr7PebMza5ulE1L48F5Mwl
y8pKf6cTQrOTPZmT/vkTYpWMlIQHwFpa5/qDR7Oe6eGfgQncdqSSVSZ5infCmPLB
dwiwEMyTP9piD1Ftw8mo+58yNvcCgYqcxc0VwwaO5h552oe45Lqh49uNiQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBPehsdhy58dHzACiQHUbZuvQ3LfMB8GA1UdIwQY
MBaAFKCmR9rHKfR7BjacTJdBz5Q5U9xZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQt
ZmI2OTgzY2U5ZGZmLzEvRTk2R3gySExueDBmTUFLSkFkUnRtNjlEY3Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQtZmI2OTgzY2U5ZGZm
LzEvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAX43xMA0E
AgACMAcDBQEqE3yAMA0GCSqGSIb3DQEBCwUAA4IBAQAsud5CoHwA7ucAFX3MK8id
xjecWmvoZhQ42dBowiKy+uSMcY4AHh4QqZvuCTjkoJHTpBhnGbDgwwEr7fLQfUT8
z+SrPKIcgBmyudQJHsvkN7utAnCBxEexbf0PtvPX+ljPGJrJIqeVXkclcEb3/nEV
RvCsWbv8t9WA4ct4nqA4YYpEh2VEYdy3yOR5auZ+7Skp7HOnX4exfk38mQHt68ge
D1MCJr6t98r8pwhcILVoqjBu02NGIeuCCiB90Zdoqi+9Qykl8B01SdUAkJA2SXRP
H9NNku0QOiCBwz1+QeGOEMrwoCLVLuOrBM+c3sz9U8f0wla+xnKH3l6f+ZkKwAXF
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:31:13 2024 by rpki-client on console-ams.rpki-client.org