Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/335h-rjG5QMRrhYrvySBGeGRbug.roa
File: 335h-rjG5QMRrhYrvySBGeGRbug.roa (raw, json)
Hash identifier: uYV/ff0kIR+uDlWGGkG1KgnJn+PipQDJoKzUJMi5SdE=
Subject key identifier: DF:7E:61:FA:B8:C6:E5:03:11:AE:16:2B:BF:24:81:19:E1:91:6E:E8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01922D57EB404E6DF2C8529410AF7652F8A3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/335h-rjG5QMRrhYrvySBGeGRbug.roa
Signing time: Thu 26 Sep 2024 07:59:49 +0000
ROA not before: Thu 26 Sep 2024 07:59:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215479
IP address blocks: 95.214.27.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2d:57:eb:40:4e:6d:f2:c8:52:94:10:af:76:52:f8:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 26 07:59:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df7e61fab8c6e50311ae162bbf248119e1916ee8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:71:1e:cb:ee:41:0f:a4:48:09:fc:0b:35:d1:
46:9f:6f:c5:ca:5d:3d:dd:0e:3a:d4:c5:7a:39:d1:
5e:21:7d:6d:85:44:44:48:61:f0:c4:4f:26:4d:3b:
e4:32:07:99:2c:a7:cd:d7:8b:33:12:7a:79:c0:b6:
59:67:09:cf:50:30:97:67:55:9e:b6:2e:71:8b:bb:
71:ab:e2:dd:62:6f:6e:6d:0b:25:d2:32:8b:ff:07:
4b:af:e7:ff:18:c4:6d:62:7a:3d:da:85:95:f5:6b:
de:24:1f:95:62:97:c0:d9:cc:ee:bb:f9:f1:33:d3:
b5:e1:e1:d3:7e:c0:9b:fd:1b:c2:4c:ff:c7:ea:19:
47:65:89:a0:30:8d:cf:7e:69:70:96:7d:de:7d:40:
2d:d6:10:35:0a:9f:9c:dc:1e:32:38:8a:2e:40:cb:
ee:6c:9e:ce:42:22:0b:95:17:88:87:81:19:57:47:
4c:d8:e9:fa:a9:93:3d:e8:da:a7:ee:eb:4f:37:6e:
5f:4a:57:52:ba:e8:a6:51:9e:4d:df:03:3c:bf:8f:
17:d2:45:f8:07:69:7a:c7:1f:1a:31:5d:75:cc:43:
91:4f:bf:40:e6:0d:65:fb:ec:73:7b:35:2e:94:f2:
ea:0d:0b:95:e3:6c:ba:db:12:7a:46:35:ed:64:e5:
2a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:7E:61:FA:B8:C6:E5:03:11:AE:16:2B:BF:24:81:19:E1:91:6E:E8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/335h-rjG5QMRrhYrvySBGeGRbug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.27.0/24
178.215.238.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:ce:90:34:05:33:bf:21:6d:a8:ec:0f:51:c0:9b:a9:ce:40:
f7:4e:28:ca:6f:e8:3a:5a:95:80:06:e2:0a:62:a6:46:42:ae:
33:b3:9a:c7:7b:e2:4e:8d:67:06:d8:29:13:f2:29:e9:65:f3:
0f:de:34:6b:3f:df:f7:99:0a:43:8c:56:d8:60:ca:e5:15:08:
73:6e:1f:58:d8:79:93:0f:4f:37:e5:63:3e:3e:e3:a4:ad:3d:
bb:11:77:5f:c4:40:60:73:5b:cb:ed:42:2c:96:bf:63:f9:21:
fd:7b:5d:5f:c7:79:38:2b:25:39:37:bc:8c:75:8b:10:72:14:
90:aa:8f:42:46:5f:6d:9a:20:73:36:01:70:5b:58:9f:ce:db:
21:08:2f:f9:2d:78:40:52:0e:a8:42:6e:83:b7:f8:93:39:b2:
84:a5:ca:9f:eb:42:fc:b4:08:39:42:aa:c9:a1:08:b6:76:e8:
77:50:4c:75:10:5f:6a:4d:4e:1a:37:65:eb:1f:6d:de:d7:e4:
c5:bc:c7:b7:ce:97:f5:a0:36:07:9b:01:4a:20:94:be:ef:09:
63:b9:a7:7d:2a:9e:a8:56:87:63:82:21:88:68:dc:65:8f:58:
10:de:18:f3:f8:1b:f8:31:49:ef:98:8b:67:a0:af:ce:17:c7:
7e:22:40:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZItV+tATm3yyFKUEK92UvijMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwOTI2MDc1OTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjdlNjFmYWI4YzZlNTAzMTFhZTE2MmJiZjI0ODExOWUxOTE2ZWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03Eey+5BD6RICfwLNdFGn2/Fyl09
3Q461MV6OdFeIX1thURESGHwxE8mTTvkMgeZLKfN14szEnp5wLZZZwnPUDCXZ1We
ti5xi7txq+LdYm9ubQsl0jKL/wdLr+f/GMRtYno92oWV9WveJB+VYpfA2czuu/nx
M9O14eHTfsCb/RvCTP/H6hlHZYmgMI3Pfmlwln3efUAt1hA1Cp+c3B4yOIouQMvu
bJ7OQiILlReIh4EZV0dM2On6qZM96Nqn7utPN25fSldSuuimUZ5N3wM8v48X0kX4
B2l6xx8aMV11zEORT79A5g1l++xzezUulPLqDQuV42y62xJ6RjXtZOUq4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN9+Yfq4xuUDEa4WK78kgRnhkW7oMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMzM1aC1yakc1UU1ScmhZcnZ5U0JHZUdSYnVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX9YbAwQA
stfuMA0GCSqGSIb3DQEBCwUAA4IBAQB/zpA0BTO/IW2o7A9RwJupzkD3TijKb+g6
WpWABuIKYqZGQq4zs5rHe+JOjWcG2CkT8inpZfMP3jRrP9/3mQpDjFbYYMrlFQhz
bh9Y2HmTD0835WM+PuOkrT27EXdfxEBgc1vL7UIslr9j+SH9e11fx3k4KyU5N7yM
dYsQchSQqo9CRl9tmiBzNgFwW1ifztshCC/5LXhAUg6oQm6Dt/iTObKEpcqf60L8
tAg5QqrJoQi2duh3UEx1EF9qTU4aN2XrH23e1+TFvMe3zpf1oDYHmwFKIJS+7wlj
uad9Kp6oVodjgiGIaNxlj1gQ3hjz+Bv4MUnvmItnoK/OF8d+IkCs
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:44:02 2024 by rpki-client on console-fra.rpki-client.org