Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CV2fNQHYokkMNO89oZ7-M0qF4dA.roa
File: CV2fNQHYokkMNO89oZ7-M0qF4dA.roa (raw, json)
Hash identifier: YnpZRqHmfjr1fl3P67NoO7L9tYJRP3lFQbH7loTTG9s=
Subject key identifier: 09:5D:9F:35:01:D8:A2:49:0C:34:EF:3D:A1:9E:FE:33:4A:85:E1:D0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCFBB09DBEA6AE8DFB4D9321CE2A2E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CV2fNQHYokkMNO89oZ7-M0qF4dA.roa
Signing time: Tue 02 Jan 2024 06:29:34 +0000
ROA not before: Tue 02 Jan 2024 06:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200033
IP address blocks: 94.156.135.0/24 maxlen: 24
94.156.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:fb:b0:9d:be:a6:ae:8d:fb:4d:93:21:ce:2a:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=095d9f3501d8a2490c34ef3da19efe334a85e1d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:34:2c:81:fa:53:95:cd:df:a6:9a:46:10:24:
03:52:95:bd:23:95:2d:f9:f4:9a:30:ba:12:29:b8:
41:ec:ae:62:c3:e3:55:d7:2b:49:f2:cf:4a:ae:7e:
e4:b7:30:cf:77:40:b6:75:e6:54:52:df:bf:95:69:
f7:48:eb:3d:50:a0:89:85:86:73:70:50:3e:68:9a:
5f:25:eb:29:f2:ed:65:22:e7:ba:c4:46:81:99:47:
f9:a8:95:7d:83:94:fc:6a:5f:f7:c9:bc:76:09:31:
8f:7c:3d:10:88:49:f9:75:a4:80:50:ed:29:27:e2:
96:4b:c2:bd:c8:54:13:03:ee:63:98:eb:02:cd:5b:
10:58:23:fb:8f:6e:06:9c:7f:d4:aa:97:04:51:14:
8c:ec:0c:84:de:c4:5d:a3:87:5b:da:bf:51:bb:4f:
d8:11:3a:57:9c:7b:48:97:11:f8:aa:24:1d:d9:4d:
b0:ff:35:38:fd:ac:47:c0:b6:83:64:ab:6b:5e:ea:
b6:2a:44:c1:01:7d:20:49:d9:64:48:82:13:f4:0e:
73:cf:4c:aa:94:53:7b:b0:a1:24:fc:82:52:dc:78:
e3:03:3f:b1:23:ca:70:16:75:b7:10:50:3b:35:9b:
9f:5d:63:2a:93:21:47:3b:fa:48:7f:eb:4e:5e:55:
50:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:5D:9F:35:01:D8:A2:49:0C:34:EF:3D:A1:9E:FE:33:4A:85:E1:D0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CV2fNQHYokkMNO89oZ7-M0qF4dA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.134.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:d5:7f:16:04:eb:c9:7d:9c:be:2a:d7:ea:9a:e5:7b:07:5a:
96:9e:82:74:1c:e2:dc:f8:34:55:29:13:aa:77:12:87:a3:54:
d0:ba:85:ec:d4:7f:f5:1f:b9:45:c6:e7:a0:e1:9d:0e:c2:ee:
f0:4b:52:b9:9c:64:26:36:b0:75:e8:72:3f:a6:c4:a3:39:d3:
c2:a1:71:db:65:24:7b:f5:90:10:ba:02:64:8c:11:09:cb:90:
15:3b:31:d4:04:38:b3:d2:2a:0f:66:f0:c8:05:7e:1f:02:58:
41:e7:a1:77:c5:83:b2:7c:5f:f6:8b:38:e9:a9:e7:6f:a9:ad:
7a:06:1f:43:af:7d:1b:8a:70:04:8a:c0:06:ee:d9:35:ad:fa:
01:5a:f4:38:31:dd:7b:d9:35:0a:3c:84:cf:e1:b2:ef:7e:1a:
5a:56:f0:91:35:94:bf:79:45:e5:36:92:92:31:18:25:ae:61:
0d:70:8e:4f:0b:4e:a3:b1:cb:b0:92:f1:06:8c:4e:cf:6e:f2:
8e:5b:91:2a:37:7e:98:4a:6e:19:20:27:10:7a:49:85:9c:e1:
7a:d5:76:5a:1e:a5:85:f6:2a:7c:29:da:1d:fb:87:2e:a4:cc:
5d:1a:6d:94:0c:a9:99:75:36:74:2a:c1:39:5f:4d:15:69:65:
54:ae:98:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3Puwnb6mro37TZMhziouMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTVkOWYzNTAxZDhhMjQ5MGMzNGVmM2RhMTllZmUzMzRhODVlMWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DQsgfpTlc3fpppGECQDUpW9I5Ut
+fSaMLoSKbhB7K5iw+NV1ytJ8s9Krn7ktzDPd0C2deZUUt+/lWn3SOs9UKCJhYZz
cFA+aJpfJesp8u1lIue6xEaBmUf5qJV9g5T8al/3ybx2CTGPfD0QiEn5daSAUO0p
J+KWS8K9yFQTA+5jmOsCzVsQWCP7j24GnH/UqpcEURSM7AyE3sRdo4db2r9Ru0/Y
ETpXnHtIlxH4qiQd2U2w/zU4/axHwLaDZKtrXuq2KkTBAX0gSdlkSIIT9A5zz0yq
lFN7sKEk/IJS3HjjAz+xI8pwFnW3EFA7NZufXWMqkyFHO/pIf+tOXlVQpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAldnzUB2KJJDDTvPaGe/jNKheHQMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQ1YyZk5RSFlva2tNTk84OW9aNy1NMHFGNGRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXpyGMA0G
CSqGSIb3DQEBCwUAA4IBAQBu1X8WBOvJfZy+KtfqmuV7B1qWnoJ0HOLc+DRVKROq
dxKHo1TQuoXs1H/1H7lFxueg4Z0Owu7wS1K5nGQmNrB16HI/psSjOdPCoXHbZSR7
9ZAQugJkjBEJy5AVOzHUBDiz0ioPZvDIBX4fAlhB56F3xYOyfF/2izjpqedvqa16
Bh9Dr30binAEisAG7tk1rfoBWvQ4Md172TUKPITP4bLvfhpaVvCRNZS/eUXlNpKS
MRglrmENcI5PC06jscuwkvEGjE7PbvKOW5EqN36YSm4ZICcQekmFnOF61XZaHqWF
9ip8Kdod+4cupMxdGm2UDKmZdTZ0KsE5X00VaWVUrpi8
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:21:13 2024 by rpki-client on console-ams.rpki-client.org