Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/spdFtkDzTd95_Q0jDZtbBL7Da_0.roa
File: spdFtkDzTd95_Q0jDZtbBL7Da_0.roa (raw, json)
Hash identifier: LFFIgiq69LVWW/JZ89pEpDBpXGX1BpHa/ml7OEy/FpM=
Subject key identifier: B2:97:45:B6:40:F3:4D:DF:79:FD:0D:23:0D:9B:5B:04:BE:C3:6B:FD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D3AC8C2593894E44230A379E99AF3AADB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/spdFtkDzTd95_Q0jDZtbBL7Da_0.roa
Signing time: Wed 24 Jan 2024 09:24:11 +0000
ROA not before: Wed 24 Jan 2024 09:24:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215707
IP address blocks: 94.156.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3a:c8:c2:59:38:94:e4:42:30:a3:79:e9:9a:f3:aa:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 24 09:24:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b29745b640f34ddf79fd0d230d9b5b04bec36bfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:2b:21:6b:72:98:97:f2:dc:92:b0:74:72:6a:
e4:49:56:3c:a0:57:eb:10:6e:1f:96:a5:f4:b0:4a:
f9:1c:9a:39:dc:5a:a6:a4:cc:f3:5f:ed:89:64:cc:
c0:37:98:54:79:20:81:9e:73:d6:0a:2a:9a:d2:64:
c2:1e:6b:4e:ec:f8:eb:35:5a:fb:86:26:e6:cb:30:
74:3f:3e:a6:d2:03:a1:86:01:df:b5:f5:83:80:0f:
04:ca:aa:99:17:b3:97:93:8f:27:44:4b:80:6e:0a:
77:d9:bb:32:f4:ba:4e:ee:59:94:d9:42:cb:4b:03:
1d:b9:ab:e4:ac:a9:75:fb:b3:2c:00:b6:a5:d4:0c:
4a:8d:c9:e7:23:40:71:97:87:68:56:5f:8d:b1:af:
af:f0:2b:79:74:e7:0f:2f:ff:cd:3b:b2:eb:6f:91:
b0:45:ef:64:08:03:78:01:a5:2c:e3:53:01:ec:98:
2c:3e:49:15:82:cb:66:bf:0d:92:b6:dd:de:84:85:
4b:c1:a5:14:96:10:64:2b:96:de:dd:d0:2d:ac:2f:
4e:92:2b:5d:b5:a4:0d:59:2f:d6:73:8d:10:5b:89:
46:0e:2f:4d:23:4e:88:2d:0d:60:03:be:0f:49:54:
9c:d6:d2:50:1f:f4:f1:aa:9a:bf:41:9b:7b:5b:f5:
55:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:97:45:B6:40:F3:4D:DF:79:FD:0D:23:0D:9B:5B:04:BE:C3:6B:FD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/spdFtkDzTd95_Q0jDZtbBL7Da_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.74.0/24
Signature Algorithm: sha256WithRSAEncryption
02:d7:58:89:32:00:9d:c2:ea:2b:b5:29:07:f6:19:26:3c:3d:
4b:75:f7:d7:a2:a7:6c:b4:a1:b3:72:3c:9d:b2:0c:4a:cd:97:
04:d5:d1:bd:ef:44:35:0a:a2:55:3f:b8:50:9d:08:81:33:91:
df:90:41:06:e5:9d:aa:e9:6b:74:e6:8d:01:8f:d1:87:7e:1d:
12:6e:ad:9e:65:5a:a4:13:07:72:c4:7f:c5:14:5e:11:77:83:
d4:57:38:52:85:ed:ee:46:63:81:c9:d0:99:70:a7:bf:cb:25:
55:f3:bd:36:8f:97:d6:63:5c:3f:b6:ae:30:af:d0:ae:12:7b:
48:f2:b9:b7:5d:4a:53:d4:56:51:7f:20:ff:5d:5c:7e:d0:91:
ec:59:77:07:2f:ee:98:e4:11:da:3a:df:38:da:83:b5:f3:7a:
6b:9e:60:09:a1:0a:b6:0d:7b:11:38:e3:fc:c7:20:39:4f:83:
59:ba:9e:6a:bb:f6:be:80:84:88:64:74:b7:9a:8c:95:56:35:
e0:0e:85:ae:62:62:27:4d:43:c9:3e:ce:62:8d:6d:ec:c9:ce:
a7:69:30:38:c3:a9:af:5a:78:c4:a4:a0:e1:f6:18:88:ec:b7:
37:58:e0:2e:48:6e:09:da:9f:2b:f1:21:b5:e5:b5:28:3c:b6:
84:bb:db:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY06yMJZOJTkQjCjeema86rbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTI0MDkyNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjk3NDViNjQwZjM0ZGRmNzlmZDBkMjMwZDliNWIwNGJlYzM2YmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhisha3KYl/LckrB0cmrkSVY8oFfr
EG4flqX0sEr5HJo53FqmpMzzX+2JZMzAN5hUeSCBnnPWCiqa0mTCHmtO7PjrNVr7
hibmyzB0Pz6m0gOhhgHftfWDgA8EyqqZF7OXk48nREuAbgp32bsy9LpO7lmU2ULL
SwMduavkrKl1+7MsALal1AxKjcnnI0Bxl4doVl+Nsa+v8Ct5dOcPL//NO7Lrb5Gw
Re9kCAN4AaUs41MB7JgsPkkVgstmvw2Stt3ehIVLwaUUlhBkK5be3dAtrC9Okitd
taQNWS/Wc40QW4lGDi9NI06ILQ1gA74PSVSc1tJQH/Txqpq/QZt7W/VVUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLKXRbZA803fef0NIw2bWwS+w2v9MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvc3BkRnRrRHpUZDk1X1EwakRadGJCTDdEYV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXpxKMA0G
CSqGSIb3DQEBCwUAA4IBAQAC11iJMgCdwuortSkH9hkmPD1LdffXoqdstKGzcjyd
sgxKzZcE1dG970Q1CqJVP7hQnQiBM5HfkEEG5Z2q6Wt05o0Bj9GHfh0Sbq2eZVqk
EwdyxH/FFF4Rd4PUVzhShe3uRmOBydCZcKe/yyVV8702j5fWY1w/tq4wr9CuEntI
8rm3XUpT1FZRfyD/XVx+0JHsWXcHL+6Y5BHaOt842oO183prnmAJoQq2DXsROOP8
xyA5T4NZup5qu/a+gISIZHS3moyVVjXgDoWuYmInTUPJPs5ijW3syc6naTA4w6mv
WnjEpKDh9hiI7Lc3WOAuSG4J2p8r8SG15bUoPLaEu9s/
-----END CERTIFICATE-----
Generated at Sat Apr 27 17:58:07 2024 by rpki-client on console-ams.rpki-client.org