Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/gD1DkC6WAsnGZjOArlBTrpSKjBU.roa
File: gD1DkC6WAsnGZjOArlBTrpSKjBU.roa (raw, json)
Hash identifier: NCKPC6GDJ/ySPuQR6xOb2esVC4ZQzsDcLmSU5jsJQis=
Subject key identifier: 80:3D:43:90:2E:96:02:C9:C6:66:33:80:AE:50:53:AE:94:8A:8C:15
Certificate issuer: /CN=d9f9fa7b944f7e7c60d73ef10b776fc27995a4ed
Certificate serial: 019152401EF379ACE655C9DBD7BA444FE652
Authority key identifier: D9:F9:FA:7B:94:4F:7E:7C:60:D7:3E:F1:0B:77:6F:C2:79:95:A4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fn6e5RPfnxg1z7xC3dvwnmVpO0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/gD1DkC6WAsnGZjOArlBTrpSKjBU.roa
Signing time: Wed 14 Aug 2024 18:56:59 +0000
ROA not before: Wed 14 Aug 2024 18:56:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20661
IP address blocks: 95.85.96.0/19 maxlen: 19
95.85.96.0/24 maxlen: 24
95.85.98.0/24 maxlen: 24
95.85.99.0/24 maxlen: 24
95.85.100.0/22 maxlen: 22
95.85.100.0/24 maxlen: 24
95.85.101.0/24 maxlen: 24
95.85.104.0/22 maxlen: 22
95.85.104.0/24 maxlen: 24
95.85.121.0/24 maxlen: 24
103.220.0.0/22 maxlen: 22
119.235.112.0/20 maxlen: 20
177.93.143.0/24 maxlen: 24
185.69.184.0/24 maxlen: 24
216.250.8.0/21 maxlen: 21
217.174.224.0/20 maxlen: 24
2a05:2180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/2fn6e5RPfnxg1z7xC3dvwnmVpO0.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/2fn6e5RPfnxg1z7xC3dvwnmVpO0.mft
rsync://rpki.ripe.net/repository/DEFAULT/2fn6e5RPfnxg1z7xC3dvwnmVpO0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:52:40:1e:f3:79:ac:e6:55:c9:db:d7:ba:44:4f:e6:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9f9fa7b944f7e7c60d73ef10b776fc27995a4ed
Validity
Not Before: Aug 14 18:56:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=803d43902e9602c9c6663380ae5053ae948a8c15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:bb:04:e2:66:38:9a:06:be:a9:d9:15:89:e1:
65:c4:0c:c9:9e:61:60:87:77:dd:8f:63:2d:21:6e:
31:a8:48:f4:97:ce:fd:f3:33:c1:78:42:a6:ad:af:
61:f8:50:72:6b:21:11:e7:f9:c9:57:81:04:e2:08:
a8:50:ee:ba:ba:67:2a:50:a7:5b:1f:be:a3:9a:18:
c5:f4:c3:eb:a2:f5:0e:47:5b:ff:a4:fb:90:06:9d:
b8:cf:b1:0a:96:fc:09:60:7c:c3:1f:ea:5c:22:0b:
d9:6a:3f:c0:fa:a3:ea:ef:d9:6b:38:53:e1:59:1f:
f7:92:cc:89:bb:0a:24:44:8d:3a:24:a7:6c:c1:61:
1e:82:8d:db:3c:96:3e:4c:9e:2c:75:ad:d3:51:e9:
af:77:ee:04:c8:d9:d1:09:a2:1b:24:40:80:3f:99:
82:25:5d:ee:dd:bf:17:b5:33:ed:4a:6c:b3:a5:81:
4f:f9:35:22:9a:ba:d4:74:e7:9c:70:5e:6a:78:40:
21:f9:c1:a3:c8:87:a5:05:c1:38:7c:e9:8b:b9:f0:
96:5a:1d:37:95:b0:a0:e5:6b:aa:52:fa:23:47:fe:
89:96:4b:77:a6:29:74:3b:a5:0e:66:d1:26:2d:c2:
7b:7b:4e:5b:23:f1:71:87:15:20:87:a4:aa:c5:a6:
c3:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:3D:43:90:2E:96:02:C9:C6:66:33:80:AE:50:53:AE:94:8A:8C:15
X509v3 Authority Key Identifier:
keyid:D9:F9:FA:7B:94:4F:7E:7C:60:D7:3E:F1:0B:77:6F:C2:79:95:A4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fn6e5RPfnxg1z7xC3dvwnmVpO0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/gD1DkC6WAsnGZjOArlBTrpSKjBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/2fn6e5RPfnxg1z7xC3dvwnmVpO0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.85.96.0/19
103.220.0.0/22
119.235.112.0/20
177.93.143.0/24
185.69.184.0/24
216.250.8.0/21
217.174.224.0/20
IPv6:
2a05:2180::/29
Signature Algorithm: sha256WithRSAEncryption
d0:1f:7f:b6:74:4f:45:34:13:0e:53:af:87:89:41:f6:9f:43:
a6:01:ed:aa:b9:a3:1e:2b:d8:9b:4a:46:bd:33:3f:43:c4:56:
f2:90:16:4f:7a:93:35:51:01:c7:9d:db:bf:da:52:fe:99:f4:
f8:2a:50:08:d6:39:4d:25:43:21:b1:62:ce:bc:1c:c7:95:5c:
3e:d4:7e:46:d0:77:a5:86:4e:65:55:2a:66:4f:b0:9e:0b:ad:
54:ba:df:d5:3d:18:54:0a:71:5f:30:e6:8c:f9:ef:c2:9d:c1:
7b:4c:a8:d1:10:fb:9b:15:a1:14:b2:af:bf:05:2b:7a:3e:16:
71:1a:e3:be:a8:c3:1e:b5:9e:c3:53:10:af:6e:d0:2a:1b:5f:
30:d1:dd:78:f3:b9:ae:9f:69:9d:7d:af:63:cb:e1:32:8c:30:
a5:a2:7f:29:f2:e5:c3:42:10:e4:8b:41:24:8a:e4:54:33:0a:
e7:58:13:49:a7:40:bf:58:bd:a8:ec:c6:dd:ca:ce:81:73:af:
9c:8a:16:b3:13:e6:71:e4:f4:7c:60:2a:95:ea:17:fc:ca:f3:
19:30:05:50:29:e5:12:7f:55:1f:2a:46:f5:c4:4c:be:bb:78:
ee:51:fd:13:7d:4e:7b:ca:db:ee:7d:ff:7e:ac:46:b6:2a:c5:
60:e1:a3:fa
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZFSQB7zeazmVcnb17pET+ZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZjlmYTdiOTQ0ZjdlN2M2MGQ3M2VmMTBiNzc2ZmMyNzk5
NWE0ZWQwHhcNMjQwODE0MTg1NjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDNkNDM5MDJlOTYwMmM5YzY2NjMzODBhZTUwNTNhZTk0OGE4YzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorsE4mY4mga+qdkVieFlxAzJnmFg
h3fdj2MtIW4xqEj0l8798zPBeEKmra9h+FByayER5/nJV4EE4gioUO66umcqUKdb
H76jmhjF9MProvUOR1v/pPuQBp24z7EKlvwJYHzDH+pcIgvZaj/A+qPq79lrOFPh
WR/3ksyJuwokRI06JKdswWEego3bPJY+TJ4sda3TUemvd+4EyNnRCaIbJECAP5mC
JV3u3b8XtTPtSmyzpYFP+TUimrrUdOeccF5qeEAh+cGjyIelBcE4fOmLufCWWh03
lbCg5WuqUvojR/6Jlkt3pil0O6UOZtEmLcJ7e05bI/FxhxUgh6SqxabDawIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFIA9Q5AulgLJxmYzgK5QU66UiowVMB8GA1UdIwQY
MBaAFNn5+nuUT358YNc+8Qt3b8J5laTtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZuNmU1UlBmbnhnMXo3eEMzZHZ3bm1WcE8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85ZDQyMDMtMmVlZS00MWRlLThkODUt
MDhiZjIyZjY0MDk3LzEvZ0QxRGtDNldBc25HWmpPQXJsQlRycFNLakJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85ZDQyMDMtMmVlZS00MWRlLThkODUtMDhiZjIyZjY0MDk3
LzEvMmZuNmU1UlBmbnhnMXo3eEMzZHZ3bm1WcE8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQFX1VgAwQC
Z9wAAwQEd+twAwQAsV2PAwQAuUW4AwQD2PoIAwQE2a7gMA0EAgACMAcDBQMqBSGA
MA0GCSqGSIb3DQEBCwUAA4IBAQDQH3+2dE9FNBMOU6+HiUH2n0OmAe2quaMeK9ib
Ska9Mz9DxFbykBZPepM1UQHHndu/2lL+mfT4KlAI1jlNJUMhsWLOvBzHlVw+1H5G
0Helhk5lVSpmT7CeC61Uut/VPRhUCnFfMOaM+e/CncF7TKjREPubFaEUsq+/BSt6
PhZxGuO+qMMetZ7DUxCvbtAqG18w0d1487mun2mdfa9jy+EyjDClon8p8uXDQhDk
i0EkiuRUMwrnWBNJp0C/WL2o7Mbdys6Bc6+cihazE+Zx5PR8YCqV6hf8yvMZMAVQ
KeUSf1UfKkb1xEy+u3juUf0TfU57ytvuff9+rEa2KsVg4aP6
-----END CERTIFICATE-----
Generated at Fri Dec 27 23:06:35 2024 by rpki-client on console-ams.rpki-client.org