Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/h-lolfbw6h-hfoY26t2f47lCLho.roa
File: h-lolfbw6h-hfoY26t2f47lCLho.roa (raw, json)
Hash identifier: DkyBd9a7qxe75fdT2c6L0B3PkxGRdsd7BkRzjrylOeY=
Subject key identifier: 87:E9:68:95:F6:F0:EA:1F:A1:7E:86:36:EA:DD:9F:E3:B9:42:2E:1A
Certificate issuer: /CN=5ee004befa553ddb35564fb7762b05eb222ecf93
Certificate serial: 018CC2DB498124A04940F5354E83B68564D5
Authority key identifier: 5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/h-lolfbw6h-hfoY26t2f47lCLho.roa
Signing time: Mon 01 Jan 2024 02:30:00 +0000
ROA not before: Mon 01 Jan 2024 02:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8561
IP address blocks: 185.95.96.0/23 maxlen: 24
185.95.98.0/23 maxlen: 24
2a00:1c3e:96::/47 maxlen: 48
2a00:1c3e:98::/47 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 16:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:49:81:24:a0:49:40:f5:35:4e:83:b6:85:64:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee004befa553ddb35564fb7762b05eb222ecf93
Validity
Not Before: Jan 1 02:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87e96895f6f0ea1fa17e8636eadd9fe3b9422e1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:0a:eb:4b:ee:3c:4e:49:84:3f:e5:74:2f:3e:
8c:6b:d2:93:08:b9:e1:37:75:47:62:84:9b:64:db:
8f:ca:9d:d1:be:9d:ed:c1:1a:fe:c5:51:88:5c:45:
5e:73:c8:20:c8:f1:ba:34:dc:cc:c3:11:7b:82:19:
90:b2:86:22:f7:36:33:b0:2f:76:34:d6:6c:8a:24:
dd:8e:3a:96:64:f4:7b:56:15:c9:f1:69:e3:a8:4c:
21:d4:01:7c:2e:c3:c2:45:85:38:ad:8f:69:c7:6d:
e6:e9:47:b3:10:d8:6a:69:05:96:28:b4:22:1d:95:
f5:50:ec:64:ab:08:a3:21:3c:17:12:2f:34:d8:11:
2d:c1:ec:54:fe:1c:a4:3a:cc:0e:cf:f0:56:c4:04:
b3:59:f0:5a:5f:f7:f7:2f:7e:dd:5d:3a:fd:e8:9d:
d1:7d:fc:66:32:ec:71:89:b7:e6:38:b3:6c:00:b1:
a8:4f:86:b8:d2:d2:ca:dc:ac:ce:bc:2e:72:ff:aa:
2d:ae:f2:97:9c:8a:c1:d5:13:aa:45:b2:28:7e:33:
23:27:e7:01:9c:90:02:62:83:51:f7:ef:34:c3:8d:
14:4c:c7:ac:97:47:39:ec:8c:16:80:6e:16:e0:95:
15:a6:70:34:de:ff:7a:e4:0d:6e:cd:7d:13:c4:6f:
e1:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:E9:68:95:F6:F0:EA:1F:A1:7E:86:36:EA:DD:9F:E3:B9:42:2E:1A
X509v3 Authority Key Identifier:
keyid:5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/h-lolfbw6h-hfoY26t2f47lCLho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.96.0/22
IPv6:
2a00:1c3e:96::-2a00:1c3e:99:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
61:fb:9f:d4:fd:c4:e0:e9:4f:26:e0:f0:eb:48:a7:fe:83:ef:
3b:2e:f5:e1:e8:e5:d6:f7:7f:2e:c1:83:6a:3d:e4:12:bd:3e:
3e:87:1a:23:8e:f4:68:55:d7:1a:99:a1:08:e4:57:95:5a:19:
b0:88:ce:97:f0:57:7c:fc:18:8c:aa:b2:1e:81:ae:80:bd:08:
c7:ba:2a:08:bd:18:6d:96:2f:ae:81:bb:ee:b2:d8:33:f7:88:
69:18:aa:33:26:89:a2:bb:d2:b6:b7:1b:ea:ee:98:cb:ac:cc:
b9:49:54:99:de:4f:6d:6f:fc:4a:85:11:03:33:dc:a8:33:d3:
6b:77:3a:6b:06:c9:ac:de:f8:1b:6d:81:5c:1f:f4:6d:1e:47:
d8:1b:c1:be:20:92:fb:d4:27:65:18:25:80:a8:c3:9a:08:52:
8a:67:9e:a9:6d:17:37:5f:a3:7c:c1:66:84:de:1b:b9:a9:e4:
ad:41:5a:6e:2d:cc:09:63:1a:07:5e:0e:40:da:ca:58:35:ce:
87:92:09:cd:2e:d6:b6:6d:fb:19:13:25:ca:aa:ed:3d:dd:b9:
da:9f:b8:df:9b:f5:ad:ff:74:7c:48:f1:41:00:da:9e:20:b6:
a2:e6:1e:e6:ea:cd:9d:ca:e4:97:9b:e5:10:03:a5:f1:ae:fe:
02:95:77:39
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzC20mBJKBJQPU1ToO2hWTVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTAwNGJlZmE1NTNkZGIzNTU2NGZiNzc2MmIwNWViMjIy
ZWNmOTMwHhcNMjQwMTAxMDIzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2U5Njg5NWY2ZjBlYTFmYTE3ZTg2MzZlYWRkOWZlM2I5NDIyZTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4QrrS+48TkmEP+V0Lz6Ma9KTCLnh
N3VHYoSbZNuPyp3Rvp3twRr+xVGIXEVec8ggyPG6NNzMwxF7ghmQsoYi9zYzsC92
NNZsiiTdjjqWZPR7VhXJ8WnjqEwh1AF8LsPCRYU4rY9px23m6UezENhqaQWWKLQi
HZX1UOxkqwijITwXEi802BEtwexU/hykOswOz/BWxASzWfBaX/f3L37dXTr96J3R
ffxmMuxxibfmOLNsALGoT4a40tLK3KzOvC5y/6otrvKXnIrB1ROqRbIofjMjJ+cB
nJACYoNR9+80w40UTMesl0c57IwWgG4W4JUVpnA03v965A1uzX0TxG/hbQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIfpaJX28OofoX6GNurdn+O5Qi4aMB8GA1UdIwQY
MBaAFF7gBL76VT3bNVZPt3YrBesiLs+TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVBRXZ2cFZQZHMxVmstM2Rpc0Y2eUl1ejVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zYzM1ZWEtN2M5YS00OGUyLWIzYjIt
ZTIyOGFhYjQ1MDE0LzEvaC1sb2xmYnc2aC1oZm9ZMjZ0MmY0N2xDTGhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zYzM1ZWEtN2M5YS00OGUyLWIzYjItZTIyOGFhYjQ1MDE0
LzEvWHVBRXZ2cFZQZHMxVmstM2Rpc0Y2eUl1ejVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuV9gMBoE
AgACMBQwEgMHASoAHD4AlgMHASoAHD4AmDANBgkqhkiG9w0BAQsFAAOCAQEAYfuf
1P3E4OlPJuDw60in/oPvOy714ejl1vd/LsGDaj3kEr0+PocaI470aFXXGpmhCORX
lVoZsIjOl/BXfPwYjKqyHoGugL0Ix7oqCL0YbZYvroG77rLYM/eIaRiqMyaJorvS
trcb6u6Yy6zMuUlUmd5PbW/8SoURAzPcqDPTa3c6awbJrN74G22BXB/0bR5H2BvB
viCS+9QnZRglgKjDmghSimeeqW0XN1+jfMFmhN4buankrUFabi3MCWMaB14OQNrK
WDXOh5IJzS7Wtm37GRMlyqrtPd252p+435v1rf90fEjxQQDaniC2ouYe5urNncrk
l5vlEAOl8a7+ApV3OQ==
-----END CERTIFICATE-----
Generated at Mon Jul 1 23:12:15 2024 by rpki-client on console-ams.rpki-client.org