Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/kR1zvHVVOCJnJbI_VoKEpFHRfSs.roa
File: kR1zvHVVOCJnJbI_VoKEpFHRfSs.roa (raw, json)
Hash identifier: 4pm4Ljyf9IDfRPrF198bmqdKyLRDjCE2jqUwpDjV3Ak=
Subject key identifier: 91:1D:73:BC:75:55:38:22:67:25:B2:3F:56:82:84:A4:51:D1:7D:2B
Certificate issuer: /CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Certificate serial: 018CC94ADF23490943D5D74AD73EC4291BFC
Authority key identifier: 97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/kR1zvHVVOCJnJbI_VoKEpFHRfSs.roa
Signing time: Tue 02 Jan 2024 08:29:36 +0000
ROA not before: Tue 02 Jan 2024 08:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48960
IP address blocks: 95.173.200.0/24 maxlen: 24
2a02:a48::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/l8yglS24qp_l5XA8bxiaBqV_S7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/l8yglS24qp_l5XA8bxiaBqV_S7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:df:23:49:09:43:d5:d7:4a:d7:3e:c4:29:1b:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Validity
Not Before: Jan 2 08:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=911d73bc755538226725b23f568284a451d17d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:49:83:a8:dc:3e:43:10:bc:e4:13:4e:ac:9d:
b8:0e:c2:70:c9:13:91:8e:75:f3:d5:ec:d8:14:88:
29:65:a0:59:e2:3e:35:55:18:11:f0:86:98:d4:37:
2e:c4:f3:23:f8:22:67:7e:af:ad:f1:b4:bc:48:7b:
bd:d4:5a:f6:ef:a8:45:b7:cd:d5:ad:59:03:53:ee:
a4:52:dc:13:e1:3c:dd:ab:d5:63:ec:f4:eb:c1:03:
49:ee:47:ce:d2:e1:f0:99:8c:2e:44:65:2c:a4:2a:
45:fc:06:63:b4:b1:65:60:44:a3:4c:67:7c:8b:64:
41:12:db:74:dc:86:97:e8:37:04:c7:f8:f1:8f:47:
cc:78:58:ef:2d:fe:69:f6:10:c7:07:cd:5f:d6:10:
10:d4:a2:1e:13:8c:30:78:c7:e4:03:10:99:fc:69:
9b:04:45:2c:e3:1f:b2:46:73:a5:64:fb:5c:1b:2a:
08:b3:5e:56:03:b2:31:b1:98:26:af:70:15:65:8d:
40:eb:a0:bb:5d:1e:87:e5:66:73:08:f6:8d:6f:0b:
84:2d:fb:56:0a:62:c7:f7:52:2e:a8:cb:26:3b:ac:
6e:d0:a0:fb:60:00:5c:e3:a0:69:2b:5e:c4:71:a7:
b0:71:09:d0:f0:35:14:18:de:61:af:b7:b7:de:13:
48:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:1D:73:BC:75:55:38:22:67:25:B2:3F:56:82:84:A4:51:D1:7D:2B
X509v3 Authority Key Identifier:
keyid:97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/kR1zvHVVOCJnJbI_VoKEpFHRfSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/l8yglS24qp_l5XA8bxiaBqV_S7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.173.200.0/24
IPv6:
2a02:a48::/32
Signature Algorithm: sha256WithRSAEncryption
00:a5:dd:51:d0:ef:42:4a:44:36:7a:f4:5c:62:94:30:01:20:
79:3b:29:10:d7:ac:76:f4:31:ae:d3:7c:a8:c6:b3:0a:72:0b:
29:da:38:5d:32:fa:75:72:46:51:a8:f7:77:92:eb:9e:36:ae:
65:f5:86:24:40:c8:ed:b7:90:60:37:6e:ee:22:5e:10:e1:a4:
83:33:64:05:e8:77:93:69:3a:62:e5:4c:c3:5a:40:65:d8:65:
0d:34:c3:a0:48:41:6c:ed:e8:76:0e:eb:df:e8:88:63:b3:5c:
c9:2f:f5:01:3c:e3:16:67:d2:ef:f6:9b:c9:1f:c5:dc:3f:ef:
e1:1e:4f:e8:11:11:3a:81:0d:f0:1d:84:6b:26:4e:33:09:cc:
e3:57:52:ae:a0:ef:21:a0:2b:bb:3e:fc:7a:0d:9f:87:4c:9e:
53:3a:90:83:6d:35:44:e4:5f:4b:39:37:0f:d5:f8:60:7a:b0:
c8:74:87:88:5d:c8:84:8e:dd:ac:48:d6:ce:82:49:38:68:ae:
d6:b6:e6:fc:0d:70:32:9a:f5:01:3b:79:2b:95:27:bb:c9:4a:
f9:d1:f9:99:19:67:2e:aa:8c:0c:63:0c:4f:a8:d4:5e:ea:e6:
84:21:51:3e:7e:fe:d7:6b:0e:dc:f0:96:3e:98:1d:97:47:d9:
2f:07:82:d1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJSt8jSQlD1ddK1z7EKRv8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3Y2NhMDk1MmRiOGFhOWZlNWU1NzAzYzZmMTg5YTA2YTU3
ZjRiYjEwHhcNMjQwMTAyMDgyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTFkNzNiYzc1NTUzODIyNjcyNWIyM2Y1NjgyODRhNDUxZDE3ZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokmDqNw+QxC85BNOrJ24DsJwyROR
jnXz1ezYFIgpZaBZ4j41VRgR8IaY1DcuxPMj+CJnfq+t8bS8SHu91Fr276hFt83V
rVkDU+6kUtwT4Tzdq9Vj7PTrwQNJ7kfO0uHwmYwuRGUspCpF/AZjtLFlYESjTGd8
i2RBEtt03IaX6DcEx/jxj0fMeFjvLf5p9hDHB81f1hAQ1KIeE4wweMfkAxCZ/Gmb
BEUs4x+yRnOlZPtcGyoIs15WA7IxsZgmr3AVZY1A66C7XR6H5WZzCPaNbwuELftW
CmLH91IuqMsmO6xu0KD7YABc46BpK17EcaewcQnQ8DUUGN5hr7e33hNI/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJEdc7x1VTgiZyWyP1aChKRR0X0rMB8GA1UdIwQY
MBaAFJfMoJUtuKqf5eVwPG8Ymgalf0uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYt
NWQ2ZGQwYmE1MmNmLzEva1IxenZIVlZPQ0puSmJJX1ZvS0VwRkhSZlNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYtNWQ2ZGQwYmE1MmNm
LzEvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAX63IMA0E
AgACMAcDBQAqAgpIMA0GCSqGSIb3DQEBCwUAA4IBAQAApd1R0O9CSkQ2evRcYpQw
ASB5OykQ16x29DGu03yoxrMKcgsp2jhdMvp1ckZRqPd3kuueNq5l9YYkQMjtt5Bg
N27uIl4Q4aSDM2QF6HeTaTpi5UzDWkBl2GUNNMOgSEFs7eh2Duvf6Ihjs1zJL/UB
POMWZ9Lv9pvJH8XcP+/hHk/oERE6gQ3wHYRrJk4zCczjV1KuoO8hoCu7Pvx6DZ+H
TJ5TOpCDbTVE5F9LOTcP1fhgerDIdIeIXciEjt2sSNbOgkk4aK7Wtub8DXAymvUB
O3krlSe7yUr50fmZGWcuqowMYwxPqNRe6uaEIVE+fv7Xaw7c8JY+mB2XR9kvB4LR
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:50:51 2024 by rpki-client on console-fra.rpki-client.org