Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/lES1J-HfS5oAUx6lSdYmZyW1fR4.roa
File: lES1J-HfS5oAUx6lSdYmZyW1fR4.roa (raw, json)
Hash identifier: sbZGOBGiCtH+F+Ly9zJfDmhbNZAYp54rnSwJ1tfFbLw=
Subject key identifier: 94:44:B5:27:E1:DF:4B:9A:00:53:1E:A5:49:D6:26:67:25:B5:7D:1E
Certificate issuer: /CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Certificate serial: 019001C3292F056575C9BBA5AB0AE41D330B
Authority key identifier: 97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/lES1J-HfS5oAUx6lSdYmZyW1fR4.roa
Signing time: Mon 10 Jun 2024 10:48:05 +0000
ROA not before: Mon 10 Jun 2024 10:48:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60606
IP address blocks: 95.173.212.0/24 maxlen: 24
185.2.42.0/24 maxlen: 24
2a06:5d80::/32 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/l8yglS24qp_l5XA8bxiaBqV_S7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/l8yglS24qp_l5XA8bxiaBqV_S7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 19:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:01:c3:29:2f:05:65:75:c9:bb:a5:ab:0a:e4:1d:33:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Validity
Not Before: Jun 10 10:48:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9444b527e1df4b9a00531ea549d6266725b57d1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b5:4d:1c:60:52:ab:b9:4c:25:07:98:50:36:
9d:c6:37:43:3f:68:20:36:14:8c:41:24:f4:05:ff:
9b:17:d5:d9:1e:db:3f:b8:09:33:bc:f2:10:33:ac:
57:ef:94:2b:2c:33:a4:41:73:9c:24:4c:4a:79:6d:
65:9e:1f:cd:be:9f:ad:61:76:2f:fa:13:d2:8d:e9:
d0:7c:16:ca:78:0b:66:9c:93:ac:44:39:ba:9e:f6:
2f:e5:47:76:62:db:1f:5f:8a:c7:60:5e:7b:a0:8a:
12:81:6b:b6:4e:7e:c2:27:fe:9e:6d:67:0d:e4:0a:
48:ff:c2:c9:06:51:2f:fe:e4:de:21:86:6d:8b:95:
84:67:4c:ed:20:11:94:0d:4a:08:f8:36:48:3b:55:
d3:ca:01:14:bf:06:3c:76:62:94:bf:39:90:17:10:
8d:13:8a:a7:d0:d0:ef:37:e7:47:99:74:de:7f:e4:
22:e2:0c:ec:ac:6b:d3:52:9c:fa:28:b7:02:3e:cb:
4b:bc:e9:6e:59:0b:09:8a:01:3a:75:78:8c:00:33:
53:17:c7:00:32:29:66:1f:c8:88:23:36:b7:e8:3e:
86:b7:2c:2f:9c:8f:58:89:98:72:06:fb:42:a3:aa:
7b:05:9a:00:3c:81:0f:89:0a:02:1e:f2:24:70:c1:
1a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:44:B5:27:E1:DF:4B:9A:00:53:1E:A5:49:D6:26:67:25:B5:7D:1E
X509v3 Authority Key Identifier:
keyid:97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/lES1J-HfS5oAUx6lSdYmZyW1fR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/l8yglS24qp_l5XA8bxiaBqV_S7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.173.212.0/24
185.2.42.0/24
IPv6:
2a06:5d80::/32
Signature Algorithm: sha256WithRSAEncryption
6b:7b:81:86:79:76:57:6f:18:bb:8b:bd:01:20:0d:29:64:a8:
17:15:9d:2f:d9:09:49:07:39:ce:d2:e6:5e:f5:2a:62:2b:7d:
21:e6:d5:39:27:6e:23:af:29:73:ee:58:c0:cf:11:92:26:a5:
63:f1:99:fd:f0:1d:8f:06:3d:72:de:95:6e:be:50:b7:e6:c2:
24:e5:2a:c1:ca:66:e8:cf:b3:75:99:be:91:fa:d6:13:27:53:
25:f4:75:e8:63:e8:3f:7f:4d:ac:2c:63:5d:bd:a3:7e:09:fe:
74:a4:50:29:82:83:7d:e9:7f:7e:78:83:7d:14:01:b6:e4:f7:
20:9b:c7:b2:27:8b:0a:2c:42:d2:05:6b:01:24:72:f4:e9:e4:
8e:09:5c:c3:f8:bd:5b:4b:7d:04:c9:e8:19:c4:b8:e1:86:a6:
0b:61:58:a0:d6:eb:ee:ae:da:29:02:07:7b:94:78:a2:8f:7f:
07:82:34:12:ba:93:c0:d4:d6:3f:74:47:38:31:87:a3:4e:21:
6a:ed:75:89:3a:04:14:1d:08:75:af:e0:b4:67:9e:98:68:20:
e7:27:61:3c:e9:a5:29:8a:af:60:50:55:1c:5f:81:64:74:94:
a1:da:7e:9e:c6:08:91:95:a2:f4:be:e0:11:68:ba:d6:7f:f6:
c3:d9:bb:c4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZABwykvBWV1ybulqwrkHTMLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3Y2NhMDk1MmRiOGFhOWZlNWU1NzAzYzZmMTg5YTA2YTU3
ZjRiYjEwHhcNMjQwNjEwMTA0ODA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDQ0YjUyN2UxZGY0YjlhMDA1MzFlYTU0OWQ2MjY2NzI1YjU3ZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLVNHGBSq7lMJQeYUDadxjdDP2gg
NhSMQST0Bf+bF9XZHts/uAkzvPIQM6xX75QrLDOkQXOcJExKeW1lnh/Nvp+tYXYv
+hPSjenQfBbKeAtmnJOsRDm6nvYv5Ud2YtsfX4rHYF57oIoSgWu2Tn7CJ/6ebWcN
5ApI/8LJBlEv/uTeIYZti5WEZ0ztIBGUDUoI+DZIO1XTygEUvwY8dmKUvzmQFxCN
E4qn0NDvN+dHmXTef+Qi4gzsrGvTUpz6KLcCPstLvOluWQsJigE6dXiMADNTF8cA
MilmH8iIIza36D6GtywvnI9YiZhyBvtCo6p7BZoAPIEPiQoCHvIkcMEaPQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJREtSfh30uaAFMepUnWJmcltX0eMB8GA1UdIwQY
MBaAFJfMoJUtuKqf5eVwPG8Ymgalf0uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYt
NWQ2ZGQwYmE1MmNmLzEvbEVTMUotSGZTNW9BVXg2bFNkWW1aeVcxZlI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYtNWQ2ZGQwYmE1MmNm
LzEvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAX63UAwQA
uQIqMA0EAgACMAcDBQAqBl2AMA0GCSqGSIb3DQEBCwUAA4IBAQBre4GGeXZXbxi7
i70BIA0pZKgXFZ0v2QlJBznO0uZe9SpiK30h5tU5J24jrylz7ljAzxGSJqVj8Zn9
8B2PBj1y3pVuvlC35sIk5SrBymboz7N1mb6R+tYTJ1Ml9HXoY+g/f02sLGNdvaN+
Cf50pFApgoN96X9+eIN9FAG25Pcgm8eyJ4sKLELSBWsBJHL06eSOCVzD+L1bS30E
yegZxLjhhqYLYVig1uvurtopAgd7lHiij38HgjQSupPA1NY/dEc4MYejTiFq7XWJ
OgQUHQh1r+C0Z56YaCDnJ2E86aUpiq9gUFUcX4FkdJSh2n6exgiRlaL0vuARaLrW
f/bD2bvE
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:59:34 2024 by rpki-client on console-ams.rpki-client.org