Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/38e975-1f4f-4114-bfa1-a79da1a85513/1/hHEY1yC0-CqullRCGU7UriFNFeM.roa
File: hHEY1yC0-CqullRCGU7UriFNFeM.roa (raw, json)
Hash identifier: DxnmqZvit8mJlViFQd3Bd+OfqfTPkIhO5F/GaISEz4c=
Subject key identifier: 84:71:18:D7:20:B4:F8:2A:AE:96:54:42:19:4E:D4:AE:21:4D:15:E3
Certificate issuer: /CN=4c897f1a3497ebbe27b9e2f0d6f3eae2bbe68b27
Certificate serial: 018E7F84FA68DF0F6A6EE87F3F451615B966
Authority key identifier: 4C:89:7F:1A:34:97:EB:BE:27:B9:E2:F0:D6:F3:EA:E2:BB:E6:8B:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIl_GjSX674nueLw1vPq4rvmiyc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/38e975-1f4f-4114-bfa1-a79da1a85513/1/hHEY1yC0-CqullRCGU7UriFNFeM.roa
Signing time: Wed 27 Mar 2024 10:46:45 +0000
ROA not before: Wed 27 Mar 2024 10:46:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210579
IP address blocks: 95.141.255.0/24 maxlen: 24
2a13:46c0::/32 maxlen: 48
2a13:46c1::/32 maxlen: 40
2a13:46c1:100::/48 maxlen: 48
2a13:46c1:200::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/38e975-1f4f-4114-bfa1-a79da1a85513/1/TIl_GjSX674nueLw1vPq4rvmiyc.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/38e975-1f4f-4114-bfa1-a79da1a85513/1/TIl_GjSX674nueLw1vPq4rvmiyc.mft
rsync://rpki.ripe.net/repository/DEFAULT/TIl_GjSX674nueLw1vPq4rvmiyc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:84:fa:68:df:0f:6a:6e:e8:7f:3f:45:16:15:b9:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c897f1a3497ebbe27b9e2f0d6f3eae2bbe68b27
Validity
Not Before: Mar 27 10:46:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=847118d720b4f82aae965442194ed4ae214d15e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b1:b8:c5:34:9d:ce:6a:0d:fc:88:0a:09:e7:
df:f8:15:24:1d:6c:46:fa:89:63:8c:cb:b3:6c:dd:
e6:03:b8:5e:f2:5d:6d:ed:48:0e:7f:a7:5f:e2:78:
c2:f2:0e:04:70:00:32:4b:a1:57:df:30:dd:89:2d:
64:40:22:66:fe:9d:6d:e6:c8:c9:dc:d6:0b:3d:64:
fe:e9:23:04:2b:09:5d:e1:77:ec:f6:e2:0d:02:da:
b3:eb:76:b7:ff:d5:1d:77:5f:6f:36:99:ef:fa:39:
b1:5e:8f:03:dd:1a:8c:0a:09:92:77:cc:0c:12:6d:
a2:c8:11:d7:f0:b0:aa:d2:a3:08:90:e1:96:e2:81:
58:81:40:59:45:ec:20:8b:cd:25:06:74:63:d4:8b:
24:24:e5:85:2d:64:8c:19:b9:59:5a:e9:df:7a:ab:
50:83:80:4a:d5:05:5d:d3:99:3c:fc:0e:38:84:04:
0b:9b:5e:e0:f8:97:3b:a2:54:6e:8b:39:37:ba:b2:
0d:40:cf:aa:9e:6a:8a:62:fe:07:da:ca:bb:57:50:
c8:df:f8:dc:e5:47:c6:c2:9c:0a:9f:44:83:85:0c:
80:dc:ff:79:38:cd:3c:0a:d0:29:37:e3:ba:e5:3c:
0e:f6:90:d4:5e:92:dd:bd:52:c0:6f:c9:87:6d:f3:
d9:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:71:18:D7:20:B4:F8:2A:AE:96:54:42:19:4E:D4:AE:21:4D:15:E3
X509v3 Authority Key Identifier:
keyid:4C:89:7F:1A:34:97:EB:BE:27:B9:E2:F0:D6:F3:EA:E2:BB:E6:8B:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIl_GjSX674nueLw1vPq4rvmiyc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/38e975-1f4f-4114-bfa1-a79da1a85513/1/hHEY1yC0-CqullRCGU7UriFNFeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/38e975-1f4f-4114-bfa1-a79da1a85513/1/TIl_GjSX674nueLw1vPq4rvmiyc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.141.255.0/24
IPv6:
2a13:46c0::/31
Signature Algorithm: sha256WithRSAEncryption
53:ab:84:5f:90:79:18:5f:b1:b9:0f:45:1c:8f:67:dc:eb:e1:
95:98:d2:a2:ab:b0:f7:ac:75:ea:0b:1f:33:b4:63:54:12:a4:
5a:d9:0f:91:02:43:f4:01:ea:1c:aa:41:a7:29:f8:c8:27:bd:
47:0d:48:41:77:f4:79:c1:67:9b:88:49:d3:bd:a3:e0:26:19:
0a:f8:85:c7:4a:13:8c:9e:08:b6:65:25:1c:bc:fb:f7:13:58:
09:38:fb:da:7e:34:b9:98:40:21:70:54:f5:c8:72:58:02:90:
7f:a5:ae:14:b7:b9:e5:51:ca:25:25:16:32:6d:61:ac:f4:e7:
3d:78:99:24:cd:a6:e0:8f:cd:88:c9:3c:82:25:a4:01:d1:4b:
be:bb:76:8d:66:bd:93:81:de:62:c3:10:03:05:da:fe:7f:6b:
0f:ab:9a:eb:2a:9c:1a:eb:57:98:bc:83:ac:b0:cc:f2:9b:8b:
f9:ba:c4:72:8d:ce:7c:b2:90:ab:3f:76:21:77:3b:b6:36:38:
ac:41:f6:95:cf:c0:da:ca:31:ef:66:5b:bb:06:d1:aa:2a:aa:
fd:0a:f9:bd:93:d8:6c:ca:3f:10:c3:9e:47:c4:d6:08:83:d3:
a8:dc:65:23:46:f9:56:58:17:68:8e:72:32:5e:83:52:40:fe:
35:32:2c:d5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY5/hPpo3w9qbuh/P0UWFblmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjODk3ZjFhMzQ5N2ViYmUyN2I5ZTJmMGQ2ZjNlYWUyYmJl
NjhiMjcwHhcNMjQwMzI3MTA0NjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDcxMThkNzIwYjRmODJhYWU5NjU0NDIxOTRlZDRhZTIxNGQxNWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrG4xTSdzmoN/IgKCeff+BUkHWxG
+oljjMuzbN3mA7he8l1t7UgOf6df4njC8g4EcAAyS6FX3zDdiS1kQCJm/p1t5sjJ
3NYLPWT+6SMEKwld4Xfs9uINAtqz63a3/9Udd19vNpnv+jmxXo8D3RqMCgmSd8wM
Em2iyBHX8LCq0qMIkOGW4oFYgUBZRewgi80lBnRj1IskJOWFLWSMGblZWunfeqtQ
g4BK1QVd05k8/A44hAQLm17g+Jc7olRuizk3urINQM+qnmqKYv4H2sq7V1DI3/jc
5UfGwpwKn0SDhQyA3P95OM08CtApN+O65TwO9pDUXpLdvVLAb8mHbfPZQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIRxGNcgtPgqrpZUQhlO1K4hTRXjMB8GA1UdIwQY
MBaAFEyJfxo0l+u+J7ni8Nbz6uK75osnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVElsX0dqU1g2NzRudWVMdzF2UHE0cnZtaXljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zOGU5NzUtMWY0Zi00MTE0LWJmYTEt
YTc5ZGExYTg1NTEzLzEvaEhFWTF5QzAtQ3F1bGxSQ0dVN1VyaUZORmVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zOGU5NzUtMWY0Zi00MTE0LWJmYTEtYTc5ZGExYTg1NTEz
LzEvVElsX0dqU1g2NzRudWVMdzF2UHE0cnZtaXljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAX43/MA0E
AgACMAcDBQEqE0bAMA0GCSqGSIb3DQEBCwUAA4IBAQBTq4RfkHkYX7G5D0Ucj2fc
6+GVmNKiq7D3rHXqCx8ztGNUEqRa2Q+RAkP0AeocqkGnKfjIJ71HDUhBd/R5wWeb
iEnTvaPgJhkK+IXHShOMngi2ZSUcvPv3E1gJOPvafjS5mEAhcFT1yHJYApB/pa4U
t7nlUcolJRYybWGs9Oc9eJkkzabgj82IyTyCJaQB0Uu+u3aNZr2Tgd5iwxADBdr+
f2sPq5rrKpwa61eYvIOssMzym4v5usRyjc58spCrP3Yhdzu2NjisQfaVz8DayjHv
Zlu7BtGqKqr9Cvm9k9hsyj8Qw55HxNYIg9Oo3GUjRvlWWBdojnIyXoNSQP41MizV
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:36:30 2024 by rpki-client on console-ams.rpki-client.org