Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/mE7cVbe1D2Mrbsoh1t9_DHCkqfc.roa
File: mE7cVbe1D2Mrbsoh1t9_DHCkqfc.roa (raw, json)
Hash identifier: semP/QnOueE3cw2F8TfM8G6xbCgS/OvzrcGw+R/ZF5U=
Subject key identifier: 98:4E:DC:55:B7:B5:0F:63:2B:6E:CA:21:D6:DF:7F:0C:70:A4:A9:F7
Certificate issuer: /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial: 0191F3FBC41CAF1AECF2279999B2F0C801A3
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/mE7cVbe1D2Mrbsoh1t9_DHCkqfc.roa
Signing time: Sun 15 Sep 2024 04:40:48 +0000
ROA not before: Sun 15 Sep 2024 04:40:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197477
IP address blocks: 95.214.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.mft
rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f3:fb:c4:1c:af:1a:ec:f2:27:99:99:b2:f0:c8:01:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Validity
Not Before: Sep 15 04:40:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=984edc55b7b50f632b6eca21d6df7f0c70a4a9f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:5e:02:b0:67:4d:e6:58:11:7b:81:72:3b:03:
32:13:09:a3:0d:ea:a8:30:ab:d3:ca:b7:f1:48:02:
a4:fc:a5:1a:c2:dd:30:99:a2:cd:f3:f7:3b:c8:fb:
3d:b9:e0:cb:23:b2:ff:4b:02:22:f1:0a:ee:8c:e6:
f4:e4:6a:e0:d3:65:08:c2:4f:af:e8:97:bc:31:f3:
f3:10:fb:e5:2c:ef:e7:1f:bc:4b:f8:b8:06:dc:8c:
2a:af:7d:c0:e5:11:5a:71:24:22:16:2b:5c:9c:2e:
79:ca:95:e7:28:4f:c4:0e:6f:7f:9b:a7:9c:96:99:
06:37:66:cf:d8:7b:db:06:96:80:42:ca:58:52:af:
1b:18:41:4e:d1:bc:47:4b:6b:8c:31:e7:49:df:fa:
26:e0:a6:f9:cc:7e:8b:04:ac:99:c1:85:1f:77:21:
a7:4f:36:84:6e:8d:e1:9c:31:2d:b8:10:fe:7f:5a:
57:87:c5:b6:be:39:99:ae:18:3f:05:7d:01:d7:9b:
1b:14:26:09:a1:45:34:82:a3:ed:c5:34:49:3e:4c:
e3:40:8f:28:b3:b3:fc:48:6b:e1:a6:03:e0:8e:11:
59:a0:ce:ea:87:8e:ea:87:d1:69:39:df:af:05:4d:
ff:80:64:2f:8f:ab:21:c9:bb:f8:36:21:71:46:ee:
e8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:4E:DC:55:B7:B5:0F:63:2B:6E:CA:21:D6:DF:7F:0C:70:A4:A9:F7
X509v3 Authority Key Identifier:
keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/mE7cVbe1D2Mrbsoh1t9_DHCkqfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.172.0/24
Signature Algorithm: sha256WithRSAEncryption
26:e7:8f:23:cf:91:a5:57:cd:6f:48:63:9c:0b:e7:52:e3:8b:
a5:48:de:cb:40:8c:f6:25:08:a4:42:88:ee:58:63:b3:74:27:
5b:51:ce:d8:1f:81:fd:17:47:e5:e0:e6:df:3e:db:51:bd:3e:
98:83:d8:3a:a4:af:bf:6c:d9:4d:e7:43:8e:1d:83:18:3d:fb:
1b:0d:44:df:a1:c7:33:22:c6:a2:b3:be:b6:68:80:4b:28:4d:
5f:7f:23:75:d7:b1:f1:be:0b:07:5d:07:3b:e8:d6:5c:99:b6:
0a:69:d6:4e:b2:11:49:bd:4f:b8:86:2c:fc:ff:b3:13:65:4f:
73:7b:52:1c:48:8f:e6:bf:cd:cc:96:ff:6b:6f:9d:2b:a6:1a:
04:29:2f:9a:bb:0e:36:2d:c8:f8:d9:d1:d6:fc:94:99:e2:6a:
41:ba:40:b6:40:67:5d:88:ac:77:98:45:03:e4:3e:72:d8:15:
53:63:09:5f:d9:98:ca:32:ff:cd:f0:42:21:f7:2c:f3:25:8a:
59:bb:54:11:5b:3a:46:98:77:00:bd:77:d3:51:b7:be:fc:f4:
3a:42:53:da:e5:c7:90:d5:90:f1:fb:6c:06:e5:56:b7:bd:1e:
bb:b4:79:6a:66:48:17:d1:e9:e0:09:61:65:66:3d:e1:9e:a9:
be:c7:8f:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHz+8Qcrxrs8ieZmbLwyAGjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjQwOTE1MDQ0MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODRlZGM1NWI3YjUwZjYzMmI2ZWNhMjFkNmRmN2YwYzcwYTRhOWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5V4CsGdN5lgRe4FyOwMyEwmjDeqo
MKvTyrfxSAKk/KUawt0wmaLN8/c7yPs9ueDLI7L/SwIi8QrujOb05Grg02UIwk+v
6Je8MfPzEPvlLO/nH7xL+LgG3Iwqr33A5RFacSQiFitcnC55ypXnKE/EDm9/m6ec
lpkGN2bP2HvbBpaAQspYUq8bGEFO0bxHS2uMMedJ3/om4Kb5zH6LBKyZwYUfdyGn
TzaEbo3hnDEtuBD+f1pXh8W2vjmZrhg/BX0B15sbFCYJoUU0gqPtxTRJPkzjQI8o
s7P8SGvhpgPgjhFZoM7qh47qh9FpOd+vBU3/gGQvj6shybv4NiFxRu7oywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJhO3FW3tQ9jK27KIdbffwxwpKn3MB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvbUU3Y1ZiZTFEMk1yYnNvaDF0OV9ESENrcWZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX9asMA0G
CSqGSIb3DQEBCwUAA4IBAQAm548jz5GlV81vSGOcC+dS44ulSN7LQIz2JQikQoju
WGOzdCdbUc7YH4H9F0fl4ObfPttRvT6Yg9g6pK+/bNlN50OOHYMYPfsbDUTfoccz
Isais762aIBLKE1ffyN117HxvgsHXQc76NZcmbYKadZOshFJvU+4hiz8/7MTZU9z
e1IcSI/mv83Mlv9rb50rphoEKS+auw42Lcj42dHW/JSZ4mpBukC2QGddiKx3mEUD
5D5y2BVTYwlf2ZjKMv/N8EIh9yzzJYpZu1QRWzpGmHcAvXfTUbe+/PQ6QlPa5ceQ
1ZDx+2wG5Va3vR67tHlqZkgX0engCWFlZj3hnqm+x4/j
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:23 2024 by rpki-client on console-ams.rpki-client.org