Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/ccfa17-30f5-451a-8e29-6cca66fd3c99/1/AYPoypTkH57UiHH4hVS80pzMy0o.roa
File: AYPoypTkH57UiHH4hVS80pzMy0o.roa (raw, json)
Hash identifier: VvPmbrHkmciiesdi9jFE8wM5Lkm7gyQpsFXWZlDJ1Bo=
Subject key identifier: 01:83:E8:CA:94:E4:1F:9E:D4:88:71:F8:85:54:BC:D2:9C:CC:CB:4A
Certificate issuer: /CN=ffde817beae4c0a2d57f7fc3f08c627d56540e7e
Certificate serial: 018D32DA1CFF471BAE2348AC3599A21710A3
Authority key identifier: FF:DE:81:7B:EA:E4:C0:A2:D5:7F:7F:C3:F0:8C:62:7D:56:54:0E:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_96Be-rkwKLVf3_D8IxifVZUDn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/ccfa17-30f5-451a-8e29-6cca66fd3c99/1/AYPoypTkH57UiHH4hVS80pzMy0o.roa
Signing time: Mon 22 Jan 2024 20:26:11 +0000
ROA not before: Mon 22 Jan 2024 20:26:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201856
IP address blocks: 95.141.254.0/24 maxlen: 24
2a13:4d80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/ccfa17-30f5-451a-8e29-6cca66fd3c99/1/_96Be-rkwKLVf3_D8IxifVZUDn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/ccfa17-30f5-451a-8e29-6cca66fd3c99/1/_96Be-rkwKLVf3_D8IxifVZUDn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/_96Be-rkwKLVf3_D8IxifVZUDn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:32:da:1c:ff:47:1b:ae:23:48:ac:35:99:a2:17:10:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffde817beae4c0a2d57f7fc3f08c627d56540e7e
Validity
Not Before: Jan 22 20:26:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0183e8ca94e41f9ed48871f88554bcd29ccccb4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fb:09:8c:bb:6d:fb:55:e1:04:b7:87:c0:43:
35:1c:5b:e9:26:d2:b9:1d:94:6b:86:34:4f:6e:d6:
ae:38:ec:43:57:ba:87:ca:f3:29:02:bf:32:95:05:
cc:0c:73:aa:80:6b:5e:b9:a4:16:5e:87:09:11:e1:
e9:ee:de:89:99:82:e4:2d:29:e2:54:ea:c0:a3:96:
49:99:a0:e8:26:98:f2:e9:9a:58:f2:65:ee:30:fc:
7b:67:bc:3c:08:55:25:a2:7c:80:0f:2b:1a:9c:4f:
99:7f:4a:5e:c9:99:ec:a1:a1:26:d9:f3:41:ee:12:
73:91:eb:83:a8:43:ae:2c:cb:ab:a9:b7:7e:de:0f:
e5:ba:63:a4:d9:78:de:3b:e3:40:a0:6a:56:f4:78:
5e:2d:6d:e4:a4:43:19:84:f8:e9:6c:55:98:df:30:
11:bc:f2:78:fc:e8:f6:b4:0f:4d:13:2d:67:75:f7:
aa:c9:5b:d4:db:cd:75:54:0a:87:6a:50:23:31:3d:
9d:17:e0:ab:d5:cb:ab:a7:74:a0:af:80:f9:05:89:
27:e4:74:8b:4c:ee:35:27:41:60:48:9d:49:82:37:
95:ab:61:05:3d:96:a1:56:a3:80:c0:79:d5:ad:a9:
34:72:fd:69:98:da:3d:0e:c3:3e:90:5e:f1:54:d4:
6e:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:83:E8:CA:94:E4:1F:9E:D4:88:71:F8:85:54:BC:D2:9C:CC:CB:4A
X509v3 Authority Key Identifier:
keyid:FF:DE:81:7B:EA:E4:C0:A2:D5:7F:7F:C3:F0:8C:62:7D:56:54:0E:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_96Be-rkwKLVf3_D8IxifVZUDn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/ccfa17-30f5-451a-8e29-6cca66fd3c99/1/AYPoypTkH57UiHH4hVS80pzMy0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/ccfa17-30f5-451a-8e29-6cca66fd3c99/1/_96Be-rkwKLVf3_D8IxifVZUDn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.141.254.0/24
IPv6:
2a13:4d80::/32
Signature Algorithm: sha256WithRSAEncryption
a3:0a:c6:e7:52:d9:26:43:a3:9e:96:f5:e9:86:f2:c8:3d:25:
74:1d:72:60:53:b9:da:4f:97:92:2b:0a:c5:aa:b6:35:06:6f:
34:50:7a:23:5c:70:0e:92:71:cd:12:07:99:9e:ac:9e:b1:d4:
3d:20:96:de:6d:d4:de:17:11:ef:07:6e:9d:79:87:61:de:33:
d3:ab:00:cf:af:e9:94:f9:65:46:ab:6a:34:14:a7:24:0f:3c:
8d:26:3c:8b:31:de:74:19:90:1f:d7:06:65:1e:9d:9d:c4:99:
8c:76:11:96:1f:db:db:7d:3b:7a:ac:40:bc:ae:01:8a:79:e2:
f7:4a:d4:12:65:12:0d:58:2b:b9:89:c3:90:96:16:ad:46:34:
44:92:ff:e8:b3:a4:62:be:08:d0:8f:51:da:ca:92:be:e7:f4:
85:6b:4e:92:6a:f1:fa:e6:14:75:34:74:6d:bd:18:23:9e:1b:
57:55:be:aa:31:50:74:d5:b5:eb:9f:8a:01:5c:6b:87:6f:18:
1d:05:e6:f6:d4:12:a7:60:b8:53:eb:e9:b7:d2:ca:00:08:95:
11:ed:1b:37:00:47:f1:1a:77:49:f3:cd:d6:bf:af:7a:a4:63:
b6:35:41:4e:63:30:ef:71:de:19:4b:8c:38:bd:03:33:cf:ae:
82:40:b3:1d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY0y2hz/RxuuI0isNZmiFxCjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZGU4MTdiZWFlNGMwYTJkNTdmN2ZjM2YwOGM2MjdkNTY1
NDBlN2UwHhcNMjQwMTIyMjAyNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTgzZThjYTk0ZTQxZjllZDQ4ODcxZjg4NTU0YmNkMjljY2NjYjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvsJjLtt+1XhBLeHwEM1HFvpJtK5
HZRrhjRPbtauOOxDV7qHyvMpAr8ylQXMDHOqgGteuaQWXocJEeHp7t6JmYLkLSni
VOrAo5ZJmaDoJpjy6ZpY8mXuMPx7Z7w8CFUlonyADysanE+Zf0peyZnsoaEm2fNB
7hJzkeuDqEOuLMurqbd+3g/lumOk2XjeO+NAoGpW9HheLW3kpEMZhPjpbFWY3zAR
vPJ4/Oj2tA9NEy1ndfeqyVvU2811VAqHalAjMT2dF+Cr1curp3Sgr4D5BYkn5HSL
TO41J0FgSJ1JgjeVq2EFPZahVqOAwHnVrak0cv1pmNo9DsM+kF7xVNRu8QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAGD6MqU5B+e1Ihx+IVUvNKczMtKMB8GA1UdIwQY
MBaAFP/egXvq5MCi1X9/w/CMYn1WVA5+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzk2QmUtcmt3S0xWZjNfRDhJeGlmVlpVRG40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jY2ZhMTctMzBmNS00NTFhLThlMjkt
NmNjYTY2ZmQzYzk5LzEvQVlQb3lwVGtINTdVaUhINGhWUzgwcHpNeTBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jY2ZhMTctMzBmNS00NTFhLThlMjktNmNjYTY2ZmQzYzk5
LzEvXzk2QmUtcmt3S0xWZjNfRDhJeGlmVlpVRG40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAX43+MA0E
AgACMAcDBQAqE02AMA0GCSqGSIb3DQEBCwUAA4IBAQCjCsbnUtkmQ6OelvXphvLI
PSV0HXJgU7naT5eSKwrFqrY1Bm80UHojXHAOknHNEgeZnqyesdQ9IJbebdTeFxHv
B26deYdh3jPTqwDPr+mU+WVGq2o0FKckDzyNJjyLMd50GZAf1wZlHp2dxJmMdhGW
H9vbfTt6rEC8rgGKeeL3StQSZRINWCu5icOQlhatRjREkv/os6RivgjQj1HaypK+
5/SFa06SavH65hR1NHRtvRgjnhtXVb6qMVB01bXrn4oBXGuHbxgdBeb21BKnYLhT
6+m30soACJUR7Rs3AEfxGndJ883Wv696pGO2NUFOYzDvcd4ZS4w4vQMzz66CQLMd
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:38:56 2024 by rpki-client on console-fra.rpki-client.org