Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bID6wudL7g-WIrmq5WfM5rIisXA.roa
File: bID6wudL7g-WIrmq5WfM5rIisXA.roa (raw, json)
Hash identifier: X6dyDkMVyGasX8VZe5tycl29DoixNo2DNohAT+ZSIfM=
Subject key identifier: 6C:80:FA:C2:E7:4B:EE:0F:96:22:B9:AA:E5:67:CC:E6:B2:22:B1:70
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01929C33DB1433AAFED4BA280625BA90393F
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bID6wudL7g-WIrmq5WfM5rIisXA.roa
Signing time: Thu 17 Oct 2024 20:38:16 +0000
ROA not before: Thu 17 Oct 2024 20:38:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51264
IP address blocks: 94.131.125.0/24 maxlen: 24
95.164.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9c:33:db:14:33:aa:fe:d4:ba:28:06:25:ba:90:39:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Oct 17 20:38:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c80fac2e74bee0f9622b9aae567cce6b222b170
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b5:ca:9b:b5:2c:82:84:5f:58:3c:83:a6:e0:
62:bc:70:78:fd:d4:ba:87:5d:a8:ea:69:5e:28:c6:
52:4c:40:fd:12:cf:cc:e4:cc:97:f5:5b:b3:4c:17:
ec:4e:85:0b:ef:e3:43:dc:3c:e6:35:8c:e5:56:2c:
3f:10:3b:4a:8f:89:b8:a0:3c:c9:ff:b0:72:03:c6:
2f:7e:20:be:bf:3a:44:6c:eb:a6:14:26:64:66:6f:
b0:61:58:7a:78:15:46:ec:1b:2f:f4:55:e8:be:fc:
78:8c:6d:ad:19:8c:c3:7f:1d:eb:0c:c4:cf:99:83:
4c:9f:5e:ce:d0:4b:72:ad:07:4e:5e:14:34:58:78:
41:57:47:09:91:87:29:8a:5b:d0:c6:de:b1:92:c5:
a1:29:86:92:6e:40:f6:56:9b:78:93:23:8d:49:a9:
d9:a0:fd:49:c7:17:05:9c:12:fb:b3:35:87:04:3c:
ef:22:25:cb:18:b4:a5:55:50:ad:45:3f:aa:2a:19:
03:25:49:51:02:69:35:14:42:ac:ff:5d:97:36:74:
39:41:7b:48:29:fc:be:ee:b0:41:4a:aa:84:01:c0:
2c:bd:38:34:bd:11:2a:df:85:3b:de:f0:84:1e:0b:
57:26:3a:43:74:1f:8e:d9:94:52:31:39:7a:c7:d9:
dc:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:80:FA:C2:E7:4B:EE:0F:96:22:B9:AA:E5:67:CC:E6:B2:22:B1:70
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bID6wudL7g-WIrmq5WfM5rIisXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.125.0/24
95.164.90.0/24
Signature Algorithm: sha256WithRSAEncryption
35:c0:f9:1c:1f:4b:8a:ba:0a:93:ca:21:1d:cb:60:f9:d9:a7:
45:65:61:8b:02:70:a0:88:07:30:0a:5a:b3:e4:d2:38:19:79:
c1:05:13:2f:d0:85:5a:84:be:37:f0:f8:c5:0e:97:85:da:1c:
3f:83:79:e0:2e:d0:a0:dc:9d:cb:13:ed:71:56:39:ca:a1:17:
5f:dd:1e:bc:8c:b0:52:e9:17:06:68:74:40:ba:d1:4c:93:50:
57:28:b5:64:f6:d5:8d:cc:f2:5f:14:1d:66:e4:f7:b6:6c:ff:
9f:cc:d3:f4:fc:49:70:09:b9:1a:ab:f5:dd:eb:d0:7f:e3:8d:
86:8b:a2:d2:54:1c:6e:c5:e8:74:2e:00:8a:c9:a1:7f:35:00:
97:97:4e:45:1e:7e:c5:c0:71:9d:bf:67:3b:5d:13:6e:bd:55:
04:99:dc:04:c8:9a:ed:d2:e6:29:87:e4:c2:35:0a:8b:48:be:
5f:47:97:4b:f8:05:87:a6:fe:48:ad:8a:f9:93:a7:8c:d5:27:
03:1a:c6:9b:ad:6b:33:d7:ad:32:3f:9c:d4:8c:86:25:1a:ca:
1e:d7:5c:fa:79:2c:7f:a0:ee:67:01:22:52:b5:29:28:d3:fa:
ec:6f:11:3a:b9:43:ca:f9:f3:1c:92:de:1f:dd:3f:5b:92:f5:
c3:bf:93:e6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKcM9sUM6r+1LooBiW6kDk/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQxMDE3MjAzODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzgwZmFjMmU3NGJlZTBmOTYyMmI5YWFlNTY3Y2NlNmIyMjJiMTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrXKm7UsgoRfWDyDpuBivHB4/dS6
h12o6mleKMZSTED9Es/M5MyX9VuzTBfsToUL7+ND3DzmNYzlViw/EDtKj4m4oDzJ
/7ByA8YvfiC+vzpEbOumFCZkZm+wYVh6eBVG7Bsv9FXovvx4jG2tGYzDfx3rDMTP
mYNMn17O0EtyrQdOXhQ0WHhBV0cJkYcpilvQxt6xksWhKYaSbkD2Vpt4kyONSanZ
oP1JxxcFnBL7szWHBDzvIiXLGLSlVVCtRT+qKhkDJUlRAmk1FEKs/12XNnQ5QXtI
Kfy+7rBBSqqEAcAsvTg0vREq34U73vCEHgtXJjpDdB+O2ZRSMTl6x9nccwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGyA+sLnS+4PliK5quVnzOayIrFwMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvYklENnd1ZEw3Zy1XSXJtcTVXZk01cklpc1hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXoN9AwQA
X6RaMA0GCSqGSIb3DQEBCwUAA4IBAQA1wPkcH0uKugqTyiEdy2D52adFZWGLAnCg
iAcwClqz5NI4GXnBBRMv0IVahL438PjFDpeF2hw/g3ngLtCg3J3LE+1xVjnKoRdf
3R68jLBS6RcGaHRAutFMk1BXKLVk9tWNzPJfFB1m5Pe2bP+fzNP0/ElwCbkaq/Xd
69B/442Gi6LSVBxuxeh0LgCKyaF/NQCXl05FHn7FwHGdv2c7XRNuvVUEmdwEyJrt
0uYph+TCNQqLSL5fR5dL+AWHpv5IrYr5k6eM1ScDGsabrWsz160yP5zUjIYlGsoe
11z6eSx/oO5nASJStSko0/rsbxE6uUPK+fMckt4f3T9bkvXDv5Pm
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:26:37 2024 by rpki-client on console-ams.rpki-client.org