Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/001-tZetvmGKdo-SShjNpt2aGEI.roa
File: 001-tZetvmGKdo-SShjNpt2aGEI.roa (raw, json)
Hash identifier: h4Io8H2hqpwLQER0WiwijMoVYS+KsM61BzmnzICk/jA=
Subject key identifier: D3:4D:7E:B5:97:AD:BE:61:8A:76:8F:92:4A:18:CD:A6:DD:9A:18:42
Certificate issuer: /CN=20e425a32b62d39818c4cbb0081075686fc4c8e8
Certificate serial: 018CC5DBE9A90821616FFC9EAEA558B3AE6A
Authority key identifier: 20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/001-tZetvmGKdo-SShjNpt2aGEI.roa
Signing time: Mon 01 Jan 2024 16:29:32 +0000
ROA not before: Mon 01 Jan 2024 16:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25540
IP address blocks: 95.170.12.0/22 maxlen: 22
95.170.16.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:e9:a9:08:21:61:6f:fc:9e:ae:a5:58:b3:ae:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20e425a32b62d39818c4cbb0081075686fc4c8e8
Validity
Not Before: Jan 1 16:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d34d7eb597adbe618a768f924a18cda6dd9a1842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:60:bc:b4:34:56:58:37:9b:54:35:3a:df:b3:
d3:37:b9:88:99:47:96:a7:a5:3a:1e:9b:f9:69:2f:
a7:ff:b2:b2:f2:39:63:87:c8:f4:06:b0:ae:55:c8:
3f:18:09:6a:03:68:4c:4b:4e:b2:83:12:fe:21:45:
19:1d:e7:5a:58:7a:0a:9c:83:93:c5:ef:c9:66:e1:
e3:1e:f3:e0:fb:3d:9e:2f:2e:7a:cf:60:3e:e6:e4:
75:ba:5c:5c:a3:2b:88:8e:49:49:4c:dd:a4:85:a2:
30:27:97:c4:46:bd:b8:c2:31:44:62:33:28:9e:65:
ed:63:8d:4b:48:75:d9:f1:b5:e8:12:08:16:f1:0e:
a7:9c:ac:45:90:15:44:c1:56:22:fb:5c:67:ab:f7:
10:1b:f1:cb:03:f6:a8:0a:b9:e7:d5:52:c8:65:51:
0d:17:66:43:c9:32:90:ec:8a:47:57:8c:1d:18:03:
79:59:bc:a0:2c:e9:2c:cd:7d:c7:ef:aa:54:2a:00:
74:d8:eb:12:f9:f2:91:1d:ac:9d:df:b8:1a:dc:30:
dc:c1:47:d4:e4:f1:e1:2f:64:63:75:8a:b2:19:e3:
5d:8e:d3:a8:34:d2:7c:00:5c:73:ca:9b:af:b0:ec:
1b:db:fc:34:a9:15:10:f9:11:41:57:51:ef:76:9b:
33:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:4D:7E:B5:97:AD:BE:61:8A:76:8F:92:4A:18:CD:A6:DD:9A:18:42
X509v3 Authority Key Identifier:
keyid:20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/001-tZetvmGKdo-SShjNpt2aGEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.170.12.0-95.170.31.255
Signature Algorithm: sha256WithRSAEncryption
4d:5d:0b:38:5c:32:49:88:22:51:ec:5f:7e:c6:39:eb:80:62:
74:ec:63:8c:ba:ef:51:2e:9f:a6:a9:90:ad:83:23:29:4d:54:
71:04:7a:7a:1e:7c:96:3c:63:1b:2e:99:b9:a2:7b:7f:90:5c:
ae:0e:e7:2d:4f:e4:d8:05:28:80:9f:2c:3a:30:85:0f:83:cb:
60:87:4a:11:3d:33:78:cb:95:92:7d:2f:d6:50:7e:31:34:a7:
c0:96:66:fc:98:09:b4:76:e7:70:58:8f:5e:46:92:b5:ad:65:
f6:10:a3:0a:5f:cd:d6:15:47:2b:d7:ab:dd:71:5c:5a:dd:ab:
5f:2e:f7:d7:e4:2c:3d:f9:a2:7b:1d:da:40:55:88:6a:0c:d5:
12:81:35:0b:8b:6e:b9:03:fe:2a:bf:94:fb:fa:88:17:32:0f:
da:fb:28:ec:ac:ca:98:36:20:cb:98:85:dc:05:ee:e5:cc:d1:
1c:24:08:1c:f5:b3:22:46:3f:fc:d4:2a:47:67:82:4a:fd:4b:
f3:86:7d:52:88:35:3d:1a:23:7c:42:9c:72:d9:be:ee:ac:6d:
3e:b8:73:f5:81:af:19:5f:20:6d:ae:ba:56:c0:45:66:60:1b:
e1:0a:27:26:15:fb:26:b9:ab:d4:3d:76:b9:f4:4b:33:86:df:
59:fa:95:37
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzF2+mpCCFhb/yerqVYs65qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZTQyNWEzMmI2MmQzOTgxOGM0Y2JiMDA4MTA3NTY4NmZj
NGM4ZTgwHhcNMjQwMTAxMTYyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzRkN2ViNTk3YWRiZTYxOGE3NjhmOTI0YTE4Y2RhNmRkOWExODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWC8tDRWWDebVDU637PTN7mImUeW
p6U6Hpv5aS+n/7Ky8jljh8j0BrCuVcg/GAlqA2hMS06ygxL+IUUZHedaWHoKnIOT
xe/JZuHjHvPg+z2eLy56z2A+5uR1ulxcoyuIjklJTN2khaIwJ5fERr24wjFEYjMo
nmXtY41LSHXZ8bXoEggW8Q6nnKxFkBVEwVYi+1xnq/cQG/HLA/aoCrnn1VLIZVEN
F2ZDyTKQ7IpHV4wdGAN5WbygLOkszX3H76pUKgB02OsS+fKRHayd37ga3DDcwUfU
5PHhL2RjdYqyGeNdjtOoNNJ8AFxzypuvsOwb2/w0qRUQ+RFBV1HvdpszqwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNNNfrWXrb5hinaPkkoYzabdmhhCMB8GA1UdIwQY
MBaAFCDkJaMrYtOYGMTLsAgQdWhvxMjoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGIt
ZWNkMjk2NWNiN2U3LzEvMDAxLXRaZXR2bUdLZG8tU1Noak5wdDJhR0VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGItZWNkMjk2NWNiN2U3
LzEvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJfqgwD
BAVfqgAwDQYJKoZIhvcNAQELBQADggEBAE1dCzhcMkmIIlHsX37GOeuAYnTsY4y6
71Eun6apkK2DIylNVHEEenoefJY8Yxsumbmie3+QXK4O5y1P5NgFKICfLDowhQ+D
y2CHShE9M3jLlZJ9L9ZQfjE0p8CWZvyYCbR253BYj15GkrWtZfYQowpfzdYVRyvX
q91xXFrdq18u99fkLD35onsd2kBViGoM1RKBNQuLbrkD/iq/lPv6iBcyD9r7KOys
ypg2IMuYhdwF7uXM0RwkCBz1syJGP/zUKkdngkr9S/OGfVKINT0aI3xCnHLZvu6s
bT64c/WBrxlfIG2uulbARWZgG+EKJyYV+ya5q9Q9drn0SzOG31n6lTc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:16:58 2024 by rpki-client on console-fra.rpki-client.org