Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/aLIu7a6bKKtM4WIsfSlNFDO-6ak.roa
File: aLIu7a6bKKtM4WIsfSlNFDO-6ak.roa (raw, json)
Hash identifier: uP34G2gswMwuvMflEof4c6CmJWWeFjAhP6WENsiHgxI=
Subject key identifier: 68:B2:2E:ED:AE:9B:28:AB:4C:E1:62:2C:7D:29:4D:14:33:BE:E9:A9
Certificate issuer: /CN=5ccdeca171e422c79c938c2732a90d48a8c53c06
Certificate serial: 018CC3B722F226C933DC4FB6B477A521B7D4
Authority key identifier: 5C:CD:EC:A1:71:E4:22:C7:9C:93:8C:27:32:A9:0D:48:A8:C5:3C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/aLIu7a6bKKtM4WIsfSlNFDO-6ak.roa
Signing time: Mon 01 Jan 2024 06:30:08 +0000
ROA not before: Mon 01 Jan 2024 06:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 95.140.160.0/24 maxlen: 24
95.140.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:22:f2:26:c9:33:dc:4f:b6:b4:77:a5:21:b7:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ccdeca171e422c79c938c2732a90d48a8c53c06
Validity
Not Before: Jan 1 06:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68b22eedae9b28ab4ce1622c7d294d1433bee9a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:38:af:09:eb:44:f6:88:f4:f4:e4:53:f7:a7:
98:cd:7a:13:de:a5:00:24:c0:28:16:33:b0:b5:d0:
bc:17:00:34:fc:40:c8:ff:34:a1:09:14:1e:4a:bc:
87:6d:a7:31:12:0c:b9:01:3c:68:9d:7b:ea:bd:22:
2a:8a:de:88:41:9d:cf:e0:b4:4c:49:78:71:f2:33:
ab:7d:96:b5:23:ef:19:f8:1e:0d:80:e3:7b:4c:e2:
4f:1f:69:bd:fc:38:b7:c9:6a:fe:04:de:05:00:cd:
44:fa:aa:af:4d:2e:12:3f:55:58:a9:26:b1:0e:52:
ea:f8:13:51:77:61:c0:b2:4f:35:61:43:c3:1b:87:
f6:ff:07:3d:a8:9a:a3:94:c5:73:a0:21:16:80:dc:
cc:14:20:be:0d:aa:49:59:f0:bc:7f:c8:bc:5c:da:
87:86:96:8c:a2:fb:b1:57:77:f2:04:ad:b3:89:62:
fe:97:2f:3a:19:c6:72:15:d0:0f:c8:00:23:ea:4d:
60:41:03:94:0e:67:0f:12:56:9c:c6:db:40:11:23:
9c:2a:a6:1d:3b:92:e5:8d:8f:9d:fc:1d:8b:49:c0:
2f:65:f2:3e:b0:35:50:43:13:4b:2f:69:46:e2:04:
b5:77:d5:a0:69:70:24:a5:59:38:ab:62:f9:7c:d3:
64:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B2:2E:ED:AE:9B:28:AB:4C:E1:62:2C:7D:29:4D:14:33:BE:E9:A9
X509v3 Authority Key Identifier:
keyid:5C:CD:EC:A1:71:E4:22:C7:9C:93:8C:27:32:A9:0D:48:A8:C5:3C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/aLIu7a6bKKtM4WIsfSlNFDO-6ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.140.160.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:b6:6c:cd:56:73:14:54:87:ec:13:0e:87:e0:5a:f3:a2:ac:
5c:01:28:f1:1b:13:10:5c:5d:6a:97:e2:7f:c3:bc:d8:1f:6f:
ea:ba:7c:dc:40:95:71:8f:9d:fc:ef:ed:24:32:bd:ad:74:b5:
33:da:3d:03:e6:32:1e:e2:ff:63:3d:da:70:91:73:f5:4d:4f:
fd:69:20:f1:a8:4a:fc:ee:02:13:63:cc:b8:ef:1b:5c:ad:fd:
32:72:8e:e8:4e:2b:08:ea:eb:23:a0:4f:aa:fc:dc:ab:83:fd:
47:a6:5c:ac:ec:48:f5:25:91:75:ab:5a:a9:b6:fb:f6:89:9f:
e3:c5:4d:37:fe:5c:fd:dd:00:e4:da:8e:b6:cf:36:04:49:84:
4d:35:ce:90:ab:0a:4f:06:47:1f:18:51:50:a2:20:93:d5:60:
ad:4a:34:e7:19:7a:56:1a:bc:e3:c4:47:40:0a:08:64:8f:fa:
58:8a:d3:7e:1f:71:04:1e:38:51:3b:0f:d4:26:fb:af:2d:1c:
91:32:fa:4f:44:fa:ce:9f:e3:29:32:c3:6e:c5:c3:ad:88:a7:
96:5a:2a:92:2c:62:0d:3b:74:5d:c2:ed:4c:64:5d:25:56:3e:
4a:d0:42:a2:f0:ed:48:e8:ae:a8:d9:ad:95:92:f0:54:78:e8:
f8:56:ae:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtyLyJskz3E+2tHelIbfUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2RlY2ExNzFlNDIyYzc5YzkzOGMyNzMyYTkwZDQ4YThj
NTNjMDYwHhcNMjQwMTAxMDYzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGIyMmVlZGFlOWIyOGFiNGNlMTYyMmM3ZDI5NGQxNDMzYmVlOWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjivCetE9oj09ORT96eYzXoT3qUA
JMAoFjOwtdC8FwA0/EDI/zShCRQeSryHbacxEgy5ATxonXvqvSIqit6IQZ3P4LRM
SXhx8jOrfZa1I+8Z+B4NgON7TOJPH2m9/Di3yWr+BN4FAM1E+qqvTS4SP1VYqSax
DlLq+BNRd2HAsk81YUPDG4f2/wc9qJqjlMVzoCEWgNzMFCC+DapJWfC8f8i8XNqH
hpaMovuxV3fyBK2ziWL+ly86GcZyFdAPyAAj6k1gQQOUDmcPElacxttAESOcKqYd
O5LljY+d/B2LScAvZfI+sDVQQxNLL2lG4gS1d9WgaXAkpVk4q2L5fNNkuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGiyLu2umyirTOFiLH0pTRQzvumpMB8GA1UdIwQY
MBaAFFzN7KFx5CLHnJOMJzKpDUioxTwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9iOGY1ZTYtYzk1MS00ZGRiLWI0ZjUt
YTg4MWVjODIyOGI1LzEvYUxJdTdhNmJLS3RNNFdJc2ZTbE5GRE8tNmFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9iOGY1ZTYtYzk1MS00ZGRiLWI0ZjUtYTg4MWVjODIyOGI1
LzEvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBX4ygMA0G
CSqGSIb3DQEBCwUAA4IBAQAKtmzNVnMUVIfsEw6H4FrzoqxcASjxGxMQXF1ql+J/
w7zYH2/qunzcQJVxj5387+0kMr2tdLUz2j0D5jIe4v9jPdpwkXP1TU/9aSDxqEr8
7gITY8y47xtcrf0yco7oTisI6usjoE+q/Nyrg/1Hplys7Ej1JZF1q1qptvv2iZ/j
xU03/lz93QDk2o62zzYESYRNNc6QqwpPBkcfGFFQoiCT1WCtSjTnGXpWGrzjxEdA
Cghkj/pYitN+H3EEHjhROw/UJvuvLRyRMvpPRPrOn+MpMsNuxcOtiKeWWiqSLGIN
O3Rdwu1MZF0lVj5K0EKi8O1I6K6o2a2VkvBUeOj4Vq7H
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:29:47 2024 by rpki-client on console-fra.rpki-client.org