Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/_lA0ik_bP7NR3WFZe_S_KSdCErA.roa
File: _lA0ik_bP7NR3WFZe_S_KSdCErA.roa (raw, json)
Hash identifier: xkI2ehznICMKdp8JMvy7KckoFkbKuNyXJNukyBWy718=
Subject key identifier: FE:50:34:8A:4F:DB:3F:B3:51:DD:61:59:7B:F4:BF:29:27:42:12:B0
Certificate issuer: /CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Certificate serial: 018CC500283584FFBAD38B84C3DA593AB9D2
Authority key identifier: DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/_lA0ik_bP7NR3WFZe_S_KSdCErA.roa
Signing time: Mon 01 Jan 2024 12:29:31 +0000
ROA not before: Mon 01 Jan 2024 12:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 95.142.117.0/24 maxlen: 24
95.142.114.0/24 maxlen: 24
185.54.231.0/24 maxlen: 24
185.54.229.0/24 maxlen: 24
95.142.120.0/24 maxlen: 24
95.142.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.mft
rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:28:35:84:ff:ba:d3:8b:84:c3:da:59:3a:b9:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Validity
Not Before: Jan 1 12:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe50348a4fdb3fb351dd61597bf4bf29274212b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:32:c4:a6:2f:b1:47:e2:de:f8:62:a4:b4:f4:
0c:d1:47:66:b3:81:c6:6d:00:a7:8a:54:2e:7e:24:
74:c7:0b:b8:70:5e:36:4b:aa:a1:6a:9c:7a:06:84:
24:f8:66:29:23:de:26:dd:5a:76:f6:c8:2b:25:64:
03:c4:1d:3d:a2:e5:32:d5:9b:bd:8b:4d:30:12:21:
ee:72:e0:32:8b:1a:bf:19:51:5e:dd:5e:19:82:f8:
65:3f:0b:82:47:11:ff:16:18:a5:c2:cd:cc:d4:58:
aa:9d:bf:fd:79:83:99:66:a8:44:ce:df:0e:92:6d:
27:2b:df:bf:58:fa:0c:91:88:6a:04:5d:d7:81:2e:
b5:4b:d8:14:18:20:e8:ac:e6:f2:1a:31:6b:34:34:
cf:b3:fc:36:ec:fb:bc:74:d0:ab:f5:03:8c:9c:0f:
72:77:6f:43:6e:26:a9:a0:aa:69:0f:27:9d:62:41:
50:e9:c8:9e:9b:72:2f:b8:33:63:94:c1:bc:09:b2:
57:e0:4f:93:d2:d4:05:2c:02:30:e9:87:26:75:a6:
61:4d:27:15:70:19:56:a6:ce:0e:27:97:ea:03:02:
fb:42:67:21:5c:82:05:91:8b:d3:d1:c7:99:ad:cc:
c3:6e:22:f4:de:6f:42:f9:6c:95:81:5b:79:e0:fe:
6f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:50:34:8A:4F:DB:3F:B3:51:DD:61:59:7B:F4:BF:29:27:42:12:B0
X509v3 Authority Key Identifier:
keyid:DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/_lA0ik_bP7NR3WFZe_S_KSdCErA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.142.114.0/24
95.142.117.0/24
95.142.120.0/24
95.142.126.0/24
185.54.229.0/24
185.54.231.0/24
Signature Algorithm: sha256WithRSAEncryption
37:a0:5f:58:42:75:ce:8a:e1:0b:1b:20:15:77:f6:b6:27:4c:
c9:40:29:97:3d:64:76:f3:c6:35:a8:48:9b:fa:24:33:0e:98:
63:c3:f5:46:a7:a6:d4:73:2e:17:b6:bb:1f:d3:31:fb:9b:fc:
db:97:0e:db:8a:ef:b9:28:ba:fd:0d:24:93:7a:8a:f5:ff:bb:
98:6f:af:ad:fa:17:23:9f:79:36:2b:30:c0:2c:29:48:ee:96:
58:36:ed:d6:28:ed:c8:32:2a:98:ff:33:61:ec:31:29:7d:af:
8f:8c:1d:f5:5e:6c:36:37:7e:2f:27:ab:fe:2c:e8:6b:ae:95:
30:ca:9d:24:54:f7:ec:a0:61:e5:51:85:bc:67:cd:f2:ec:10:
c3:84:c3:a4:21:79:bb:cc:ff:3c:e3:82:6b:fc:5d:93:10:29:
8e:bd:3a:51:23:89:ac:f8:cc:92:73:0c:f8:bb:fc:ba:e4:57:
fe:f6:eb:f9:fb:50:98:8b:d2:d2:68:a9:b8:4d:7a:8e:05:9e:
b2:ce:e0:3c:ea:c0:a2:90:17:ad:6d:76:5c:b2:a1:9c:1d:57:
54:26:3e:e4:75:d2:51:53:ff:6d:04:38:d7:bd:94:bc:36:bc:
d4:f7:2d:32:28:b1:ba:e5:7b:57:b8:11:c4:64:ba:a2:e7:c3:
46:03:f0:4c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzFACg1hP+604uEw9pZOrnSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMGQ5ZDZiNjk3Y2ExYzg2NTcwYzI1Njg2MmU2ODU4YjQ3
OTljODUwHhcNMjQwMTAxMTIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTUwMzQ4YTRmZGIzZmIzNTFkZDYxNTk3YmY0YmYyOTI3NDIxMmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTLEpi+xR+Le+GKktPQM0Udms4HG
bQCnilQufiR0xwu4cF42S6qhapx6BoQk+GYpI94m3Vp29sgrJWQDxB09ouUy1Zu9
i00wEiHucuAyixq/GVFe3V4ZgvhlPwuCRxH/Fhilws3M1Fiqnb/9eYOZZqhEzt8O
km0nK9+/WPoMkYhqBF3XgS61S9gUGCDorObyGjFrNDTPs/w27Pu8dNCr9QOMnA9y
d29DbiapoKppDyedYkFQ6ciem3IvuDNjlMG8CbJX4E+T0tQFLAIw6YcmdaZhTScV
cBlWps4OJ5fqAwL7QmchXIIFkYvT0ceZrczDbiL03m9C+WyVgVt54P5vvQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFP5QNIpP2z+zUd1hWXv0vyknQhKwMB8GA1UdIwQY
MBaAFN4NnWtpfKHIZXDCVoYuaFi0eZyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYt
MDFjYmZjMGU5NGU3LzEvX2xBMGlrX2JQN05SM1dGWmVfU19LU2RDRXJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYtMDFjYmZjMGU5NGU3
LzEvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAX45yAwQA
X451AwQAX454AwQAX45+AwQAuTblAwQAuTbnMA0GCSqGSIb3DQEBCwUAA4IBAQA3
oF9YQnXOiuELGyAVd/a2J0zJQCmXPWR288Y1qEib+iQzDphjw/VGp6bUcy4Xtrsf
0zH7m/zblw7biu+5KLr9DSSTeor1/7uYb6+t+hcjn3k2KzDALClI7pZYNu3WKO3I
MiqY/zNh7DEpfa+PjB31Xmw2N34vJ6v+LOhrrpUwyp0kVPfsoGHlUYW8Z83y7BDD
hMOkIXm7zP8844Jr/F2TECmOvTpRI4ms+MyScwz4u/y65Ff+9uv5+1CYi9LSaKm4
TXqOBZ6yzuA86sCikBetbXZcsqGcHVdUJj7kddJRU/9tBDjXvZS8NrzU9y0yKLG6
5XtXuBHEZLqi58NGA/BM
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:36 2024 by rpki-client on console-ams.rpki-client.org