Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/becf48-035a-4471-bdf3-ffd5bf5969df/1/b5yPqPXQ-DqOy854saIRS5R5PkE.roa
File: b5yPqPXQ-DqOy854saIRS5R5PkE.roa (raw, json)
Hash identifier: zHKPPnU7zt0NwZ7yJuRtdxa5WoYKMxFcK1gRRocQDvQ=
Subject key identifier: 6F:9C:8F:A8:F5:D0:F8:3A:8E:CB:CE:78:B1:A2:11:4B:94:79:3E:41
Certificate issuer: /CN=aeeaa096ebb37657e4d3ad2176641172d6e202bc
Certificate serial: 018CC94AD06410E09EB840279995D45EF8BB
Authority key identifier: AE:EA:A0:96:EB:B3:76:57:E4:D3:AD:21:76:64:11:72:D6:E2:02:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruqgluuzdlfk060hdmQRctbiArw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/becf48-035a-4471-bdf3-ffd5bf5969df/1/b5yPqPXQ-DqOy854saIRS5R5PkE.roa
Signing time: Tue 02 Jan 2024 08:29:32 +0000
ROA not before: Tue 02 Jan 2024 08:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204773
IP address blocks: 93.95.210.0/24 maxlen: 24
2a13:3000::/30 maxlen: 30
2a13:3004::/31 maxlen: 31
2a13:3006::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/becf48-035a-4471-bdf3-ffd5bf5969df/1/ruqgluuzdlfk060hdmQRctbiArw.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/becf48-035a-4471-bdf3-ffd5bf5969df/1/ruqgluuzdlfk060hdmQRctbiArw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ruqgluuzdlfk060hdmQRctbiArw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:d0:64:10:e0:9e:b8:40:27:99:95:d4:5e:f8:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aeeaa096ebb37657e4d3ad2176641172d6e202bc
Validity
Not Before: Jan 2 08:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f9c8fa8f5d0f83a8ecbce78b1a2114b94793e41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:25:04:1a:05:e8:e7:28:cb:77:97:95:42:9e:
20:44:31:c6:2e:09:15:d7:8b:72:1b:72:29:b6:46:
6a:f7:c4:30:3e:89:38:bc:1e:53:be:a7:07:2d:e3:
20:7a:26:f5:b2:d4:4c:40:96:c8:08:ab:09:d4:67:
1c:2b:ec:df:8c:29:be:be:41:93:0f:75:8b:d3:62:
12:a6:8d:66:fc:89:a6:3a:97:8e:fb:ee:08:08:d3:
16:51:9d:65:da:87:da:86:d1:f1:4a:12:2a:67:f8:
16:a9:77:85:1e:f2:e7:e5:95:59:aa:53:ee:3f:cf:
91:e4:ff:e6:05:fe:d2:fa:d3:c7:31:7f:b4:fb:e6:
cd:69:41:fb:e1:44:38:83:f3:df:83:5e:6f:9f:d9:
ba:8e:18:c0:60:d3:24:8d:c4:eb:f7:7a:a3:34:97:
fd:88:31:5c:ec:a9:3f:31:13:2d:d3:98:69:e9:20:
de:86:95:57:5c:65:4d:d9:f5:76:46:2a:c9:56:af:
3c:da:34:2a:f7:00:c3:2b:af:ef:e1:27:26:d5:a9:
81:cc:1c:2c:50:fa:81:09:4b:3d:b8:f7:4d:5c:42:
9f:12:da:a6:a5:8e:60:5f:e2:8c:23:18:3b:d1:58:
46:06:79:47:aa:bd:08:b8:3c:b8:d3:b2:99:3e:57:
5c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:9C:8F:A8:F5:D0:F8:3A:8E:CB:CE:78:B1:A2:11:4B:94:79:3E:41
X509v3 Authority Key Identifier:
keyid:AE:EA:A0:96:EB:B3:76:57:E4:D3:AD:21:76:64:11:72:D6:E2:02:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruqgluuzdlfk060hdmQRctbiArw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/becf48-035a-4471-bdf3-ffd5bf5969df/1/b5yPqPXQ-DqOy854saIRS5R5PkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/becf48-035a-4471-bdf3-ffd5bf5969df/1/ruqgluuzdlfk060hdmQRctbiArw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.95.210.0/24
IPv6:
2a13:3000::-2a13:3006:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a6:b6:21:18:de:8d:63:7a:7c:68:a2:d3:ca:b8:f3:8b:4a:b3:
31:62:08:bb:cc:55:7d:64:2a:ac:41:eb:ed:6c:b3:58:ae:54:
ce:93:8d:6d:f2:29:72:80:67:ab:c4:39:d0:22:15:39:ea:21:
9c:64:44:04:01:b2:69:cf:ce:9d:e4:96:c1:8b:3a:50:b9:1b:
2d:2c:a3:09:08:8d:a0:fd:f3:2f:1b:bd:ca:52:19:1e:32:fd:
28:58:da:42:53:13:89:a4:4d:ff:86:84:de:90:ba:b3:2d:d2:
44:ee:a2:e3:31:1d:9a:ba:25:23:59:5d:ce:68:9f:ac:01:a2:
a0:bf:b2:0e:ed:1a:ad:db:4d:ad:ae:75:49:f8:d4:af:f5:5e:
a3:ae:8e:63:17:e2:21:d8:27:92:a3:75:11:d7:65:71:de:4d:
bb:bb:b4:82:b6:1e:bc:4b:6f:bb:b6:a6:7a:3e:dd:ed:6e:34:
70:32:38:ae:6e:9d:9b:f2:e4:d5:c3:f5:97:08:e1:ab:ed:9e:
30:39:f1:c9:c6:71:d9:78:7d:0e:cb:43:5c:64:ee:9c:71:f4:
78:94:04:89:dc:12:2c:0f:36:87:bb:79:2e:81:fe:a2:4d:f8:
4a:60:99:84:a1:ae:27:6d:60:7b:40:6d:4a:b3:ad:c3:4a:04:
f7:d2:d4:2b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzJStBkEOCeuEAnmZXUXvi7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZWFhMDk2ZWJiMzc2NTdlNGQzYWQyMTc2NjQxMTcyZDZl
MjAyYmMwHhcNMjQwMTAyMDgyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjljOGZhOGY1ZDBmODNhOGVjYmNlNzhiMWEyMTE0Yjk0NzkzZTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyUEGgXo5yjLd5eVQp4gRDHGLgkV
14tyG3IptkZq98QwPok4vB5TvqcHLeMgeib1stRMQJbICKsJ1GccK+zfjCm+vkGT
D3WL02ISpo1m/ImmOpeO++4ICNMWUZ1l2ofahtHxShIqZ/gWqXeFHvLn5ZVZqlPu
P8+R5P/mBf7S+tPHMX+0++bNaUH74UQ4g/Pfg15vn9m6jhjAYNMkjcTr93qjNJf9
iDFc7Kk/MRMt05hp6SDehpVXXGVN2fV2RirJVq882jQq9wDDK6/v4Scm1amBzBws
UPqBCUs9uPdNXEKfEtqmpY5gX+KMIxg70VhGBnlHqr0IuDy407KZPldckQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFG+cj6j10Pg6jsvOeLGiEUuUeT5BMB8GA1UdIwQY
MBaAFK7qoJbrs3ZX5NOtIXZkEXLW4gK8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVxZ2x1dXpkbGZrMDYwaGRtUVJjdGJpQXJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iZWNmNDgtMDM1YS00NDcxLWJkZjMt
ZmZkNWJmNTk2OWRmLzEvYjV5UHFQWFEtRHFPeTg1NHNhSVJTNVI1UGtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iZWNmNDgtMDM1YS00NDcxLWJkZjMtZmZkNWJmNTk2OWRm
LzEvcnVxZ2x1dXpkbGZrMDYwaGRtUVJjdGJpQXJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAMBAIAATAGAwQAXV/SMBUE
AgACMA8wDQMEBCoTMAMFACoTMAYwDQYJKoZIhvcNAQELBQADggEBAKa2IRjejWN6
fGii08q484tKszFiCLvMVX1kKqxB6+1ss1iuVM6TjW3yKXKAZ6vEOdAiFTnqIZxk
RAQBsmnPzp3klsGLOlC5Gy0sowkIjaD98y8bvcpSGR4y/ShY2kJTE4mkTf+GhN6Q
urMt0kTuouMxHZq6JSNZXc5on6wBoqC/sg7tGq3bTa2udUn41K/1XqOujmMX4iHY
J5KjdRHXZXHeTbu7tIK2HrxLb7u2pno+3e1uNHAyOK5unZvy5NXD9ZcI4avtnjA5
8cnGcdl4fQ7LQ1xk7pxx9HiUBIncEiwPNoe7eS6B/qJN+EpgmYShridtYHtAbUqz
rcNKBPfS1Cs=
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:48:17 2024 by rpki-client on console-ams.rpki-client.org