Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/e08d0e-ee4c-4ae1-9e0b-1278a42e092a/1/lDGOC4F8D5oywqh84EAPw0PPN5I.roa
File: lDGOC4F8D5oywqh84EAPw0PPN5I.roa (raw, json)
Hash identifier: 9Svchmh+lc7OJMmvbDA1NZGQaXiBdzNrn474xuIAK8M=
Subject key identifier: 94:31:8E:0B:81:7C:0F:9A:32:C2:A8:7C:E0:40:0F:C3:43:CF:37:92
Certificate issuer: /CN=1c5c72ee422c61667e3056de6b3ffce034305175
Certificate serial: 018CC3B67A6E1F924F9ED26232B63C5B7CE2
Authority key identifier: 1C:5C:72:EE:42:2C:61:66:7E:30:56:DE:6B:3F:FC:E0:34:30:51:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HFxy7kIsYWZ-MFbeaz_84DQwUXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/e08d0e-ee4c-4ae1-9e0b-1278a42e092a/1/lDGOC4F8D5oywqh84EAPw0PPN5I.roa
Signing time: Mon 01 Jan 2024 06:29:25 +0000
ROA not before: Mon 01 Jan 2024 06:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50556
IP address blocks: 95.66.232.0/22 maxlen: 22
95.66.236.0/24 maxlen: 24
95.66.175.0/24 maxlen: 24
95.66.178.0/24 maxlen: 24
95.66.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/e08d0e-ee4c-4ae1-9e0b-1278a42e092a/1/HFxy7kIsYWZ-MFbeaz_84DQwUXU.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/e08d0e-ee4c-4ae1-9e0b-1278a42e092a/1/HFxy7kIsYWZ-MFbeaz_84DQwUXU.mft
rsync://rpki.ripe.net/repository/DEFAULT/HFxy7kIsYWZ-MFbeaz_84DQwUXU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 May 2024 03:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:7a:6e:1f:92:4f:9e:d2:62:32:b6:3c:5b:7c:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c5c72ee422c61667e3056de6b3ffce034305175
Validity
Not Before: Jan 1 06:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94318e0b817c0f9a32c2a87ce0400fc343cf3792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:67:0c:f7:46:11:af:fe:b0:5f:6d:12:75:d0:
3b:b7:29:82:05:b6:40:b1:9b:90:a1:cd:06:d5:ca:
7b:0e:0a:1b:3f:ce:16:38:a1:3e:64:f9:8a:d8:7d:
81:00:63:14:5b:86:69:2c:fc:f3:d3:cb:e6:d1:2b:
34:60:79:df:48:d2:84:10:ac:4a:4f:00:8d:f4:f5:
9f:2e:e4:98:2e:f7:96:7b:e7:a3:4e:58:e9:f3:96:
b9:68:48:dc:52:76:dc:a7:0c:6c:89:e6:1c:4a:14:
0b:74:49:c0:f2:d7:db:eb:34:76:e5:06:93:ed:7f:
2c:9b:dd:0b:5f:8c:7d:c9:24:fb:14:ff:69:2f:f0:
78:6d:4f:d2:3f:44:c4:a9:90:d1:b5:86:c5:e9:8e:
ca:aa:1e:16:9e:d4:b5:b8:ae:27:73:bc:a7:a4:75:
f2:96:38:0c:5f:1c:cf:35:53:08:c3:14:90:aa:0f:
1d:bf:da:e8:7a:1d:68:37:e7:43:63:00:38:26:7a:
1a:0f:12:ee:4d:a8:9e:ba:85:8e:63:fd:58:6f:67:
2a:37:8a:f7:d8:da:9e:29:f5:84:be:a3:bc:8d:51:
0f:31:ce:6c:76:5b:df:93:75:91:2c:cb:58:89:c1:
47:ed:49:ab:36:02:f2:7f:2f:20:e3:d5:56:ca:69:
a3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:31:8E:0B:81:7C:0F:9A:32:C2:A8:7C:E0:40:0F:C3:43:CF:37:92
X509v3 Authority Key Identifier:
keyid:1C:5C:72:EE:42:2C:61:66:7E:30:56:DE:6B:3F:FC:E0:34:30:51:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HFxy7kIsYWZ-MFbeaz_84DQwUXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e08d0e-ee4c-4ae1-9e0b-1278a42e092a/1/lDGOC4F8D5oywqh84EAPw0PPN5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e08d0e-ee4c-4ae1-9e0b-1278a42e092a/1/HFxy7kIsYWZ-MFbeaz_84DQwUXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.66.175.0/24
95.66.178.0/23
95.66.232.0-95.66.236.255
Signature Algorithm: sha256WithRSAEncryption
1d:80:41:31:49:6e:4f:b7:5e:cc:98:ef:8d:a8:a1:c4:d6:ad:
23:2a:81:81:e7:3d:8e:2c:7c:43:f9:2c:8f:80:45:e4:2e:52:
3a:c2:84:5f:8b:2a:e7:e8:f8:2f:4d:59:0f:18:81:1c:82:b3:
34:01:a1:c5:3a:98:b6:54:37:60:fc:06:4a:7c:e4:6e:d0:12:
29:ce:a4:51:33:02:0f:ca:0f:e7:16:50:c5:d7:34:3f:71:0a:
67:78:16:a1:a4:29:f2:4f:05:0b:c8:4e:b4:6d:60:c6:97:fa:
94:4f:82:03:91:8a:4d:7d:55:f6:ba:86:1a:9e:ff:eb:09:fc:
77:e4:6c:3c:a0:20:75:cd:14:c2:c7:37:c9:b8:19:94:e8:12:
08:ef:de:f1:28:a2:d9:55:af:7a:57:95:74:9b:94:69:df:e9:
3e:60:5d:18:27:bc:eb:b4:c1:cf:8e:2b:ec:5c:7d:38:7c:aa:
22:43:0c:3a:ba:17:06:0f:81:47:7f:9c:8c:19:08:47:c4:80:
36:1a:9d:03:6a:04:82:3a:87:3d:4e:74:54:a6:7c:16:81:b4:
94:ff:76:e5:b1:0e:8e:82:f9:43:8e:7e:a6:23:3c:9a:9c:c9:
c9:ac:c9:4a:6c:de:96:f3:2c:00:81:32:b9:18:f8:8a:fa:2d:
6b:6b:ff:98
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzDtnpuH5JPntJiMrY8W3ziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNWM3MmVlNDIyYzYxNjY3ZTMwNTZkZTZiM2ZmY2UwMzQz
MDUxNzUwHhcNMjQwMTAxMDYyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDMxOGUwYjgxN2MwZjlhMzJjMmE4N2NlMDQwMGZjMzQzY2YzNzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWcM90YRr/6wX20SddA7tymCBbZA
sZuQoc0G1cp7DgobP84WOKE+ZPmK2H2BAGMUW4ZpLPzz08vm0Ss0YHnfSNKEEKxK
TwCN9PWfLuSYLveWe+ejTljp85a5aEjcUnbcpwxsieYcShQLdEnA8tfb6zR25QaT
7X8sm90LX4x9yST7FP9pL/B4bU/SP0TEqZDRtYbF6Y7Kqh4WntS1uK4nc7ynpHXy
ljgMXxzPNVMIwxSQqg8dv9roeh1oN+dDYwA4JnoaDxLuTaieuoWOY/1Yb2cqN4r3
2NqeKfWEvqO8jVEPMc5sdlvfk3WRLMtYicFH7UmrNgLyfy8g49VWymmjGwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJQxjguBfA+aMsKofOBAD8NDzzeSMB8GA1UdIwQY
MBaAFBxccu5CLGFmfjBW3ms//OA0MFF1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEZ4eTdrSXNZV1otTUZiZWF6Xzg0RFF3VVhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9lMDhkMGUtZWU0Yy00YWUxLTllMGIt
MTI3OGE0MmUwOTJhLzEvbERHT0M0RjhENW95d3FoODRFQVB3MFBQTjVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9lMDhkMGUtZWU0Yy00YWUxLTllMGItMTI3OGE0MmUwOTJh
LzEvSEZ4eTdrSXNZV1otTUZiZWF6Xzg0RFF3VVhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAX0KvAwQB
X0KyMAwDBANfQugDBABfQuwwDQYJKoZIhvcNAQELBQADggEBAB2AQTFJbk+3XsyY
742oocTWrSMqgYHnPY4sfEP5LI+AReQuUjrChF+LKufo+C9NWQ8YgRyCszQBocU6
mLZUN2D8Bkp85G7QEinOpFEzAg/KD+cWUMXXND9xCmd4FqGkKfJPBQvITrRtYMaX
+pRPggORik19Vfa6hhqe/+sJ/HfkbDygIHXNFMLHN8m4GZToEgjv3vEootlVr3pX
lXSblGnf6T5gXRgnvOu0wc+OK+xcfTh8qiJDDDq6FwYPgUd/nIwZCEfEgDYanQNq
BII6hz1OdFSmfBaBtJT/duWxDo6C+UOOfqYjPJqcycmsyUps3pbzLACBMrkY+Ir6
LWtr/5g=
-----END CERTIFICATE-----
Generated at Wed May 29 09:36:38 2024 by rpki-client on console-fra.rpki-client.org