Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/DSt03ZbqEmMMrFmkw8_Zpc418gM.roa
File: DSt03ZbqEmMMrFmkw8_Zpc418gM.roa (raw, json)
Hash identifier: fzaaXQpKdLLk5gs2sI5uytO954ZCvjmS4tYZK+ypCDE=
Subject key identifier: 0D:2B:74:DD:96:EA:12:63:0C:AC:59:A4:C3:CF:D9:A5:CE:35:F2:03
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018D7A177BFB92A9C9B6CCFEB1E029EB84CE
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/DSt03ZbqEmMMrFmkw8_Zpc418gM.roa
Signing time: Mon 05 Feb 2024 16:26:15 +0000
ROA not before: Mon 05 Feb 2024 16:26:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215572
IP address blocks: 95.46.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7a:17:7b:fb:92:a9:c9:b6:cc:fe:b1:e0:29:eb:84:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Feb 5 16:26:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d2b74dd96ea12630cac59a4c3cfd9a5ce35f203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f3:cf:93:2d:2b:8a:0a:bb:02:8a:70:51:88:
6d:6e:e5:43:e5:43:f9:40:c1:58:45:1c:5f:bb:c7:
c6:e2:47:2a:05:09:ea:0c:6d:88:b9:49:10:2d:88:
35:66:61:cf:83:9b:44:bb:15:aa:37:cb:5f:e7:06:
5c:8b:2e:85:4c:5e:6c:dc:72:53:7a:70:b6:54:f0:
cb:9d:44:a6:98:be:75:48:05:af:ac:01:95:d7:7d:
70:f6:1a:62:12:fe:dc:e6:d5:d4:16:e9:13:22:ca:
91:57:c0:a6:3e:db:c8:55:30:ff:12:35:36:ab:7d:
4a:0d:af:5a:aa:9c:d1:8f:1f:23:29:12:cd:9b:2e:
e4:83:4f:ba:2c:02:16:9d:7a:54:c6:fb:1b:81:94:
10:1f:ff:0e:9e:17:8c:fd:0c:da:9d:c1:bc:57:31:
71:0a:5b:8c:38:79:59:58:80:11:f3:fd:53:05:05:
0d:90:09:16:79:a3:b2:74:99:d5:dc:2e:d9:4b:54:
66:71:b6:c6:8d:43:80:83:87:72:a4:91:93:95:80:
a1:22:22:cb:7e:c0:9b:a2:30:e8:97:92:6b:3c:70:
b6:91:ba:91:98:bf:4d:3b:7a:08:ea:99:e7:e9:a3:
55:d0:8b:1d:77:5f:e4:d4:35:c0:fc:8e:56:cf:db:
35:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:2B:74:DD:96:EA:12:63:0C:AC:59:A4:C3:CF:D9:A5:CE:35:F2:03
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/DSt03ZbqEmMMrFmkw8_Zpc418gM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.46.158.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:0c:a0:5c:a9:3a:40:ea:aa:2b:85:24:02:46:00:49:ae:d8:
6b:11:c0:37:6e:5c:7b:6d:71:b0:c9:fc:9c:6b:64:1f:bf:a7:
a3:4e:56:0f:7f:7f:7d:a5:f9:1e:bf:4d:3b:3f:23:4a:89:91:
fd:cc:c2:54:8f:d0:f4:94:b9:24:40:be:8a:5a:15:ae:e1:bc:
ef:88:73:61:8f:03:76:a3:b6:3a:97:e1:15:ac:68:bf:6d:e6:
96:06:c0:69:52:c7:8e:94:ad:d6:5e:c7:98:63:27:ce:aa:e8:
55:7d:7a:06:4d:56:64:1c:1c:35:a2:14:8a:46:56:e0:62:11:
75:8e:c1:5e:56:a4:89:27:0b:cd:df:67:4f:60:59:fe:76:6a:
d0:b4:f5:65:60:c3:a9:08:98:82:e1:7b:2c:0c:5b:20:a8:66:
b9:67:54:39:5d:75:20:04:09:60:82:61:95:95:b4:79:b7:ad:
9b:12:43:f0:cf:5a:9c:20:e1:05:a1:0c:af:b6:0e:d4:34:51:
c0:53:c9:2b:47:f9:1c:1e:db:81:f7:2e:21:91:85:1a:d3:7b:
22:b7:64:a4:6b:e0:f4:9f:2c:39:93:5e:c1:41:10:74:c6:5e:
d3:fa:6e:99:b2:ca:ad:13:11:78:f5:47:cd:ff:cf:4d:91:88:
60:88:54:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY16F3v7kqnJtsz+seAp64TOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMjA1MTYyNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDJiNzRkZDk2ZWExMjYzMGNhYzU5YTRjM2NmZDlhNWNlMzVmMjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfPPky0rigq7AopwUYhtbuVD5UP5
QMFYRRxfu8fG4kcqBQnqDG2IuUkQLYg1ZmHPg5tEuxWqN8tf5wZciy6FTF5s3HJT
enC2VPDLnUSmmL51SAWvrAGV131w9hpiEv7c5tXUFukTIsqRV8CmPtvIVTD/EjU2
q31KDa9aqpzRjx8jKRLNmy7kg0+6LAIWnXpUxvsbgZQQH/8OnheM/QzancG8VzFx
CluMOHlZWIAR8/1TBQUNkAkWeaOydJnV3C7ZS1RmcbbGjUOAg4dypJGTlYChIiLL
fsCbojDol5JrPHC2kbqRmL9NO3oI6pnn6aNV0Isdd1/k1DXA/I5Wz9s1bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA0rdN2W6hJjDKxZpMPP2aXONfIDMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvRFN0MDNaYnFFbU1NckZta3c4X1pwYzQxOGdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXy6eMA0G
CSqGSIb3DQEBCwUAA4IBAQAODKBcqTpA6qorhSQCRgBJrthrEcA3blx7bXGwyfyc
a2Qfv6ejTlYPf399pfkev007PyNKiZH9zMJUj9D0lLkkQL6KWhWu4bzviHNhjwN2
o7Y6l+EVrGi/beaWBsBpUseOlK3WXseYYyfOquhVfXoGTVZkHBw1ohSKRlbgYhF1
jsFeVqSJJwvN32dPYFn+dmrQtPVlYMOpCJiC4XssDFsgqGa5Z1Q5XXUgBAlggmGV
lbR5t62bEkPwz1qcIOEFoQyvtg7UNFHAU8krR/kcHtuB9y4hkYUa03sit2Ska+D0
nyw5k17BQRB0xl7T+m6ZssqtExF49UfN/89NkYhgiFSi
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:13:21 2024 by rpki-client on console-fra.rpki-client.org