Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/YtJN98lnUAPA8zsmZ8GZOA2pUQ4.roa
File: YtJN98lnUAPA8zsmZ8GZOA2pUQ4.roa (raw, json)
Hash identifier: q/1Z7A4tsPsugYgrTkNHaLoM1mWsqNzkL4JLFdipSz8=
Subject key identifier: 62:D2:4D:F7:C9:67:50:03:C0:F3:3B:26:67:C1:99:38:0D:A9:51:0E
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA29DEF5528F5028209BE74EB133574B
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/YtJN98lnUAPA8zsmZ8GZOA2pUQ4.roa
Signing time: Tue 02 Jan 2024 12:33:10 +0000
ROA not before: Tue 02 Jan 2024 12:33:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2864
IP address blocks: 95.46.140.0/23 maxlen: 24
95.47.167.0/24 maxlen: 24
95.46.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:de:f5:52:8f:50:28:20:9b:e7:4e:b1:33:57:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62d24df7c9675003c0f33b2667c199380da9510e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0a:dd:9c:c0:2c:02:b8:5a:8f:3c:4d:d6:b2:
48:22:bf:f6:ea:66:e6:45:37:5e:18:d2:64:ff:e5:
a6:66:ac:8f:07:c8:c3:94:36:a2:6b:4a:58:71:63:
22:d7:b6:ab:5c:9b:47:30:f3:3c:fc:1a:1d:e6:d0:
fa:aa:1a:39:c4:32:7b:b1:39:f3:5c:27:73:64:83:
8f:2b:8f:75:c2:8e:1d:c8:19:2f:81:39:b8:60:9a:
8a:6d:37:4e:26:18:ca:05:a8:09:13:81:75:e7:e9:
3a:4f:30:7b:1b:9c:e6:3c:96:a0:4b:0d:ae:36:99:
ac:22:19:4d:c3:97:ed:4e:81:e4:1b:3f:13:86:98:
15:30:95:43:46:2f:45:16:d7:b8:28:e0:0e:87:01:
85:d3:25:04:2d:4b:19:cb:77:79:7a:fc:6b:b2:71:
22:d3:07:88:3c:ce:1d:50:5f:4a:7d:3b:1e:ef:b2:
bd:d5:42:d3:67:20:d8:5f:39:e4:fe:06:ee:82:74:
f5:54:4f:fe:c4:36:bf:e2:c8:0d:3f:7d:cd:f6:04:
59:5a:44:aa:65:d1:14:fc:ce:d3:47:f1:e5:a3:d6:
47:90:3d:2e:e0:ee:6f:8c:5b:6c:cc:23:6e:db:27:
77:3a:c1:fc:c9:2e:a3:3f:c1:0e:f5:ef:6d:cc:aa:
40:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:D2:4D:F7:C9:67:50:03:C0:F3:3B:26:67:C1:99:38:0D:A9:51:0E
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/YtJN98lnUAPA8zsmZ8GZOA2pUQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.46.0.0/24
95.46.140.0/23
95.47.167.0/24
Signature Algorithm: sha256WithRSAEncryption
06:c0:94:44:a7:3c:f0:1a:ae:d7:ec:36:0c:64:0b:f2:33:c4:
ef:09:24:f6:7d:6c:5e:d7:b5:85:0b:bb:d4:ba:d8:1d:48:18:
b2:97:a8:5b:b4:ee:13:a2:93:ee:8b:d9:ae:c3:6a:e3:36:1d:
5c:0a:df:58:90:92:0d:28:26:03:6a:ef:cc:7b:7a:99:0c:f7:
8a:20:d1:1b:57:28:c4:61:d1:1a:53:67:d2:aa:93:4f:f0:0b:
85:81:2a:ba:f3:76:0e:b2:0e:05:3f:f6:70:38:55:90:3a:cd:
ef:fd:8c:aa:8a:02:47:e1:be:1c:1e:29:c5:20:ce:9b:4f:86:
79:1d:e8:34:05:44:75:2a:31:fe:f8:2d:6e:97:fc:4c:7c:24:
0c:6e:d0:db:a0:0f:54:14:d6:57:1a:df:13:fb:e8:1c:84:9a:
96:6c:d5:0f:40:a8:c6:27:ea:0a:72:aa:a2:26:b2:ce:0a:eb:
6f:46:e5:e0:f7:7e:10:35:63:f4:fe:97:f7:c5:7e:7b:2c:59:
7c:5c:d7:52:d2:bc:26:db:23:bf:85:22:2d:ce:97:ed:95:91:
fb:f2:f7:ec:62:6b:d4:19:1d:93:05:84:33:6b:5d:2c:d2:7b:
d5:7f:d3:8b:45:ab:2f:03:ce:67:cd:d4:5d:16:fe:17:4b:03:
25:06:50:d8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKd71Uo9QKCCb506xM1dLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmQyNGRmN2M5Njc1MDAzYzBmMzNiMjY2N2MxOTkzODBkYTk1MTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowrdnMAsArhajzxN1rJIIr/26mbm
RTdeGNJk/+WmZqyPB8jDlDaia0pYcWMi17arXJtHMPM8/Bod5tD6qho5xDJ7sTnz
XCdzZIOPK491wo4dyBkvgTm4YJqKbTdOJhjKBagJE4F15+k6TzB7G5zmPJagSw2u
NpmsIhlNw5ftToHkGz8ThpgVMJVDRi9FFte4KOAOhwGF0yUELUsZy3d5evxrsnEi
0weIPM4dUF9KfTse77K91ULTZyDYXznk/gbugnT1VE/+xDa/4sgNP33N9gRZWkSq
ZdEU/M7TR/Hlo9ZHkD0u4O5vjFtszCNu2yd3OsH8yS6jP8EO9e9tzKpAcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGLSTffJZ1ADwPM7JmfBmTgNqVEOMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvWXRKTjk4bG5VQVBBOHpzbVo4R1pPQTJwVVE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXy4AAwQB
Xy6MAwQAXy+nMA0GCSqGSIb3DQEBCwUAA4IBAQAGwJREpzzwGq7X7DYMZAvyM8Tv
CST2fWxe17WFC7vUutgdSBiyl6hbtO4TopPui9muw2rjNh1cCt9YkJINKCYDau/M
e3qZDPeKINEbVyjEYdEaU2fSqpNP8AuFgSq683YOsg4FP/ZwOFWQOs3v/YyqigJH
4b4cHinFIM6bT4Z5Heg0BUR1KjH++C1ul/xMfCQMbtDboA9UFNZXGt8T++gchJqW
bNUPQKjGJ+oKcqqiJrLOCutvRuXg934QNWP0/pf3xX57LFl8XNdS0rwm2yO/hSIt
zpftlZH78vfsYmvUGR2TBYQza10s0nvVf9OLRasvA85nzdRdFv4XSwMlBlDY
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:25:42 2024 by rpki-client on console-ams.rpki-client.org