Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/l3KNLx8fy8ZNFdXPEIMwblh7bv0.roa
File: l3KNLx8fy8ZNFdXPEIMwblh7bv0.roa (raw, json)
Hash identifier: cvfLUrFCunw/sfPuGq1lRfTBDOhGQHTILZEnVCsXojM=
Subject key identifier: 97:72:8D:2F:1F:1F:CB:C6:4D:15:D5:CF:10:83:30:6E:58:7B:6E:FD
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A46FE6712E2FAA9750F2B2CD6F107
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/l3KNLx8fy8ZNFdXPEIMwblh7bv0.roa
Signing time: Tue 02 Jan 2024 12:33:37 +0000
ROA not before: Tue 02 Jan 2024 12:33:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207348
IP address blocks: 93.170.240.0/23 maxlen: 24
95.47.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:46:fe:67:12:e2:fa:a9:75:0f:2b:2c:d6:f1:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97728d2f1f1fcbc64d15d5cf1083306e587b6efd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c7:1e:39:0d:c8:73:2b:67:6d:7f:8f:6e:32:
82:8f:c0:ca:c5:7f:db:a3:27:15:43:9b:a3:51:8b:
78:dc:2e:9f:28:04:c3:e2:46:47:25:71:63:7b:fa:
a6:a2:04:bb:9f:37:16:58:01:18:42:f4:88:af:61:
b2:4a:db:3d:57:4f:da:70:4f:ec:94:ba:3e:cc:0c:
33:4c:87:7d:0a:e7:8c:fa:e7:ae:5b:f7:f5:e7:d6:
ca:1e:ab:c3:42:71:a8:ab:9b:c2:3c:ef:25:8d:38:
ab:8f:07:95:dc:af:4e:96:31:87:ad:17:a5:a0:6b:
a6:84:83:e3:46:7e:c4:1e:c5:37:ec:ba:bf:2a:a3:
48:00:9a:e3:a1:dc:b4:1b:5d:77:b8:16:e2:a7:9d:
b0:9c:11:89:ed:cb:14:cc:bc:52:60:dd:e6:15:69:
3f:7e:3a:a8:f4:e4:a9:a7:29:43:6d:fa:f9:4c:7b:
75:2a:2d:3b:2d:19:bd:1b:b6:2d:46:cd:58:c6:82:
78:a8:9f:ac:14:36:78:68:33:61:4d:f5:0e:2c:63:
1e:b4:dd:03:42:81:15:4c:de:81:31:12:45:be:43:
73:f3:93:7e:82:59:2d:f4:7b:7f:77:b2:2f:66:84:
eb:9c:46:9c:72:50:35:aa:fd:86:a4:0a:88:34:e1:
2f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:72:8D:2F:1F:1F:CB:C6:4D:15:D5:CF:10:83:30:6E:58:7B:6E:FD
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/l3KNLx8fy8ZNFdXPEIMwblh7bv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.240.0/23
95.47.160.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:d3:a9:10:98:6e:ca:05:82:30:14:5f:5f:3c:14:e0:74:43:
6c:9f:33:54:07:95:11:cd:b7:8a:50:34:55:8d:97:ca:5b:b3:
ed:59:8b:b2:38:01:20:b4:79:a5:15:b8:c1:79:78:a0:93:c0:
d1:79:a5:7f:82:f6:e6:bb:24:13:dc:ca:ae:d1:9d:ed:03:03:
ea:fd:6c:3a:53:93:1d:91:e7:b6:6f:1a:c0:f6:40:a4:4f:54:
24:b1:fd:4c:66:4f:da:41:bd:8e:1d:18:47:bf:00:6f:e4:a3:
78:f5:54:95:42:14:33:a5:8b:4f:e6:be:b9:35:d1:57:ca:81:
de:da:1e:20:7d:2a:72:37:fe:c9:ad:98:f2:1e:cc:29:61:49:
a3:f2:9a:41:96:6b:13:b0:bd:bb:93:a8:0a:b8:e4:bf:94:aa:
d0:df:18:28:2c:4c:f3:58:4e:b9:50:4a:1a:d8:0b:09:08:3c:
6e:75:09:a6:4d:be:fe:4f:4b:47:16:ce:16:d9:c8:d0:ff:df:
5f:59:f7:35:07:e9:8d:31:20:8a:6a:85:02:48:ad:86:d8:4b:
c0:4f:c0:20:5a:95:1c:bb:16:7a:18:51:59:85:fb:7c:fe:23:
88:13:5b:da:5e:4b:ff:3d:a6:d4:01:b0:25:05:af:90:26:6b:
d3:4d:93:0f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKkb+ZxLi+ql1Dyss1vEHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzcyOGQyZjFmMWZjYmM2NGQxNWQ1Y2YxMDgzMzA2ZTU4N2I2ZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMceOQ3IcytnbX+PbjKCj8DKxX/b
oycVQ5ujUYt43C6fKATD4kZHJXFje/qmogS7nzcWWAEYQvSIr2GySts9V0/acE/s
lLo+zAwzTId9CueM+ueuW/f159bKHqvDQnGoq5vCPO8ljTirjweV3K9OljGHrRel
oGumhIPjRn7EHsU37Lq/KqNIAJrjody0G113uBbip52wnBGJ7csUzLxSYN3mFWk/
fjqo9OSppylDbfr5THt1Ki07LRm9G7YtRs1YxoJ4qJ+sFDZ4aDNhTfUOLGMetN0D
QoEVTN6BMRJFvkNz85N+glkt9Ht/d7IvZoTrnEacclA1qv2GpAqINOEvUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJdyjS8fH8vGTRXVzxCDMG5Ye279MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvbDNLTkx4OGZ5OFpORmRYUEVJTXdibGg3YnYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXarwAwQA
Xy+gMA0GCSqGSIb3DQEBCwUAA4IBAQCm06kQmG7KBYIwFF9fPBTgdENsnzNUB5UR
zbeKUDRVjZfKW7PtWYuyOAEgtHmlFbjBeXigk8DReaV/gvbmuyQT3Mqu0Z3tAwPq
/Ww6U5Mdkee2bxrA9kCkT1Qksf1MZk/aQb2OHRhHvwBv5KN49VSVQhQzpYtP5r65
NdFXyoHe2h4gfSpyN/7JrZjyHswpYUmj8ppBlmsTsL27k6gKuOS/lKrQ3xgoLEzz
WE65UEoa2AsJCDxudQmmTb7+T0tHFs4W2cjQ/99fWfc1B+mNMSCKaoUCSK2G2EvA
T8AgWpUcuxZ6GFFZhft8/iOIE1vaXkv/PabUAbAlBa+QJmvTTZMP
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:31:03 2024 by rpki-client on console-ams.rpki-client.org