Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/mYkEDQ4Le1dstrVPzWMDdOlg38I.roa
File: mYkEDQ4Le1dstrVPzWMDdOlg38I.roa (raw, json)
Hash identifier: mkp2J9G7pvXoEB/Bpo5to2mrjH7jSYSJiW7wH9pRKck=
Subject key identifier: 99:89:04:0D:0E:0B:7B:57:6C:B6:B5:4F:CD:63:03:74:E9:60:DF:C2
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A130DB05958240A555DBCD93CF65E
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/mYkEDQ4Le1dstrVPzWMDdOlg38I.roa
Signing time: Tue 02 Jan 2024 12:33:24 +0000
ROA not before: Tue 02 Jan 2024 12:33:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56465
IP address blocks: 95.47.117.0/24 maxlen: 24
95.47.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:13:0d:b0:59:58:24:0a:55:5d:bc:d9:3c:f6:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9989040d0e0b7b576cb6b54fcd630374e960dfc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a6:ea:c1:31:4e:23:cf:3c:20:da:fb:83:60:
07:37:21:26:d4:5f:aa:8a:f5:6f:bb:86:a1:3a:82:
5c:13:a2:47:54:42:4b:c6:ab:a7:a8:5c:18:34:d6:
4e:33:0e:2c:ba:64:03:fd:c9:bb:b4:70:4a:ad:ef:
6e:f9:d8:59:c6:eb:43:a0:23:b4:07:24:30:37:30:
02:8d:e2:5e:09:37:a7:92:8d:49:86:8f:ff:8b:35:
4e:5b:6d:a7:1d:1d:5c:42:d6:d6:4e:4a:b1:96:bd:
cb:08:e1:38:e6:de:da:e1:5b:f9:ca:dd:b0:7e:49:
cc:e5:a9:bf:eb:fe:48:4c:ed:2f:4c:b4:99:97:c9:
e6:94:57:56:7e:ed:01:93:dc:64:6a:ca:b1:9f:57:
39:fa:b3:83:a3:fc:31:26:23:ce:88:46:1d:7f:29:
3e:f7:0f:2d:20:05:7d:9b:41:81:61:a9:0f:e7:a0:
a4:ec:a6:12:3f:0d:a6:ba:81:aa:4d:28:0c:16:f6:
73:86:85:28:4d:03:b7:87:84:89:94:39:39:0e:e8:
aa:36:4d:66:8e:74:ff:87:b2:37:20:94:88:4e:b0:
a7:5b:30:3d:07:2c:cf:4a:3d:85:06:c9:64:13:fd:
b4:f4:d8:46:06:3d:79:cc:af:e2:80:b6:39:38:15:
41:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:89:04:0D:0E:0B:7B:57:6C:B6:B5:4F:CD:63:03:74:E9:60:DF:C2
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/mYkEDQ4Le1dstrVPzWMDdOlg38I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.116.0/23
Signature Algorithm: sha256WithRSAEncryption
41:43:5e:91:bf:00:90:2e:26:94:2f:f6:b8:44:bc:fb:70:ee:
a6:a7:e1:ff:e7:8c:d8:c8:83:af:31:f8:3b:c7:bb:17:03:e2:
ea:f0:64:02:f7:56:1e:53:aa:f8:a6:cc:1c:74:46:17:18:04:
0a:9e:00:ba:1e:26:b7:9c:ce:93:3d:cd:2f:aa:bf:97:38:ac:
33:90:23:17:54:9a:c4:7e:af:06:12:fc:98:77:20:94:5f:ce:
78:fa:b0:a2:5b:f9:aa:1e:38:88:0f:3e:d1:16:e3:59:4f:e4:
3e:9f:53:16:7e:68:d1:08:a0:26:31:62:a2:e9:e1:fc:ae:e8:
d3:44:2a:cd:0a:fb:26:6f:fb:19:6b:bf:03:9a:67:97:c5:77:
7a:0b:a9:74:cc:a0:18:98:1a:c6:b5:3d:bf:09:cf:96:5d:fc:
34:c8:ac:79:e4:87:3e:19:53:48:36:c4:ad:c5:02:8c:58:a0:
27:d4:8a:6c:33:80:f8:79:80:4e:1c:ad:a5:8a:97:8f:2a:69:
0a:a3:ea:d7:cf:27:90:c4:f6:2a:86:33:3f:0e:5a:8a:b4:6a:
9f:63:29:65:25:eb:4c:da:ce:9b:d2:a0:d6:75:7d:59:3b:c3:
ba:14:8e:53:5f:27:21:a7:8d:bc:df:80:c9:2b:37:63:8a:16:
3b:d6:a5:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKhMNsFlYJApVXbzZPPZeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTg5MDQwZDBlMGI3YjU3NmNiNmI1NGZjZDYzMDM3NGU5NjBkZmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKbqwTFOI888INr7g2AHNyEm1F+q
ivVvu4ahOoJcE6JHVEJLxqunqFwYNNZOMw4sumQD/cm7tHBKre9u+dhZxutDoCO0
ByQwNzACjeJeCTenko1Jho//izVOW22nHR1cQtbWTkqxlr3LCOE45t7a4Vv5yt2w
fknM5am/6/5ITO0vTLSZl8nmlFdWfu0Bk9xkasqxn1c5+rODo/wxJiPOiEYdfyk+
9w8tIAV9m0GBYakP56Ck7KYSPw2muoGqTSgMFvZzhoUoTQO3h4SJlDk5DuiqNk1m
jnT/h7I3IJSITrCnWzA9ByzPSj2FBslkE/209NhGBj15zK/igLY5OBVB7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJmJBA0OC3tXbLa1T81jA3TpYN/CMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvbVlrRURRNExlMWRzdHJWUHpXTURkT2xnMzhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXy90MA0G
CSqGSIb3DQEBCwUAA4IBAQBBQ16RvwCQLiaUL/a4RLz7cO6mp+H/54zYyIOvMfg7
x7sXA+Lq8GQC91YeU6r4pswcdEYXGAQKngC6Hia3nM6TPc0vqr+XOKwzkCMXVJrE
fq8GEvyYdyCUX854+rCiW/mqHjiIDz7RFuNZT+Q+n1MWfmjRCKAmMWKi6eH8rujT
RCrNCvsmb/sZa78DmmeXxXd6C6l0zKAYmBrGtT2/Cc+WXfw0yKx55Ic+GVNINsSt
xQKMWKAn1IpsM4D4eYBOHK2lipePKmkKo+rXzyeQxPYqhjM/DlqKtGqfYyllJetM
2s6b0qDWdX1ZO8O6FI5TXychp42834DJKzdjihY71qVb
-----END CERTIFICATE-----
Generated at Wed May 29 07:59:55 2024 by rpki-client on console-ams.rpki-client.org