Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/orB5D9I6kIqo0Fkzo5Ip-Ep0_80.roa
File: orB5D9I6kIqo0Fkzo5Ip-Ep0_80.roa (raw, json)
Hash identifier: bxeaCkpDkydc5u+yCecsGUkIL5Ge997EEL4kyHshgmg=
Subject key identifier: A2:B0:79:0F:D2:3A:90:8A:A8:D0:59:33:A3:92:29:F8:4A:74:FF:CD
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FF618D658567FFC24F38B352B2AC5
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/orB5D9I6kIqo0Fkzo5Ip-Ep0_80.roa
Signing time: Thu 02 Jan 2025 05:49:38 +0000
ROA not before: Thu 02 Jan 2025 05:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204929
IP address blocks: 95.47.200.0/23 maxlen: 24
95.47.248.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:f6:18:d6:58:56:7f:fc:24:f3:8b:35:2b:2a:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2b0790fd23a908aa8d05933a39229f84a74ffcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c6:24:51:c0:a0:f3:0e:42:94:1c:8a:ee:54:
9c:e8:8d:e5:27:32:c6:c2:70:a3:fb:89:61:61:dc:
bb:d1:ef:af:0a:5a:3a:9a:b8:b2:b4:3f:3d:3f:c5:
c8:68:6a:72:e3:97:a3:fd:54:d2:a6:99:f9:b3:b8:
f8:8c:25:7e:da:45:36:42:75:77:74:0b:52:da:9b:
35:b7:22:ea:c6:38:09:0d:25:54:4c:95:31:11:e2:
3b:75:45:1b:66:26:ac:cb:e3:a9:a9:57:48:43:7a:
c7:d3:c8:7e:f6:fc:64:30:11:4e:0a:f6:f4:f9:51:
3a:60:96:df:59:66:d9:89:9d:15:76:95:ad:dc:98:
d4:b8:df:3b:bc:a0:32:4f:fc:96:bd:79:56:30:ac:
fd:95:ee:be:d0:a5:cd:78:eb:8c:6a:9d:58:ab:ec:
e3:58:cd:c3:8f:54:b5:fd:08:3a:64:f0:72:e7:99:
d1:b2:c6:f7:d1:92:dd:38:79:aa:7f:26:9b:28:7e:
40:fa:7d:c7:70:28:3b:05:70:26:3d:46:4e:dd:e6:
7a:c8:35:1d:e7:a7:57:01:2d:24:ab:37:41:2f:4a:
93:7b:9b:a1:bf:29:a3:ca:61:73:67:1b:9f:40:ca:
7e:3d:ed:05:d9:93:54:d0:82:67:68:6d:fd:9a:c0:
dd:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:B0:79:0F:D2:3A:90:8A:A8:D0:59:33:A3:92:29:F8:4A:74:FF:CD
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/orB5D9I6kIqo0Fkzo5Ip-Ep0_80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.200.0/23
95.47.248.0/23
Signature Algorithm: sha256WithRSAEncryption
64:0e:83:21:ea:38:36:bc:07:41:a5:31:5c:02:01:d0:a3:11:
ed:e4:1b:58:32:0e:a2:66:64:4f:a9:93:93:64:8d:f6:1a:60:
ae:7d:7f:ba:e8:e5:4e:57:e8:a2:d4:6e:bc:a7:a4:cc:0b:9d:
8a:e8:71:02:40:d1:0e:5f:77:e4:7f:12:49:40:aa:0a:a6:ab:
ac:91:40:0e:7e:24:e2:ea:a9:c3:9d:71:7e:d2:f8:f7:b8:e6:
07:bd:53:41:c4:fd:5d:74:8d:cd:e4:02:e1:03:20:56:0c:ab:
43:66:51:33:66:0a:7d:4a:df:63:e9:37:b1:e7:40:a1:a4:12:
af:93:3e:53:57:f1:21:10:16:e2:53:b6:00:c4:e4:72:ae:90:
7c:56:ab:d5:c5:30:59:17:1d:e3:82:1c:44:16:7e:68:64:04:
e4:55:ed:b6:93:2c:d0:1d:4f:36:05:cb:9b:07:48:4e:3b:27:
ec:42:a2:2b:4f:e6:1a:8e:cc:4e:3f:f2:df:5d:6a:49:43:2e:
76:c9:3e:93:e7:58:71:78:42:4a:bd:39:1e:09:ac:70:a4:77:
c3:52:f2:4f:12:c8:1e:f5:c8:b3:d1:b1:db:38:ce:ba:46:d2:
f7:2f:91:53:03:c2:6e:82:35:7b:89:ad:9c:f8:72:7a:8a:aa:
19:5e:7c:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlj/YY1lhWf/wk84s1KyrFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmIwNzkwZmQyM2E5MDhhYThkMDU5MzNhMzkyMjlmODRhNzRmZmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3cYkUcCg8w5ClByK7lSc6I3lJzLG
wnCj+4lhYdy70e+vClo6mriytD89P8XIaGpy45ej/VTSppn5s7j4jCV+2kU2QnV3
dAtS2ps1tyLqxjgJDSVUTJUxEeI7dUUbZiasy+OpqVdIQ3rH08h+9vxkMBFOCvb0
+VE6YJbfWWbZiZ0VdpWt3JjUuN87vKAyT/yWvXlWMKz9le6+0KXNeOuMap1Yq+zj
WM3Dj1S1/Qg6ZPBy55nRssb30ZLdOHmqfyabKH5A+n3HcCg7BXAmPUZO3eZ6yDUd
56dXAS0kqzdBL0qTe5uhvymjymFzZxufQMp+Pe0F2ZNU0IJnaG39msDduwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKKweQ/SOpCKqNBZM6OSKfhKdP/NMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvb3JCNUQ5STZrSXFvMEZrem81SXAtRXAwXzgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXy/IAwQB
Xy/4MA0GCSqGSIb3DQEBCwUAA4IBAQBkDoMh6jg2vAdBpTFcAgHQoxHt5BtYMg6i
ZmRPqZOTZI32GmCufX+66OVOV+ii1G68p6TMC52K6HECQNEOX3fkfxJJQKoKpqus
kUAOfiTi6qnDnXF+0vj3uOYHvVNBxP1ddI3N5ALhAyBWDKtDZlEzZgp9St9j6Tex
50ChpBKvkz5TV/EhEBbiU7YAxORyrpB8VqvVxTBZFx3jghxEFn5oZATkVe22kyzQ
HU82BcubB0hOOyfsQqIrT+YajsxOP/LfXWpJQy52yT6T51hxeEJKvTkeCaxwpHfD
UvJPEsge9ciz0bHbOM66RtL3L5FTA8JugjV7ia2c+HJ6iqoZXnwp
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:05:47 2025 by rpki-client