Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/af5078-2243-4fdb-ab2b-2d847a3f7d2f/1/18-vqY4A1NLTQTO14j454Ki4TdU.roa
File: 18-vqY4A1NLTQTO14j454Ki4TdU.roa (raw, json)
Hash identifier: 9CjZSlAzh/uuMJUa/wH6oYzd/nNWS0ySui/MplgOSbk=
Subject key identifier: D7:CF:AF:A9:8E:00:D4:D2:D3:41:33:B5:E2:3E:39:E0:A8:B8:4D:D5
Certificate issuer: /CN=0f47dc7ff485b8413be38f5bee80917330b31738
Certificate serial: 018CC8014B0358B50619ED611A5169B5D0A6
Authority key identifier: 0F:47:DC:7F:F4:85:B8:41:3B:E3:8F:5B:EE:80:91:73:30:B3:17:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D0fcf_SFuEE7449b7oCRczCzFzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/af5078-2243-4fdb-ab2b-2d847a3f7d2f/1/18-vqY4A1NLTQTO14j454Ki4TdU.roa
Signing time: Tue 02 Jan 2024 02:29:37 +0000
ROA not before: Tue 02 Jan 2024 02:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44858
IP address blocks: 93.95.0.0/21 maxlen: 21
93.95.2.0/24 maxlen: 24
93.95.0.0/24 maxlen: 24
93.95.1.0/24 maxlen: 24
93.95.3.0/24 maxlen: 24
93.95.4.0/24 maxlen: 24
93.95.5.0/24 maxlen: 24
93.95.6.0/24 maxlen: 24
93.95.7.0/24 maxlen: 24
2a03:5d80:7000::/36 maxlen: 36
2a03:5d80:1000::/36 maxlen: 36
2a03:5d80::/36 maxlen: 36
2a03:5d80:4000::/36 maxlen: 36
2a03:5d80:c000::/36 maxlen: 36
2a03:5d80:f000::/36 maxlen: 36
2a03:5d80:9000::/36 maxlen: 36
2a03:5d80:6000::/36 maxlen: 36
2a03:5d80:e000::/36 maxlen: 36
2a03:5d80:3000::/36 maxlen: 36
2a03:5d80:b000::/36 maxlen: 36
2a03:5d80:8000::/36 maxlen: 36
2a03:5d80:5000::/36 maxlen: 36
2a03:5d80:2000::/36 maxlen: 36
2a03:5d80:a000::/36 maxlen: 36
2a03:5d80:d000::/36 maxlen: 36
2a03:5d80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/af5078-2243-4fdb-ab2b-2d847a3f7d2f/1/D0fcf_SFuEE7449b7oCRczCzFzg.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/af5078-2243-4fdb-ab2b-2d847a3f7d2f/1/D0fcf_SFuEE7449b7oCRczCzFzg.mft
rsync://rpki.ripe.net/repository/DEFAULT/D0fcf_SFuEE7449b7oCRczCzFzg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:4b:03:58:b5:06:19:ed:61:1a:51:69:b5:d0:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f47dc7ff485b8413be38f5bee80917330b31738
Validity
Not Before: Jan 2 02:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7cfafa98e00d4d2d34133b5e23e39e0a8b84dd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b5:1d:f0:5b:b8:00:4a:02:c9:94:eb:a1:90:
c9:ce:3f:c3:26:1a:21:33:d5:e4:bf:94:83:dc:a6:
4f:de:48:e9:2f:4c:42:a2:dc:f0:c4:d7:42:2a:01:
1c:68:7a:c2:dc:a7:35:af:fc:16:93:aa:40:a8:da:
37:83:60:4f:94:1b:e9:73:6d:95:c4:f3:48:bf:d3:
1c:a2:ee:56:db:44:1a:df:c2:c0:bd:89:e6:77:92:
0e:9e:8c:d8:ad:b3:a2:69:39:fc:43:6e:e3:51:3a:
ab:62:7c:a3:55:59:ce:d9:0f:69:73:d6:af:0a:36:
07:fc:6e:28:e6:76:84:5a:dc:b4:15:88:37:fb:79:
5b:5d:96:85:00:89:86:40:0d:b0:7e:31:4e:10:9c:
2e:8e:da:3e:e3:87:85:de:44:eb:64:4b:33:40:c7:
30:b8:0f:41:55:38:ca:0e:d6:3c:cd:9e:a1:81:82:
da:c5:94:e1:03:dc:36:da:0f:82:a6:c5:d7:d0:e1:
56:8b:85:e1:d8:25:4e:96:ce:01:35:d4:c2:e6:d7:
3e:b3:8e:12:28:2a:14:4f:c3:89:8d:ea:66:7f:ab:
27:3e:53:d7:6a:b1:30:d1:f6:14:a1:90:6a:d6:23:
ac:c1:02:e3:45:8b:06:0f:fe:fe:09:9d:4c:21:78:
61:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:CF:AF:A9:8E:00:D4:D2:D3:41:33:B5:E2:3E:39:E0:A8:B8:4D:D5
X509v3 Authority Key Identifier:
keyid:0F:47:DC:7F:F4:85:B8:41:3B:E3:8F:5B:EE:80:91:73:30:B3:17:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D0fcf_SFuEE7449b7oCRczCzFzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/af5078-2243-4fdb-ab2b-2d847a3f7d2f/1/18-vqY4A1NLTQTO14j454Ki4TdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/af5078-2243-4fdb-ab2b-2d847a3f7d2f/1/D0fcf_SFuEE7449b7oCRczCzFzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.95.0.0/21
IPv6:
2a03:5d80::/32
Signature Algorithm: sha256WithRSAEncryption
6b:2b:b2:51:9a:e1:42:d7:57:cb:6a:b8:05:b7:9f:a5:2f:32:
b1:3a:55:ed:df:88:a5:29:67:93:a2:34:76:df:2b:6e:15:0a:
47:2f:6e:0a:86:9b:4b:00:18:04:6b:4c:ef:c1:8b:29:c4:6f:
5d:35:3e:e3:df:8a:ee:b8:71:da:f9:04:92:10:6a:70:e6:a8:
6f:d4:a0:f8:18:b0:6b:4c:f3:f3:36:37:48:25:63:9e:69:ec:
01:32:a8:9d:54:cf:7f:6c:8a:26:74:f8:eb:94:02:12:ed:2d:
7e:f4:c1:5b:ca:a9:1b:04:6b:c1:e7:20:f6:11:4a:71:9a:f3:
60:c3:1e:5d:18:ad:94:d6:19:ba:74:d8:77:ba:e7:ae:a8:a0:
34:05:c6:0f:8a:40:c1:44:78:0b:a7:fb:58:d9:1d:38:de:04:
41:7a:0d:1d:00:67:0f:e8:b3:e2:13:c9:75:34:b5:19:90:35:
8e:9b:35:29:0a:cb:2b:c7:85:96:c2:fb:98:f7:f3:ce:d1:83:
58:5e:39:d0:6e:0c:b2:67:ab:a4:9a:ad:de:96:a8:65:41:2e:
0d:3d:1c:f0:67:55:58:19:b2:fb:6f:de:c9:09:55:54:5f:a5:
f8:e7:4e:4a:36:db:fa:23:a9:b7:cc:cc:6a:36:79:93:d4:28:
6e:19:74:90
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAUsDWLUGGe1hGlFptdCmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNDdkYzdmZjQ4NWI4NDEzYmUzOGY1YmVlODA5MTczMzBi
MzE3MzgwHhcNMjQwMTAyMDIyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2NmYWZhOThlMDBkNGQyZDM0MTMzYjVlMjNlMzllMGE4Yjg0ZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbUd8Fu4AEoCyZTroZDJzj/DJhoh
M9Xkv5SD3KZP3kjpL0xCotzwxNdCKgEcaHrC3Kc1r/wWk6pAqNo3g2BPlBvpc22V
xPNIv9Mcou5W20Qa38LAvYnmd5IOnozYrbOiaTn8Q27jUTqrYnyjVVnO2Q9pc9av
CjYH/G4o5naEWty0FYg3+3lbXZaFAImGQA2wfjFOEJwujto+44eF3kTrZEszQMcw
uA9BVTjKDtY8zZ6hgYLaxZThA9w22g+CpsXX0OFWi4Xh2CVOls4BNdTC5tc+s44S
KCoUT8OJjepmf6snPlPXarEw0fYUoZBq1iOswQLjRYsGD/7+CZ1MIXhhuwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNfPr6mOANTS00EzteI+OeCouE3VMB8GA1UdIwQY
MBaAFA9H3H/0hbhBO+OPW+6AkXMwsxc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDBmY2ZfU0Z1RUU3NDQ5YjdvQ1JjekN6RnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZjUwNzgtMjI0My00ZmRiLWFiMmIt
MmQ4NDdhM2Y3ZDJmLzEvMTgtdnFZNEExTkxUUVRPMTRqNDU0S2k0VGRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hZjUwNzgtMjI0My00ZmRiLWFiMmItMmQ4NDdhM2Y3ZDJm
LzEvRDBmY2ZfU0Z1RUU3NDQ5YjdvQ1JjekN6RnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXV8AMA0E
AgACMAcDBQAqA12AMA0GCSqGSIb3DQEBCwUAA4IBAQBrK7JRmuFC11fLargFt5+l
LzKxOlXt34ilKWeTojR23ytuFQpHL24KhptLABgEa0zvwYspxG9dNT7j34ruuHHa
+QSSEGpw5qhv1KD4GLBrTPPzNjdIJWOeaewBMqidVM9/bIomdPjrlAIS7S1+9MFb
yqkbBGvB5yD2EUpxmvNgwx5dGK2U1hm6dNh3uueuqKA0BcYPikDBRHgLp/tY2R04
3gRBeg0dAGcP6LPiE8l1NLUZkDWOmzUpCssrx4WWwvuY9/PO0YNYXjnQbgyyZ6uk
mq3elqhlQS4NPRzwZ1VYGbL7b97JCVVUX6X4505KNtv6I6m3zMxqNnmT1ChuGXSQ
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:42:16 2024 by rpki-client on console-ams.rpki-client.org