Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/yvvy2jUGs3ycDk6d2hW4eYnXjnA.roa
File: yvvy2jUGs3ycDk6d2hW4eYnXjnA.roa (raw, json)
Hash identifier: nNfgKG+FbvimYdIK+5+hZJoDcDZ1pDSyJJskhRvoUoY=
Subject key identifier: CA:FB:F2:DA:35:06:B3:7C:9C:0E:4E:9D:DA:15:B8:79:89:D7:8E:70
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0191526CFE11E21EDE49603D350BBF8C777A
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/yvvy2jUGs3ycDk6d2hW4eYnXjnA.roa
Signing time: Wed 14 Aug 2024 19:46:00 +0000
ROA not before: Wed 14 Aug 2024 19:46:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43991
IP address blocks: 95.215.57.0/24 maxlen: 24
193.19.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:52:6c:fe:11:e2:1e:de:49:60:3d:35:0b:bf:8c:77:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Aug 14 19:46:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cafbf2da3506b37c9c0e4e9dda15b87989d78e70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:77:1f:0e:1e:f1:81:d7:08:ef:25:3d:5e:6b:
da:e2:04:3f:84:68:06:d4:58:fe:a3:fb:8d:04:38:
b0:ec:a5:12:1a:0c:25:24:54:81:da:04:c3:04:31:
c8:4e:d9:b1:62:42:e1:d8:e5:95:81:ac:96:e7:6f:
0d:f4:5c:ae:28:3e:ac:2b:b2:5b:19:b6:8b:21:ec:
8b:1c:2d:6b:d0:82:ae:99:83:b6:c9:15:00:f3:9e:
ab:57:5a:ee:de:6a:3d:2d:ec:9c:e8:77:70:34:9e:
4c:75:34:5f:ab:49:6e:4a:cb:54:23:49:69:b4:67:
3f:ff:38:5d:85:30:f1:13:9c:87:3c:54:bc:8a:39:
7e:a4:82:b7:8a:86:a5:5c:be:8b:80:51:44:68:11:
e3:34:46:ae:13:24:3e:37:1c:dd:a5:37:2e:73:d0:
7c:2a:b5:80:c0:09:4a:89:9d:c8:a1:bd:12:e3:1e:
3d:0e:c6:56:e5:08:6c:9d:5f:ba:1b:0c:2e:da:8b:
76:b7:88:66:9b:ef:bf:15:97:81:ef:cb:9e:13:6e:
ab:43:7a:c1:61:0b:11:fb:d3:f9:cc:35:cc:4c:4c:
6c:6b:07:72:1d:66:d6:b0:9d:bd:a2:0e:ca:6c:08:
7e:02:0a:7e:71:e8:e3:3c:36:5a:0d:fe:01:d7:42:
0d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:FB:F2:DA:35:06:B3:7C:9C:0E:4E:9D:DA:15:B8:79:89:D7:8E:70
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/yvvy2jUGs3ycDk6d2hW4eYnXjnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.215.57.0/24
193.19.190.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:99:28:35:b1:38:da:b1:c5:d3:2d:2d:52:a2:4f:31:ac:b9:
85:92:78:af:3e:1d:15:ca:d3:f1:ee:27:64:1b:8f:64:c4:e6:
3b:90:ff:07:e1:83:f4:aa:3b:f1:bd:fd:d7:52:c5:77:6c:bf:
ed:11:14:e4:8d:8a:50:59:23:55:4e:1d:d0:82:c8:b7:12:76:
40:7f:ce:c0:22:e5:09:5d:1b:de:e7:45:58:9b:aa:e8:31:75:
c9:91:54:8c:e0:8c:8b:7c:98:a9:b2:1c:30:03:14:5e:0b:00:
fe:3d:11:48:fc:f4:50:f4:5d:6e:a9:bb:09:fa:31:e0:92:48:
47:71:c1:a7:80:e5:34:6c:fe:1b:ee:d6:9b:c7:20:03:fb:9f:
17:6f:15:34:cf:a8:6f:2b:44:6b:37:53:80:4d:96:eb:23:72:
9b:a0:22:6f:e6:65:41:3a:2d:e9:68:df:37:a9:30:31:2f:cc:
8f:bf:78:21:86:07:8f:7a:66:2f:ef:bf:f1:06:28:1f:8c:8a:
f9:03:f4:a3:6d:0c:52:a8:b4:0a:db:0d:b3:c3:41:39:56:f1:
ee:40:ff:01:0c:ce:53:33:47:80:09:13:dc:7a:bb:ba:96:17:
6a:9d:81:2b:78:9e:e4:21:d4:57:29:da:e1:ed:2f:ab:d3:35:
74:2c:80:34
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFSbP4R4h7eSWA9NQu/jHd6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODE0MTk0NjAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWZiZjJkYTM1MDZiMzdjOWMwZTRlOWRkYTE1Yjg3OTg5ZDc4ZTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwncfDh7xgdcI7yU9Xmva4gQ/hGgG
1Fj+o/uNBDiw7KUSGgwlJFSB2gTDBDHITtmxYkLh2OWVgayW528N9FyuKD6sK7Jb
GbaLIeyLHC1r0IKumYO2yRUA856rV1ru3mo9Leyc6HdwNJ5MdTRfq0luSstUI0lp
tGc//zhdhTDxE5yHPFS8ijl+pIK3ioalXL6LgFFEaBHjNEauEyQ+NxzdpTcuc9B8
KrWAwAlKiZ3Iob0S4x49DsZW5QhsnV+6Gwwu2ot2t4hmm++/FZeB78ueE26rQ3rB
YQsR+9P5zDXMTExsawdyHWbWsJ29og7KbAh+Agp+cejjPDZaDf4B10IN6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMr78to1BrN8nA5OndoVuHmJ145wMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEveXZ2eTJqVUdzM3ljRGs2ZDJoVzRlWW5Yam5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX9c5AwQA
wRO+MA0GCSqGSIb3DQEBCwUAA4IBAQCPmSg1sTjascXTLS1Sok8xrLmFknivPh0V
ytPx7idkG49kxOY7kP8H4YP0qjvxvf3XUsV3bL/tERTkjYpQWSNVTh3Qgsi3EnZA
f87AIuUJXRve50VYm6roMXXJkVSM4IyLfJipshwwAxReCwD+PRFI/PRQ9F1uqbsJ
+jHgkkhHccGngOU0bP4b7tabxyAD+58XbxU0z6hvK0RrN1OATZbrI3KboCJv5mVB
Oi3paN83qTAxL8yPv3ghhgePemYv77/xBigfjIr5A/SjbQxSqLQK2w2zw0E5VvHu
QP8BDM5TM0eACRPceru6lhdqnYEreJ7kIdRXKdrh7S+r0zV0LIA0
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:13:43 2024 by rpki-client on console-fra.rpki-client.org