Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Q47MFp1c00pwmkTgauyZO9NQhEs.roa
File: Q47MFp1c00pwmkTgauyZO9NQhEs.roa (raw, json)
Hash identifier: Z64hFqD3wOFgiLu5dXwYEhG/mMBRm/rrMrjSA95spTA=
Subject key identifier: 43:8E:CC:16:9D:5C:D3:4A:70:9A:44:E0:6A:EC:99:3B:D3:50:84:4B
Certificate issuer: /CN=272ed090acf7c829a22bbfbe2b0e998cd20ad826
Certificate serial: 018CC8DE674E876B378E5C43E93778134055
Authority key identifier: 27:2E:D0:90:AC:F7:C8:29:A2:2B:BF:BE:2B:0E:99:8C:D2:0A:D8:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Q47MFp1c00pwmkTgauyZO9NQhEs.roa
Signing time: Tue 02 Jan 2024 06:31:07 +0000
ROA not before: Tue 02 Jan 2024 06:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34636
IP address blocks: 95.81.82.0/23 maxlen: 24
95.81.80.0/24 maxlen: 24
95.81.80.0/23 maxlen: 23
95.81.81.0/24 maxlen: 24
95.81.88.0/22 maxlen: 24
95.81.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:67:4e:87:6b:37:8e:5c:43:e9:37:78:13:40:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=272ed090acf7c829a22bbfbe2b0e998cd20ad826
Validity
Not Before: Jan 2 06:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=438ecc169d5cd34a709a44e06aec993bd350844b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:46:54:26:8b:cc:f6:24:fc:31:a5:12:de:33:
6e:88:c2:ca:32:cf:cd:0b:e9:6d:5a:56:c4:fc:cd:
ca:71:e0:9e:b1:9b:88:4f:3c:88:6d:0d:e4:23:1c:
68:b6:d5:f7:28:b3:df:8d:a5:45:2a:2b:0d:b3:73:
64:f8:b4:2c:8c:ed:dd:1f:6b:38:76:2f:49:e1:ea:
bd:5b:75:9b:32:4c:6c:4b:a2:78:d3:b7:f5:b3:b9:
3a:9f:16:8b:72:21:ff:2d:46:70:de:8b:e9:83:dd:
31:e1:eb:b3:f6:ed:f5:f7:de:da:24:8e:e9:d8:2a:
a6:75:56:cd:3b:9b:1f:d2:46:b9:2d:82:ab:5d:f1:
69:18:ca:ce:a9:a2:ad:3d:d9:c6:4a:a4:a8:c7:8a:
d4:a1:9a:46:d6:db:b9:c5:e6:8b:1d:c9:44:0e:ef:
7c:25:1a:7f:2a:22:35:40:d6:76:34:d7:3b:cb:87:
90:b6:ba:e6:98:aa:00:6c:ee:24:ed:bc:e5:3c:c4:
f5:8c:ea:2b:0a:03:3c:69:0c:55:07:dc:42:d7:07:
21:37:a7:7f:5b:98:bb:3e:16:d0:e8:9a:d8:90:28:
eb:43:34:bd:7a:12:21:a8:ed:bf:d6:21:44:52:38:
e0:86:9a:16:c7:d7:8f:47:40:08:d4:16:dc:21:b8:
6f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:8E:CC:16:9D:5C:D3:4A:70:9A:44:E0:6A:EC:99:3B:D3:50:84:4B
X509v3 Authority Key Identifier:
keyid:27:2E:D0:90:AC:F7:C8:29:A2:2B:BF:BE:2B:0E:99:8C:D2:0A:D8:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Q47MFp1c00pwmkTgauyZO9NQhEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.81.80.0/22
95.81.88.0/22
95.81.95.0/24
Signature Algorithm: sha256WithRSAEncryption
90:fe:15:60:63:b6:81:ed:84:14:68:20:32:5f:9c:fb:54:44:
ac:ee:87:e4:6c:b3:12:7b:6b:79:66:61:d6:b3:c1:7f:18:8e:
d1:5a:f9:25:e8:41:94:61:ab:8d:99:b9:e5:a4:83:e3:55:5a:
b4:59:49:75:a9:db:14:32:4d:9f:e1:d4:b5:ff:19:3c:2d:c0:
f3:44:0f:f9:d9:dd:aa:e2:6a:b0:8a:b3:64:8d:e0:fb:00:97:
31:5b:15:bb:bc:3b:52:3f:a4:b4:2b:57:41:45:0a:5c:3d:c4:
bc:9b:bd:e4:e4:8d:f7:d4:4f:92:19:0a:9a:e9:62:9f:c0:1c:
25:91:d3:36:ce:e2:b2:9e:4c:30:ae:06:01:1f:0b:22:6b:05:
c7:db:bf:13:66:23:27:22:27:c1:bc:f7:33:7e:ad:30:37:ba:
52:cf:f0:ad:a3:da:d2:e7:ff:9b:09:0f:8e:a7:57:90:40:01:
38:4c:b7:d2:d9:18:19:d4:1c:18:1f:a8:c8:9f:36:fd:34:b3:
33:a2:c9:db:16:38:85:90:0d:5d:cf:cf:bd:ad:c1:2b:34:55:
71:f1:ef:b9:d4:d4:aa:50:bd:70:19:28:23:c7:6d:2a:a9:68:
36:66:7c:aa:38:a6:72:f1:e9:94:7c:bd:dd:24:44:78:d4:85:
41:58:cb:a0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI3mdOh2s3jlxD6Td4E0BVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MmVkMDkwYWNmN2M4MjlhMjJiYmZiZTJiMGU5OThjZDIw
YWQ4MjYwHhcNMjQwMTAyMDYzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzhlY2MxNjlkNWNkMzRhNzA5YTQ0ZTA2YWVjOTkzYmQzNTA4NDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEZUJovM9iT8MaUS3jNuiMLKMs/N
C+ltWlbE/M3KceCesZuITzyIbQ3kIxxottX3KLPfjaVFKisNs3Nk+LQsjO3dH2s4
di9J4eq9W3WbMkxsS6J407f1s7k6nxaLciH/LUZw3ovpg90x4euz9u31997aJI7p
2CqmdVbNO5sf0ka5LYKrXfFpGMrOqaKtPdnGSqSox4rUoZpG1tu5xeaLHclEDu98
JRp/KiI1QNZ2NNc7y4eQtrrmmKoAbO4k7bzlPMT1jOorCgM8aQxVB9xC1wchN6d/
W5i7PhbQ6JrYkCjrQzS9ehIhqO2/1iFEUjjghpoWx9ePR0AI1BbcIbhvtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEOOzBadXNNKcJpE4GrsmTvTUIRLMB8GA1UdIwQY
MBaAFCcu0JCs98gpoiu/visOmYzSCtgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnk3UWtLejN5Q21pSzctLUt3NlpqTklLMkNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9hMTVmOTYtZWMxOC00NjQ0LTg5YjMt
YWNjMjJiYjRkY2VkLzEvUTQ3TUZwMWMwMHB3bWtUZ2F1eVpPOU5RaEVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9hMTVmOTYtZWMxOC00NjQ0LTg5YjMtYWNjMjJiYjRkY2Vk
LzEvSnk3UWtLejN5Q21pSzctLUt3NlpqTklLMkNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCX1FQAwQC
X1FYAwQAX1FfMA0GCSqGSIb3DQEBCwUAA4IBAQCQ/hVgY7aB7YQUaCAyX5z7VESs
7ofkbLMSe2t5ZmHWs8F/GI7RWvkl6EGUYauNmbnlpIPjVVq0WUl1qdsUMk2f4dS1
/xk8LcDzRA/52d2q4mqwirNkjeD7AJcxWxW7vDtSP6S0K1dBRQpcPcS8m73k5I33
1E+SGQqa6WKfwBwlkdM2zuKynkwwrgYBHwsiawXH278TZiMnIifBvPczfq0wN7pS
z/Cto9rS5/+bCQ+Op1eQQAE4TLfS2RgZ1BwYH6jInzb9NLMzosnbFjiFkA1dz8+9
rcErNFVx8e+51NSqUL1wGSgjx20qqWg2ZnyqOKZy8emUfL3dJER41IVBWMug
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:10:39 2024 by rpki-client on console-fra.rpki-client.org