Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/QNtoTFPEr8_pIbL1jE7lEQ8WDUI.roa
File: QNtoTFPEr8_pIbL1jE7lEQ8WDUI.roa (raw, json)
Hash identifier: xeJEc4QXjMMlXZ+0/95n47mJ6BP9u1IVa9q/9jIYR4g=
Subject key identifier: 40:DB:68:4C:53:C4:AF:CF:E9:21:B2:F5:8C:4E:E5:11:0F:16:0D:42
Certificate issuer: /CN=272ed090acf7c829a22bbfbe2b0e998cd20ad826
Certificate serial: 0192158B128411023BD90BCC548D3B498D4A
Authority key identifier: 27:2E:D0:90:AC:F7:C8:29:A2:2B:BF:BE:2B:0E:99:8C:D2:0A:D8:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/QNtoTFPEr8_pIbL1jE7lEQ8WDUI.roa
Signing time: Sat 21 Sep 2024 17:04:48 +0000
ROA not before: Sat 21 Sep 2024 17:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39308
IP address blocks: 95.81.72.0/22 maxlen: 24
95.81.76.0/22 maxlen: 24
95.81.96.0/19 maxlen: 21
95.81.96.0/20 maxlen: 21
95.81.96.0/22 maxlen: 22
95.81.100.0/22 maxlen: 22
95.81.112.0/20 maxlen: 20
95.81.112.0/21 maxlen: 24
95.81.120.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:15:8b:12:84:11:02:3b:d9:0b:cc:54:8d:3b:49:8d:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=272ed090acf7c829a22bbfbe2b0e998cd20ad826
Validity
Not Before: Sep 21 17:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40db684c53c4afcfe921b2f58c4ee5110f160d42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2a:96:c8:ee:14:34:9b:33:55:cb:02:9e:83:
fb:6f:e7:cd:3f:f7:c0:d7:d7:59:06:d2:c9:2b:e5:
14:b5:57:3f:ad:06:13:c5:28:9d:c0:fd:5e:c5:d8:
6c:1e:d1:39:67:64:37:92:1c:40:45:25:c6:19:40:
ca:01:a4:4d:cc:b7:e6:02:a4:39:83:72:bf:d2:99:
c1:69:f1:b4:f8:fc:f3:a2:69:2b:e8:ff:f1:5a:2c:
16:be:e0:c4:a3:0b:03:b8:34:68:c2:d2:fa:51:9a:
f7:0a:2f:5f:dc:e7:b5:64:c3:77:2c:d8:ad:9a:8d:
bb:f1:33:17:5a:74:ab:31:e7:fc:e7:2d:78:3a:4a:
29:0d:53:c8:72:06:c1:06:9b:ee:48:f6:bf:14:c9:
bf:f9:38:e7:50:94:ca:e0:80:a5:38:81:eb:2f:93:
29:c9:25:8b:ad:4e:2c:d8:60:15:1f:18:42:41:58:
3b:6f:9a:34:68:f3:ff:26:bd:57:c4:b6:23:ce:b6:
64:78:2d:0f:d6:94:e7:66:07:c8:a4:0d:ab:d2:5a:
18:24:31:3a:ba:eb:5e:e9:f1:bf:51:8a:81:24:84:
72:dc:82:d8:27:26:94:8a:53:04:b0:79:e1:e2:2a:
99:4c:6a:0b:48:81:b3:9b:79:5e:78:67:08:e0:21:
72:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:DB:68:4C:53:C4:AF:CF:E9:21:B2:F5:8C:4E:E5:11:0F:16:0D:42
X509v3 Authority Key Identifier:
keyid:27:2E:D0:90:AC:F7:C8:29:A2:2B:BF:BE:2B:0E:99:8C:D2:0A:D8:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/QNtoTFPEr8_pIbL1jE7lEQ8WDUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.81.72.0/21
95.81.96.0/19
Signature Algorithm: sha256WithRSAEncryption
21:24:38:7b:77:5c:0c:1c:3c:92:6c:52:fd:21:3b:22:54:69:
5d:de:c6:cb:19:08:e4:a0:df:17:d1:85:37:d8:72:ea:9f:25:
52:c5:41:41:34:1c:26:76:cd:ed:00:40:68:9f:4a:6a:9d:2b:
69:02:2d:a0:76:be:0c:db:db:c3:81:8d:22:aa:b3:48:49:6d:
6f:ce:1d:91:3f:41:97:ff:a5:37:f9:9a:4a:c2:1f:ef:6b:5d:
4d:b6:a7:fd:ad:6a:cf:05:75:97:c0:22:8a:4d:e6:d8:14:f7:
6d:7e:9f:c5:bf:dd:a3:5b:46:ba:55:98:d5:de:e1:5d:39:14:
dc:62:aa:93:ef:c8:03:f1:db:ee:a9:f6:2a:ba:8c:3c:6a:ac:
bd:ae:45:9a:f4:02:13:4e:6c:22:41:14:cd:a0:f6:6e:3f:74:
45:d7:1d:67:3b:c2:82:36:a5:ca:e9:3b:30:a4:37:da:d2:d2:
f1:3a:3e:02:52:54:cc:54:66:39:e2:2e:cf:4f:77:32:d3:7b:
3a:82:72:d7:a4:96:c7:63:34:1d:9a:ba:a3:c2:4a:75:d9:cc:
2f:0e:ce:d2:7f:81:4e:9b:a1:cd:e6:79:fe:af:c3:1d:4e:c8:
a1:44:2f:bc:84:18:a3:bb:cc:71:5d:a9:cb:56:73:bc:82:25:
d6:be:16:0e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIVixKEEQI72QvMVI07SY1KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MmVkMDkwYWNmN2M4MjlhMjJiYmZiZTJiMGU5OThjZDIw
YWQ4MjYwHhcNMjQwOTIxMTcwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGRiNjg0YzUzYzRhZmNmZTkyMWIyZjU4YzRlZTUxMTBmMTYwZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CqWyO4UNJszVcsCnoP7b+fNP/fA
19dZBtLJK+UUtVc/rQYTxSidwP1exdhsHtE5Z2Q3khxARSXGGUDKAaRNzLfmAqQ5
g3K/0pnBafG0+Pzzomkr6P/xWiwWvuDEowsDuDRowtL6UZr3Ci9f3Oe1ZMN3LNit
mo278TMXWnSrMef85y14OkopDVPIcgbBBpvuSPa/FMm/+TjnUJTK4IClOIHrL5Mp
ySWLrU4s2GAVHxhCQVg7b5o0aPP/Jr1XxLYjzrZkeC0P1pTnZgfIpA2r0loYJDE6
uute6fG/UYqBJIRy3ILYJyaUilMEsHnh4iqZTGoLSIGzm3leeGcI4CFyrQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEDbaExTxK/P6SGy9YxO5REPFg1CMB8GA1UdIwQY
MBaAFCcu0JCs98gpoiu/visOmYzSCtgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnk3UWtLejN5Q21pSzctLUt3NlpqTklLMkNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9hMTVmOTYtZWMxOC00NjQ0LTg5YjMt
YWNjMjJiYjRkY2VkLzEvUU50b1RGUEVyOF9wSWJMMWpFN2xFUThXRFVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9hMTVmOTYtZWMxOC00NjQ0LTg5YjMtYWNjMjJiYjRkY2Vk
LzEvSnk3UWtLejN5Q21pSzctLUt3NlpqTklLMkNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDX1FIAwQF
X1FgMA0GCSqGSIb3DQEBCwUAA4IBAQAhJDh7d1wMHDySbFL9ITsiVGld3sbLGQjk
oN8X0YU32HLqnyVSxUFBNBwmds3tAEBon0pqnStpAi2gdr4M29vDgY0iqrNISW1v
zh2RP0GX/6U3+ZpKwh/va11Ntqf9rWrPBXWXwCKKTebYFPdtfp/Fv92jW0a6VZjV
3uFdORTcYqqT78gD8dvuqfYquow8aqy9rkWa9AITTmwiQRTNoPZuP3RF1x1nO8KC
NqXK6TswpDfa0tLxOj4CUlTMVGY54i7PT3cy03s6gnLXpJbHYzQdmrqjwkp12cwv
Ds7Sf4FOm6HN5nn+r8MdTsihRC+8hBiju8xxXanLVnO8giXWvhYO
-----END CERTIFICATE-----
Generated at Sun Sep 29 00:16:57 2024 by rpki-client on console-fra.rpki-client.org