Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/vIsbtB7HfZCeeFrDfObFtGdlQg4.roa
File: vIsbtB7HfZCeeFrDfObFtGdlQg4.roa (raw, json)
Hash identifier: E/XAIdBZBd/1W/zv2kf1hZNnKxEPiHHiqjXjf6x93ZY=
Subject key identifier: BC:8B:1B:B4:1E:C7:7D:90:9E:78:5A:C3:7C:E6:C5:B4:67:65:42:0E
Certificate issuer: /CN=05ae5f23db983fd136ae9d71e87e1e5130bcf6d4
Certificate serial: 018CC6B90C8401322E829A67AA42344A5CA7
Authority key identifier: 05:AE:5F:23:DB:98:3F:D1:36:AE:9D:71:E8:7E:1E:51:30:BC:F6:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/vIsbtB7HfZCeeFrDfObFtGdlQg4.roa
Signing time: Mon 01 Jan 2024 20:31:05 +0000
ROA not before: Mon 01 Jan 2024 20:31:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48840
IP address blocks: 95.129.15.0/24 maxlen: 24
95.129.14.0/24 maxlen: 24
95.129.13.0/24 maxlen: 24
95.129.12.0/24 maxlen: 24
95.129.8.0/24 maxlen: 24
95.129.11.0/24 maxlen: 24
95.129.8.0/21 maxlen: 21
95.129.10.0/24 maxlen: 24
95.129.9.0/24 maxlen: 24
2a05:e940::/29 maxlen: 29
2a05:e940::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 10:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:0c:84:01:32:2e:82:9a:67:aa:42:34:4a:5c:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05ae5f23db983fd136ae9d71e87e1e5130bcf6d4
Validity
Not Before: Jan 1 20:31:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc8b1bb41ec77d909e785ac37ce6c5b46765420e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:78:8e:bd:b7:68:2a:ea:47:19:74:ce:56:e2:
57:70:43:59:38:8d:09:e1:6c:b8:ef:36:2d:fd:13:
74:30:3e:95:a2:6a:d9:92:0f:dc:ef:75:a9:8a:6d:
a0:98:ec:82:28:c6:62:d1:05:80:1e:be:b9:dd:8f:
fe:68:f3:9f:9f:31:bd:f7:f1:26:2b:ef:b4:dd:1c:
a9:a3:11:03:94:a9:ab:50:e4:3c:19:e5:cc:a5:ec:
31:c9:ea:2d:39:e3:8f:33:5f:65:87:83:69:7e:71:
be:6e:99:3c:e4:46:d8:6f:e7:1a:67:8d:a2:a3:26:
3d:06:fe:cf:99:db:68:88:b8:12:f4:b7:ab:01:61:
1b:bd:91:93:29:7e:91:a0:1d:89:0f:67:34:ae:31:
7c:16:22:7e:65:d2:f1:50:76:50:e8:23:a3:c5:d5:
58:3f:21:50:82:d4:19:98:71:2f:6c:13:6c:cc:88:
e7:f2:e3:c8:e5:c3:83:f2:ff:83:0a:30:1e:f7:a4:
f5:87:4a:b6:4c:fe:88:86:01:0d:cb:7c:fe:90:93:
14:dc:44:48:a3:f6:42:59:70:58:76:08:71:f2:4b:
04:c7:98:ae:71:ab:0c:7d:60:3e:81:34:eb:8e:57:
72:88:9a:4c:72:a0:74:2c:08:ba:2d:c3:42:ac:e5:
cd:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:8B:1B:B4:1E:C7:7D:90:9E:78:5A:C3:7C:E6:C5:B4:67:65:42:0E
X509v3 Authority Key Identifier:
keyid:05:AE:5F:23:DB:98:3F:D1:36:AE:9D:71:E8:7E:1E:51:30:BC:F6:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/vIsbtB7HfZCeeFrDfObFtGdlQg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.129.8.0/21
IPv6:
2a05:e940::/29
Signature Algorithm: sha256WithRSAEncryption
1f:db:d3:7e:2d:8c:f1:4d:ed:a9:37:b6:98:6f:af:fa:d1:52:
30:19:1b:77:66:30:0b:70:3b:3f:79:df:e7:dc:ac:32:df:da:
c5:29:39:3a:6a:3e:c7:4f:8e:43:b3:08:33:8d:ca:7d:a0:eb:
73:a2:0a:aa:bb:20:66:0c:da:c4:20:fa:80:d4:89:c2:8f:75:
fc:2f:bf:4c:4d:a0:55:d4:72:75:92:a0:5b:ea:1e:02:78:97:
a6:27:a4:0e:fe:ea:dc:1a:dd:5f:e3:86:8a:90:ec:44:5a:43:
7e:a1:88:8f:ba:aa:4f:2e:1c:75:44:63:cf:37:5e:27:33:4e:
52:bf:12:d2:0a:27:75:08:11:b8:00:2d:c5:67:fc:de:8c:a6:
7c:90:e3:3d:cc:b3:49:4c:73:0b:2e:2b:50:4a:76:c0:c1:10:
bf:ca:4c:28:b5:e7:55:4f:3b:f0:c5:61:58:07:79:2c:b0:28:
9e:da:3b:28:38:ac:d5:41:75:1d:75:34:1c:ef:2a:77:a7:fa:
a4:14:c4:e7:2a:80:d7:12:71:fa:3a:a3:99:c7:67:c7:c7:73:
c5:25:ab:b4:b3:bf:38:26:5d:ea:6b:1d:97:20:0d:49:78:a9:
d4:dd:5c:ba:7e:45:b1:97:22:52:0c:59:33:ef:aa:f6:5a:b6:
89:b3:27:8d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuQyEATIugppnqkI0SlynMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YWU1ZjIzZGI5ODNmZDEzNmFlOWQ3MWU4N2UxZTUxMzBi
Y2Y2ZDQwHhcNMjQwMTAxMjAzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzhiMWJiNDFlYzc3ZDkwOWU3ODVhYzM3Y2U2YzViNDY3NjU0MjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXiOvbdoKupHGXTOVuJXcENZOI0J
4Wy47zYt/RN0MD6VomrZkg/c73Wpim2gmOyCKMZi0QWAHr653Y/+aPOfnzG99/Em
K++03RypoxEDlKmrUOQ8GeXMpewxyeotOeOPM19lh4NpfnG+bpk85EbYb+caZ42i
oyY9Bv7PmdtoiLgS9LerAWEbvZGTKX6RoB2JD2c0rjF8FiJ+ZdLxUHZQ6COjxdVY
PyFQgtQZmHEvbBNszIjn8uPI5cOD8v+DCjAe96T1h0q2TP6IhgENy3z+kJMU3ERI
o/ZCWXBYdghx8ksEx5iucasMfWA+gTTrjldyiJpMcqB0LAi6LcNCrOXNVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLyLG7Qex32Qnnhaw3zmxbRnZUIOMB8GA1UdIwQY
MBaAFAWuXyPbmD/RNq6dceh+HlEwvPbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmE1Zkk5dVlQOUUycnAxeDZINGVVVEM4OXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83NDVmY2ItZjQ3Mi00MDM5LThiMWQt
NDRlZmQxMzA2NTljLzEvdklzYnRCN0hmWkNlZUZyRGZPYkZ0R2RsUWc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83NDVmY2ItZjQ3Mi00MDM5LThiMWQtNDRlZmQxMzA2NTlj
LzEvQmE1Zkk5dVlQOUUycnAxeDZINGVVVEM4OXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDX4EIMA0E
AgACMAcDBQMqBelAMA0GCSqGSIb3DQEBCwUAA4IBAQAf29N+LYzxTe2pN7aYb6/6
0VIwGRt3ZjALcDs/ed/n3Kwy39rFKTk6aj7HT45Dswgzjcp9oOtzogqquyBmDNrE
IPqA1InCj3X8L79MTaBV1HJ1kqBb6h4CeJemJ6QO/urcGt1f44aKkOxEWkN+oYiP
uqpPLhx1RGPPN14nM05SvxLSCid1CBG4AC3FZ/zejKZ8kOM9zLNJTHMLLitQSnbA
wRC/ykwotedVTzvwxWFYB3kssCie2jsoOKzVQXUddTQc7yp3p/qkFMTnKoDXEnH6
OqOZx2fHx3PFJau0s784Jl3qax2XIA1JeKnU3Vy6fkWxlyJSDFkz76r2WraJsyeN
-----END CERTIFICATE-----
Generated at Wed May 15 16:28:53 2024 by rpki-client on console-ams.rpki-client.org