Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/2de324-86c7-43d6-9df2-f8ae0dbc5df2/1/CnU95XBTfEx5k-doevJJry6xCoU.roa
File: CnU95XBTfEx5k-doevJJry6xCoU.roa (raw, json)
Hash identifier: VxQ2KvcDUFNtVmP9lttzcAGHuxXCmygabX9aG7Yg4K8=
Subject key identifier: 0A:75:3D:E5:70:53:7C:4C:79:93:E7:68:7A:F2:49:AF:2E:B1:0A:85
Certificate issuer: /CN=e0d1a8366c21159f079478a9030843fbf60631b9
Certificate serial: 018CC64B47E518ADA54FF057CCB6AD043019
Authority key identifier: E0:D1:A8:36:6C:21:15:9F:07:94:78:A9:03:08:43:FB:F6:06:31:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4NGoNmwhFZ8HlHipAwhD-_YGMbk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/2de324-86c7-43d6-9df2-f8ae0dbc5df2/1/CnU95XBTfEx5k-doevJJry6xCoU.roa
Signing time: Mon 01 Jan 2024 18:31:11 +0000
ROA not before: Mon 01 Jan 2024 18:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 194.76.31.0/24 maxlen: 24
194.76.30.0/23 maxlen: 23
194.76.30.0/24 maxlen: 24
194.127.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/2de324-86c7-43d6-9df2-f8ae0dbc5df2/1/4NGoNmwhFZ8HlHipAwhD-_YGMbk.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/2de324-86c7-43d6-9df2-f8ae0dbc5df2/1/4NGoNmwhFZ8HlHipAwhD-_YGMbk.mft
rsync://rpki.ripe.net/repository/DEFAULT/4NGoNmwhFZ8HlHipAwhD-_YGMbk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:47:e5:18:ad:a5:4f:f0:57:cc:b6:ad:04:30:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0d1a8366c21159f079478a9030843fbf60631b9
Validity
Not Before: Jan 1 18:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a753de570537c4c7993e7687af249af2eb10a85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8b:19:f8:cc:cf:3d:0b:53:48:09:5f:3c:7b:
8e:8d:b4:01:f2:3b:1c:92:09:00:b6:7e:99:2d:05:
8c:76:f4:8b:93:bc:67:6e:d9:f1:0b:d2:b2:3c:8d:
d4:a6:da:f1:7f:52:75:4d:6f:67:95:09:88:d4:d6:
b4:62:bb:17:c0:e3:03:a7:d1:fd:b2:f8:a0:69:76:
45:79:06:f7:85:0c:82:ab:65:73:85:06:db:cb:7f:
5e:8e:d6:d0:f1:83:78:bd:c1:0f:4f:5a:78:ee:70:
3c:58:48:3b:63:fd:01:07:82:02:2b:22:2b:4c:ef:
69:ab:73:54:10:97:b8:9e:2a:87:7d:37:b9:ff:a9:
0f:da:a0:1b:ea:d7:9e:25:0f:fd:f0:74:2a:7a:2e:
67:dc:9b:b3:a7:e2:6f:25:85:56:16:1e:7f:cc:93:
2c:be:bb:0e:ed:15:b3:fb:a7:2a:fb:c0:6b:b2:50:
c5:ed:b7:7c:e3:cc:08:d1:d8:fe:83:4c:62:d0:33:
40:cf:d5:2b:23:7e:45:1b:2b:97:78:dc:e4:fa:4a:
bf:30:a7:4f:33:75:0c:ef:ad:da:19:b5:65:b2:21:
2c:10:0d:12:c9:5e:17:a4:fc:3e:5e:07:09:e9:b0:
db:8a:15:4f:3e:c8:d9:d7:80:20:53:32:ff:7f:a4:
a7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:75:3D:E5:70:53:7C:4C:79:93:E7:68:7A:F2:49:AF:2E:B1:0A:85
X509v3 Authority Key Identifier:
keyid:E0:D1:A8:36:6C:21:15:9F:07:94:78:A9:03:08:43:FB:F6:06:31:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4NGoNmwhFZ8HlHipAwhD-_YGMbk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/2de324-86c7-43d6-9df2-f8ae0dbc5df2/1/CnU95XBTfEx5k-doevJJry6xCoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/2de324-86c7-43d6-9df2-f8ae0dbc5df2/1/4NGoNmwhFZ8HlHipAwhD-_YGMbk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.30.0/23
194.127.134.0/24
Signature Algorithm: sha256WithRSAEncryption
40:f9:ab:8e:82:0b:a5:ed:4b:28:e8:8e:b9:2e:f8:07:6b:f9:
44:39:d3:9e:67:2a:d3:68:b9:30:ab:5a:c0:a8:7d:42:cf:22:
3e:d1:4a:ea:f0:c4:0a:c4:77:be:71:d7:e3:7b:13:54:bc:f8:
9e:8d:e1:18:0f:65:1b:41:f6:76:60:9a:52:a2:bc:91:34:1e:
3f:0f:75:4c:c5:3a:84:6d:37:39:1e:dc:5f:83:06:54:96:11:
cb:e6:a7:47:be:67:89:5a:ef:e7:47:99:c9:11:3e:1c:72:6d:
4f:a8:a9:7b:83:09:1f:4b:17:30:f8:78:2a:d7:f7:a9:f8:f1:
af:ca:76:99:23:ee:f8:06:45:f6:b1:bb:b1:2b:c8:21:d1:17:
56:ca:dd:d0:12:7f:d3:39:8a:53:bc:5e:f3:45:d3:05:f4:a7:
50:f5:42:72:ac:38:77:00:a5:af:3f:5c:6d:60:59:6f:e9:95:
80:0a:4d:84:99:96:c6:ec:2c:30:20:7b:fa:0d:e6:bd:30:d2:
e2:f8:c5:1d:88:41:6d:b2:af:2f:69:7b:71:b1:e9:33:6a:55:
95:0d:44:01:e6:8b:02:62:ae:b2:3a:57:1e:da:13:61:80:19:
28:a0:5a:81:1e:c2:62:4a:f9:ee:ae:a0:2e:c9:91:5d:ec:d2:
d5:b3:9d:be
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGS0flGK2lT/BXzLatBDAZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZDFhODM2NmMyMTE1OWYwNzk0NzhhOTAzMDg0M2ZiZjYw
NjMxYjkwHhcNMjQwMTAxMTgzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTc1M2RlNTcwNTM3YzRjNzk5M2U3Njg3YWYyNDlhZjJlYjEwYTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIsZ+MzPPQtTSAlfPHuOjbQB8jsc
kgkAtn6ZLQWMdvSLk7xnbtnxC9KyPI3Uptrxf1J1TW9nlQmI1Na0YrsXwOMDp9H9
svigaXZFeQb3hQyCq2VzhQbby39ejtbQ8YN4vcEPT1p47nA8WEg7Y/0BB4ICKyIr
TO9pq3NUEJe4niqHfTe5/6kP2qAb6teeJQ/98HQqei5n3Juzp+JvJYVWFh5/zJMs
vrsO7RWz+6cq+8BrslDF7bd848wI0dj+g0xi0DNAz9UrI35FGyuXeNzk+kq/MKdP
M3UM763aGbVlsiEsEA0SyV4XpPw+XgcJ6bDbihVPPsjZ14AgUzL/f6SnywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAp1PeVwU3xMeZPnaHrySa8usQqFMB8GA1UdIwQY
MBaAFODRqDZsIRWfB5R4qQMIQ/v2BjG5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE5Hb05td2hGWjhIbEhpcEF3aEQtX1lHTWJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8yZGUzMjQtODZjNy00M2Q2LTlkZjIt
ZjhhZTBkYmM1ZGYyLzEvQ25VOTVYQlRmRXg1ay1kb2V2SkpyeTZ4Q29VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8yZGUzMjQtODZjNy00M2Q2LTlkZjItZjhhZTBkYmM1ZGYy
LzEvNE5Hb05td2hGWjhIbEhpcEF3aEQtX1lHTWJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwkweAwQA
wn+GMA0GCSqGSIb3DQEBCwUAA4IBAQBA+auOggul7Uso6I65LvgHa/lEOdOeZyrT
aLkwq1rAqH1CzyI+0Urq8MQKxHe+cdfjexNUvPiejeEYD2UbQfZ2YJpSoryRNB4/
D3VMxTqEbTc5HtxfgwZUlhHL5qdHvmeJWu/nR5nJET4ccm1PqKl7gwkfSxcw+Hgq
1/ep+PGvynaZI+74BkX2sbuxK8gh0RdWyt3QEn/TOYpTvF7zRdMF9KdQ9UJyrDh3
AKWvP1xtYFlv6ZWACk2EmZbG7CwwIHv6Dea9MNLi+MUdiEFtsq8vaXtxsekzalWV
DUQB5osCYq6yOlce2hNhgBkooFqBHsJiSvnurqAuyZFd7NLVs52+
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:44:02 2024 by rpki-client on console-fra.rpki-client.org