Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/0U165D0QMClyuCPl1nTTwrOv3KM.roa
File: 0U165D0QMClyuCPl1nTTwrOv3KM.roa (raw, json)
Hash identifier: 5ElwimvuquO4fiXOVaZ8JIfiPKBJrMYMWTgh9AmOIaY=
Subject key identifier: D1:4D:7A:E4:3D:10:30:29:72:B8:23:E5:D6:74:D3:C2:B3:AF:DC:A3
Certificate issuer: /CN=3076e9855f9bca3017a10137b443ee8c528ca952
Certificate serial: 0190DFC5C67F3EC7B1C31D44BBA8C9CAFA07
Authority key identifier: 30:76:E9:85:5F:9B:CA:30:17:A1:01:37:B4:43:EE:8C:52:8C:A9:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MHbphV-byjAXoQE3tEPujFKMqVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/0U165D0QMClyuCPl1nTTwrOv3KM.roa
Signing time: Tue 23 Jul 2024 13:26:38 +0000
ROA not before: Tue 23 Jul 2024 13:26:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206539
IP address blocks: 95.169.64.0/21 maxlen: 21
95.169.72.0/22 maxlen: 22
95.169.76.0/22 maxlen: 22
95.169.84.0/22 maxlen: 22
95.169.88.0/22 maxlen: 24
95.169.92.0/22 maxlen: 22
2a0b:5580::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/MHbphV-byjAXoQE3tEPujFKMqVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/MHbphV-byjAXoQE3tEPujFKMqVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MHbphV-byjAXoQE3tEPujFKMqVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:df:c5:c6:7f:3e:c7:b1:c3:1d:44:bb:a8:c9:ca:fa:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3076e9855f9bca3017a10137b443ee8c528ca952
Validity
Not Before: Jul 23 13:26:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d14d7ae43d10302972b823e5d674d3c2b3afdca3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3c:9a:8c:4a:15:30:9f:93:04:47:28:91:f6:
06:0e:66:e5:c7:c1:d5:44:79:b5:7a:3d:2c:f7:12:
ad:93:c3:6d:df:f3:86:89:26:ce:14:bb:e1:31:52:
8a:2d:f3:3c:f9:ac:e7:59:5d:af:bb:cf:05:87:b9:
9e:70:76:14:e8:ac:9e:d3:cc:6f:56:7b:48:43:06:
f4:68:12:ba:88:61:c5:73:b1:73:c4:9d:46:84:d0:
78:cb:14:df:7a:53:4a:ea:29:4b:71:3f:80:1d:2c:
96:37:83:e4:d2:e1:f8:a3:76:2d:30:af:c9:59:b8:
84:d5:c9:20:c4:8c:0e:ee:18:5a:b5:25:4f:04:39:
b7:17:dd:3c:66:1b:e6:cc:72:38:7c:3d:ad:4c:23:
c7:af:1c:db:18:13:d0:d3:9b:44:80:51:19:d0:ed:
d9:23:5c:05:3b:35:7d:54:04:4c:1d:8d:46:ce:4c:
5b:2c:82:a7:c2:66:7e:0c:db:c7:38:89:08:3f:7e:
85:ba:50:cf:c9:3d:f7:24:53:64:eb:40:8c:ca:3d:
4a:4b:8f:ca:80:8a:74:be:62:c4:7d:fa:28:ab:c8:
db:20:74:d3:e1:6e:0f:f8:92:bb:5b:6b:2c:e8:a1:
1e:8d:a0:c5:6a:49:6f:06:aa:77:1b:92:65:96:60:
bd:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:4D:7A:E4:3D:10:30:29:72:B8:23:E5:D6:74:D3:C2:B3:AF:DC:A3
X509v3 Authority Key Identifier:
keyid:30:76:E9:85:5F:9B:CA:30:17:A1:01:37:B4:43:EE:8C:52:8C:A9:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHbphV-byjAXoQE3tEPujFKMqVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/0U165D0QMClyuCPl1nTTwrOv3KM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/MHbphV-byjAXoQE3tEPujFKMqVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.64.0/20
95.169.84.0-95.169.95.255
IPv6:
2a0b:5580::/29
Signature Algorithm: sha256WithRSAEncryption
df:a5:7c:08:67:93:51:47:61:27:1f:b6:23:f7:6d:6c:99:27:
87:cc:ba:77:bf:a0:97:28:5c:8f:f5:1a:9c:c2:51:49:49:e0:
f0:1a:bc:78:4c:17:35:65:c6:f3:23:1c:80:b5:69:b3:a9:95:
09:f1:3b:8c:f1:5a:aa:f3:d0:29:be:30:98:6d:ff:46:00:87:
1a:6b:77:82:20:df:c1:de:8d:e3:08:e4:be:fd:cf:fc:99:61:
64:16:27:30:de:21:eb:61:3c:7f:bd:d3:25:1e:30:5e:72:c5:
57:ea:0c:ff:d1:96:f0:2f:e2:49:4a:ec:31:92:fb:50:34:eb:
78:bf:3b:50:f3:08:0e:7f:8b:74:f3:3b:2e:e2:19:0e:8b:a9:
55:11:c2:7c:78:fc:32:cd:34:57:25:b7:fa:09:39:f3:32:c3:
42:08:9d:73:11:7b:38:26:9f:c9:09:97:69:13:3c:c1:37:76:
a0:82:5a:bb:b0:24:f2:c3:66:bb:eb:a1:4f:e4:84:6e:22:35:
a2:66:7a:12:41:07:69:6d:e3:e6:a3:41:b3:6d:23:85:75:8a:
79:2a:79:5d:17:1a:3d:71:38:a1:9a:31:d9:9b:c8:8d:76:2f:
68:1a:21:8c:1a:ea:4d:32:a7:20:bc:1e:6e:26:85:6f:97:78:
6d:85:e2:b2
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZDfxcZ/Psexwx1Eu6jJyvoHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNzZlOTg1NWY5YmNhMzAxN2ExMDEzN2I0NDNlZThjNTI4
Y2E5NTIwHhcNMjQwNzIzMTMyNjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTRkN2FlNDNkMTAzMDI5NzJiODIzZTVkNjc0ZDNjMmIzYWZkY2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzyajEoVMJ+TBEcokfYGDmblx8HV
RHm1ej0s9xKtk8Nt3/OGiSbOFLvhMVKKLfM8+aznWV2vu88Fh7mecHYU6Kye08xv
VntIQwb0aBK6iGHFc7FzxJ1GhNB4yxTfelNK6ilLcT+AHSyWN4Pk0uH4o3YtMK/J
WbiE1ckgxIwO7hhatSVPBDm3F908ZhvmzHI4fD2tTCPHrxzbGBPQ05tEgFEZ0O3Z
I1wFOzV9VARMHY1GzkxbLIKnwmZ+DNvHOIkIP36FulDPyT33JFNk60CMyj1KS4/K
gIp0vmLEffooq8jbIHTT4W4P+JK7W2ss6KEejaDFaklvBqp3G5JllmC9JwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNFNeuQ9EDApcrgj5dZ008Kzr9yjMB8GA1UdIwQY
MBaAFDB26YVfm8owF6EBN7RD7oxSjKlSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUhicGhWLWJ5akFYb1FFM3RFUHVqRktNcVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9lMjUyNjktY2ZjOS00ODQ4LWIxZTUt
N2Y3ODZiYjM0MzQ0LzEvMFUxNjVEMFFNQ2x5dUNQbDFuVFR3ck92M0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9lMjUyNjktY2ZjOS00ODQ4LWIxZTUtN2Y3ODZiYjM0MzQ0
LzEvTUhicGhWLWJ5akFYb1FFM3RFUHVqRktNcVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQEX6lAMAwD
BAJfqVQDBAVfqUAwDQQCAAIwBwMFAyoLVYAwDQYJKoZIhvcNAQELBQADggEBAN+l
fAhnk1FHYScftiP3bWyZJ4fMune/oJcoXI/1GpzCUUlJ4PAavHhMFzVlxvMjHIC1
abOplQnxO4zxWqrz0Cm+MJht/0YAhxprd4Ig38HejeMI5L79z/yZYWQWJzDeIeth
PH+90yUeMF5yxVfqDP/RlvAv4klK7DGS+1A063i/O1DzCA5/i3TzOy7iGQ6LqVUR
wnx4/DLNNFclt/oJOfMyw0IInXMRezgmn8kJl2kTPME3dqCCWruwJPLDZrvroU/k
hG4iNaJmehJBB2lt4+ajQbNtI4V1inkqeV0XGj1xOKGaMdmbyI12L2gaIYwa6k0y
pyC8Hm4mhW+XeG2F4rI=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:44:52 2024 by rpki-client on console-fra.rpki-client.org