Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/Qk9wM4rxWES1N6-jJSrtMUgwxFw.roa
File: Qk9wM4rxWES1N6-jJSrtMUgwxFw.roa (raw, json)
Hash identifier: znPCgeZtv+bsBaBMupYSiq0ledPLoOtJBJ5vS4vwtoI=
Subject key identifier: 42:4F:70:33:8A:F1:58:44:B5:37:AF:A3:25:2A:ED:31:48:30:C4:5C
Certificate issuer: /CN=3076e9855f9bca3017a10137b443ee8c528ca952
Certificate serial: 018CC7957F40D8C8E7B3AACF8C18D4CEBECC
Authority key identifier: 30:76:E9:85:5F:9B:CA:30:17:A1:01:37:B4:43:EE:8C:52:8C:A9:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MHbphV-byjAXoQE3tEPujFKMqVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/Qk9wM4rxWES1N6-jJSrtMUgwxFw.roa
Signing time: Tue 02 Jan 2024 00:31:52 +0000
ROA not before: Tue 02 Jan 2024 00:31:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206539
IP address blocks: 95.169.64.0/21 maxlen: 21
95.169.76.0/22 maxlen: 22
95.169.72.0/22 maxlen: 22
95.169.84.0/22 maxlen: 22
95.169.88.0/22 maxlen: 24
95.169.92.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/MHbphV-byjAXoQE3tEPujFKMqVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/MHbphV-byjAXoQE3tEPujFKMqVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MHbphV-byjAXoQE3tEPujFKMqVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 12:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:7f:40:d8:c8:e7:b3:aa:cf:8c:18:d4:ce:be:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3076e9855f9bca3017a10137b443ee8c528ca952
Validity
Not Before: Jan 2 00:31:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=424f70338af15844b537afa3252aed314830c45c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:af:56:d7:0a:e1:65:f6:fa:1e:c9:fd:61:12:
ba:e5:44:79:3f:bd:1a:8d:a0:4c:68:64:4e:42:57:
a0:0f:c0:d7:3b:1b:33:bf:5c:54:66:4b:b1:ca:f8:
2c:84:fc:64:5e:9e:7d:f5:7c:a2:e5:ff:85:08:67:
6a:4c:18:50:d7:26:07:fc:ae:18:89:b2:85:ff:e9:
7d:0d:6e:4b:57:be:12:27:5a:9e:e0:53:26:65:9c:
fc:81:5c:5e:ff:5d:15:2c:ed:99:7e:15:76:6b:73:
5a:6d:34:e6:52:7a:67:0c:a5:78:8f:f3:9b:26:f9:
c7:de:1b:0f:a8:a6:79:dc:93:4f:b0:dc:81:a1:23:
91:3b:65:db:6c:fd:ce:57:03:41:4c:58:a7:4a:3b:
64:80:d8:ba:1b:28:ea:15:4d:9c:b0:61:64:a6:08:
f8:2a:32:ae:65:f0:1a:2a:87:2e:74:f3:16:83:ed:
28:c4:26:82:72:80:d1:fc:3b:8c:fb:b8:81:78:31:
44:28:ee:e5:c6:ec:52:ce:98:5f:f0:44:7b:a4:e1:
70:8b:0c:af:78:69:b2:00:1d:c0:ae:e0:f7:f9:2d:
6c:af:07:ec:cf:c6:2b:4c:90:50:78:53:50:25:7d:
a2:f6:18:fc:33:3d:b3:d3:ae:cb:d8:85:2d:0f:a2:
87:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:4F:70:33:8A:F1:58:44:B5:37:AF:A3:25:2A:ED:31:48:30:C4:5C
X509v3 Authority Key Identifier:
keyid:30:76:E9:85:5F:9B:CA:30:17:A1:01:37:B4:43:EE:8C:52:8C:A9:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHbphV-byjAXoQE3tEPujFKMqVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/Qk9wM4rxWES1N6-jJSrtMUgwxFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/MHbphV-byjAXoQE3tEPujFKMqVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.64.0/20
95.169.84.0-95.169.95.255
Signature Algorithm: sha256WithRSAEncryption
3a:5f:88:25:e9:a8:f8:7c:1c:e0:e0:35:53:10:99:2a:c9:99:
3a:f0:15:2c:91:ba:1f:3d:fe:07:bf:30:e8:62:1b:55:4f:d3:
0d:10:67:5d:a6:4d:6c:26:c7:f3:39:8f:00:f2:5e:2e:a6:d0:
47:5b:ff:b8:77:85:db:93:a1:43:df:61:d4:d8:1c:e9:31:aa:
df:71:04:fb:8f:59:1e:7a:9d:40:c7:03:15:3f:97:78:42:fb:
d1:fe:57:eb:17:d8:00:43:36:11:f1:f4:74:00:d6:3e:9b:60:
49:21:3a:a2:35:29:a2:42:a6:ee:64:b4:b9:93:70:61:c6:89:
f6:2c:74:be:27:f2:d5:cb:8a:7d:8e:96:ec:f7:44:7d:b2:5f:
85:6c:9e:af:5b:6d:2e:e2:9c:9b:6f:09:75:78:d5:b5:4b:d7:
a5:7b:1e:29:53:6d:dc:54:dd:8d:50:51:c9:b5:3e:a5:94:27:
f3:77:17:9b:55:19:92:f1:e2:ac:36:92:78:9d:1e:f8:5f:d3:
7b:71:f5:87:fb:da:0b:8c:01:2f:01:e0:a4:60:9e:9f:45:c1:
b7:22:39:5c:a4:4f:c6:b5:1f:83:c7:01:b7:bb:88:f3:bc:38:
fc:95:c0:82:d1:81:1f:17:d4:85:11:46:91:c0:a2:b4:94:3c:
10:31:86:fd
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzHlX9A2Mjns6rPjBjUzr7MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNzZlOTg1NWY5YmNhMzAxN2ExMDEzN2I0NDNlZThjNTI4
Y2E5NTIwHhcNMjQwMTAyMDAzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjRmNzAzMzhhZjE1ODQ0YjUzN2FmYTMyNTJhZWQzMTQ4MzBjNDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAha9W1wrhZfb6Hsn9YRK65UR5P70a
jaBMaGROQlegD8DXOxszv1xUZkuxyvgshPxkXp599Xyi5f+FCGdqTBhQ1yYH/K4Y
ibKF/+l9DW5LV74SJ1qe4FMmZZz8gVxe/10VLO2ZfhV2a3NabTTmUnpnDKV4j/Ob
JvnH3hsPqKZ53JNPsNyBoSORO2XbbP3OVwNBTFinSjtkgNi6GyjqFU2csGFkpgj4
KjKuZfAaKocudPMWg+0oxCaCcoDR/DuM+7iBeDFEKO7lxuxSzphf8ER7pOFwiwyv
eGmyAB3AruD3+S1srwfsz8YrTJBQeFNQJX2i9hj8Mz2z067L2IUtD6KHQwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEJPcDOK8VhEtTevoyUq7TFIMMRcMB8GA1UdIwQY
MBaAFDB26YVfm8owF6EBN7RD7oxSjKlSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUhicGhWLWJ5akFYb1FFM3RFUHVqRktNcVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9lMjUyNjktY2ZjOS00ODQ4LWIxZTUt
N2Y3ODZiYjM0MzQ0LzEvUWs5d000cnhXRVMxTjYtakpTcnRNVWd3eEZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9lMjUyNjktY2ZjOS00ODQ4LWIxZTUtN2Y3ODZiYjM0MzQ0
LzEvTUhicGhWLWJ5akFYb1FFM3RFUHVqRktNcVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQEX6lAMAwD
BAJfqVQDBAVfqUAwDQYJKoZIhvcNAQELBQADggEBADpfiCXpqPh8HODgNVMQmSrJ
mTrwFSyRuh89/ge/MOhiG1VP0w0QZ12mTWwmx/M5jwDyXi6m0Edb/7h3hduToUPf
YdTYHOkxqt9xBPuPWR56nUDHAxU/l3hC+9H+V+sX2ABDNhHx9HQA1j6bYEkhOqI1
KaJCpu5ktLmTcGHGifYsdL4n8tXLin2Oluz3RH2yX4Vsnq9bbS7inJtvCXV41bVL
16V7HilTbdxU3Y1QUcm1PqWUJ/N3F5tVGZLx4qw2knidHvhf03tx9Yf72guMAS8B
4KRgnp9FwbciOVykT8a1H4PHAbe7iPO8OPyVwILRgR8X1IURRpHAorSUPBAxhv0=
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:34:58 2024 by rpki-client on console-ams.rpki-client.org