Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/IzHkzr6h-mDJI-KKhxFz8DTlR-A.roa
File: IzHkzr6h-mDJI-KKhxFz8DTlR-A.roa (raw, json)
Hash identifier: AZLUfU9npbOVh/DJM6MDgljfWiIhC+/et0EWqC6SWjM=
Subject key identifier: 23:31:E4:CE:BE:A1:FA:60:C9:23:E2:8A:87:11:73:F0:34:E5:47:E0
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 018CC94E37CB6D51261EE89AFDF6E0D704B4
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/IzHkzr6h-mDJI-KKhxFz8DTlR-A.roa
Signing time: Tue 02 Jan 2024 08:33:15 +0000
ROA not before: Tue 02 Jan 2024 08:33:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49112
IP address blocks: 176.52.224.0/20 maxlen: 20
130.0.96.0/19 maxlen: 19
95.157.128.0/18 maxlen: 18
185.147.232.0/22 maxlen: 22
2a00:9380::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.mft
rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 12:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:37:cb:6d:51:26:1e:e8:9a:fd:f6:e0:d7:04:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 2 08:33:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2331e4cebea1fa60c923e28a871173f034e547e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ba:c2:5e:20:bd:9c:5a:b1:18:79:44:2d:c5:
b8:34:0e:98:29:93:93:4a:4a:51:52:7f:6a:03:c7:
c9:df:8f:06:af:2e:74:ac:df:a0:58:bb:88:99:d7:
e4:20:ef:65:b8:77:12:1e:2a:40:c0:e8:e6:4d:6f:
56:36:54:02:70:55:0d:c8:96:c3:ac:dd:5f:ad:52:
f4:18:5c:63:65:c1:b7:1a:60:f5:f3:92:4b:79:1b:
26:d3:0a:d4:59:db:a5:8f:77:a5:3a:d8:9a:6f:81:
b6:5c:6c:b8:2d:d0:09:75:b1:d5:d8:45:bf:6b:3c:
81:9f:19:1f:8a:32:a9:35:df:73:8c:5d:52:f2:a1:
77:97:03:2f:9e:6e:54:93:c0:ec:7e:d1:07:65:a3:
e5:14:ee:9e:56:b5:02:a7:cf:f4:dd:f4:60:32:ee:
26:e2:1e:8d:67:22:5a:5a:51:f1:fa:29:7a:47:48:
02:31:d8:7c:15:89:db:67:f5:10:3e:b7:a8:7a:a1:
7d:23:6e:61:23:c1:c0:da:0b:f3:f9:ea:9e:fa:e1:
d6:18:26:ae:7d:d0:be:a5:13:f2:52:81:ad:0a:5f:
f4:44:c4:6a:29:01:48:ed:e7:87:6c:c3:01:ec:d4:
5f:e5:8d:8e:9e:0c:01:39:cd:35:f4:fb:33:ce:2c:
4c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:31:E4:CE:BE:A1:FA:60:C9:23:E2:8A:87:11:73:F0:34:E5:47:E0
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/IzHkzr6h-mDJI-KKhxFz8DTlR-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.157.128.0/18
130.0.96.0/19
176.52.224.0/20
185.147.232.0/22
IPv6:
2a00:9380::/32
Signature Algorithm: sha256WithRSAEncryption
9f:0b:3f:c8:87:89:a3:ce:c2:f5:d5:a1:93:6d:b7:55:e4:97:
fd:ad:d3:c2:1e:de:56:32:84:75:f0:b9:b3:cb:f9:59:0a:15:
b5:f4:22:fc:85:a0:62:a4:59:b9:41:e7:3a:ff:eb:be:7c:de:
30:39:04:fa:aa:83:cb:77:f1:15:63:42:e5:59:ce:77:33:b7:
ca:cc:02:1c:df:d4:1d:3c:a5:17:25:2e:df:2a:51:e9:73:54:
c5:16:0a:13:3f:43:ec:b5:e9:32:7f:ef:c5:a3:2c:92:05:8b:
ca:55:60:63:31:0f:02:29:b9:6b:db:6d:30:ba:20:6a:93:fc:
e2:95:de:49:d7:50:10:a4:8f:ab:68:20:4f:44:ee:00:6a:21:
90:35:1c:6d:3a:a4:4f:4a:d2:a8:9a:61:eb:e1:1e:00:07:57:
a0:c9:91:93:51:d7:b4:d2:82:0e:20:02:2c:0a:18:08:a1:f9:
87:7b:87:3c:2f:a2:7f:3d:d8:32:01:fa:ee:bb:7e:44:98:e6:
ea:d3:b1:04:fd:d1:b5:a3:c8:27:5e:73:6a:0c:2d:b9:07:59:
51:f5:10:c9:6e:fa:10:56:54:37:50:ed:84:42:4d:21:1a:73:
33:3a:eb:17:97:d6:81:9c:ee:c8:b8:b3:fd:22:85:da:65:a9:
6a:5c:ab:ce
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzJTjfLbVEmHuia/fbg1wS0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjQwMTAyMDgzMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzMxZTRjZWJlYTFmYTYwYzkyM2UyOGE4NzExNzNmMDM0ZTU0N2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1brCXiC9nFqxGHlELcW4NA6YKZOT
SkpRUn9qA8fJ348Gry50rN+gWLuImdfkIO9luHcSHipAwOjmTW9WNlQCcFUNyJbD
rN1frVL0GFxjZcG3GmD185JLeRsm0wrUWdulj3elOtiab4G2XGy4LdAJdbHV2EW/
azyBnxkfijKpNd9zjF1S8qF3lwMvnm5Uk8DsftEHZaPlFO6eVrUCp8/03fRgMu4m
4h6NZyJaWlHx+il6R0gCMdh8FYnbZ/UQPreoeqF9I25hI8HA2gvz+eqe+uHWGCau
fdC+pRPyUoGtCl/0RMRqKQFI7eeHbMMB7NRf5Y2OngwBOc019PszzixMVQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCMx5M6+ofpgySPiiocRc/A05UfgMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvSXpIa3pyNmgtbURKSS1LS2h4Rno4RFRsUi1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGX52AAwQF
ggBgAwQEsDTgAwQCuZPoMA0EAgACMAcDBQAqAJOAMA0GCSqGSIb3DQEBCwUAA4IB
AQCfCz/Ih4mjzsL11aGTbbdV5Jf9rdPCHt5WMoR18Lmzy/lZChW19CL8haBipFm5
Qec6/+u+fN4wOQT6qoPLd/EVY0LlWc53M7fKzAIc39QdPKUXJS7fKlHpc1TFFgoT
P0Pstekyf+/FoyySBYvKVWBjMQ8CKblr220wuiBqk/zild5J11AQpI+raCBPRO4A
aiGQNRxtOqRPStKommHr4R4AB1egyZGTUde00oIOIAIsChgIofmHe4c8L6J/Pdgy
Afruu35EmObq07EE/dG1o8gnXnNqDC25B1lR9RDJbvoQVlQ3UO2EQk0hGnMzOusX
l9aBnO7IuLP9IoXaZalqXKvO
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:11:41 2024 by rpki-client on console-fra.rpki-client.org