Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/FjrlhT1M167FHSdwm_rwiutafjk.roa
File: FjrlhT1M167FHSdwm_rwiutafjk.roa (raw, json)
Hash identifier: p4Vv2oS3XKbd0+RJHbs36RdBkIjCU/k2xLvydzWBC5g=
Subject key identifier: 16:3A:E5:85:3D:4C:D7:AE:C5:1D:27:70:9B:FA:F0:8A:EB:5A:7E:39
Certificate issuer: /CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Certificate serial: 018CC34891526F69E9499A81D22DF71729CA
Authority key identifier: 89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/FjrlhT1M167FHSdwm_rwiutafjk.roa
Signing time: Mon 01 Jan 2024 04:29:22 +0000
ROA not before: Mon 01 Jan 2024 04:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49001
IP address blocks: 185.194.220.0/22 maxlen: 22
95.131.33.0/24 maxlen: 24
95.131.37.0/24 maxlen: 24
95.131.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/iabNn0vrewwE0x_-XGdKh6dznSE.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/iabNn0vrewwE0x_-XGdKh6dznSE.mft
rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 01:03:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:91:52:6f:69:e9:49:9a:81:d2:2d:f7:17:29:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Validity
Not Before: Jan 1 04:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=163ae5853d4cd7aec51d27709bfaf08aeb5a7e39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f2:bf:2c:c1:05:6b:85:e7:44:dd:be:e4:b6:
1c:05:20:3b:77:47:ab:30:d2:01:f2:de:20:3c:73:
0d:28:af:a7:ab:b7:e8:78:df:72:30:e1:31:ed:90:
93:d9:35:81:d4:4a:d1:5a:25:27:3e:77:9c:42:20:
8c:e8:f9:0e:c3:4a:78:0e:4e:a1:70:98:b5:17:38:
04:c7:42:58:84:d4:d6:a8:eb:35:be:6c:37:3b:75:
06:93:e7:f4:d4:af:1b:f0:17:36:f9:26:97:d9:e3:
2a:63:4f:6b:7f:f4:31:55:4c:e4:d5:6b:c5:ae:fb:
68:69:ae:51:ec:dd:1c:36:c4:18:09:21:3e:ce:9d:
b9:75:1e:d5:eb:78:10:17:52:80:93:70:17:79:7b:
5f:f1:b2:87:27:f5:93:87:9b:b2:3f:4d:59:3f:97:
81:1d:14:e4:b5:83:e6:68:30:eb:60:bb:b8:af:e2:
94:d8:59:3a:f4:bf:56:e1:a5:d9:bc:23:1b:c4:b8:
a2:db:52:86:01:22:1b:27:7f:98:cb:1a:46:57:d7:
df:eb:94:cf:31:f3:e3:6b:3c:a3:be:8b:f2:02:af:
52:24:8e:b2:2a:ee:d9:b2:9e:c5:f5:4c:38:44:43:
3f:a3:0f:43:98:e6:e4:39:a7:e0:ce:9b:74:6d:6d:
9a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:3A:E5:85:3D:4C:D7:AE:C5:1D:27:70:9B:FA:F0:8A:EB:5A:7E:39
X509v3 Authority Key Identifier:
keyid:89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/FjrlhT1M167FHSdwm_rwiutafjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/iabNn0vrewwE0x_-XGdKh6dznSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.131.33.0/24
95.131.35.0/24
95.131.37.0/24
185.194.220.0/22
Signature Algorithm: sha256WithRSAEncryption
16:36:b1:9c:a6:a4:6c:3a:22:f9:bc:5b:e5:26:d1:64:99:39:
27:7d:cf:f8:31:a3:49:89:97:50:51:52:2b:8f:e4:a0:d9:2b:
e8:74:63:16:ba:d6:95:ab:a5:4d:16:87:e4:6b:72:94:ef:53:
02:11:0c:8d:04:27:3c:1f:0b:f7:ba:50:f0:78:52:74:2e:bf:
64:a5:61:39:37:a0:48:91:3c:fd:cf:58:b3:a0:34:8b:83:a8:
3b:43:3a:29:89:4a:84:cd:49:da:71:db:53:09:03:0e:82:f1:
bd:41:e7:7a:0d:0c:f3:5d:35:37:20:15:c5:bd:75:e8:06:da:
93:24:9f:f5:ca:35:23:22:8f:ad:3b:ae:2b:36:13:ee:87:95:
76:30:31:fb:23:52:67:0e:a1:de:69:a1:8d:6b:60:63:cc:90:
06:b5:78:a1:b1:bf:7f:38:fa:d3:35:da:be:48:47:62:8c:35:
f1:ce:ab:7f:5d:b1:d8:51:68:f6:7e:01:39:fd:26:7c:89:15:
fd:9d:5c:c8:82:a5:13:5e:3c:ee:eb:af:0c:e4:33:8b:20:6d:
8c:f2:2c:4a:6e:a2:fd:c0:f9:19:24:fd:a3:19:52:e2:67:b8:
ba:1e:52:01:c7:a7:23:d6:33:89:24:92:51:86:37:88:61:78:
74:48:70:1b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDSJFSb2npSZqB0i33FynKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTZjZDlmNGJlYjdiMGMwNGQzMWZmZTVjNjc0YTg3YTc3
MzlkMjEwHhcNMjQwMTAxMDQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjNhZTU4NTNkNGNkN2FlYzUxZDI3NzA5YmZhZjA4YWViNWE3ZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvK/LMEFa4XnRN2+5LYcBSA7d0er
MNIB8t4gPHMNKK+nq7foeN9yMOEx7ZCT2TWB1ErRWiUnPnecQiCM6PkOw0p4Dk6h
cJi1FzgEx0JYhNTWqOs1vmw3O3UGk+f01K8b8Bc2+SaX2eMqY09rf/QxVUzk1WvF
rvtoaa5R7N0cNsQYCSE+zp25dR7V63gQF1KAk3AXeXtf8bKHJ/WTh5uyP01ZP5eB
HRTktYPmaDDrYLu4r+KU2Fk69L9W4aXZvCMbxLii21KGASIbJ3+YyxpGV9ff65TP
MfPjazyjvovyAq9SJI6yKu7Zsp7F9Uw4REM/ow9DmObkOafgzpt0bW2aGwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBY65YU9TNeuxR0ncJv68IrrWn45MB8GA1UdIwQY
MBaAFImmzZ9L63sMBNMf/lxnSoenc50hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYt
MWY5MjQ0OTVmY2RkLzEvRmpybGhUMU0xNjdGSFNkd21fcndpdXRhZmprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYtMWY5MjQ0OTVmY2Rk
LzEvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAX4MhAwQA
X4MjAwQAX4MlAwQCucLcMA0GCSqGSIb3DQEBCwUAA4IBAQAWNrGcpqRsOiL5vFvl
JtFkmTknfc/4MaNJiZdQUVIrj+Sg2SvodGMWutaVq6VNFofka3KU71MCEQyNBCc8
Hwv3ulDweFJ0Lr9kpWE5N6BIkTz9z1izoDSLg6g7QzopiUqEzUnacdtTCQMOgvG9
Qed6DQzzXTU3IBXFvXXoBtqTJJ/1yjUjIo+tO64rNhPuh5V2MDH7I1JnDqHeaaGN
a2BjzJAGtXihsb9/OPrTNdq+SEdijDXxzqt/XbHYUWj2fgE5/SZ8iRX9nVzIgqUT
Xjzu668M5DOLIG2M8ixKbqL9wPkZJP2jGVLiZ7i6HlIBx6cj1jOJJJJRhjeIYXh0
SHAb
-----END CERTIFICATE-----
Generated at Thu Jun 20 10:56:06 2024 by rpki-client on console-ams.rpki-client.org