Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/1-18xQTdsIaxnzp1xPp4_cfkjLTQ.roa
File: 1-18xQTdsIaxnzp1xPp4_cfkjLTQ.roa (raw, json)
Hash identifier: DpJUBmCpVuO6dlqoMo4E8typwrIfRaB+Bf1SdjkM7l8=
Subject key identifier: FB:5F:31:41:37:6C:21:AC:67:CE:9D:71:3E:9E:3F:71:F9:23:2D:34
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 018CCA29D762ED90658D0492A824DC9932C5
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/1-18xQTdsIaxnzp1xPp4_cfkjLTQ.roa
Signing time: Tue 02 Jan 2024 12:33:08 +0000
ROA not before: Tue 02 Jan 2024 12:33:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213296
IP address blocks: 185.95.102.0/23 maxlen: 24
185.95.100.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 01:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:d7:62:ed:90:65:8d:04:92:a8:24:dc:99:32:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jan 2 12:33:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb5f3141376c21ac67ce9d713e9e3f71f9232d34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:05:d1:4f:a5:f0:cc:89:3b:78:f8:b4:43:78:
44:8b:bd:ed:13:ec:6f:4f:99:ae:c6:a7:71:f8:6c:
98:c8:1e:64:d0:4a:0d:09:1e:57:9b:75:a9:8e:dc:
b6:6e:96:4b:4f:ed:d9:29:1d:5a:69:ee:cf:f4:f1:
3b:99:b9:26:b0:7c:85:0f:c2:4f:20:70:5d:38:9e:
a4:4b:be:7b:cf:ef:3f:e5:38:b5:37:ce:a6:00:27:
aa:18:3f:9d:8d:c3:e6:09:4e:2f:9f:10:6a:60:3a:
9b:da:ec:54:23:23:0c:71:6b:b5:5d:07:53:df:3e:
c0:6a:91:d1:39:66:1d:5f:eb:36:70:f0:7b:b5:46:
ca:32:40:cb:a0:7b:1d:2e:34:cb:24:db:72:ba:80:
af:f7:52:02:90:f6:58:a7:8c:35:ad:59:9d:7c:82:
b4:ff:bd:7d:ec:ae:05:ea:2b:92:ce:55:07:5f:e1:
00:bc:3a:0b:e7:94:5d:a3:dd:f2:b7:d8:f4:3c:ef:
07:0b:ed:65:6d:ed:67:41:ef:11:ca:88:4a:e1:4b:
0b:a7:07:25:11:1a:2c:1e:03:49:c4:28:87:59:a1:
76:0c:f1:9f:9d:35:d5:46:e6:34:75:40:c6:8a:e7:
57:0a:5e:5d:3a:6c:89:e6:b2:0e:2e:d1:e7:dd:cc:
c1:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:5F:31:41:37:6C:21:AC:67:CE:9D:71:3E:9E:3F:71:F9:23:2D:34
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/1-18xQTdsIaxnzp1xPp4_cfkjLTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.100.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:a4:1a:15:0b:7f:8e:8c:7f:eb:49:0e:05:74:b9:20:a7:65:
8e:ab:62:e7:1b:37:ec:17:f0:e1:94:56:55:3b:bb:cb:db:66:
4a:ae:07:d7:22:92:bf:87:f1:88:17:09:62:b9:4b:02:49:9c:
f9:7b:c3:83:98:9c:26:fe:da:f7:7a:26:17:e5:13:4b:a7:23:
db:d2:29:eb:b4:ae:30:2f:56:c2:e3:38:58:ae:96:3d:4a:10:
34:bd:1d:00:3e:a8:bb:d8:42:38:c0:4b:d0:ca:4b:27:6c:35:
40:69:2d:c3:59:84:a3:c3:37:06:88:e3:c3:9d:c1:b5:59:70:
42:2a:91:e6:9c:3d:6b:1e:6f:79:18:98:cb:9c:de:ee:a9:74:
2d:43:62:e1:10:8f:05:d2:4b:a5:39:9a:74:06:60:cf:af:b7:
e5:58:f8:fb:95:04:32:4f:e7:33:31:9b:a7:7b:e2:93:c3:a4:
c2:2d:de:27:2f:1a:0c:96:14:6c:a8:15:dc:5f:0f:cc:66:a0:
f3:81:55:c1:29:d9:3f:64:89:1d:d6:93:36:84:7a:3a:ed:05:
d9:5a:22:bc:4c:41:b7:b8:18:d8:ce:7a:e2:e9:bb:58:fb:ed:
70:61:a9:f3:c3:e5:07:5e:5b:0f:35:9f:4e:9b:76:77:36:23:
c2:a0:3e:26
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzKKddi7ZBljQSSqCTcmTLFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjQwMTAyMTIzMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjVmMzE0MTM3NmMyMWFjNjdjZTlkNzEzZTllM2Y3MWY5MjMyZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5gXRT6XwzIk7ePi0Q3hEi73tE+xv
T5muxqdx+GyYyB5k0EoNCR5Xm3Wpjty2bpZLT+3ZKR1aae7P9PE7mbkmsHyFD8JP
IHBdOJ6kS757z+8/5Ti1N86mACeqGD+djcPmCU4vnxBqYDqb2uxUIyMMcWu1XQdT
3z7AapHROWYdX+s2cPB7tUbKMkDLoHsdLjTLJNtyuoCv91ICkPZYp4w1rVmdfIK0
/7197K4F6iuSzlUHX+EAvDoL55Rdo93yt9j0PO8HC+1lbe1nQe8RyohK4UsLpwcl
ERosHgNJxCiHWaF2DPGfnTXVRuY0dUDGiudXCl5dOmyJ5rIOLtHn3czBnQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPtfMUE3bCGsZ86dcT6eP3H5Iy00MB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvMS0xOHhRVGRzSWF4bnpwMXhQcDRfY2ZrakxUUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2EvNzJmNzdmLTc2YWItNGU3OS1hMDYyLTZlZTUzNGQ5MmU1
Mi8xL211NFZ3ejNqV0pPTmFRQ2hzOEZFZ0tPSjZGcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlfZDAN
BgkqhkiG9w0BAQsFAAOCAQEAoKQaFQt/jox/60kOBXS5IKdljqti5xs37Bfw4ZRW
VTu7y9tmSq4H1yKSv4fxiBcJYrlLAkmc+XvDg5icJv7a93omF+UTS6cj29Ip67Su
MC9WwuM4WK6WPUoQNL0dAD6ou9hCOMBL0MpLJ2w1QGktw1mEo8M3Bojjw53BtVlw
QiqR5pw9ax5veRiYy5ze7ql0LUNi4RCPBdJLpTmadAZgz6+35Vj4+5UEMk/nMzGb
p3vik8Okwi3eJy8aDJYUbKgV3F8PzGag84FVwSnZP2SJHdaTNoR6Ou0F2VoivExB
t7gY2M564um7WPvtcGGp88PlB15bDzWfTpt2dzYjwqA+Jg==
-----END CERTIFICATE-----
Generated at Fri May 10 06:14:57 2024 by rpki-client on console-ams.rpki-client.org