Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/7c7e90-c781-42ab-9691-ce923d19508f/1/4umJtXPvpt6ycshDdGMwxEV4_Iw.roa
File: 4umJtXPvpt6ycshDdGMwxEV4_Iw.roa (raw, json)
Hash identifier: 172DBbJuLSebP9+Y+HOFsU0Y608KlCZsSjFeX4mDB/M=
Subject key identifier: E2:E9:89:B5:73:EF:A6:DE:B2:72:C8:43:74:63:30:C4:45:78:FC:8C
Certificate issuer: /CN=12c305404e80b5a4d70d21dab86fc5b6b801a8b8
Certificate serial: 018CC86F068BF3592DD9D6FC7B54CB71C948
Authority key identifier: 12:C3:05:40:4E:80:B5:A4:D7:0D:21:DA:B8:6F:C5:B6:B8:01:A8:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsMFQE6AtaTXDSHauG_FtrgBqLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/7c7e90-c781-42ab-9691-ce923d19508f/1/4umJtXPvpt6ycshDdGMwxEV4_Iw.roa
Signing time: Tue 02 Jan 2024 04:29:28 +0000
ROA not before: Tue 02 Jan 2024 04:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24594
IP address blocks: 185.120.52.0/22 maxlen: 22
93.95.123.0/24 maxlen: 24
93.95.125.0/24 maxlen: 24
93.95.120.0/21 maxlen: 21
93.95.126.0/24 maxlen: 24
2a00:d68::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/7c7e90-c781-42ab-9691-ce923d19508f/1/EsMFQE6AtaTXDSHauG_FtrgBqLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/7c7e90-c781-42ab-9691-ce923d19508f/1/EsMFQE6AtaTXDSHauG_FtrgBqLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsMFQE6AtaTXDSHauG_FtrgBqLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:06:8b:f3:59:2d:d9:d6:fc:7b:54:cb:71:c9:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c305404e80b5a4d70d21dab86fc5b6b801a8b8
Validity
Not Before: Jan 2 04:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2e989b573efa6deb272c843746330c44578fc8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3f:96:26:ae:47:da:44:3a:b5:58:12:ad:e3:
3a:7a:b0:88:b0:3c:2f:a1:d7:fb:c7:ed:16:76:00:
8f:1e:d8:17:d3:61:9e:cc:94:3d:ee:eb:f6:d2:0e:
b4:d8:4b:a3:e5:e3:f8:1f:6e:58:fa:54:fe:a4:e7:
93:f1:a0:12:6d:e4:b4:86:91:53:da:76:b4:b6:4c:
14:52:5b:68:73:97:4d:dc:ed:f8:52:76:23:fd:98:
9b:b4:f1:bb:2f:80:41:ec:16:a7:0b:77:53:70:56:
61:bf:53:18:6a:d8:5c:c0:d7:b6:84:78:72:c8:0b:
98:94:d4:cc:c5:ca:08:40:01:1e:c9:60:43:eb:89:
5b:6c:75:cc:78:ee:aa:ec:1e:48:e2:00:69:f2:87:
03:13:2d:c8:5e:4f:b8:72:1c:77:49:91:05:3a:85:
5f:f3:3d:a4:1e:16:6c:4f:d0:8d:8f:e5:f5:1e:0e:
73:b7:73:80:84:06:cb:58:23:5f:8b:bf:97:f3:c7:
17:38:1e:0f:09:89:0d:3e:cb:11:fe:60:37:f2:89:
7b:69:f6:a4:37:f2:32:4c:2e:c9:02:48:3e:c9:91:
52:b0:b2:69:c6:4a:a7:81:7d:e9:b5:c8:fd:66:08:
3f:2b:a8:25:ea:55:31:fd:35:a2:0f:70:01:a6:c8:
41:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:E9:89:B5:73:EF:A6:DE:B2:72:C8:43:74:63:30:C4:45:78:FC:8C
X509v3 Authority Key Identifier:
keyid:12:C3:05:40:4E:80:B5:A4:D7:0D:21:DA:B8:6F:C5:B6:B8:01:A8:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsMFQE6AtaTXDSHauG_FtrgBqLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/7c7e90-c781-42ab-9691-ce923d19508f/1/4umJtXPvpt6ycshDdGMwxEV4_Iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/7c7e90-c781-42ab-9691-ce923d19508f/1/EsMFQE6AtaTXDSHauG_FtrgBqLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.95.120.0/21
185.120.52.0/22
IPv6:
2a00:d68::/32
Signature Algorithm: sha256WithRSAEncryption
a1:09:88:a2:08:07:aa:41:6d:fd:1d:ac:b0:81:18:69:2a:b9:
4f:07:1c:17:e6:0f:3f:01:20:f3:a1:f8:b2:c8:1d:75:0e:d5:
b8:f3:4a:d8:7b:f3:f2:99:1b:0c:03:8d:d0:bf:b9:f3:b2:c0:
af:04:e7:26:2c:6f:0b:ff:c1:ae:c3:21:85:bc:92:a8:43:bc:
d1:e4:74:ac:75:2b:95:48:46:90:b5:2b:ed:43:b0:4a:9a:08:
c7:f7:03:0a:a4:5e:0e:a0:5b:ca:c7:e5:c1:e2:34:8e:f5:57:
a4:e4:8e:50:da:e7:1e:81:d1:58:fd:b3:bd:86:fd:bf:47:41:
b0:0b:44:a7:54:ca:81:2a:e4:18:01:47:73:a5:4e:cd:cd:28:
42:c6:1c:69:3f:7b:a2:b1:11:f3:13:95:7e:4a:d4:8d:2c:8c:
f0:d6:11:81:22:57:af:4b:86:37:4e:05:6e:40:00:54:59:2c:
00:76:92:34:ea:a8:ee:49:03:43:bf:16:65:cf:f7:ae:f1:4c:
57:fe:ce:65:49:c5:92:d3:e0:32:e1:11:de:f6:17:d3:f9:33:
88:f6:43:30:34:6f:de:9d:0d:4e:f8:86:06:b7:f3:a8:31:c2:
82:3c:66:24:f1:2e:fb:63:f2:4c:ed:b1:4a:12:61:d3:e5:e0:
f2:1e:65:a5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIbwaL81kt2db8e1TLcclIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYzMwNTQwNGU4MGI1YTRkNzBkMjFkYWI4NmZjNWI2Yjgw
MWE4YjgwHhcNMjQwMTAyMDQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmU5ODliNTczZWZhNmRlYjI3MmM4NDM3NDYzMzBjNDQ1NzhmYzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhD+WJq5H2kQ6tVgSreM6erCIsDwv
odf7x+0WdgCPHtgX02GezJQ97uv20g602Euj5eP4H25Y+lT+pOeT8aASbeS0hpFT
2na0tkwUUltoc5dN3O34UnYj/ZibtPG7L4BB7BanC3dTcFZhv1MYathcwNe2hHhy
yAuYlNTMxcoIQAEeyWBD64lbbHXMeO6q7B5I4gBp8ocDEy3IXk+4chx3SZEFOoVf
8z2kHhZsT9CNj+X1Hg5zt3OAhAbLWCNfi7+X88cXOB4PCYkNPssR/mA38ol7afak
N/IyTC7JAkg+yZFSsLJpxkqngX3ptcj9Zgg/K6gl6lUx/TWiD3ABpshBbwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOLpibVz76besnLIQ3RjMMRFePyMMB8GA1UdIwQY
MBaAFBLDBUBOgLWk1w0h2rhvxba4Aai4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXNNRlFFNkF0YVRYRFNIYXVHX0Z0cmdCcUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83YzdlOTAtYzc4MS00MmFiLTk2OTEt
Y2U5MjNkMTk1MDhmLzEvNHVtSnRYUHZwdDZ5Y3NoRGRHTXd4RVY0X0l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83YzdlOTAtYzc4MS00MmFiLTk2OTEtY2U5MjNkMTk1MDhm
LzEvRXNNRlFFNkF0YVRYRFNIYXVHX0Z0cmdCcUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXV94AwQC
uXg0MA0EAgACMAcDBQAqAA1oMA0GCSqGSIb3DQEBCwUAA4IBAQChCYiiCAeqQW39
HaywgRhpKrlPBxwX5g8/ASDzofiyyB11DtW480rYe/PymRsMA43Qv7nzssCvBOcm
LG8L/8GuwyGFvJKoQ7zR5HSsdSuVSEaQtSvtQ7BKmgjH9wMKpF4OoFvKx+XB4jSO
9Vek5I5Q2ucegdFY/bO9hv2/R0GwC0SnVMqBKuQYAUdzpU7NzShCxhxpP3uisRHz
E5V+StSNLIzw1hGBIlevS4Y3TgVuQABUWSwAdpI06qjuSQNDvxZlz/eu8UxX/s5l
ScWS0+Ay4RHe9hfT+TOI9kMwNG/enQ1O+IYGt/OoMcKCPGYk8S77Y/JM7bFKEmHT
5eDyHmWl
-----END CERTIFICATE-----
Generated at Thu May 23 00:06:14 2024 by rpki-client on console-fra.rpki-client.org