Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/xGRFsxPoIxpUVas6B_jjc7bkMd8.roa
File: xGRFsxPoIxpUVas6B_jjc7bkMd8.roa (raw, json)
Hash identifier: 0y3ZcDYnVI8ZI0DEykQp6ie2qb1O1MA93FMcF6fXMII=
Subject key identifier: C4:64:45:B3:13:E8:23:1A:54:55:AB:3A:07:F8:E3:73:B6:E4:31:DF
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 018CC64A0351CDDBF569BDD3BEE74D06A31B
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/xGRFsxPoIxpUVas6B_jjc7bkMd8.roa
Signing time: Mon 01 Jan 2024 18:29:48 +0000
ROA not before: Mon 01 Jan 2024 18:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3285
IP address blocks: 95.140.144.0/23 maxlen: 24
95.140.150.0/24 maxlen: 24
80.90.176.0/23 maxlen: 24
2a00:1818::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:03:51:cd:db:f5:69:bd:d3:be:e7:4d:06:a3:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Jan 1 18:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c46445b313e8231a5455ab3a07f8e373b6e431df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e5:f6:9c:b2:07:44:8a:24:b7:29:7b:6c:c6:
5f:56:fd:a0:12:6a:cf:a4:b4:c2:e1:14:68:1e:d1:
04:ed:e5:2c:5e:ed:bf:c2:69:ce:31:7d:12:f0:c2:
38:fc:07:d3:5d:fc:db:36:34:75:36:f3:fc:fc:67:
1e:6b:22:fb:2c:af:75:2d:8e:3e:08:c4:eb:94:42:
40:60:63:3e:60:af:8a:0f:79:99:31:c7:c0:5d:a4:
43:82:43:0c:4d:3b:c9:5e:1a:8b:4e:93:e4:6f:45:
16:42:c3:1e:fd:07:bb:80:e5:a3:9b:20:cd:4a:ef:
c4:31:d8:2d:48:0f:ee:83:53:80:45:ee:70:2e:1b:
ac:79:ad:38:24:c9:9e:82:1e:03:39:29:3e:68:8d:
15:ba:e3:80:2e:2e:d2:ac:7c:d8:b8:1d:3b:7f:78:
63:63:96:36:96:d6:68:0c:35:a9:c0:e1:50:73:48:
d6:f6:20:e7:b7:b8:58:9b:05:c3:5f:6b:48:87:b3:
75:2b:38:e2:3a:1d:85:b4:68:e0:a8:84:82:63:84:
5b:9f:5f:b2:3f:c4:13:63:1d:a9:c6:dd:b6:e3:17:
6a:b2:e0:6b:de:8b:38:e0:18:07:cb:f7:aa:de:16:
61:14:6b:a7:8f:70:2a:bf:28:df:2f:80:fc:30:19:
7d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:64:45:B3:13:E8:23:1A:54:55:AB:3A:07:F8:E3:73:B6:E4:31:DF
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/xGRFsxPoIxpUVas6B_jjc7bkMd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.176.0/23
95.140.144.0/23
95.140.150.0/24
IPv6:
2a00:1818::/32
Signature Algorithm: sha256WithRSAEncryption
7c:f1:72:ed:8b:55:86:ba:f1:60:79:96:32:b1:ff:0c:39:1d:
3a:67:48:cb:d5:bc:a2:be:e5:60:7a:e9:88:23:a9:a6:a9:6a:
1a:11:34:2f:ae:bd:39:f8:f0:40:d6:3c:fa:ff:e3:30:56:14:
11:0f:ec:4b:7b:5d:a4:5a:49:53:88:6f:df:11:7d:28:65:32:
e4:a2:c3:ea:1f:c1:c0:81:68:14:d7:0e:d1:d1:16:11:80:0b:
f8:3d:5b:ac:d7:b8:08:0e:6b:e6:e6:d4:f3:c7:84:a3:d5:54:
76:fc:19:98:7f:46:9e:e6:03:f7:88:4a:f7:b8:92:3f:51:07:
a2:38:1b:3c:27:5c:54:29:cc:98:6a:9e:18:e8:0b:78:da:e2:
a5:79:0a:f5:e8:44:5c:40:86:0f:40:d7:ba:e5:a4:92:cf:3a:
f9:e1:ca:ea:81:df:8d:3d:5c:ee:9c:61:0a:f1:75:98:04:9d:
db:f4:47:1f:ba:f0:67:8b:fc:dc:40:25:63:dd:57:55:08:84:
40:24:12:2e:9c:ac:01:20:12:ce:56:52:5e:f9:f7:c7:28:a0:
97:fd:ba:ec:d5:fe:85:6f:76:fb:2b:29:73:de:d8:46:a3:23:
a7:8f:6a:bc:7a:a4:7b:ce:e0:84:8d:d9:57:13:8d:2a:53:80:
f3:e9:f1:44
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGSgNRzdv1ab3TvudNBqMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjQwMTAxMTgyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDY0NDViMzEzZTgyMzFhNTQ1NWFiM2EwN2Y4ZTM3M2I2ZTQzMWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOX2nLIHRIoktyl7bMZfVv2gEmrP
pLTC4RRoHtEE7eUsXu2/wmnOMX0S8MI4/AfTXfzbNjR1NvP8/GceayL7LK91LY4+
CMTrlEJAYGM+YK+KD3mZMcfAXaRDgkMMTTvJXhqLTpPkb0UWQsMe/Qe7gOWjmyDN
Su/EMdgtSA/ug1OARe5wLhusea04JMmegh4DOSk+aI0VuuOALi7SrHzYuB07f3hj
Y5Y2ltZoDDWpwOFQc0jW9iDnt7hYmwXDX2tIh7N1KzjiOh2FtGjgqISCY4Rbn1+y
P8QTYx2pxt224xdqsuBr3os44BgHy/eq3hZhFGunj3AqvyjfL4D8MBl9pQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMRkRbMT6CMaVFWrOgf443O25DHfMB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEveEdSRnN4UG9JeHBVVmFzNkJfampjN2JrTWQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBUFqwAwQB
X4yQAwQAX4yWMA0EAgACMAcDBQAqABgYMA0GCSqGSIb3DQEBCwUAA4IBAQB88XLt
i1WGuvFgeZYysf8MOR06Z0jL1byivuVgeumII6mmqWoaETQvrr05+PBA1jz6/+Mw
VhQRD+xLe12kWklTiG/fEX0oZTLkosPqH8HAgWgU1w7R0RYRgAv4PVus17gIDmvm
5tTzx4Sj1VR2/BmYf0ae5gP3iEr3uJI/UQeiOBs8J1xUKcyYap4Y6At42uKleQr1
6ERcQIYPQNe65aSSzzr54crqgd+NPVzunGEK8XWYBJ3b9EcfuvBni/zcQCVj3VdV
CIRAJBIunKwBIBLOVlJe+ffHKKCX/brs1f6Fb3b7Kylz3thGoyOnj2q8eqR7zuCE
jdlXE40qU4Dz6fFE
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:50:50 2024 by rpki-client on console-ams.rpki-client.org