Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/7t_8g3e-SCB04nGeDx-fAOyyYzU.roa
File: 7t_8g3e-SCB04nGeDx-fAOyyYzU.roa (raw, json)
Hash identifier: KaZDP3rEPd791aJ/nw4QU7j2W95bXPi6nKUt7cEkBNs=
Subject key identifier: EE:DF:FC:83:77:BE:48:20:74:E2:71:9E:0F:1F:9F:00:EC:B2:63:35
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018CC26D6A3351B3BFF032D496EA609300D8
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/7t_8g3e-SCB04nGeDx-fAOyyYzU.roa
Signing time: Mon 01 Jan 2024 00:29:59 +0000
ROA not before: Mon 01 Jan 2024 00:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207772
IP address blocks: 95.43.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:6a:33:51:b3:bf:f0:32:d4:96:ea:60:93:00:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 00:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eedffc8377be482074e2719e0f1f9f00ecb26335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9f:87:bc:b6:93:86:62:e1:b1:3d:1f:e1:f3:
7e:0d:cd:20:34:99:c6:6b:be:0f:3f:5c:31:54:af:
b7:c8:0b:d5:b9:6c:c1:8a:f4:ec:eb:0b:c7:02:6f:
c3:04:a0:4c:cb:21:b4:ca:cb:54:1c:83:ae:0a:64:
0f:28:43:27:9e:b8:a8:ff:c4:45:5e:ca:ed:0e:32:
6a:0a:05:75:16:f2:61:71:88:46:40:42:5c:14:a9:
4f:b4:9f:83:cf:ee:c4:35:dd:9b:49:b3:a5:b8:3c:
f5:8b:aa:45:33:02:99:73:74:c6:53:c7:a7:fb:e7:
e9:aa:97:83:fe:ab:88:ab:c5:78:0f:f7:c4:9f:9b:
2b:c0:70:49:e5:93:49:b0:15:7f:bc:f7:d0:3f:c7:
31:63:ba:af:20:73:53:04:53:f2:bb:c0:5a:bc:1e:
65:2d:fd:c9:c5:93:64:36:30:50:6b:8e:d0:d2:c3:
f7:9c:55:09:3a:f7:ef:a9:74:8f:27:e1:b7:c0:e2:
10:87:4a:d6:d1:95:10:2c:24:cb:55:02:4d:a7:6a:
78:62:54:1c:73:51:20:10:01:22:6e:c2:dd:9f:ff:
4a:01:1e:7f:7a:20:a8:db:f1:94:14:ef:f1:bb:04:
e1:54:bd:a1:2d:22:bc:a8:07:0a:b4:7e:1b:ed:1c:
63:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:DF:FC:83:77:BE:48:20:74:E2:71:9E:0F:1F:9F:00:EC:B2:63:35
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/7t_8g3e-SCB04nGeDx-fAOyyYzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.43.114.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:bb:aa:9c:34:72:89:5d:f6:04:42:dc:4a:f5:c3:f8:39:b6:
4f:27:58:64:23:61:e2:5e:6f:d9:0e:0a:d6:82:58:1d:5d:21:
42:db:f0:67:4d:58:97:07:4f:e7:36:98:ee:f7:2c:1c:5e:7d:
81:4b:f5:0a:ab:61:35:37:4e:54:66:eb:7c:3a:4f:a1:dc:1c:
47:55:9f:f9:f3:7c:9d:cc:20:d3:78:3f:88:62:99:8f:53:8a:
68:2b:c6:e1:e8:9c:c9:14:da:57:7a:cf:cd:73:41:01:6d:a8:
95:01:e0:e5:2f:a7:ac:fc:ba:66:c8:c3:69:f4:ae:98:7f:df:
4a:2b:eb:df:b6:dc:28:ad:d8:ca:da:90:d8:5c:a8:b3:93:9f:
9f:dc:24:e5:2c:12:9d:bc:ac:4b:e5:9c:6b:25:7b:87:66:90:
19:22:d6:8d:99:d9:4e:75:c0:a9:13:b9:76:dd:28:42:99:17:
86:9f:01:cf:ec:2e:b8:46:ae:ee:d4:a6:c9:ef:ed:6b:dc:fe:
c0:93:b0:da:11:fb:b4:d3:fb:14:cc:b6:70:b0:f5:b1:0b:2e:
88:4e:83:68:6e:56:9d:88:7c:47:9a:bc:0c:71:db:2b:99:a4:
5d:ea:35:2b:78:fe:95:e7:a0:f3:f8:d4:87:f5:e7:d3:98:9d:
50:d6:83:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbWozUbO/8DLUlupgkwDYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwMTAxMDAyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWRmZmM4Mzc3YmU0ODIwNzRlMjcxOWUwZjFmOWYwMGVjYjI2MzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5+HvLaThmLhsT0f4fN+Dc0gNJnG
a74PP1wxVK+3yAvVuWzBivTs6wvHAm/DBKBMyyG0ystUHIOuCmQPKEMnnrio/8RF
XsrtDjJqCgV1FvJhcYhGQEJcFKlPtJ+Dz+7ENd2bSbOluDz1i6pFMwKZc3TGU8en
++fpqpeD/quIq8V4D/fEn5srwHBJ5ZNJsBV/vPfQP8cxY7qvIHNTBFPyu8BavB5l
Lf3JxZNkNjBQa47Q0sP3nFUJOvfvqXSPJ+G3wOIQh0rW0ZUQLCTLVQJNp2p4YlQc
c1EgEAEibsLdn/9KAR5/eiCo2/GUFO/xuwThVL2hLSK8qAcKtH4b7Rxj3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO7f/IN3vkggdOJxng8fnwDssmM1MB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvN3RfOGczZS1TQ0IwNG5HZUR4LWZBT3l5WXpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXytyMA0G
CSqGSIb3DQEBCwUAA4IBAQB8u6qcNHKJXfYEQtxK9cP4ObZPJ1hkI2HiXm/ZDgrW
glgdXSFC2/BnTViXB0/nNpju9ywcXn2BS/UKq2E1N05UZut8Ok+h3BxHVZ/583yd
zCDTeD+IYpmPU4poK8bh6JzJFNpXes/Nc0EBbaiVAeDlL6es/LpmyMNp9K6Yf99K
K+vfttwordjK2pDYXKizk5+f3CTlLBKdvKxL5ZxrJXuHZpAZItaNmdlOdcCpE7l2
3ShCmReGnwHP7C64Rq7u1KbJ7+1r3P7Ak7DaEfu00/sUzLZwsPWxCy6IToNoblad
iHxHmrwMcdsrmaRd6jUreP6V56Dz+NSH9efTmJ1Q1oPo
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:32:40 2024 by rpki-client on console-ams.rpki-client.org