Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/9PbxSYN1nxUyXkXsAJLu4gBD8Jw.roa
File: 9PbxSYN1nxUyXkXsAJLu4gBD8Jw.roa (raw, json)
Hash identifier: hygvX+5KvNhaVW4Z693TyU+kdSwDzMwMst/depWKIXg=
Subject key identifier: F4:F6:F1:49:83:75:9F:15:32:5E:45:EC:00:92:EE:E2:00:43:F0:9C
Certificate issuer: /CN=435416b2282b4533c3509c18e957ce0c836bc837
Certificate serial: 0191F62FBA325FEE0976FC59298711B5D378
Authority key identifier: 43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/9PbxSYN1nxUyXkXsAJLu4gBD8Jw.roa
Signing time: Sun 15 Sep 2024 14:56:48 +0000
ROA not before: Sun 15 Sep 2024 14:56:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 95.175.68.0/22 maxlen: 22
95.175.72.0/22 maxlen: 22
95.175.76.0/22 maxlen: 22
195.66.218.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 17:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f6:2f:ba:32:5f:ee:09:76:fc:59:29:87:11:b5:d3:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=435416b2282b4533c3509c18e957ce0c836bc837
Validity
Not Before: Sep 15 14:56:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4f6f14983759f15325e45ec0092eee20043f09c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:6a:c9:07:c4:2d:57:e3:8f:b5:d4:5d:34:83:
18:80:8e:96:a0:af:84:18:5d:21:c8:27:b3:4e:27:
42:fe:6f:8a:ac:d2:c0:51:aa:cd:8c:c5:37:9c:66:
a6:21:60:86:bc:e1:f8:68:1f:84:d9:6e:03:b8:f5:
dd:18:a5:50:04:18:6e:69:8b:d6:2d:19:f6:1f:0e:
74:30:ce:b5:ef:46:95:8f:ab:42:62:1a:70:7e:cb:
07:b2:28:17:54:4c:35:b6:54:02:ea:fe:61:f4:27:
54:0d:7d:f4:04:f5:98:bb:7f:29:f8:8a:86:bb:1c:
23:dd:34:ff:0d:8c:47:53:e4:c8:36:58:dd:2e:85:
c8:01:07:50:79:58:82:f0:39:5b:bb:0c:6a:a8:2b:
0a:ba:55:8b:7f:20:ec:9c:aa:2b:24:10:e2:81:00:
a5:fe:1a:b2:6f:c3:7e:c5:3a:d7:ff:de:35:79:9f:
71:8b:37:d0:7c:ed:1c:b9:bb:2c:a9:d7:f2:cf:14:
78:08:05:68:b9:e7:ba:f3:19:5b:97:7e:e6:b7:7f:
cc:17:09:34:f3:9c:d7:82:f3:bd:7e:5e:96:e8:09:
f8:39:6b:bf:3b:74:b7:c6:8a:13:e9:2c:66:58:84:
9a:49:ac:c8:fa:d0:55:50:e3:2c:ce:16:b8:26:62:
91:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F6:F1:49:83:75:9F:15:32:5E:45:EC:00:92:EE:E2:00:43:F0:9C
X509v3 Authority Key Identifier:
keyid:43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/9PbxSYN1nxUyXkXsAJLu4gBD8Jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.175.68.0-95.175.79.255
195.66.218.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:38:f1:99:39:6c:87:fd:f0:af:fd:d1:a8:00:dc:f8:25:18:
b8:6a:c6:a3:c7:c3:45:9e:4c:89:67:03:e0:e4:26:1e:1c:f0:
c0:4d:df:f1:b7:8f:61:9b:a2:7a:55:ab:96:c2:0e:5e:48:5f:
53:ed:27:8c:3e:6a:25:b0:ce:90:10:cb:18:8b:d5:e1:0c:33:
2b:5c:f2:fc:8b:57:12:39:39:b6:9f:73:e1:84:f4:8f:61:fa:
2a:a6:fe:b5:d7:08:e2:35:a7:82:c0:ad:25:56:98:c5:b0:c7:
3e:8f:7e:4e:c8:4d:ac:05:33:68:b9:06:2e:ee:e4:99:8c:97:
c5:99:92:a5:9d:f7:a1:a5:37:ae:7d:ce:2f:7b:f3:42:40:74:
b5:e9:3b:34:31:63:39:39:8f:2e:40:d0:17:27:4a:0c:a1:e2:
5e:cb:12:45:96:79:3a:76:0b:b8:ed:47:88:f6:87:d1:97:99:
85:25:4c:96:67:fc:9d:55:dc:ba:e7:39:b3:4c:87:4c:4e:48:
e0:77:65:8b:85:fc:fd:1b:87:d8:30:5d:be:c6:1f:8d:6d:df:
64:f8:9d:0c:c7:3b:d5:53:96:46:d6:8c:a1:9b:7b:99:b2:2f:
e2:ff:f4:0d:a4:09:04:a4:c1:ce:69:96:1f:63:0c:f9:73:fa:
b0:ca:4f:e1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZH2L7oyX+4JdvxZKYcRtdN4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTQxNmIyMjgyYjQ1MzNjMzUwOWMxOGU5NTdjZTBjODM2
YmM4MzcwHhcNMjQwOTE1MTQ1NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGY2ZjE0OTgzNzU5ZjE1MzI1ZTQ1ZWMwMDkyZWVlMjAwNDNmMDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmrJB8QtV+OPtdRdNIMYgI6WoK+E
GF0hyCezTidC/m+KrNLAUarNjMU3nGamIWCGvOH4aB+E2W4DuPXdGKVQBBhuaYvW
LRn2Hw50MM6170aVj6tCYhpwfssHsigXVEw1tlQC6v5h9CdUDX30BPWYu38p+IqG
uxwj3TT/DYxHU+TINljdLoXIAQdQeViC8DlbuwxqqCsKulWLfyDsnKorJBDigQCl
/hqyb8N+xTrX/941eZ9xizfQfO0cubssqdfyzxR4CAVouee68xlbl37mt3/MFwk0
85zXgvO9fl6W6An4OWu/O3S3xooT6SxmWISaSazI+tBVUOMszha4JmKRcwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPT28UmDdZ8VMl5F7ACS7uIAQ/CcMB8GA1UdIwQY
MBaAFENUFrIoK0Uzw1CcGOlXzgyDa8g3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQt
MjYyZWIzOWJiZTc2LzEvOVBieFNZTjFueFV5WGtYc0FKTHU0Z0JEOEp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQtMjYyZWIzOWJiZTc2
LzEvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAJfr0QD
BARfr0ADBAHDQtowDQYJKoZIhvcNAQELBQADggEBAIs48Zk5bIf98K/90agA3Pgl
GLhqxqPHw0WeTIlnA+DkJh4c8MBN3/G3j2GbonpVq5bCDl5IX1PtJ4w+aiWwzpAQ
yxiL1eEMMytc8vyLVxI5Obafc+GE9I9h+iqm/rXXCOI1p4LArSVWmMWwxz6Pfk7I
TawFM2i5Bi7u5JmMl8WZkqWd96GlN659zi9780JAdLXpOzQxYzk5jy5A0BcnSgyh
4l7LEkWWeTp2C7jtR4j2h9GXmYUlTJZn/J1V3LrnObNMh0xOSOB3ZYuF/P0bh9gw
Xb7GH41t32T4nQzHO9VTlkbWjKGbe5myL+L/9A2kCQSkwc5plh9jDPlz+rDKT+E=
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:35:43 2024 by rpki-client on console-ams.rpki-client.org