Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/KT5bLeDxqU5LEXTyzGgfqeJmiPg.roa
File: KT5bLeDxqU5LEXTyzGgfqeJmiPg.roa (raw, json)
Hash identifier: NjSm9iLLz5jAcS9mEwtYOLZzHnFn6XZc0vOY21tw4iE=
Subject key identifier: 29:3E:5B:2D:E0:F1:A9:4E:4B:11:74:F2:CC:68:1F:A9:E2:66:88:F8
Certificate issuer: /CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Certificate serial: 018CC64B1F597EB97F67A0AB2C2F37C166A4
Authority key identifier: AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/KT5bLeDxqU5LEXTyzGgfqeJmiPg.roa
Signing time: Mon 01 Jan 2024 18:31:01 +0000
ROA not before: Mon 01 Jan 2024 18:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18692
IP address blocks: 95.172.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:1f:59:7e:b9:7f:67:a0:ab:2c:2f:37:c1:66:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Validity
Not Before: Jan 1 18:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=293e5b2de0f1a94e4b1174f2cc681fa9e26688f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:27:d5:ca:f4:b2:d7:98:f5:3b:9b:9c:7c:94:
d4:a1:02:f2:03:22:07:ae:4d:46:de:1e:22:b9:d3:
aa:b3:88:4f:9b:2c:36:e2:15:df:5c:66:4e:c3:97:
f2:53:26:45:0d:33:df:0c:f8:46:e9:f2:49:40:5e:
a7:14:88:c9:62:e6:18:e5:6f:d2:3c:5b:b4:20:4d:
06:65:89:b5:ed:13:a0:ec:a2:ac:82:78:f7:87:65:
34:fa:46:d9:1b:0e:59:d0:ee:74:b5:72:56:65:e1:
92:d7:e5:6b:92:f4:f9:a9:2a:c8:63:be:94:41:49:
77:59:ee:a0:98:c7:9a:86:6a:10:bd:18:79:cc:fe:
f4:11:6d:8b:8e:9c:ca:21:2e:b5:4c:9f:7a:c5:fe:
c1:3d:59:67:0d:24:04:2e:54:2c:1e:60:84:db:54:
cb:12:dc:77:96:2f:bf:11:eb:2e:29:b8:09:29:47:
a6:41:3c:1b:fe:f8:aa:d7:b2:4a:f1:5c:82:95:5f:
24:ce:bf:88:45:8c:54:d8:90:5c:b9:69:62:d7:2b:
7d:26:8a:4f:06:9a:bd:97:b7:04:54:a1:ff:4b:88:
ea:b8:c0:2e:8a:e0:2d:7b:5c:d1:66:97:ac:b2:da:
79:f3:66:e9:06:9d:01:48:3d:49:bf:a5:2b:01:b6:
1d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:3E:5B:2D:E0:F1:A9:4E:4B:11:74:F2:CC:68:1F:A9:E2:66:88:F8
X509v3 Authority Key Identifier:
keyid:AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/KT5bLeDxqU5LEXTyzGgfqeJmiPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.172.72.0/24
Signature Algorithm: sha256WithRSAEncryption
66:51:e8:ce:a2:32:1b:91:7d:b0:68:32:aa:95:de:e0:93:cc:
bb:f5:44:53:55:c5:0d:ba:26:8c:2c:a7:44:97:1a:99:ca:bf:
c3:04:cd:98:57:3a:9b:93:11:62:b6:ff:a7:4b:0b:ee:0c:a8:
73:08:f2:20:d8:ca:68:a1:12:2d:e7:d1:8c:be:b9:71:78:b4:
fc:8d:a0:c5:8f:ab:14:27:97:30:8e:3d:14:8d:ac:b5:48:f4:
41:bf:7d:f0:fa:e3:a0:ab:f4:ae:b4:26:f6:7b:73:7a:fc:ca:
e2:a9:0b:5b:33:70:64:ea:74:dc:50:cc:05:0b:c3:8c:86:98:
00:eb:9f:67:6f:9f:3e:b3:b1:a8:32:03:8a:87:23:ff:b9:c3:
2a:cb:91:1d:9f:96:9b:96:04:83:f8:85:fc:ae:5f:e9:8c:c8:
c2:fb:9f:2a:a3:69:4e:3e:5e:bc:9d:8a:b2:73:42:75:4d:a4:
c4:1e:11:3e:98:c8:3e:11:99:cf:aa:1c:25:d6:f9:1b:1d:89:
44:41:9f:69:91:1e:dd:80:af:c0:9a:bb:57:d4:fc:39:dd:0a:
49:f8:6a:e0:f4:02:e6:d3:48:25:36:d0:dd:a8:5d:87:2f:36:
32:99:6a:3d:dd:81:fd:c4:a7:5b:be:1c:ba:16:15:8b:ff:cc:
03:fa:1f:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSx9Zfrl/Z6CrLC83wWakMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZGFlZWE5MTE3YTFkNWNjYzMyMDIyMjk1NWEwOWZhYTA3
OThmZDkwHhcNMjQwMTAxMTgzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTNlNWIyZGUwZjFhOTRlNGIxMTc0ZjJjYzY4MWZhOWUyNjY4OGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSfVyvSy15j1O5ucfJTUoQLyAyIH
rk1G3h4iudOqs4hPmyw24hXfXGZOw5fyUyZFDTPfDPhG6fJJQF6nFIjJYuYY5W/S
PFu0IE0GZYm17ROg7KKsgnj3h2U0+kbZGw5Z0O50tXJWZeGS1+VrkvT5qSrIY76U
QUl3We6gmMeahmoQvRh5zP70EW2LjpzKIS61TJ96xf7BPVlnDSQELlQsHmCE21TL
Etx3li+/EesuKbgJKUemQTwb/viq17JK8VyClV8kzr+IRYxU2JBcuWli1yt9JopP
Bpq9l7cEVKH/S4jquMAuiuAte1zRZpesstp582bpBp0BSD1Jv6UrAbYdSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCk+Wy3g8alOSxF08sxoH6niZoj4MB8GA1UdIwQY
MBaAFK7a7qkReh1czDICIpVaCfqgeY/ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEt
OTk4NjhjNTEzMjlhLzEvS1Q1YkxlRHhxVTVMRVhUeXpHZ2ZxZUptaVBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEtOTk4NjhjNTEzMjlh
LzEvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX6xIMA0G
CSqGSIb3DQEBCwUAA4IBAQBmUejOojIbkX2waDKqld7gk8y79URTVcUNuiaMLKdE
lxqZyr/DBM2YVzqbkxFitv+nSwvuDKhzCPIg2MpooRIt59GMvrlxeLT8jaDFj6sU
J5cwjj0Ujay1SPRBv33w+uOgq/SutCb2e3N6/MriqQtbM3Bk6nTcUMwFC8OMhpgA
659nb58+s7GoMgOKhyP/ucMqy5Edn5ablgSD+IX8rl/pjMjC+58qo2lOPl68nYqy
c0J1TaTEHhE+mMg+EZnPqhwl1vkbHYlEQZ9pkR7dgK/AmrtX1Pw53QpJ+Grg9ALm
00glNtDdqF2HLzYymWo93YH9xKdbvhy6FhWL/8wD+h+e
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:56:20 2024 by rpki-client on console-ams.rpki-client.org