Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/b4daf6-448d-4f3e-944a-573ca5a609c0/1/vF_71AZ1etLBDiNCIEN8uY9Z5H4.roa
File: vF_71AZ1etLBDiNCIEN8uY9Z5H4.roa (raw, json)
Hash identifier: 8iMWag+ahYAX9FYymCOJKYAiu9fIyxE7pd22IkuFHbI=
Subject key identifier: BC:5F:FB:D4:06:75:7A:D2:C1:0E:23:42:20:43:7C:B9:8F:59:E4:7E
Certificate issuer: /CN=72098efaae8063cacecc4f1c1a0b64483bb69503
Certificate serial: 0192288133574E2DE502306C22E6F6C19BA2
Authority key identifier: 72:09:8E:FA:AE:80:63:CA:CE:CC:4F:1C:1A:0B:64:48:3B:B6:95:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgmO-q6AY8rOzE8cGgtkSDu2lQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/b4daf6-448d-4f3e-944a-573ca5a609c0/1/vF_71AZ1etLBDiNCIEN8uY9Z5H4.roa
Signing time: Wed 25 Sep 2024 09:26:48 +0000
ROA not before: Wed 25 Sep 2024 09:26:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2593
IP address blocks: 95.140.128.0/21 maxlen: 21
185.213.112.0/24 maxlen: 24
185.213.113.0/24 maxlen: 24
2a09:8d00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/b4daf6-448d-4f3e-944a-573ca5a609c0/1/cgmO-q6AY8rOzE8cGgtkSDu2lQM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/b4daf6-448d-4f3e-944a-573ca5a609c0/1/cgmO-q6AY8rOzE8cGgtkSDu2lQM.mft
rsync://rpki.ripe.net/repository/DEFAULT/cgmO-q6AY8rOzE8cGgtkSDu2lQM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:28:81:33:57:4e:2d:e5:02:30:6c:22:e6:f6:c1:9b:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72098efaae8063cacecc4f1c1a0b64483bb69503
Validity
Not Before: Sep 25 09:26:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc5ffbd406757ad2c10e234220437cb98f59e47e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c2:77:23:4c:b4:e3:fd:81:bc:76:07:c2:7f:
20:37:02:d3:b5:2b:1f:2f:d1:22:0d:47:af:13:5f:
9c:33:3d:a6:bb:7e:88:19:72:29:e5:21:b7:bb:80:
2e:2a:63:70:a3:1b:49:e5:21:90:37:c9:bb:99:7b:
f8:1c:17:26:e1:f8:e8:40:78:92:b8:3e:a6:13:18:
1e:a8:68:89:c1:35:9a:e8:7c:ff:cc:12:93:91:f8:
4c:b9:5e:71:f0:27:4f:03:dd:76:32:b5:ba:68:dc:
04:1d:4f:68:0e:1b:75:b8:21:da:c9:87:55:36:6c:
f1:45:7f:f4:4e:f7:ec:ed:ba:08:ed:18:b3:d3:9b:
be:0f:98:1a:0c:a0:1d:34:52:61:dc:a8:7c:24:66:
b6:3c:46:28:e5:b9:d7:35:1a:00:a4:12:fb:5a:8a:
25:07:4f:89:c9:57:5f:b3:b6:87:4b:20:4c:c6:b8:
97:2b:52:94:3e:5a:cf:79:61:43:a5:e6:05:f1:c0:
40:8d:2a:57:c0:8a:20:01:80:0b:82:dd:3c:b5:7c:
b9:ae:2a:23:a0:04:09:61:17:fc:75:06:8d:f1:f7:
a8:a6:52:86:38:c0:51:75:79:d8:30:01:c4:dd:f2:
73:bd:e2:11:7f:aa:8d:bc:31:a1:20:3f:d4:4f:39:
f3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:5F:FB:D4:06:75:7A:D2:C1:0E:23:42:20:43:7C:B9:8F:59:E4:7E
X509v3 Authority Key Identifier:
keyid:72:09:8E:FA:AE:80:63:CA:CE:CC:4F:1C:1A:0B:64:48:3B:B6:95:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgmO-q6AY8rOzE8cGgtkSDu2lQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4daf6-448d-4f3e-944a-573ca5a609c0/1/vF_71AZ1etLBDiNCIEN8uY9Z5H4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4daf6-448d-4f3e-944a-573ca5a609c0/1/cgmO-q6AY8rOzE8cGgtkSDu2lQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.140.128.0/21
185.213.112.0/23
IPv6:
2a09:8d00::/29
Signature Algorithm: sha256WithRSAEncryption
18:55:54:f0:99:77:f2:7f:ab:b7:c1:51:43:af:95:de:84:21:
1f:58:18:9d:f8:83:00:46:4a:7c:83:63:a2:4d:fb:ad:0b:8c:
a9:ca:b1:84:23:2b:2a:8f:37:e7:5e:4f:2f:43:f9:7a:04:1b:
4b:9a:ac:f0:b3:4f:69:8e:3e:15:09:69:ca:45:94:db:78:49:
db:a3:8a:5a:e7:a8:64:77:a4:59:dc:3b:a3:78:96:c6:44:cf:
91:a4:c4:d8:0b:15:8a:7f:63:63:f6:0f:d9:03:68:64:5e:34:
c0:7b:3d:e4:1f:39:3b:6f:80:53:32:e7:1c:94:ff:6c:e5:84:
3e:d9:b2:6f:d8:40:98:b6:fc:3a:53:79:b5:be:15:7f:67:fe:
a4:01:50:53:4b:be:d2:09:52:85:33:fb:33:de:ce:a7:5c:57:
d1:76:d7:52:30:93:a4:0e:fd:f6:85:0e:e4:0c:3d:0c:39:15:
5d:5f:a5:f0:67:9d:92:5e:de:8e:b1:93:e7:f3:8e:29:31:df:
e6:4e:d9:26:05:ac:35:7f:92:88:e6:30:1d:cb:53:3f:d3:2d:
83:f4:9a:82:e4:1e:1e:73:04:b0:52:b8:ca:af:1c:32:20:99:
9f:eb:6f:50:97:c8:62:42:92:49:a0:76:cf:4e:11:cf:6b:70:
00:91:2a:5f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZIogTNXTi3lAjBsIub2wZuiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDk4ZWZhYWU4MDYzY2FjZWNjNGYxYzFhMGI2NDQ4M2Ji
Njk1MDMwHhcNMjQwOTI1MDkyNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzVmZmJkNDA2NzU3YWQyYzEwZTIzNDIyMDQzN2NiOThmNTllNDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsJ3I0y04/2BvHYHwn8gNwLTtSsf
L9EiDUevE1+cMz2mu36IGXIp5SG3u4AuKmNwoxtJ5SGQN8m7mXv4HBcm4fjoQHiS
uD6mExgeqGiJwTWa6Hz/zBKTkfhMuV5x8CdPA912MrW6aNwEHU9oDht1uCHayYdV
NmzxRX/0Tvfs7boI7Riz05u+D5gaDKAdNFJh3Kh8JGa2PEYo5bnXNRoApBL7Wool
B0+JyVdfs7aHSyBMxriXK1KUPlrPeWFDpeYF8cBAjSpXwIogAYALgt08tXy5rioj
oAQJYRf8dQaN8feoplKGOMBRdXnYMAHE3fJzveIRf6qNvDGhID/UTznzFwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLxf+9QGdXrSwQ4jQiBDfLmPWeR+MB8GA1UdIwQY
MBaAFHIJjvqugGPKzsxPHBoLZEg7tpUDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dtTy1xNkFZOHJPekU4Y0dndGtTRHUybFFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iNGRhZjYtNDQ4ZC00ZjNlLTk0NGEt
NTczY2E1YTYwOWMwLzEvdkZfNzFBWjFldExCRGlOQ0lFTjh1WTlaNUg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9iNGRhZjYtNDQ4ZC00ZjNlLTk0NGEtNTczY2E1YTYwOWMw
LzEvY2dtTy1xNkFZOHJPekU4Y0dndGtTRHUybFFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDX4yAAwQB
udVwMA0EAgACMAcDBQMqCY0AMA0GCSqGSIb3DQEBCwUAA4IBAQAYVVTwmXfyf6u3
wVFDr5XehCEfWBid+IMARkp8g2OiTfutC4ypyrGEIysqjzfnXk8vQ/l6BBtLmqzw
s09pjj4VCWnKRZTbeEnbo4pa56hkd6RZ3DujeJbGRM+RpMTYCxWKf2Nj9g/ZA2hk
XjTAez3kHzk7b4BTMucclP9s5YQ+2bJv2ECYtvw6U3m1vhV/Z/6kAVBTS77SCVKF
M/sz3s6nXFfRdtdSMJOkDv32hQ7kDD0MORVdX6XwZ52SXt6OsZPn844pMd/mTtkm
Baw1f5KI5jAdy1M/0y2D9JqC5B4ecwSwUrjKrxwyIJmf629Ql8hiQpJJoHbPThHP
a3AAkSpf
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:13:28 2024 by rpki-client on console-fra.rpki-client.org