Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/c0WL_EHaGel0YmtYnuOCL2C92pY.roa
File: c0WL_EHaGel0YmtYnuOCL2C92pY.roa (raw, json)
Hash identifier: vOF8hgNNHiVw8S56RQTomMctn2y4pE03bS7dSgaxSwA=
Subject key identifier: 73:45:8B:FC:41:DA:19:E9:74:62:6B:58:9E:E3:82:2F:60:BD:DA:96
Certificate issuer: /CN=f416539e74934d23a0572f6625dbfdb54e820873
Certificate serial: 018CC8706AA684CE76DF931EB595ECC8F08A
Authority key identifier: F4:16:53:9E:74:93:4D:23:A0:57:2F:66:25:DB:FD:B5:4E:82:08:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9BZTnnSTTSOgVy9mJdv9tU6CCHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/c0WL_EHaGel0YmtYnuOCL2C92pY.roa
Signing time: Tue 02 Jan 2024 04:30:59 +0000
ROA not before: Tue 02 Jan 2024 04:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29286
IP address blocks: 95.107.152.0/22 maxlen: 22
95.107.151.0/24 maxlen: 24
95.107.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/9BZTnnSTTSOgVy9mJdv9tU6CCHM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/9BZTnnSTTSOgVy9mJdv9tU6CCHM.mft
rsync://rpki.ripe.net/repository/DEFAULT/9BZTnnSTTSOgVy9mJdv9tU6CCHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:6a:a6:84:ce:76:df:93:1e:b5:95:ec:c8:f0:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f416539e74934d23a0572f6625dbfdb54e820873
Validity
Not Before: Jan 2 04:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73458bfc41da19e974626b589ee3822f60bdda96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c1:1a:fc:fa:b7:6e:f8:ac:4a:94:b1:ca:7e:
b4:a5:23:c5:0b:20:e5:c7:c4:9b:3b:3b:36:dd:1d:
d9:be:f1:3c:ee:16:05:91:4c:c3:bf:83:a4:e4:4a:
62:24:8a:9c:99:3c:e4:1e:aa:23:53:98:d9:bd:24:
5b:b9:d6:0e:6f:e4:d7:5b:2b:d9:08:9c:80:b5:43:
f7:98:d2:64:5c:23:1b:83:07:fa:ed:47:4b:11:fa:
2b:4e:d5:61:69:04:8e:31:c9:0e:fd:5a:e6:48:3b:
f1:e0:43:cb:d0:1e:f3:28:ec:9d:04:a4:b0:32:51:
bb:f3:22:e8:92:5d:cb:ff:6b:59:9f:ba:db:84:77:
bf:0b:d0:29:64:0a:6e:06:0b:31:9d:1a:9a:1d:76:
c0:6d:d4:ae:64:b5:39:21:6b:2a:a9:37:df:97:42:
f7:15:99:3d:01:a9:24:ea:60:3a:14:36:68:b3:60:
48:dd:5d:5e:ab:3b:3a:fc:1a:41:15:43:08:f0:b2:
ed:34:85:59:c7:60:78:23:f0:6a:b6:3f:b9:fc:77:
d5:9c:b2:2f:c6:df:1d:2f:73:d3:d9:7a:a9:25:9c:
90:b6:4d:9f:65:94:98:e0:4d:d9:e7:ce:57:7a:05:
76:52:30:c7:7d:77:ff:16:ae:42:83:0e:ba:9d:25:
6e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:45:8B:FC:41:DA:19:E9:74:62:6B:58:9E:E3:82:2F:60:BD:DA:96
X509v3 Authority Key Identifier:
keyid:F4:16:53:9E:74:93:4D:23:A0:57:2F:66:25:DB:FD:B5:4E:82:08:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9BZTnnSTTSOgVy9mJdv9tU6CCHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/c0WL_EHaGel0YmtYnuOCL2C92pY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/9BZTnnSTTSOgVy9mJdv9tU6CCHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.107.150.0-95.107.155.255
Signature Algorithm: sha256WithRSAEncryption
24:50:c5:08:fc:ad:d2:16:1b:40:95:dc:3d:78:f6:02:2e:7a:
b7:0f:07:53:a6:ad:08:aa:71:50:d3:ec:c4:f3:02:c3:f6:2c:
0b:4a:60:4c:ad:ef:a3:bf:5d:44:d3:aa:91:73:1e:5c:bb:98:
48:2d:33:41:aa:8d:88:73:38:cb:43:79:a8:b3:cc:21:22:18:
99:29:44:27:57:6b:2a:c4:cd:bf:b0:c2:50:2b:2d:86:67:a9:
6f:28:99:dc:d8:f6:7c:18:4d:92:bb:57:bb:05:9e:48:25:75:
32:e6:37:e7:1e:b5:d6:65:d3:27:00:a9:5b:55:a3:fa:b1:cb:
bd:f4:3f:74:1c:e8:24:bf:cb:a0:02:4f:11:f8:c6:30:b3:71:
50:e8:eb:ba:32:c3:16:dc:52:58:25:23:40:01:ab:ba:14:5b:
ae:70:40:4f:d1:13:a0:f3:dc:83:03:ac:ec:c4:2a:c4:3d:bd:
98:83:cc:82:55:1a:65:94:d2:ff:f0:a7:8b:af:fe:f9:b3:ae:
9e:4d:4d:1e:de:46:6c:0e:39:13:b7:dd:63:e0:4e:6d:03:85:
98:a3:97:d7:45:f9:79:3b:5f:5e:30:cc:db:0d:e2:db:40:c8:
10:71:67:2c:6c:a7:b5:16:20:50:9d:8a:58:55:e0:87:72:1d:
56:62:62:89
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzIcGqmhM5235MetZXsyPCKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0MTY1MzllNzQ5MzRkMjNhMDU3MmY2NjI1ZGJmZGI1NGU4
MjA4NzMwHhcNMjQwMTAyMDQzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzQ1OGJmYzQxZGExOWU5NzQ2MjZiNTg5ZWUzODIyZjYwYmRkYTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMEa/Pq3bvisSpSxyn60pSPFCyDl
x8SbOzs23R3ZvvE87hYFkUzDv4Ok5EpiJIqcmTzkHqojU5jZvSRbudYOb+TXWyvZ
CJyAtUP3mNJkXCMbgwf67UdLEforTtVhaQSOMckO/VrmSDvx4EPL0B7zKOydBKSw
MlG78yLokl3L/2tZn7rbhHe/C9ApZApuBgsxnRqaHXbAbdSuZLU5IWsqqTffl0L3
FZk9Aakk6mA6FDZos2BI3V1eqzs6/BpBFUMI8LLtNIVZx2B4I/Bqtj+5/HfVnLIv
xt8dL3PT2XqpJZyQtk2fZZSY4E3Z585XegV2UjDHfXf/Fq5Cgw66nSVucwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHNFi/xB2hnpdGJrWJ7jgi9gvdqWMB8GA1UdIwQY
MBaAFPQWU550k00joFcvZiXb/bVOgghzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUJaVG5uU1RUU09nVnk5bUpkdjl0VTZDQ0hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy81M2U0OTYtMDA5Ny00NjJhLWE5ODkt
ZDY3YTYxZDU0MTZkLzEvYzBXTF9FSGFHZWwwWW10WW51T0NMMkM5MnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy81M2U0OTYtMDA5Ny00NjJhLWE5ODktZDY3YTYxZDU0MTZk
LzEvOUJaVG5uU1RUU09nVnk5bUpkdjl0VTZDQ0hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFfa5YD
BAJfa5gwDQYJKoZIhvcNAQELBQADggEBACRQxQj8rdIWG0CV3D149gIuercPB1Om
rQiqcVDT7MTzAsP2LAtKYEyt76O/XUTTqpFzHly7mEgtM0GqjYhzOMtDeaizzCEi
GJkpRCdXayrEzb+wwlArLYZnqW8omdzY9nwYTZK7V7sFnkgldTLmN+cetdZl0ycA
qVtVo/qxy730P3Qc6CS/y6ACTxH4xjCzcVDo67oywxbcUlglI0ABq7oUW65wQE/R
E6Dz3IMDrOzEKsQ9vZiDzIJVGmWU0v/wp4uv/vmzrp5NTR7eRmwOORO33WPgTm0D
hZijl9dF+Xk7X14wzNsN4ttAyBBxZyxsp7UWIFCdilhV4IdyHVZiYok=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:04:29 2024 by rpki-client on console-ams.rpki-client.org