Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/96d730-38ef-4b21-b1fe-a57d488744c2/1/HbIUMIkvWumm2gVb5bkpgOyfXq4.roa
File: HbIUMIkvWumm2gVb5bkpgOyfXq4.roa (raw, json)
Hash identifier: L29JDAV7ut7MUzDp1FZ3K8aNh+2+rvYepyK1VEF3LMk=
Subject key identifier: 1D:B2:14:30:89:2F:5A:E9:A6:DA:05:5B:E5:B9:29:80:EC:9F:5E:AE
Certificate issuer: /CN=32536254b3e74900675bc6ebd50ae825828b9a76
Certificate serial: 018CCA2BC43399A9829293556B434E6638B4
Authority key identifier: 32:53:62:54:B3:E7:49:00:67:5B:C6:EB:D5:0A:E8:25:82:8B:9A:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MlNiVLPnSQBnW8br1QroJYKLmnY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/96d730-38ef-4b21-b1fe-a57d488744c2/1/HbIUMIkvWumm2gVb5bkpgOyfXq4.roa
Signing time: Tue 02 Jan 2024 12:35:15 +0000
ROA not before: Tue 02 Jan 2024 12:35:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35086
IP address blocks: 185.95.141.0/24 maxlen: 24
185.95.140.0/24 maxlen: 24
185.95.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/96d730-38ef-4b21-b1fe-a57d488744c2/1/MlNiVLPnSQBnW8br1QroJYKLmnY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/96d730-38ef-4b21-b1fe-a57d488744c2/1/MlNiVLPnSQBnW8br1QroJYKLmnY.mft
rsync://rpki.ripe.net/repository/DEFAULT/MlNiVLPnSQBnW8br1QroJYKLmnY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:c4:33:99:a9:82:92:93:55:6b:43:4e:66:38:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32536254b3e74900675bc6ebd50ae825828b9a76
Validity
Not Before: Jan 2 12:35:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1db21430892f5ae9a6da055be5b92980ec9f5eae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:7d:73:f2:48:32:dc:b4:d5:ef:de:10:bd:54:
76:75:ca:87:9c:c5:ab:10:e5:a9:d5:4d:0e:2f:99:
d6:b1:9c:44:6f:74:e0:e1:d4:d8:32:49:2e:0b:ef:
a7:81:0a:34:d4:13:e5:61:53:f9:4e:89:0e:cc:0e:
81:20:62:e8:9a:ee:46:b2:13:42:95:be:fb:73:6c:
d8:80:3c:a8:c9:b5:cb:0c:34:52:c1:b8:18:f3:60:
e8:c8:d3:af:c6:aa:ea:3d:be:76:cb:b7:72:ec:0b:
d1:46:78:83:55:0a:b4:79:6c:5a:5f:62:b0:39:c4:
b6:94:41:18:f4:48:03:75:58:f3:1f:e2:10:c8:fa:
4a:8c:10:68:2c:d8:2a:02:f7:fa:76:fa:fc:38:a7:
eb:ba:1f:f1:56:a0:df:79:4c:c9:93:0e:03:31:f9:
93:b9:3d:01:33:2d:76:0d:0b:84:f9:f1:03:df:12:
32:39:06:8b:4c:d8:40:f4:ca:82:71:1d:ef:92:c3:
12:39:9c:30:5a:ad:ad:80:21:d2:9a:fe:64:73:78:
09:58:e7:4e:fe:7f:db:6d:4d:0e:57:75:42:2b:86:
99:c7:9b:1e:ab:1c:37:cc:66:c7:22:f1:ac:f9:b8:
d3:64:2b:0c:4d:79:e7:bf:d8:56:57:0b:8e:54:e9:
cb:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B2:14:30:89:2F:5A:E9:A6:DA:05:5B:E5:B9:29:80:EC:9F:5E:AE
X509v3 Authority Key Identifier:
keyid:32:53:62:54:B3:E7:49:00:67:5B:C6:EB:D5:0A:E8:25:82:8B:9A:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlNiVLPnSQBnW8br1QroJYKLmnY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/96d730-38ef-4b21-b1fe-a57d488744c2/1/HbIUMIkvWumm2gVb5bkpgOyfXq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/96d730-38ef-4b21-b1fe-a57d488744c2/1/MlNiVLPnSQBnW8br1QroJYKLmnY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.140.0-185.95.142.255
Signature Algorithm: sha256WithRSAEncryption
01:ed:de:37:14:6a:e8:b3:5f:d0:2c:ed:6f:6f:8d:3d:d4:5b:
d8:2c:fb:0f:b2:2a:af:ad:71:75:cc:23:29:9e:df:57:ad:47:
93:18:eb:3d:5f:2a:34:5a:56:2e:ba:f0:07:a2:59:b5:b5:c6:
d4:e6:72:a6:1b:d4:24:38:da:ed:46:54:4d:e4:aa:31:d0:3b:
0d:70:9d:96:2f:6d:d8:3b:c0:de:03:e4:bb:65:08:78:d2:53:
d8:a1:1c:05:58:7f:32:1d:3d:bb:38:60:be:ee:40:6b:1a:24:
a0:62:ed:bd:7f:3d:72:95:ae:07:90:53:1b:b2:ce:4b:5b:9f:
10:3f:0c:5e:e3:58:bb:97:b1:bb:ab:4e:af:65:4c:5a:c6:c8:
e6:8f:94:97:9d:d5:2b:17:fb:59:f8:65:d5:6a:78:0a:7c:1d:
63:8d:50:09:9d:75:f4:c6:8f:61:17:0c:97:4c:b4:21:b1:08:
29:d8:60:7d:b3:03:6e:03:8e:ac:9d:ff:50:c2:de:1c:5a:24:
48:6e:84:f2:c4:ad:71:29:e8:ea:1d:3f:f6:1f:8f:0b:c6:16:
4d:63:d5:97:66:5d:88:4a:b7:08:b1:36:90:a9:91:75:ab:33:
95:5d:e0:aa:2d:cd:8d:40:97:a7:fe:93:68:c2:6f:bc:e8:e5:
59:b9:cd:30
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzKK8QzmamCkpNVa0NOZji0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTM2MjU0YjNlNzQ5MDA2NzViYzZlYmQ1MGFlODI1ODI4
YjlhNzYwHhcNMjQwMTAyMTIzNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGIyMTQzMDg5MmY1YWU5YTZkYTA1NWJlNWI5Mjk4MGVjOWY1ZWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlH1z8kgy3LTV794QvVR2dcqHnMWr
EOWp1U0OL5nWsZxEb3Tg4dTYMkkuC++ngQo01BPlYVP5TokOzA6BIGLomu5GshNC
lb77c2zYgDyoybXLDDRSwbgY82DoyNOvxqrqPb52y7dy7AvRRniDVQq0eWxaX2Kw
OcS2lEEY9EgDdVjzH+IQyPpKjBBoLNgqAvf6dvr8OKfruh/xVqDfeUzJkw4DMfmT
uT0BMy12DQuE+fED3xIyOQaLTNhA9MqCcR3vksMSOZwwWq2tgCHSmv5kc3gJWOdO
/n/bbU0OV3VCK4aZx5seqxw3zGbHIvGs+bjTZCsMTXnnv9hWVwuOVOnL/QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFB2yFDCJL1rpptoFW+W5KYDsn16uMB8GA1UdIwQY
MBaAFDJTYlSz50kAZ1vG69UK6CWCi5p2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxOaVZMUG5TUUJuVzhicjFRcm9KWUtMbW5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy85NmQ3MzAtMzhlZi00YjIxLWIxZmUt
YTU3ZDQ4ODc0NGMyLzEvSGJJVU1Ja3ZXdW1tMmdWYjVia3BnT3lmWHE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy85NmQ3MzAtMzhlZi00YjIxLWIxZmUtYTU3ZDQ4ODc0NGMy
LzEvTWxOaVZMUG5TUUJuVzhicjFRcm9KWUtMbW5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5X4wD
BAC5X44wDQYJKoZIhvcNAQELBQADggEBAAHt3jcUauizX9As7W9vjT3UW9gs+w+y
Kq+tcXXMIyme31etR5MY6z1fKjRaVi668AeiWbW1xtTmcqYb1CQ42u1GVE3kqjHQ
Ow1wnZYvbdg7wN4D5LtlCHjSU9ihHAVYfzIdPbs4YL7uQGsaJKBi7b1/PXKVrgeQ
UxuyzktbnxA/DF7jWLuXsburTq9lTFrGyOaPlJed1SsX+1n4ZdVqeAp8HWONUAmd
dfTGj2EXDJdMtCGxCCnYYH2zA24Djqyd/1DC3hxaJEhuhPLErXEp6OodP/YfjwvG
Fk1j1ZdmXYhKtwixNpCpkXWrM5Vd4KotzY1Al6f+k2jCb7zo5Vm5zTA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:56:45 2024 by rpki-client on console-fra.rpki-client.org