Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/2JPu54zcMgqpjgM_X1DTraNohGk.roa
File: 2JPu54zcMgqpjgM_X1DTraNohGk.roa (raw, json)
Hash identifier: gooLU784k1i41KOHy4EVXVESp2vjgglIlrNrES6Dmp8=
Subject key identifier: D8:93:EE:E7:8C:DC:32:0A:A9:8E:03:3F:5F:50:D3:AD:A3:68:84:69
Certificate issuer: /CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Certificate serial: 01921D3D49EDE813426693DC173598278164
Authority key identifier: F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/2JPu54zcMgqpjgM_X1DTraNohGk.roa
Signing time: Mon 23 Sep 2024 04:56:48 +0000
ROA not before: Mon 23 Sep 2024 04:56:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62442
IP address blocks: 95.38.45.0/24 maxlen: 24
95.38.72.0/24 maxlen: 24
95.38.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.mft
rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1d:3d:49:ed:e8:13:42:66:93:dc:17:35:98:27:81:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Validity
Not Before: Sep 23 04:56:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d893eee78cdc320aa98e033f5f50d3ada3688469
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:60:07:e3:19:ce:ec:3e:50:05:fa:ac:8e:e9:
e6:f8:22:3a:f6:4a:67:52:c7:20:27:12:0b:d4:66:
7b:6b:27:7c:b0:45:d6:92:ce:d3:f2:35:7f:59:44:
ce:c3:89:5a:08:40:68:29:2f:e6:c5:15:e6:a7:3c:
d2:a9:9f:d1:b1:76:38:65:ab:2c:59:43:b1:81:3e:
c2:3e:37:e3:b9:d5:e2:84:33:7d:d9:eb:c7:f8:c3:
93:3d:83:9e:ac:da:13:db:b0:3b:33:41:80:55:43:
51:20:1d:5b:17:43:36:2f:8a:b6:7a:8f:8b:e0:e7:
eb:31:fe:6f:75:5e:40:c7:9f:d4:d5:9e:cd:9f:a5:
87:86:24:a2:2f:7b:f0:16:3b:6f:80:b1:4b:fa:33:
cb:47:d9:d2:67:13:bc:9a:7e:df:57:15:ec:d6:b2:
b8:ca:f4:9c:0f:0b:86:21:ea:81:2a:37:87:4e:9e:
4e:c9:74:e7:1a:7f:49:02:9e:5a:40:96:c5:93:8e:
37:59:e7:26:72:77:70:0d:28:9b:db:10:09:18:5c:
3f:10:f2:c4:fb:2a:98:b3:5f:c8:6a:60:70:a5:15:
07:c8:a9:e1:3f:94:6b:4d:a0:2a:ae:e6:9d:a7:bd:
ef:4f:2f:4f:17:e6:ac:06:20:b2:69:f6:3b:f2:cf:
0d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:93:EE:E7:8C:DC:32:0A:A9:8E:03:3F:5F:50:D3:AD:A3:68:84:69
X509v3 Authority Key Identifier:
keyid:F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/2JPu54zcMgqpjgM_X1DTraNohGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.38.45.0/24
95.38.72.0/24
95.38.198.0/24
Signature Algorithm: sha256WithRSAEncryption
50:df:b5:8b:13:75:11:be:a8:4c:80:3d:13:1d:70:26:d9:90:
21:99:f7:ae:ca:73:dd:5c:60:4f:b2:0e:7b:9c:65:93:77:15:
ab:64:f6:18:c7:50:53:23:4f:d4:50:2a:e2:5c:aa:4a:e6:76:
cd:3b:76:9f:7c:3a:f0:67:c3:5e:f0:c4:85:44:5d:44:6d:fd:
dc:a9:83:9c:be:da:04:7a:84:37:69:18:6c:6f:e5:b6:15:12:
a6:7b:62:3b:fa:70:8f:89:e9:0d:ac:29:54:bc:10:b4:5b:99:
a6:07:c1:24:3f:2c:ca:39:fe:1d:a8:9f:e2:58:0e:6d:b0:e2:
43:97:de:92:b9:81:c2:48:9f:99:e3:d5:d5:e4:42:69:44:74:
23:34:92:1f:79:2d:9c:cf:52:fc:fb:c5:ed:4c:51:37:fc:34:
91:85:17:41:48:fe:6d:4b:27:c5:37:c1:8a:53:48:e7:00:7c:
54:16:44:d4:f5:5a:be:eb:3c:5e:8c:67:16:c1:2b:b6:7e:46:
2d:19:b7:30:98:88:47:99:5f:20:05:2a:42:99:84:5c:d9:20:
b4:69:49:a2:9f:6c:75:94:a9:8d:e2:c3:68:70:a5:3f:fa:c9:
8e:91:6b:8d:9a:e6:a7:f9:2c:60:fb:63:7f:57:fd:0e:43:a2:
1b:eb:13:0f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZIdPUnt6BNCZpPcFzWYJ4FkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzEwNDA0MTY5MWRjMzg0ZjNiMWE4Y2RmOTVjOTY2Mjhl
YTZkYWYwHhcNMjQwOTIzMDQ1NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODkzZWVlNzhjZGMzMjBhYTk4ZTAzM2Y1ZjUwZDNhZGEzNjg4NDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2AH4xnO7D5QBfqsjunm+CI69kpn
UscgJxIL1GZ7ayd8sEXWks7T8jV/WUTOw4laCEBoKS/mxRXmpzzSqZ/RsXY4Zass
WUOxgT7CPjfjudXihDN92evH+MOTPYOerNoT27A7M0GAVUNRIB1bF0M2L4q2eo+L
4OfrMf5vdV5Ax5/U1Z7Nn6WHhiSiL3vwFjtvgLFL+jPLR9nSZxO8mn7fVxXs1rK4
yvScDwuGIeqBKjeHTp5OyXTnGn9JAp5aQJbFk443WecmcndwDSib2xAJGFw/EPLE
+yqYs1/IamBwpRUHyKnhP5RrTaAqruadp73vTy9PF+asBiCyafY78s8NdwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNiT7ueM3DIKqY4DP19Q062jaIRpMB8GA1UdIwQY
MBaAFPDBBAQWkdw4TzsajN+VyWYo6m2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQt
NjkxNDIyMzExNzI5LzEvMkpQdTU0emNNZ3FwamdNX1gxRFRyYU5vaEdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQtNjkxNDIyMzExNzI5
LzEvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXyYtAwQA
XyZIAwQAXybGMA0GCSqGSIb3DQEBCwUAA4IBAQBQ37WLE3URvqhMgD0THXAm2ZAh
mfeuynPdXGBPsg57nGWTdxWrZPYYx1BTI0/UUCriXKpK5nbNO3affDrwZ8Ne8MSF
RF1Ebf3cqYOcvtoEeoQ3aRhsb+W2FRKme2I7+nCPiekNrClUvBC0W5mmB8EkPyzK
Of4dqJ/iWA5tsOJDl96SuYHCSJ+Z49XV5EJpRHQjNJIfeS2cz1L8+8XtTFE3/DSR
hRdBSP5tSyfFN8GKU0jnAHxUFkTU9Vq+6zxejGcWwSu2fkYtGbcwmIhHmV8gBSpC
mYRc2SC0aUmin2x1lKmN4sNocKU/+smOkWuNmuan+Sxg+2N/V/0OQ6Ib6xMP
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:27:05 2024 by rpki-client on console-ams.rpki-client.org