Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/E1DE8X6j7bgx7XbOOgsHzJYmVXk.roa
File: E1DE8X6j7bgx7XbOOgsHzJYmVXk.roa (raw, json)
Hash identifier: TO8NkPXST/nt+MJKSG2YdfrW6fXdvdbWrMfp5JvZo40=
Subject key identifier: 13:50:C4:F1:7E:A3:ED:B8:31:ED:76:CE:3A:0B:07:CC:96:26:55:79
Certificate issuer: /CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Certificate serial: 018CCA29D190FFD80AFA0876A61474313275
Authority key identifier: F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/E1DE8X6j7bgx7XbOOgsHzJYmVXk.roa
Signing time: Tue 02 Jan 2024 12:33:07 +0000
ROA not before: Tue 02 Jan 2024 12:33:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202391
IP address blocks: 95.38.144.0/22 maxlen: 22
95.38.148.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.mft
rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 07:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:d1:90:ff:d8:0a:fa:08:76:a6:14:74:31:32:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Validity
Not Before: Jan 2 12:33:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1350c4f17ea3edb831ed76ce3a0b07cc96265579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:de:51:f9:cc:0d:1e:48:e2:f4:7b:95:4e:4a:
64:31:b7:9b:39:63:a4:29:9e:c3:8a:cb:ca:cd:ca:
d6:1b:15:ef:22:1d:32:6a:29:17:83:b6:c2:4c:d9:
6f:44:4f:e2:4b:45:50:f6:9a:d5:44:d6:9e:05:c9:
e0:84:0a:32:bf:b7:a5:35:03:52:e2:5e:91:1c:bd:
b9:40:99:11:5c:f3:39:5a:f4:23:71:2c:ed:a6:63:
90:47:18:2b:f0:22:92:8f:82:7a:83:cd:36:d3:ed:
b6:a7:5c:2c:7a:29:0b:5c:59:6c:a4:75:32:1d:3d:
72:62:f3:b8:23:7c:f9:66:09:71:fb:23:73:ad:9f:
a5:33:5d:f3:55:3e:be:45:0b:b8:7d:bc:bf:06:8c:
66:73:a8:26:49:19:aa:5b:c2:4e:1c:4a:a7:01:a6:
1f:e2:6c:8c:58:ba:2e:05:48:ce:d2:24:e5:5f:85:
cc:2a:a3:db:72:6b:f3:8d:0f:64:b7:ba:1d:48:b1:
d1:4b:93:4e:cd:ab:2f:88:0b:6e:6e:da:49:94:64:
71:50:45:d4:7c:f0:15:95:b6:95:5b:32:31:37:52:
97:10:49:bb:f1:ea:7c:88:af:92:c6:64:e9:36:98:
61:52:b2:aa:69:17:58:33:df:4e:dd:1f:8c:6f:ef:
ab:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:50:C4:F1:7E:A3:ED:B8:31:ED:76:CE:3A:0B:07:CC:96:26:55:79
X509v3 Authority Key Identifier:
keyid:F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/E1DE8X6j7bgx7XbOOgsHzJYmVXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.38.144.0/21
Signature Algorithm: sha256WithRSAEncryption
0e:fe:f5:01:0b:54:3f:43:a6:63:d1:dc:44:bf:7a:64:7d:de:
cd:6a:01:e9:6d:14:98:dc:ea:19:17:dd:f0:ed:d6:54:72:8c:
b1:b7:c7:7a:22:08:12:f5:98:ae:b6:26:7a:83:f5:b3:72:af:
dc:27:8b:c9:60:9d:21:91:e5:21:61:b5:3c:9d:82:e1:bf:e6:
9f:cc:21:8b:fd:f2:c1:a6:3b:7b:0a:80:34:42:4d:42:5a:1d:
37:65:14:c2:6e:20:19:8f:85:7c:fb:10:8f:1e:ce:d8:18:b5:
e1:7d:14:f7:97:14:b5:f2:1c:03:e0:c7:4a:a7:45:c4:67:9d:
20:ca:25:27:b6:44:c3:5f:57:f8:59:bb:43:6e:b1:45:ad:95:
c7:c0:80:0d:bc:58:19:6b:94:38:dd:4a:4a:5f:ec:1c:f1:72:
07:bc:0b:a9:6e:52:b9:1f:a1:51:89:2d:e3:97:7c:a7:a3:a7:
d2:64:5c:5d:4d:3a:e6:e6:da:bf:1b:33:91:27:f8:1a:4b:2f:
7a:99:49:2a:1d:c8:ec:eb:51:43:85:65:b9:98:cd:11:db:ca:
0a:9d:b3:dd:28:ed:77:d3:ac:16:73:9b:b7:6b:fc:31:5a:b4:
f9:a4:b2:24:89:6a:98:6f:34:b5:a9:34:2b:31:b5:83:ba:43:
01:94:a4:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKdGQ/9gK+gh2phR0MTJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzEwNDA0MTY5MWRjMzg0ZjNiMWE4Y2RmOTVjOTY2Mjhl
YTZkYWYwHhcNMjQwMTAyMTIzMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzUwYzRmMTdlYTNlZGI4MzFlZDc2Y2UzYTBiMDdjYzk2MjY1NTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjN5R+cwNHkji9HuVTkpkMbebOWOk
KZ7DisvKzcrWGxXvIh0yaikXg7bCTNlvRE/iS0VQ9prVRNaeBcnghAoyv7elNQNS
4l6RHL25QJkRXPM5WvQjcSztpmOQRxgr8CKSj4J6g8020+22p1wseikLXFlspHUy
HT1yYvO4I3z5Zglx+yNzrZ+lM13zVT6+RQu4fby/Boxmc6gmSRmqW8JOHEqnAaYf
4myMWLouBUjO0iTlX4XMKqPbcmvzjQ9kt7odSLHRS5NOzasviAtubtpJlGRxUEXU
fPAVlbaVWzIxN1KXEEm78ep8iK+SxmTpNphhUrKqaRdYM99O3R+Mb++rRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBNQxPF+o+24Me12zjoLB8yWJlV5MB8GA1UdIwQY
MBaAFPDBBAQWkdw4TzsajN+VyWYo6m2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQt
NjkxNDIyMzExNzI5LzEvRTFERThYNmo3Ymd4N1hiT09nc0h6SlltVlhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQtNjkxNDIyMzExNzI5
LzEvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXyaQMA0G
CSqGSIb3DQEBCwUAA4IBAQAO/vUBC1Q/Q6Zj0dxEv3pkfd7NagHpbRSY3OoZF93w
7dZUcoyxt8d6IggS9ZiutiZ6g/Wzcq/cJ4vJYJ0hkeUhYbU8nYLhv+afzCGL/fLB
pjt7CoA0Qk1CWh03ZRTCbiAZj4V8+xCPHs7YGLXhfRT3lxS18hwD4MdKp0XEZ50g
yiUntkTDX1f4WbtDbrFFrZXHwIANvFgZa5Q43UpKX+wc8XIHvAupblK5H6FRiS3j
l3yno6fSZFxdTTrm5tq/GzORJ/gaSy96mUkqHcjs61FDhWW5mM0R28oKnbPdKO13
06wWc5u3a/wxWrT5pLIkiWqYbzS1qTQrMbWDukMBlKTn
-----END CERTIFICATE-----
Generated at Mon Jul 1 16:13:30 2024 by rpki-client on console-ams.rpki-client.org