Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/sU2Nkr4hAJZfmiVRUBlbpMa8Vzk.roa
File: sU2Nkr4hAJZfmiVRUBlbpMa8Vzk.roa (raw, json)
Hash identifier: NXrHULYMaJWD23zGnCQffy+f6f5ikfr7nkGqJSfQYD8=
Subject key identifier: B1:4D:8D:92:BE:21:00:96:5F:9A:25:51:50:19:5B:A4:C6:BC:57:39
Certificate issuer: /CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Certificate serial: 019116F780426835F89B895654AC7FA45AD8
Authority key identifier: F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/sU2Nkr4hAJZfmiVRUBlbpMa8Vzk.roa
Signing time: Sat 03 Aug 2024 06:40:04 +0000
ROA not before: Sat 03 Aug 2024 06:40:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204203
IP address blocks: 95.38.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.mft
rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:16:f7:80:42:68:35:f8:9b:89:56:54:ac:7f:a4:5a:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Validity
Not Before: Aug 3 06:40:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b14d8d92be2100965f9a255150195ba4c6bc5739
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1b:ec:1c:00:72:a7:94:4c:3e:91:26:99:83:
29:01:36:33:62:5d:43:ff:0d:1b:6e:7e:cf:57:05:
41:a8:7a:3f:fc:83:1c:4e:59:d3:24:e7:d5:27:82:
f3:0a:5c:04:af:4e:fc:7d:59:de:44:13:59:34:d3:
a5:2f:8b:c7:ab:f3:14:71:dd:db:5d:20:24:30:79:
96:03:e6:64:8a:c6:b8:22:3f:99:61:e0:6b:ea:6f:
7f:61:ed:32:a9:86:14:99:0d:59:0c:da:4a:11:ac:
3b:47:e4:62:00:1f:f4:f2:ab:00:e9:7a:1f:21:48:
f8:00:ac:45:80:e0:8b:59:d5:1c:f9:3b:3d:c3:05:
57:b5:bd:89:a9:d6:c0:ea:18:4a:e2:b3:dd:dd:97:
12:ac:a7:bc:9f:11:2d:5a:d9:a5:3e:3a:b5:74:15:
af:74:07:28:1a:6c:da:a7:ea:97:7c:08:07:00:d2:
ee:ca:94:4d:f9:08:a2:c3:cf:cf:d4:0e:53:e8:8c:
ea:4a:b1:93:df:79:55:52:24:ef:8d:bf:f3:0f:24:
48:f2:7d:9b:f2:17:a1:f6:58:08:47:91:d2:66:b5:
72:68:62:3e:1b:fc:d0:a6:61:d1:df:ac:46:57:dd:
21:2e:4c:f4:96:9b:ed:e1:98:04:19:39:f6:d1:5e:
6f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:4D:8D:92:BE:21:00:96:5F:9A:25:51:50:19:5B:A4:C6:BC:57:39
X509v3 Authority Key Identifier:
keyid:F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/sU2Nkr4hAJZfmiVRUBlbpMa8Vzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.38.197.0/24
Signature Algorithm: sha256WithRSAEncryption
48:c2:6e:22:69:4e:62:ba:b4:55:41:a8:95:c9:8d:44:a1:05:
34:9c:63:ed:81:0b:ab:74:fa:92:e1:29:f7:15:72:78:ec:45:
96:08:1f:04:6f:a5:b2:2a:7f:45:cb:f8:ac:9e:0f:ea:c3:75:
a8:d9:7a:81:21:87:0d:bd:12:c7:c5:22:ef:2f:8d:c5:3b:a8:
f9:04:66:86:ee:3e:73:90:b7:8d:87:9b:a4:b8:19:d5:77:70:
1d:25:58:21:5c:11:5a:fa:56:98:b4:06:1a:b5:a7:c7:24:26:
8c:0e:14:a6:66:c3:de:63:53:90:9a:55:c8:d1:c2:14:f4:f5:
25:17:c9:fa:14:8c:d2:55:14:62:5c:c0:d7:61:f6:15:0c:f5:
da:5a:37:1c:a0:d4:f4:35:55:fe:60:7e:a9:95:e5:5e:f6:c1:
e0:ed:ca:4b:1a:05:15:ca:d2:9f:39:47:eb:8e:d8:6f:29:52:
4f:f4:53:a5:98:88:fb:a3:86:0d:ea:da:67:87:63:20:f3:0c:
81:09:81:f9:5d:a2:c6:89:3e:f1:03:ae:4d:48:b3:bc:2c:08:
df:9e:47:19:9b:d8:16:35:47:99:02:5c:2d:41:70:d9:c5:cf:
8e:59:a8:bd:fa:80:0d:a0:a7:38:26:5f:8b:81:bf:06:8a:96:
f1:1d:11:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEW94BCaDX4m4lWVKx/pFrYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzEwNDA0MTY5MWRjMzg0ZjNiMWE4Y2RmOTVjOTY2Mjhl
YTZkYWYwHhcNMjQwODAzMDY0MDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTRkOGQ5MmJlMjEwMDk2NWY5YTI1NTE1MDE5NWJhNGM2YmM1NzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBvsHAByp5RMPpEmmYMpATYzYl1D
/w0bbn7PVwVBqHo//IMcTlnTJOfVJ4LzClwEr078fVneRBNZNNOlL4vHq/MUcd3b
XSAkMHmWA+Zkisa4Ij+ZYeBr6m9/Ye0yqYYUmQ1ZDNpKEaw7R+RiAB/08qsA6Xof
IUj4AKxFgOCLWdUc+Ts9wwVXtb2JqdbA6hhK4rPd3ZcSrKe8nxEtWtmlPjq1dBWv
dAcoGmzap+qXfAgHANLuypRN+Qiiw8/P1A5T6IzqSrGT33lVUiTvjb/zDyRI8n2b
8heh9lgIR5HSZrVyaGI+G/zQpmHR36xGV90hLkz0lpvt4ZgEGTn20V5vIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLFNjZK+IQCWX5olUVAZW6TGvFc5MB8GA1UdIwQY
MBaAFPDBBAQWkdw4TzsajN+VyWYo6m2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQt
NjkxNDIyMzExNzI5LzEvc1UyTmtyNGhBSlpmbWlWUlVCbGJwTWE4VnprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQtNjkxNDIyMzExNzI5
LzEvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXybFMA0G
CSqGSIb3DQEBCwUAA4IBAQBIwm4iaU5iurRVQaiVyY1EoQU0nGPtgQurdPqS4Sn3
FXJ47EWWCB8Eb6WyKn9Fy/isng/qw3Wo2XqBIYcNvRLHxSLvL43FO6j5BGaG7j5z
kLeNh5ukuBnVd3AdJVghXBFa+laYtAYatafHJCaMDhSmZsPeY1OQmlXI0cIU9PUl
F8n6FIzSVRRiXMDXYfYVDPXaWjccoNT0NVX+YH6pleVe9sHg7cpLGgUVytKfOUfr
jthvKVJP9FOlmIj7o4YN6tpnh2Mg8wyBCYH5XaLGiT7xA65NSLO8LAjfnkcZm9gW
NUeZAlwtQXDZxc+OWai9+oANoKc4Jl+Lgb8GipbxHRGm
-----END CERTIFICATE-----
Generated at Tue Nov 26 15:52:58 2024 by rpki-client on console-fra.rpki-client.org