Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/y3ud1BI-7mxfE3q-5zCITtbfb3Q.roa
File: y3ud1BI-7mxfE3q-5zCITtbfb3Q.roa (raw, json)
Hash identifier: DtfhSApSUw5cn+b0WOqZt0Xh1KN+IAkFyWjvZm3j8HY=
Subject key identifier: CB:7B:9D:D4:12:3E:EE:6C:5F:13:7A:BE:E7:30:88:4E:D6:DF:6F:74
Certificate issuer: /CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Certificate serial: 018CCA29D1327EAFDBBB738FB4B275F1D601
Authority key identifier: F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/y3ud1BI-7mxfE3q-5zCITtbfb3Q.roa
Signing time: Tue 02 Jan 2024 12:33:07 +0000
ROA not before: Tue 02 Jan 2024 12:33:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62442
IP address blocks: 95.38.38.0/24 maxlen: 24
95.38.45.0/24 maxlen: 24
95.38.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.mft
rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 07:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:d1:32:7e:af:db:bb:73:8f:b4:b2:75:f1:d6:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Validity
Not Before: Jan 2 12:33:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb7b9dd4123eee6c5f137abee730884ed6df6f74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:19:b8:50:36:e5:1f:3f:c9:01:3f:af:c3:1f:
e2:bb:bf:48:da:ce:33:20:5c:2a:fd:63:e7:ac:e6:
53:f9:aa:5f:dc:66:a2:10:ad:60:82:7f:41:2a:54:
18:12:18:1b:f1:d3:35:b9:f9:5d:03:2e:2a:0c:5a:
e5:19:74:49:37:10:00:e0:a3:bb:84:e5:9e:a0:eb:
06:47:00:ae:59:98:94:24:e2:05:7d:3b:35:16:56:
8c:39:6b:cc:8a:18:db:f1:31:1a:37:72:04:89:df:
89:af:d5:14:fc:e5:d8:58:62:3c:6a:91:54:91:ba:
23:25:4e:2b:9c:80:2b:9b:20:b7:02:c0:ff:3b:11:
9c:f5:45:81:e5:ca:5a:d4:0e:da:c9:3a:3c:40:02:
e7:de:0b:a0:70:a1:b5:ae:57:d3:8c:89:f5:cf:9d:
b1:55:5d:2c:d8:21:6b:1d:5e:db:87:09:1a:b3:7e:
ad:6e:61:0c:b3:bd:d4:c3:9d:3a:35:e3:30:59:d2:
42:3c:fa:9f:29:bd:bf:0e:66:e9:76:73:bc:b8:9c:
5b:02:0f:7e:84:13:d9:34:49:fd:17:99:1a:8b:b3:
7c:44:e0:d0:5c:5a:da:8c:d2:83:c2:8a:c3:68:2e:
f1:2c:53:9b:2d:03:ab:60:42:69:3c:7f:e6:86:8b:
50:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:7B:9D:D4:12:3E:EE:6C:5F:13:7A:BE:E7:30:88:4E:D6:DF:6F:74
X509v3 Authority Key Identifier:
keyid:F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/y3ud1BI-7mxfE3q-5zCITtbfb3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.38.38.0/24
95.38.45.0/24
95.38.72.0/24
Signature Algorithm: sha256WithRSAEncryption
47:50:f2:8b:e4:e3:f7:ed:99:11:df:1c:eb:d2:ee:a7:62:fc:
17:b9:53:af:53:55:b7:85:dc:61:12:58:4b:ae:ad:e0:0a:21:
02:d8:4f:af:d9:5a:b9:95:e5:f7:78:1d:dc:8f:15:c8:84:7e:
99:dc:c7:40:9a:df:5e:d3:2e:b3:15:14:15:f8:3b:1a:5c:7b:
d0:07:8a:8b:8f:ab:e9:34:df:6c:05:54:47:6e:c3:5c:9e:4c:
2b:b1:bf:c2:0d:ba:fe:9e:c4:c9:d1:e2:bf:dc:68:32:87:b8:
17:30:2e:89:a1:d4:d3:f7:2e:14:18:f4:0d:0d:4c:4a:f0:6b:
e5:e3:1c:be:f2:ee:d1:12:5a:d1:1f:c1:80:59:d8:0d:75:53:
7b:ae:05:27:b4:d8:80:e6:cf:80:c8:dc:66:5e:cb:12:55:73:
35:aa:70:25:c0:40:29:be:ce:f4:58:a5:1e:b2:66:49:da:6a:
79:35:50:07:34:1b:a2:95:09:15:36:1c:80:84:c8:07:e7:24:
7a:0b:a5:56:52:5e:01:6b:9e:09:2a:80:d8:ab:4c:b6:6e:70:
db:45:66:ad:ef:e7:48:35:e8:cd:4f:dd:90:7a:12:a3:e0:42:
6b:3d:20:33:6c:91:e4:15:66:9c:c3:1b:68:82:73:34:69:f3:
d1:0d:9f:9e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKdEyfq/bu3OPtLJ18dYBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzEwNDA0MTY5MWRjMzg0ZjNiMWE4Y2RmOTVjOTY2Mjhl
YTZkYWYwHhcNMjQwMTAyMTIzMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjdiOWRkNDEyM2VlZTZjNWYxMzdhYmVlNzMwODg0ZWQ2ZGY2Zjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBm4UDblHz/JAT+vwx/iu79I2s4z
IFwq/WPnrOZT+apf3GaiEK1ggn9BKlQYEhgb8dM1ufldAy4qDFrlGXRJNxAA4KO7
hOWeoOsGRwCuWZiUJOIFfTs1FlaMOWvMihjb8TEaN3IEid+Jr9UU/OXYWGI8apFU
kbojJU4rnIArmyC3AsD/OxGc9UWB5cpa1A7ayTo8QALn3gugcKG1rlfTjIn1z52x
VV0s2CFrHV7bhwkas36tbmEMs73Uw506NeMwWdJCPPqfKb2/DmbpdnO8uJxbAg9+
hBPZNEn9F5kai7N8RODQXFrajNKDworDaC7xLFObLQOrYEJpPH/mhotQxwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMt7ndQSPu5sXxN6vucwiE7W3290MB8GA1UdIwQY
MBaAFPDBBAQWkdw4TzsajN+VyWYo6m2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQt
NjkxNDIyMzExNzI5LzEveTN1ZDFCSS03bXhmRTNxLTV6Q0lUdGJmYjNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQtNjkxNDIyMzExNzI5
LzEvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXyYmAwQA
XyYtAwQAXyZIMA0GCSqGSIb3DQEBCwUAA4IBAQBHUPKL5OP37ZkR3xzr0u6nYvwX
uVOvU1W3hdxhElhLrq3gCiEC2E+v2Vq5leX3eB3cjxXIhH6Z3MdAmt9e0y6zFRQV
+DsaXHvQB4qLj6vpNN9sBVRHbsNcnkwrsb/CDbr+nsTJ0eK/3Ggyh7gXMC6JodTT
9y4UGPQNDUxK8Gvl4xy+8u7RElrRH8GAWdgNdVN7rgUntNiA5s+AyNxmXssSVXM1
qnAlwEApvs70WKUesmZJ2mp5NVAHNBuilQkVNhyAhMgH5yR6C6VWUl4Ba54JKoDY
q0y2bnDbRWat7+dINejNT92QehKj4EJrPSAzbJHkFWacwxtognM0afPRDZ+e
-----END CERTIFICATE-----
Generated at Mon Jul 1 16:04:01 2024 by rpki-client on console-fra.rpki-client.org