Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/1X07qfAuxtb3a7iVVxKVOBF_g3E.roa
File: 1X07qfAuxtb3a7iVVxKVOBF_g3E.roa (raw, json)
Hash identifier: 3nVwR/tzl2Mm7GvKEY7GAeFvMzp94047umEZoJkDpk8=
Subject key identifier: D5:7D:3B:A9:F0:2E:C6:D6:F7:6B:B8:95:57:12:95:38:11:7F:83:71
Certificate issuer: /CN=297ae7592ca52491dc166a30fe1477d712bd465d
Certificate serial: 0192E287765F2D6C38EA775C7FE3D3A981A3
Authority key identifier: 29:7A:E7:59:2C:A5:24:91:DC:16:6A:30:FE:14:77:D7:12:BD:46:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/1X07qfAuxtb3a7iVVxKVOBF_g3E.roa
Signing time: Thu 31 Oct 2024 12:23:01 +0000
ROA not before: Thu 31 Oct 2024 12:23:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29076
IP address blocks: 94.159.71.0/24 maxlen: 24
94.159.84.0/24 maxlen: 24
94.159.87.0/24 maxlen: 24
94.159.94.0/24 maxlen: 24
94.159.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e2:87:76:5f:2d:6c:38:ea:77:5c:7f:e3:d3:a9:81:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ae7592ca52491dc166a30fe1477d712bd465d
Validity
Not Before: Oct 31 12:23:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d57d3ba9f02ec6d6f76bb89557129538117f8371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:48:96:ea:b6:85:6b:dd:50:d3:39:ed:dd:c8:
7c:1d:77:55:13:d0:7a:5a:8d:f1:88:e3:fb:95:1d:
1d:d8:b6:5e:6f:ff:43:17:8d:b5:e3:65:9c:dc:af:
9d:9f:6c:a5:04:a5:c3:f6:cf:cf:74:5f:0f:2c:09:
da:9d:71:79:b8:86:34:93:89:be:90:93:61:5e:81:
e4:e9:f4:9c:8d:59:53:78:f9:36:27:89:6d:40:7a:
8d:89:6a:17:38:ff:91:bc:f9:19:2d:11:d1:a3:1e:
06:c4:cc:16:58:30:cd:b3:82:fd:c9:5e:1d:5d:dc:
fa:f0:5a:6a:e2:a8:4e:f1:6a:82:dc:47:f3:0f:c0:
67:f1:a8:7b:70:6a:c3:91:75:45:96:60:66:d5:73:
fa:9d:c1:43:ab:e8:cf:e5:c8:48:09:fc:e1:73:12:
b3:86:63:09:b9:70:22:df:6a:86:6d:c2:67:f6:3c:
e2:29:ba:42:ca:ab:15:30:11:66:10:f4:df:e5:88:
4d:20:8c:9b:f1:88:86:72:68:5e:89:b2:f8:88:c7:
e7:92:49:0b:46:ec:2e:b6:f1:92:91:c0:62:6a:a3:
15:4c:ac:4e:6e:88:32:c6:8a:c3:63:df:c7:9c:33:
34:01:98:7f:5c:f9:e9:0d:06:84:95:ac:19:be:05:
0d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:7D:3B:A9:F0:2E:C6:D6:F7:6B:B8:95:57:12:95:38:11:7F:83:71
X509v3 Authority Key Identifier:
keyid:29:7A:E7:59:2C:A5:24:91:DC:16:6A:30:FE:14:77:D7:12:BD:46:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/1X07qfAuxtb3a7iVVxKVOBF_g3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.159.71.0/24
94.159.84.0/24
94.159.87.0/24
94.159.94.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:a8:38:bd:de:46:df:db:ba:e3:07:e7:1f:5d:6b:d8:3b:44:
88:c6:5a:ee:30:10:1c:9d:5c:d7:7c:da:cf:28:d9:ca:d4:6e:
3f:24:35:32:b2:93:49:d7:48:ec:c5:f2:07:d8:ea:83:5a:02:
66:9e:ab:54:6a:b2:af:ed:69:1c:b5:94:b2:0b:b7:5d:0d:ab:
c1:0b:43:da:4e:a9:64:2f:3c:33:0f:b1:56:83:8a:31:23:80:
d7:44:9f:3f:5f:22:e3:d7:22:2b:38:60:cb:e1:d7:af:ee:d6:
ed:01:51:9d:63:12:26:97:0c:f1:fe:b4:5d:5d:af:42:49:ad:
87:45:8b:99:58:97:2a:e6:21:0d:22:53:e8:c8:d8:f6:a9:97:
70:64:1f:88:ee:b6:8e:96:d9:f9:32:66:bf:53:a4:b2:33:0d:
06:52:2f:2d:cc:ce:b4:6a:b3:02:53:f4:00:50:7d:40:71:b3:
91:0d:e7:77:68:1c:6e:61:b4:bd:09:50:fa:7e:10:24:b6:34:
da:6d:da:c3:c3:2d:38:65:d4:35:58:d2:8c:6e:92:f7:c0:ad:
53:9d:75:87:6c:7a:84:09:7b:1d:e1:0a:0a:52:c5:a5:56:81:
8d:a2:74:cf:4a:28:8a:bb:ab:f1:b0:8a:3e:d3:b1:6d:83:60:
89:36:a3:2a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZLih3ZfLWw46ndcf+PTqYGjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2FlNzU5MmNhNTI0OTFkYzE2NmEzMGZlMTQ3N2Q3MTJi
ZDQ2NWQwHhcNMjQxMDMxMTIyMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTdkM2JhOWYwMmVjNmQ2Zjc2YmI4OTU1NzEyOTUzODExN2Y4MzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0iW6raFa91Q0znt3ch8HXdVE9B6
Wo3xiOP7lR0d2LZeb/9DF42142Wc3K+dn2ylBKXD9s/PdF8PLAnanXF5uIY0k4m+
kJNhXoHk6fScjVlTePk2J4ltQHqNiWoXOP+RvPkZLRHRox4GxMwWWDDNs4L9yV4d
Xdz68Fpq4qhO8WqC3EfzD8Bn8ah7cGrDkXVFlmBm1XP6ncFDq+jP5chICfzhcxKz
hmMJuXAi32qGbcJn9jziKbpCyqsVMBFmEPTf5YhNIIyb8YiGcmheibL4iMfnkkkL
RuwutvGSkcBiaqMVTKxObogyxorDY9/HnDM0AZh/XPnpDQaElawZvgUNtwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNV9O6nwLsbW92u4lVcSlTgRf4NxMB8GA1UdIwQY
MBaAFCl651kspSSR3BZqMP4Ud9cSvUZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hybldTeWxKSkhjRm1vd19oUjMxeEs5UmwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS80OGUxZTgtMzI4ZC00ZjgyLTkzOTgt
MzkxMGE1OWExMTIxLzEvMVgwN3FmQXV4dGIzYTdpVlZ4S1ZPQkZfZzNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS80OGUxZTgtMzI4ZC00ZjgyLTkzOTgtMzkxMGE1OWExMTIx
LzEvS1hybldTeWxKSkhjRm1vd19oUjMxeEs5UmwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXp9HAwQA
Xp9UAwQAXp9XAwQBXp9eMA0GCSqGSIb3DQEBCwUAA4IBAQBsqDi93kbf27rjB+cf
XWvYO0SIxlruMBAcnVzXfNrPKNnK1G4/JDUyspNJ10jsxfIH2OqDWgJmnqtUarKv
7WkctZSyC7ddDavBC0PaTqlkLzwzD7FWg4oxI4DXRJ8/XyLj1yIrOGDL4dev7tbt
AVGdYxImlwzx/rRdXa9CSa2HRYuZWJcq5iENIlPoyNj2qZdwZB+I7raOltn5Mma/
U6SyMw0GUi8tzM60arMCU/QAUH1AcbORDed3aBxuYbS9CVD6fhAktjTabdrDwy04
ZdQ1WNKMbpL3wK1TnXWHbHqECXsd4QoKUsWlVoGNonTPSiiKu6vxsIo+07Ftg2CJ
NqMq
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:23:48 2024 by rpki-client on console-ams.rpki-client.org