Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/Obt-TsVOHprXLZD1cL22W05ZE9k.roa
File: Obt-TsVOHprXLZD1cL22W05ZE9k.roa (raw, json)
Hash identifier: NrWhDc9axZrK741ba10UBeDqkjQq1gZkBBrMqllwAa8=
Subject key identifier: 39:BB:7E:4E:C5:4E:1E:9A:D7:2D:90:F5:70:BD:B6:5B:4E:59:13:D9
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 018CC5003747660128C4ACE97B7BB84D116A
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/Obt-TsVOHprXLZD1cL22W05ZE9k.roa
Signing time: Mon 01 Jan 2024 12:29:34 +0000
ROA not before: Mon 01 Jan 2024 12:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206849
IP address blocks: 95.173.173.0/24 maxlen: 24
95.173.174.0/24 maxlen: 24
95.173.175.0/24 maxlen: 24
95.173.176.0/24 maxlen: 24
95.173.183.0/24 maxlen: 24
95.173.166.0/24 maxlen: 24
95.173.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:37:47:66:01:28:c4:ac:e9:7b:7b:b8:4d:11:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Jan 1 12:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39bb7e4ec54e1e9ad72d90f570bdb65b4e5913d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d3:04:a9:22:2a:bf:df:d1:8f:7f:bf:5d:ae:
e5:51:68:5d:79:67:6d:5d:81:60:05:98:bf:15:95:
86:77:ed:9c:70:fa:da:34:f2:fb:aa:e5:4b:dd:1f:
4e:bb:ed:5d:2c:a3:c2:74:0e:76:2f:58:f9:5e:e8:
3b:b0:ad:7f:9f:93:44:86:81:34:13:0c:89:19:b7:
85:b3:5f:72:f7:7c:18:31:d0:a7:a8:c7:80:5d:73:
10:78:cf:07:72:32:66:26:b9:42:61:f9:71:7e:26:
4d:94:57:48:75:60:9a:c2:6a:f6:44:30:ce:15:be:
5d:df:df:28:d7:f4:89:4f:57:86:88:f7:03:4a:19:
d6:41:c4:cc:07:c9:96:60:b6:29:b8:e2:0c:b8:ff:
3b:ad:e3:86:fa:47:7f:d0:68:a1:16:63:49:bd:d2:
d5:92:b9:40:db:b3:02:38:74:88:ab:4a:87:d8:09:
1f:92:43:5f:48:15:7c:cd:a1:65:c5:6d:12:46:23:
74:3b:27:dc:49:e5:02:3c:b9:68:9c:a3:54:9e:b9:
47:18:9e:23:d9:5d:c1:26:43:ea:fd:28:50:45:93:
f0:96:bd:d8:36:de:55:33:b0:33:ad:73:67:a2:b5:
f4:58:db:5e:08:ee:e3:4a:77:c9:4c:8b:54:fe:02:
35:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:BB:7E:4E:C5:4E:1E:9A:D7:2D:90:F5:70:BD:B6:5B:4E:59:13:D9
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/Obt-TsVOHprXLZD1cL22W05ZE9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.173.166.0/23
95.173.173.0-95.173.176.255
95.173.183.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:fe:92:f3:2e:e7:84:c2:99:31:fa:fc:d4:ab:e1:e9:03:0c:
5a:39:fc:59:70:6c:09:49:bb:6b:db:6b:d5:0d:3c:a1:e3:ed:
09:dc:2a:9b:4e:05:c5:5a:cf:80:0d:26:1f:3b:4c:89:0c:f0:
60:d5:fe:fe:9f:38:cb:1a:b5:c1:9a:89:a5:db:13:de:ff:c5:
e6:50:ac:bd:60:33:0a:6a:7d:1d:db:d2:3c:7d:8c:74:3a:e2:
1c:e2:b3:19:35:f6:8c:c8:2f:13:56:17:0e:0e:4a:3d:25:6e:
b6:62:62:5c:82:97:10:76:dd:81:9b:f5:c4:b5:62:dd:b2:8f:
aa:67:c0:58:40:f0:24:09:d0:2e:00:7b:ea:ee:5b:29:ad:47:
68:66:37:31:8e:c1:33:b2:1b:3f:77:3b:11:f2:af:ae:1e:1f:
ce:90:ed:24:7e:57:53:c3:3b:1b:86:fd:b3:b4:52:44:74:56:
3f:01:67:9e:e4:09:10:2d:43:78:a4:bd:13:b9:ed:d3:bc:1e:
5e:2a:96:bf:39:1e:3d:ce:d0:b1:28:95:07:b6:8e:72:83:16:
fa:d5:5c:4b:33:ae:a6:db:7c:5f:92:09:a3:ca:b7:fb:c3:e0:
dd:bf:fd:5c:5d:a2:35:41:5f:99:2b:fa:6e:01:40:8a:42:a7:
6d:b4:9d:4b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzFADdHZgEoxKzpe3u4TRFqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjQwMTAxMTIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWJiN2U0ZWM1NGUxZTlhZDcyZDkwZjU3MGJkYjY1YjRlNTkxM2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtMEqSIqv9/Rj3+/Xa7lUWhdeWdt
XYFgBZi/FZWGd+2ccPraNPL7quVL3R9Ou+1dLKPCdA52L1j5Xug7sK1/n5NEhoE0
EwyJGbeFs19y93wYMdCnqMeAXXMQeM8HcjJmJrlCYflxfiZNlFdIdWCawmr2RDDO
Fb5d398o1/SJT1eGiPcDShnWQcTMB8mWYLYpuOIMuP87reOG+kd/0GihFmNJvdLV
krlA27MCOHSIq0qH2AkfkkNfSBV8zaFlxW0SRiN0OyfcSeUCPLlonKNUnrlHGJ4j
2V3BJkPq/ShQRZPwlr3YNt5VM7AzrXNnorX0WNteCO7jSnfJTItU/gI17wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDm7fk7FTh6a1y2Q9XC9tltOWRPZMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvT2J0LVRzVk9IcHJYTFpEMWNMMjJXMDVaRTlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBX62mMAwD
BABfra0DBABfrbADBABfrbcwDQYJKoZIhvcNAQELBQADggEBAIv+kvMu54TCmTH6
/NSr4ekDDFo5/FlwbAlJu2vba9UNPKHj7QncKptOBcVaz4ANJh87TIkM8GDV/v6f
OMsatcGaiaXbE97/xeZQrL1gMwpqfR3b0jx9jHQ64hzisxk19ozILxNWFw4OSj0l
brZiYlyClxB23YGb9cS1Yt2yj6pnwFhA8CQJ0C4Ae+ruWymtR2hmNzGOwTOyGz93
OxHyr64eH86Q7SR+V1PDOxuG/bO0UkR0Vj8BZ57kCRAtQ3ikvRO57dO8Hl4qlr85
Hj3O0LEolQe2jnKDFvrVXEszrqbbfF+SCaPKt/vD4N2//VxdojVBX5kr+m4BQIpC
p220nUs=
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:31:18 2024 by rpki-client on console-fra.rpki-client.org