Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/s71TqajBuQCUiasb10QBS1tnECc.roa
File: s71TqajBuQCUiasb10QBS1tnECc.roa (raw, json)
Hash identifier: oTls+zraa7cHE+oH2qT/8v3XSXnWeIvr6cT2iV90fIE=
Subject key identifier: B3:BD:53:A9:A8:C1:B9:00:94:89:AB:1B:D7:44:01:4B:5B:67:10:27
Certificate issuer: /CN=c9b232958097b5863eafd047bb315171eaa01fb7
Certificate serial: 018CC56EBAA3C9199946B21AE5E2578DD32B
Authority key identifier: C9:B2:32:95:80:97:B5:86:3E:AF:D0:47:BB:31:51:71:EA:A0:1F:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ybIylYCXtYY-r9BHuzFRceqgH7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/s71TqajBuQCUiasb10QBS1tnECc.roa
Signing time: Mon 01 Jan 2024 14:30:17 +0000
ROA not before: Mon 01 Jan 2024 14:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25409
IP address blocks: 195.234.188.0/24 maxlen: 24
95.128.170.0/23 maxlen: 23
93.190.144.0/21 maxlen: 21
2a00:ff0::/48 maxlen: 48
2a00:ff0:fffe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/ybIylYCXtYY-r9BHuzFRceqgH7c.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/ybIylYCXtYY-r9BHuzFRceqgH7c.mft
rsync://rpki.ripe.net/repository/DEFAULT/ybIylYCXtYY-r9BHuzFRceqgH7c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:ba:a3:c9:19:99:46:b2:1a:e5:e2:57:8d:d3:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9b232958097b5863eafd047bb315171eaa01fb7
Validity
Not Before: Jan 1 14:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3bd53a9a8c1b9009489ab1bd744014b5b671027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c7:02:5f:49:72:a9:74:f8:2d:77:7e:d5:d4:
a1:81:ac:81:dc:dc:68:94:00:13:1e:78:66:04:6f:
d7:3f:04:36:35:3f:2a:3c:e3:21:13:ff:9c:fd:e4:
ea:72:c8:e8:62:53:0f:95:23:5b:8c:61:be:8f:8b:
1a:fc:05:c6:23:ee:44:b4:30:85:1f:07:aa:c2:e6:
95:81:8f:07:1a:e1:96:52:31:df:8a:77:3c:85:2b:
9b:71:3d:c6:42:51:a2:dd:2a:12:66:50:30:da:66:
bc:51:a8:69:0d:b3:68:ef:10:f7:f0:d0:23:7d:ab:
b6:54:1a:08:df:3f:7b:32:bb:b4:15:01:bd:01:af:
c3:13:b7:4a:9d:a0:7d:6d:a5:dc:99:72:3e:ae:07:
3c:26:f6:c1:5b:ab:18:e9:d5:37:d1:49:1f:76:34:
d2:9d:0a:f4:d6:59:0e:8b:18:c4:96:93:40:f3:21:
7a:9a:8f:0f:88:ee:42:9c:92:0d:e2:18:c6:07:a6:
7c:b1:28:2d:1d:68:1b:86:29:3c:8f:a3:4a:5e:22:
a4:61:e5:2c:1b:8d:d8:00:86:e4:cd:43:7b:4a:0d:
ed:e4:17:25:c2:db:ce:e9:98:f0:20:84:43:2d:73:
72:a3:92:cb:4e:ad:7c:89:83:db:5c:00:e7:01:d0:
61:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:BD:53:A9:A8:C1:B9:00:94:89:AB:1B:D7:44:01:4B:5B:67:10:27
X509v3 Authority Key Identifier:
keyid:C9:B2:32:95:80:97:B5:86:3E:AF:D0:47:BB:31:51:71:EA:A0:1F:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ybIylYCXtYY-r9BHuzFRceqgH7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/s71TqajBuQCUiasb10QBS1tnECc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/ybIylYCXtYY-r9BHuzFRceqgH7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.144.0/21
95.128.170.0/23
195.234.188.0/24
IPv6:
2a00:ff0::/48
2a00:ff0:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
13:b3:44:e9:6b:c4:6d:2c:1d:08:c4:ad:25:bf:80:fc:0e:56:
51:43:17:36:b5:2e:c1:79:17:6e:1f:5d:85:4d:a5:61:94:d3:
7a:f2:f2:b3:5c:35:4a:9a:39:bb:23:dc:e9:ba:29:f1:7b:c6:
34:66:99:30:7f:de:a9:fc:1d:8d:1e:9d:6f:48:e8:e2:f8:b1:
f8:fc:f1:db:79:25:33:1e:4b:3d:e2:99:5a:c5:b3:a7:0d:20:
94:63:75:86:b8:7c:d1:94:3d:1b:ec:c3:a1:5f:4f:d7:b5:ac:
84:22:3d:77:84:f6:b9:5f:49:a6:41:d0:08:fe:84:f9:67:12:
23:36:79:e1:fd:4c:97:ec:70:d0:7f:01:ab:6b:b5:c0:c8:fb:
d1:85:cc:33:f4:25:60:51:3f:1f:37:1b:cb:22:fb:39:3b:f9:
41:df:f8:27:ec:21:53:c4:4f:20:fe:8a:f7:d0:f4:e8:be:d9:
ae:dd:39:dd:5e:4a:c2:a6:26:d5:84:a3:21:81:e9:66:60:58:
db:78:b8:99:7c:96:08:b0:f1:11:95:c1:47:6d:c3:f8:bc:06:
6d:bb:b7:13:61:bc:9e:87:f8:52:53:5c:b8:bb:16:7c:6f:a2:
ba:24:8f:56:5d:21:01:a7:f5:00:70:32:ee:3c:d5:6a:93:64:
98:30:79:b9
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzFbrqjyRmZRrIa5eJXjdMrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YjIzMjk1ODA5N2I1ODYzZWFmZDA0N2JiMzE1MTcxZWFh
MDFmYjcwHhcNMjQwMTAxMTQzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2JkNTNhOWE4YzFiOTAwOTQ4OWFiMWJkNzQ0MDE0YjViNjcxMDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8cCX0lyqXT4LXd+1dShgayB3Nxo
lAATHnhmBG/XPwQ2NT8qPOMhE/+c/eTqcsjoYlMPlSNbjGG+j4sa/AXGI+5EtDCF
HweqwuaVgY8HGuGWUjHfinc8hSubcT3GQlGi3SoSZlAw2ma8UahpDbNo7xD38NAj
fau2VBoI3z97Mru0FQG9Aa/DE7dKnaB9baXcmXI+rgc8JvbBW6sY6dU30UkfdjTS
nQr01lkOixjElpNA8yF6mo8PiO5CnJIN4hjGB6Z8sSgtHWgbhik8j6NKXiKkYeUs
G43YAIbkzUN7Sg3t5BclwtvO6ZjwIIRDLXNyo5LLTq18iYPbXADnAdBh4QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLO9U6mowbkAlImrG9dEAUtbZxAnMB8GA1UdIwQY
MBaAFMmyMpWAl7WGPq/QR7sxUXHqoB+3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWJJeWxZQ1h0WVktcjlCSHV6RlJjZXFnSDdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMzU0MzItY2Y5OS00ZjE5LWE3NmUt
MDdiN2ZlZjA4NThmLzEvczcxVHFhakJ1UUNVaWFzYjEwUUJTMXRuRUNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mMzU0MzItY2Y5OS00ZjE5LWE3NmUtMDdiN2ZlZjA4NThm
LzEveWJJeWxZQ1h0WVktcjlCSHV6RlJjZXFnSDdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQDXb6QAwQB
X4CqAwQAw+q8MBgEAgACMBIDBwAqAA/wAAADBwAqAA/w//4wDQYJKoZIhvcNAQEL
BQADggEBABOzROlrxG0sHQjErSW/gPwOVlFDFza1LsF5F24fXYVNpWGU03ry8rNc
NUqaObsj3Om6KfF7xjRmmTB/3qn8HY0enW9I6OL4sfj88dt5JTMeSz3imVrFs6cN
IJRjdYa4fNGUPRvsw6FfT9e1rIQiPXeE9rlfSaZB0Aj+hPlnEiM2eeH9TJfscNB/
AatrtcDI+9GFzDP0JWBRPx83G8si+zk7+UHf+CfsIVPETyD+ivfQ9Oi+2a7dOd1e
SsKmJtWEoyGB6WZgWNt4uJl8lgiw8RGVwUdtw/i8Bm27txNhvJ6H+FJTXLi7Fnxv
orokj1ZdIQGn9QBwMu481WqTZJgwebk=
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:01:11 2024 by rpki-client on console-fra.rpki-client.org