Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/sJb2oawVBFWiEw8hW54HS9fnNuk.roa
File: sJb2oawVBFWiEw8hW54HS9fnNuk.roa (raw, json)
Hash identifier: 2ddKdtZ0uiiivZu4JebsUiM+3LX+5pCS9g3h3IqCyN0=
Subject key identifier: B0:96:F6:A1:AC:15:04:55:A2:13:0F:21:5B:9E:07:4B:D7:E7:36:E9
Certificate issuer: /CN=762238a33c550cc5df0244f3fc6e3dbd91e4c39e
Certificate serial: 018D1A1C7F1CA3C1BD423A108D2A311977CD
Authority key identifier: 76:22:38:A3:3C:55:0C:C5:DF:02:44:F3:FC:6E:3D:BD:91:E4:C3:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/diI4ozxVDMXfAkTz_G49vZHkw54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/sJb2oawVBFWiEw8hW54HS9fnNuk.roa
Signing time: Thu 18 Jan 2024 01:08:11 +0000
ROA not before: Thu 18 Jan 2024 01:08:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207227
IP address blocks: 95.128.154.0/24 maxlen: 24
185.74.36.0/22 maxlen: 22
2a05:48c0::/29 maxlen: 29
2a13:1f40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/diI4ozxVDMXfAkTz_G49vZHkw54.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/diI4ozxVDMXfAkTz_G49vZHkw54.mft
rsync://rpki.ripe.net/repository/DEFAULT/diI4ozxVDMXfAkTz_G49vZHkw54.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 17:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1a:1c:7f:1c:a3:c1:bd:42:3a:10:8d:2a:31:19:77:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=762238a33c550cc5df0244f3fc6e3dbd91e4c39e
Validity
Not Before: Jan 18 01:08:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b096f6a1ac150455a2130f215b9e074bd7e736e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:68:4e:0c:a0:8c:d6:a7:64:6f:94:58:af:e0:
6a:82:57:65:18:87:fc:fc:62:50:15:66:2d:c5:9f:
40:56:d3:a5:e9:26:4d:ec:5a:84:d6:9c:4c:ca:38:
dd:08:d3:05:f7:87:7e:17:21:c5:76:bb:89:53:52:
d4:45:35:f6:8d:e7:d4:a7:6f:a9:ac:22:41:58:dd:
a6:bf:99:50:0a:5d:b5:47:f6:40:62:e2:4a:74:55:
bc:90:81:62:96:6b:68:5f:17:dc:6a:09:f5:df:b9:
9f:08:25:5f:04:8c:eb:5e:62:0b:f8:6d:64:87:43:
ed:55:54:7b:35:c5:51:62:b8:be:b1:98:08:e4:1f:
aa:52:7e:b2:4c:a0:f0:a2:10:bd:c2:6e:88:cd:b5:
aa:48:ad:c8:12:d0:3e:46:a0:61:7b:c3:97:6d:47:
d0:57:cd:b8:ef:4b:b4:0a:86:78:67:80:d7:50:4f:
34:21:d0:bd:6a:37:29:92:9c:a2:e5:50:10:ff:58:
f9:b4:11:db:72:77:57:18:12:d9:da:95:6c:a5:a7:
91:95:d5:28:82:3a:9a:73:b8:3c:50:ee:ab:bf:bc:
8f:25:2b:e9:3f:26:70:3d:5b:5b:cc:14:98:c3:86:
c7:fe:c6:35:4d:71:66:08:5a:90:72:4e:12:cf:ef:
d9:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:96:F6:A1:AC:15:04:55:A2:13:0F:21:5B:9E:07:4B:D7:E7:36:E9
X509v3 Authority Key Identifier:
keyid:76:22:38:A3:3C:55:0C:C5:DF:02:44:F3:FC:6E:3D:BD:91:E4:C3:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/diI4ozxVDMXfAkTz_G49vZHkw54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/sJb2oawVBFWiEw8hW54HS9fnNuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/diI4ozxVDMXfAkTz_G49vZHkw54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.154.0/24
185.74.36.0/22
IPv6:
2a05:48c0::/29
2a13:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
00:67:89:ff:4c:fe:6a:e1:ba:31:24:2f:95:bb:28:1a:04:5a:
1b:e6:1e:b1:a0:4c:29:2b:a4:6d:b3:0c:0c:7a:58:9a:9d:e9:
95:54:fb:36:b6:7f:c5:28:5a:c3:98:04:b9:8d:07:cd:48:08:
ef:7e:4f:4f:20:89:27:a8:95:27:65:58:a6:c0:73:ad:9f:62:
72:27:21:2c:e4:07:47:cb:6b:f8:3a:66:c5:7d:30:cc:40:93:
16:80:fa:44:75:a4:a2:3c:c4:c6:28:58:43:b2:dd:df:b3:89:
e8:45:dd:53:8c:ba:4e:e9:21:29:49:8f:d3:f4:38:50:74:09:
22:51:4b:ef:c5:73:73:cd:7f:e7:af:ad:9a:28:40:ce:be:39:
10:96:a0:1b:7c:6b:c4:c3:6a:f7:b7:31:24:da:eb:83:67:a2:
97:c9:30:71:b1:99:d8:fe:6a:e0:b9:78:2f:c3:a5:c3:f5:cb:
a0:90:e4:c6:bb:91:09:ee:76:22:08:72:e2:66:cc:01:b1:d3:
7a:ed:12:e5:3b:da:73:86:06:f7:8e:01:54:8d:0b:75:d0:ca:
7b:70:73:5b:34:b0:ba:20:d0:6a:93:e6:fa:22:ca:d9:84:4d:
78:35:72:67:0b:a7:1e:5f:ad:cf:94:63:cd:31:6b:33:9f:16:
b3:3b:c6:07
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY0aHH8co8G9QjoQjSoxGXfNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2MjIzOGEzM2M1NTBjYzVkZjAyNDRmM2ZjNmUzZGJkOTFl
NGMzOWUwHhcNMjQwMTE4MDEwODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDk2ZjZhMWFjMTUwNDU1YTIxMzBmMjE1YjllMDc0YmQ3ZTczNmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGhODKCM1qdkb5RYr+BqgldlGIf8
/GJQFWYtxZ9AVtOl6SZN7FqE1pxMyjjdCNMF94d+FyHFdruJU1LURTX2jefUp2+p
rCJBWN2mv5lQCl21R/ZAYuJKdFW8kIFilmtoXxfcagn137mfCCVfBIzrXmIL+G1k
h0PtVVR7NcVRYri+sZgI5B+qUn6yTKDwohC9wm6IzbWqSK3IEtA+RqBhe8OXbUfQ
V82470u0CoZ4Z4DXUE80IdC9ajcpkpyi5VAQ/1j5tBHbcndXGBLZ2pVspaeRldUo
gjqac7g8UO6rv7yPJSvpPyZwPVtbzBSYw4bH/sY1TXFmCFqQck4Sz+/Z6wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLCW9qGsFQRVohMPIVueB0vX5zbpMB8GA1UdIwQY
MBaAFHYiOKM8VQzF3wJE8/xuPb2R5MOeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGlJNG96eFZETVhmQWtUel9HNDl2WkhrdzU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS81ZTMyNDktYmViZi00MDcwLTlmY2Qt
MWIxZmM3OWQwNTUxLzEvc0piMm9hd1ZCRldpRXc4aFc1NEhTOWZuTnVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS81ZTMyNDktYmViZi00MDcwLTlmY2QtMWIxZmM3OWQwNTUx
LzEvZGlJNG96eFZETVhmQWtUel9HNDl2WkhrdzU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAX4CaAwQC
uUokMBQEAgACMA4DBQMqBUjAAwUDKhMfQDANBgkqhkiG9w0BAQsFAAOCAQEAAGeJ
/0z+auG6MSQvlbsoGgRaG+YesaBMKSukbbMMDHpYmp3plVT7NrZ/xShaw5gEuY0H
zUgI735PTyCJJ6iVJ2VYpsBzrZ9icichLOQHR8tr+DpmxX0wzECTFoD6RHWkojzE
xihYQ7Ld37OJ6EXdU4y6TukhKUmP0/Q4UHQJIlFL78Vzc81/56+tmihAzr45EJag
G3xrxMNq97cxJNrrg2eil8kwcbGZ2P5q4Ll4L8Olw/XLoJDkxruRCe52Ighy4mbM
AbHTeu0S5Tvac4YG944BVI0LddDKe3BzWzSwuiDQapPm+iLK2YRNeDVyZwunHl+t
z5RjzTFrM58WszvGBw==
-----END CERTIFICATE-----
Generated at Sat Jun 29 02:07:48 2024 by rpki-client on console-ams.rpki-client.org