Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/cf1484-f961-4037-bdbf-66a715ad3783/1/k3lh8V-bxajVxhDuiHQqMK68HdU.roa
File: k3lh8V-bxajVxhDuiHQqMK68HdU.roa (raw, json)
Hash identifier: KuPKb8KiKK4SVcp59wAcofUeTB5aB8MvsW8viQfvN5c=
Subject key identifier: 93:79:61:F1:5F:9B:C5:A8:D5:C6:10:EE:88:74:2A:30:AE:BC:1D:D5
Certificate issuer: /CN=107e96f9449defc470bcc5a91f9217c6281ac1b2
Certificate serial: 018CC42562EC185792F41238E336C96DF5A3
Authority key identifier: 10:7E:96:F9:44:9D:EF:C4:70:BC:C5:A9:1F:92:17:C6:28:1A:C1:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EH6W-USd78RwvMWpH5IXxigawbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/cf1484-f961-4037-bdbf-66a715ad3783/1/k3lh8V-bxajVxhDuiHQqMK68HdU.roa
Signing time: Mon 01 Jan 2024 08:30:33 +0000
ROA not before: Mon 01 Jan 2024 08:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35709
IP address blocks: 95.214.16.0/24 maxlen: 24
95.214.17.0/24 maxlen: 24
95.214.19.0/24 maxlen: 24
95.214.18.0/24 maxlen: 24
2a09:d380::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/cf1484-f961-4037-bdbf-66a715ad3783/1/EH6W-USd78RwvMWpH5IXxigawbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/cf1484-f961-4037-bdbf-66a715ad3783/1/EH6W-USd78RwvMWpH5IXxigawbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/EH6W-USd78RwvMWpH5IXxigawbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:62:ec:18:57:92:f4:12:38:e3:36:c9:6d:f5:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=107e96f9449defc470bcc5a91f9217c6281ac1b2
Validity
Not Before: Jan 1 08:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=937961f15f9bc5a8d5c610ee88742a30aebc1dd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:66:6a:dc:3a:9e:ff:de:3f:5e:48:70:16:5a:
58:00:50:ca:e6:fa:e5:0d:02:09:ab:53:3d:d5:10:
83:d6:18:e8:d5:7b:04:6d:b6:e8:a0:88:de:ec:14:
05:6c:18:cb:68:38:ec:64:af:9d:81:40:37:da:d5:
a7:98:7c:e4:82:9c:6c:f1:44:b4:7b:8b:d7:ed:b3:
24:e3:95:9c:9a:84:dc:21:8a:b5:64:c2:45:57:bf:
43:6b:12:c2:62:f5:00:ed:18:ef:3e:28:53:81:fb:
bb:e1:c0:a9:22:6b:de:d1:38:6d:78:e0:bf:e5:51:
4f:10:34:19:42:1b:78:64:4f:a2:0d:50:94:82:44:
ec:9e:bf:e3:92:7c:e0:dc:45:0a:f0:bb:ad:bf:67:
e6:0d:95:9f:b6:d0:6a:35:bd:99:6d:df:07:f6:0c:
4e:ea:30:7e:12:ba:1f:9f:13:f3:2d:07:a0:9f:fe:
9c:e1:06:b6:aa:18:2a:88:56:da:1a:be:e7:c0:a1:
18:93:49:20:48:aa:50:bd:90:51:7d:33:f6:cd:df:
b2:31:db:b4:53:07:c8:97:31:a2:98:9e:b6:8a:6a:
68:1c:d5:49:59:f0:40:e2:ed:08:88:42:b1:31:04:
95:f9:6d:f2:a4:92:96:23:31:25:71:1b:2e:29:56:
c9:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:79:61:F1:5F:9B:C5:A8:D5:C6:10:EE:88:74:2A:30:AE:BC:1D:D5
X509v3 Authority Key Identifier:
keyid:10:7E:96:F9:44:9D:EF:C4:70:BC:C5:A9:1F:92:17:C6:28:1A:C1:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EH6W-USd78RwvMWpH5IXxigawbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/cf1484-f961-4037-bdbf-66a715ad3783/1/k3lh8V-bxajVxhDuiHQqMK68HdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/cf1484-f961-4037-bdbf-66a715ad3783/1/EH6W-USd78RwvMWpH5IXxigawbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.16.0/22
IPv6:
2a09:d380::/30
Signature Algorithm: sha256WithRSAEncryption
51:c0:45:89:b4:fc:f9:dd:f7:c8:d7:0d:26:e4:6f:b3:d2:d8:
6c:ea:3a:77:77:cd:97:5a:37:e7:9e:6e:8f:e9:c2:e7:a2:36:
51:08:c9:d2:88:07:98:5e:c0:44:7e:36:63:29:c9:62:4b:bd:
37:ad:90:e6:16:9a:16:94:bc:f9:ea:0e:63:f9:a9:6b:22:fd:
76:70:b8:c1:8a:b4:33:73:f2:a3:b8:16:34:59:9e:43:5b:b6:
80:ce:d2:6a:f3:9a:a1:2e:9e:e0:4b:d7:fa:61:a1:29:85:b0:
d7:97:94:d3:57:9a:12:21:5f:ce:d5:2b:9d:4c:7c:d5:49:c2:
19:4b:87:cb:00:d5:93:93:67:80:65:c6:2e:04:af:b4:98:38:
77:24:cd:3e:a0:44:04:ed:7e:98:59:00:4f:b1:7b:90:b2:83:
92:b4:11:31:4e:e3:49:60:c7:9e:fe:04:c2:45:bb:41:40:df:
23:cc:cd:b5:57:db:cd:3c:be:f9:b9:f0:77:67:17:6a:de:2d:
86:d8:44:fc:70:c0:61:f0:9e:34:5d:b4:ee:10:2a:12:c1:1a:
6c:46:c8:5f:18:2b:2d:81:97:ca:74:ce:42:e0:b0:18:b1:11:
65:7b:94:d3:50:a2:6e:ce:5a:ef:4c:c9:eb:ca:f7:09:fb:ed:
03:f0:4c:16
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJWLsGFeS9BI44zbJbfWjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwN2U5NmY5NDQ5ZGVmYzQ3MGJjYzVhOTFmOTIxN2M2Mjgx
YWMxYjIwHhcNMjQwMTAxMDgzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mzc5NjFmMTVmOWJjNWE4ZDVjNjEwZWU4ODc0MmEzMGFlYmMxZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmZq3Dqe/94/XkhwFlpYAFDK5vrl
DQIJq1M91RCD1hjo1XsEbbbooIje7BQFbBjLaDjsZK+dgUA32tWnmHzkgpxs8US0
e4vX7bMk45WcmoTcIYq1ZMJFV79DaxLCYvUA7RjvPihTgfu74cCpImve0ThteOC/
5VFPEDQZQht4ZE+iDVCUgkTsnr/jknzg3EUK8Lutv2fmDZWfttBqNb2Zbd8H9gxO
6jB+ErofnxPzLQegn/6c4Qa2qhgqiFbaGr7nwKEYk0kgSKpQvZBRfTP2zd+yMdu0
UwfIlzGimJ62impoHNVJWfBA4u0IiEKxMQSV+W3ypJKWIzElcRsuKVbJ3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJN5YfFfm8Wo1cYQ7oh0KjCuvB3VMB8GA1UdIwQY
MBaAFBB+lvlEne/EcLzFqR+SF8YoGsGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUg2Vy1VU2Q3OFJ3dk1XcEg1SVh4aWdhd2JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jZjE0ODQtZjk2MS00MDM3LWJkYmYt
NjZhNzE1YWQzNzgzLzEvazNsaDhWLWJ4YWpWeGhEdWlIUXFNSzY4SGRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jZjE0ODQtZjk2MS00MDM3LWJkYmYtNjZhNzE1YWQzNzgz
LzEvRUg2Vy1VU2Q3OFJ3dk1XcEg1SVh4aWdhd2JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCX9YQMA0E
AgACMAcDBQIqCdOAMA0GCSqGSIb3DQEBCwUAA4IBAQBRwEWJtPz53ffI1w0m5G+z
0ths6jp3d82XWjfnnm6P6cLnojZRCMnSiAeYXsBEfjZjKcliS703rZDmFpoWlLz5
6g5j+alrIv12cLjBirQzc/KjuBY0WZ5DW7aAztJq85qhLp7gS9f6YaEphbDXl5TT
V5oSIV/O1SudTHzVScIZS4fLANWTk2eAZcYuBK+0mDh3JM0+oEQE7X6YWQBPsXuQ
soOStBExTuNJYMee/gTCRbtBQN8jzM21V9vNPL75ufB3Zxdq3i2G2ET8cMBh8J40
XbTuECoSwRpsRshfGCstgZfKdM5C4LAYsRFle5TTUKJuzlrvTMnryvcJ++0D8EwW
-----END CERTIFICATE-----
Generated at Fri May 24 20:11:26 2024 by rpki-client on console-fra.rpki-client.org