Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/1eA8ZMgViEQ5wZVcB4mMAPLhjao.roa
File: 1eA8ZMgViEQ5wZVcB4mMAPLhjao.roa (raw, json)
Hash identifier: FlwCSjo1sAVcPTkZB+P5JmpKY5nuB+8/cn0ew6XF7sw=
Subject key identifier: D5:E0:3C:64:C8:15:88:44:39:C1:95:5C:07:89:8C:00:F2:E1:8D:AA
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C7471A85AAF93BF99E39234F17EA3
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/1eA8ZMgViEQ5wZVcB4mMAPLhjao.roa
Signing time: Thu 02 Jan 2025 09:50:29 +0000
ROA not before: Thu 02 Jan 2025 09:50:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41134
IP address blocks: 95.107.0.0/20 maxlen: 20
95.107.32.0/19 maxlen: 19
109.61.128.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:74:71:a8:5a:af:93:bf:99:e3:92:34:f1:7e:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5e03c64c815884439c1955c07898c00f2e18daa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:0c:50:1e:06:a2:65:20:c0:e8:15:b0:d2:c8:
d1:06:31:59:4f:24:4b:78:aa:ef:2b:b9:c3:9b:44:
7d:5f:0d:46:77:f0:8b:86:3f:3e:a8:95:4d:4e:8c:
34:13:b2:38:2e:a2:d8:35:b2:df:89:a2:df:49:10:
e2:6b:a3:25:f0:cb:c5:c5:4f:81:9e:90:37:7f:9f:
44:51:e3:8d:ff:81:e4:6a:af:d2:00:b5:e9:47:d1:
71:54:d4:db:29:53:2f:08:85:d6:52:71:f2:6d:24:
71:aa:f8:32:55:d6:7b:9e:71:54:8f:98:b2:98:a6:
d3:e1:63:eb:f7:cf:ac:e8:3c:80:ec:7f:4c:d7:ea:
81:98:69:c8:99:78:e4:c2:5b:85:b4:59:6c:03:bf:
66:d8:09:d0:71:56:71:89:e7:73:d0:63:6c:dd:99:
f9:91:41:19:c5:d5:fa:63:35:75:0d:4d:e1:1a:26:
25:8f:d6:27:75:48:f2:71:96:d2:12:cc:e2:68:f3:
e7:fa:a5:22:7d:8f:44:02:27:42:f9:6a:65:91:e8:
68:41:8d:c8:d7:90:32:75:42:ae:7b:1f:35:db:d5:
93:f6:19:f4:10:d7:a4:9c:d4:14:dd:d5:61:15:87:
28:77:46:56:50:91:da:1d:76:31:c9:19:1f:02:88:
63:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E0:3C:64:C8:15:88:44:39:C1:95:5C:07:89:8C:00:F2:E1:8D:AA
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/1eA8ZMgViEQ5wZVcB4mMAPLhjao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.107.0.0/20
95.107.32.0/19
109.61.128.0/17
Signature Algorithm: sha256WithRSAEncryption
45:c7:13:14:6c:93:e0:1d:8d:2e:8a:7c:ad:a7:c4:b9:03:03:
05:76:7f:34:d7:5b:de:d4:2d:c7:42:e1:f4:56:e3:62:a1:a3:
58:97:92:e0:70:e9:b5:e9:6b:e2:0f:9b:a6:e2:5e:17:e3:dd:
4f:7c:03:33:6d:d5:67:46:29:36:1f:35:64:cd:78:97:b0:e0:
a0:c5:2e:06:d4:ea:4b:aa:82:0b:fa:83:94:15:fb:a6:9c:88:
d9:eb:17:58:91:70:8b:db:04:26:20:da:a0:28:39:de:8d:5d:
81:4f:c1:d1:c3:9a:e0:d5:db:f1:31:06:e3:81:f3:d9:c0:3c:
b1:1e:39:e3:1c:d7:fb:5b:0f:63:71:c2:f1:1d:0f:a2:82:16:
50:1b:ce:69:9c:aa:9f:d5:ef:08:c8:44:b2:b3:d6:2a:88:b4:
d4:f8:34:3d:ee:13:22:4d:05:cd:1e:55:64:b6:da:75:56:70:
fb:9c:57:9a:1e:ce:df:ba:9e:da:11:c0:0e:c5:f8:79:81:3a:
8e:82:34:27:56:a2:d6:45:29:de:b1:21:87:35:1a:1f:83:92:
e2:9d:20:e5:b2:48:81:06:38:c1:8b:b7:16:d7:f6:38:ca:07:
ff:af:0c:2d:04:73:8f:0f:f2:06:60:4e:46:3a:2d:0e:6e:80:
68:e3:84:a8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQmbHRxqFqvk7+Z45I08X6jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWUwM2M2NGM4MTU4ODQ0MzljMTk1NWMwNzg5OGMwMGYyZTE4ZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAxQHgaiZSDA6BWw0sjRBjFZTyRL
eKrvK7nDm0R9Xw1Gd/CLhj8+qJVNTow0E7I4LqLYNbLfiaLfSRDia6Ml8MvFxU+B
npA3f59EUeON/4Hkaq/SALXpR9FxVNTbKVMvCIXWUnHybSRxqvgyVdZ7nnFUj5iy
mKbT4WPr98+s6DyA7H9M1+qBmGnImXjkwluFtFlsA79m2AnQcVZxiedz0GNs3Zn5
kUEZxdX6YzV1DU3hGiYlj9YndUjycZbSEsziaPPn+qUifY9EAidC+WplkehoQY3I
15AydUKuex8129WT9hn0ENeknNQU3dVhFYcod0ZWUJHaHXYxyRkfAohjIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNXgPGTIFYhEOcGVXAeJjADy4Y2qMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvMWVBOFpNZ1ZpRVE1d1pWY0I0bU1BUExoamFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEX2sAAwQF
X2sgAwQHbT2AMA0GCSqGSIb3DQEBCwUAA4IBAQBFxxMUbJPgHY0uinytp8S5AwMF
dn8011ve1C3HQuH0VuNioaNYl5LgcOm16WviD5um4l4X491PfAMzbdVnRik2HzVk
zXiXsOCgxS4G1OpLqoIL+oOUFfumnIjZ6xdYkXCL2wQmINqgKDnejV2BT8HRw5rg
1dvxMQbjgfPZwDyxHjnjHNf7Ww9jccLxHQ+ighZQG85pnKqf1e8IyESys9YqiLTU
+DQ97hMiTQXNHlVkttp1VnD7nFeaHs7fup7aEcAOxfh5gTqOgjQnVqLWRSnesSGH
NRofg5LinSDlskiBBjjBi7cW1/Y4ygf/rwwtBHOPD/IGYE5GOi0OboBo44So
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:43 2025 by rpki-client