Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/MD1kUJRo8DD3C6CwiudcFQyEgYg.roa
File: MD1kUJRo8DD3C6CwiudcFQyEgYg.roa (raw, json)
Hash identifier: XVdQq4XOrW5gbLrB9mnXbga77A3wTTi14uHKi6ovMpc=
Subject key identifier: 30:3D:64:50:94:68:F0:30:F7:0B:A0:B0:8A:E7:5C:15:0C:84:81:88
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018E9D29C8D12D432840D09BD14DB0BB3570
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/MD1kUJRo8DD3C6CwiudcFQyEgYg.roa
Signing time: Tue 02 Apr 2024 04:55:45 +0000
ROA not before: Tue 02 Apr 2024 04:55:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8570
IP address blocks: 95.179.0.0/18 maxlen: 22
95.179.64.0/19 maxlen: 20
95.179.80.0/20 maxlen: 24
95.179.96.0/19 maxlen: 22
109.172.32.0/22 maxlen: 22
109.172.40.0/22 maxlen: 22
178.234.0.0/16 maxlen: 18
195.34.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9d:29:c8:d1:2d:43:28:40:d0:9b:d1:4d:b0:bb:35:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 2 04:55:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=303d64509468f030f70ba0b08ae75c150c848188
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:83:12:c7:29:ab:ef:5a:d7:45:55:85:ed:a0:
6a:ab:9b:70:4a:12:00:8e:6f:10:04:ac:55:5d:ea:
e0:d3:db:48:f6:c2:fa:78:cc:10:db:67:8b:6e:97:
5e:85:b0:3a:c4:64:a5:96:30:0b:5f:6a:6b:9b:94:
d3:05:2c:92:a8:33:4a:14:66:f0:1f:4e:53:ff:42:
84:85:d6:ec:d5:3f:02:2d:eb:fa:3f:99:a2:62:dd:
30:3e:0f:5f:84:00:4d:ac:01:88:ac:c9:13:b1:ca:
38:39:a8:30:6a:9c:52:2b:13:4d:e8:22:db:7b:78:
3b:da:a8:03:64:98:cf:fd:db:0a:a9:3a:28:c1:d1:
48:ed:9a:d4:dd:59:3f:31:16:f6:d4:d7:80:5a:08:
7e:0c:7a:b9:3a:8c:30:45:55:59:19:54:7d:50:18:
f6:76:34:1e:93:c2:5b:1a:53:f2:cd:44:a3:7a:84:
2d:49:4d:86:5b:97:1a:26:14:a4:45:75:e1:4a:77:
17:8b:53:04:ac:71:40:e6:1f:e7:0d:e3:1d:fe:c0:
c1:b9:c5:81:ef:ad:ba:46:77:af:eb:ba:af:d1:dc:
3a:82:82:44:50:77:d8:47:5f:ea:3f:1f:14:e1:b5:
14:93:11:5d:84:b9:f7:4f:de:eb:61:b0:2e:db:7b:
27:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:3D:64:50:94:68:F0:30:F7:0B:A0:B0:8A:E7:5C:15:0C:84:81:88
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/MD1kUJRo8DD3C6CwiudcFQyEgYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.179.0.0/17
109.172.32.0/22
109.172.40.0/22
178.234.0.0/16
195.34.224.0/19
Signature Algorithm: sha256WithRSAEncryption
4c:0d:b0:04:e8:a1:6e:85:60:5f:62:c5:f2:e5:c8:32:7a:e8:
22:1c:c0:0a:fe:78:5d:3d:0f:d6:b3:0b:b4:3c:d5:b1:98:c2:
55:de:ae:8b:4b:ff:f4:d8:25:a7:8b:41:c1:c8:00:9d:aa:66:
ec:84:ff:69:6f:ac:50:97:93:64:34:de:ec:63:2a:fa:4d:79:
f8:f2:0b:54:32:48:5c:da:98:66:e8:42:56:e4:b9:4e:0d:9b:
c8:58:c7:4a:64:a4:68:ac:1b:8d:cd:fc:0d:b2:04:c5:31:a2:
da:63:12:3b:77:9d:72:a4:9b:32:5b:47:09:4e:9a:e5:fb:15:
04:bb:6c:ff:03:87:5e:fc:b4:db:7c:12:4c:b6:84:df:2c:7b:
71:26:5f:00:75:09:f7:11:77:a5:e5:dd:30:2d:b3:4f:b3:dd:
6f:a0:74:5b:91:5a:b4:2c:88:e9:7f:a3:6c:ca:04:19:ce:49:
47:2b:8a:7d:80:d2:f8:bd:df:18:68:fb:60:cf:44:81:de:1e:
8f:8e:e1:e9:2d:7c:68:18:20:0f:5c:fb:ec:36:31:e1:b6:b2:
70:a6:22:61:7d:7a:b4:49:eb:a4:a3:db:d9:15:d6:42:10:65:
e5:ca:a9:a3:55:c0:e7:eb:ba:fc:23:cf:d1:79:8e:1f:49:6d:
2b:2c:fb:d8
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY6dKcjRLUMoQNCb0U2wuzVwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDAyMDQ1NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDNkNjQ1MDk0NjhmMDMwZjcwYmEwYjA4YWU3NWMxNTBjODQ4MTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4MSxymr71rXRVWF7aBqq5twShIA
jm8QBKxVXerg09tI9sL6eMwQ22eLbpdehbA6xGSlljALX2prm5TTBSySqDNKFGbw
H05T/0KEhdbs1T8CLev6P5miYt0wPg9fhABNrAGIrMkTsco4OagwapxSKxNN6CLb
e3g72qgDZJjP/dsKqToowdFI7ZrU3Vk/MRb21NeAWgh+DHq5OowwRVVZGVR9UBj2
djQek8JbGlPyzUSjeoQtSU2GW5caJhSkRXXhSncXi1MErHFA5h/nDeMd/sDBucWB
7626Rnev67qv0dw6goJEUHfYR1/qPx8U4bUUkxFdhLn3T97rYbAu23sn/QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDA9ZFCUaPAw9wugsIrnXBUMhIGIMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvTUQxa1VKUm84REQzQzZDd2l1ZGNGUXlFZ1lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAATAdAwQHX7MAAwQC
bawgAwQCbawoAwMAsuoDBAXDIuAwDQYJKoZIhvcNAQELBQADggEBAEwNsATooW6F
YF9ixfLlyDJ66CIcwAr+eF09D9azC7Q81bGYwlXerotL//TYJaeLQcHIAJ2qZuyE
/2lvrFCXk2Q03uxjKvpNefjyC1QySFzamGboQlbkuU4Nm8hYx0pkpGisG43N/A2y
BMUxotpjEjt3nXKkmzJbRwlOmuX7FQS7bP8Dh178tNt8Eky2hN8se3EmXwB1CfcR
d6Xl3TAts0+z3W+gdFuRWrQsiOl/o2zKBBnOSUcrin2A0vi93xho+2DPRIHeHo+O
4ektfGgYIA9c++w2MeG2snCmImF9erRJ66Sj29kV1kIQZeXKqaNVwOfruvwjz9F5
jh9JbSss+9g=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:27:56 2024 by rpki-client on console-ams.rpki-client.org