Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/oD_2okLE0SUJ0PtuUojLhaFr3pk.roa
File: oD_2okLE0SUJ0PtuUojLhaFr3pk.roa (raw, json)
Hash identifier: QB86hY/KrQWklaJ+8vy3LJ3zJ85nub8saj9z9PYw8zU=
Subject key identifier: A0:3F:F6:A2:42:C4:D1:25:09:D0:FB:6E:52:88:CB:85:A1:6B:DE:99
Certificate issuer: /CN=7de98f48e988790d0e0793537941b413d2e60306
Certificate serial: 018CC3B6911463501EC0909DBCFFB679265F
Authority key identifier: 7D:E9:8F:48:E9:88:79:0D:0E:07:93:53:79:41:B4:13:D2:E6:03:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/femPSOmIeQ0OB5NTeUG0E9LmAwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/oD_2okLE0SUJ0PtuUojLhaFr3pk.roa
Signing time: Mon 01 Jan 2024 06:29:30 +0000
ROA not before: Mon 01 Jan 2024 06:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41849
IP address blocks: 91.102.135.0/24 maxlen: 24
91.102.134.0/23 maxlen: 23
91.102.134.0/24 maxlen: 24
5.252.44.0/22 maxlen: 22
91.102.130.0/24 maxlen: 24
91.102.128.0/22 maxlen: 22
2a01:7140::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/femPSOmIeQ0OB5NTeUG0E9LmAwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/femPSOmIeQ0OB5NTeUG0E9LmAwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/femPSOmIeQ0OB5NTeUG0E9LmAwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 17:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:91:14:63:50:1e:c0:90:9d:bc:ff:b6:79:26:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7de98f48e988790d0e0793537941b413d2e60306
Validity
Not Before: Jan 1 06:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a03ff6a242c4d12509d0fb6e5288cb85a16bde99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1e:34:e8:02:8e:5f:cb:ae:ce:c0:00:ed:a5:
26:d6:c8:31:42:cb:e5:c6:43:72:4a:f5:75:24:dc:
7c:47:7c:1f:e8:6c:0f:f0:33:88:f4:f2:d6:30:70:
43:5b:a8:71:73:db:47:f4:d4:99:9d:eb:31:64:03:
b1:74:ae:f4:27:3b:3d:f4:0c:9b:ad:b4:8e:d6:74:
7c:9c:19:78:00:84:91:48:bf:e1:f0:82:9c:78:2b:
b1:42:2d:8a:d6:86:e6:8e:48:60:4c:c0:6e:57:39:
a3:e4:8a:53:cb:9d:58:da:45:0f:20:93:e9:c5:39:
0c:cb:5b:b1:6d:85:35:18:17:2b:16:b4:25:40:06:
12:8c:3e:48:91:a5:82:66:0e:0f:c2:87:32:c2:8b:
47:dc:29:3f:d7:97:fe:38:9d:ec:26:6b:53:c8:ec:
4e:99:92:9f:a3:4e:a0:04:07:97:2f:c5:e0:88:18:
7a:a2:a9:f0:f7:2d:17:4b:62:b5:a7:99:be:f8:70:
fb:98:a7:ff:1b:b6:06:df:b7:ca:8f:73:1f:12:f0:
01:a9:da:04:48:58:a0:c8:fe:a9:d2:7b:ca:00:e8:
f3:b4:6c:99:cb:5a:6b:b8:24:83:a4:49:19:f4:8e:
e8:d5:b9:96:53:b5:6e:3f:13:71:e1:62:1f:a0:5c:
bd:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:3F:F6:A2:42:C4:D1:25:09:D0:FB:6E:52:88:CB:85:A1:6B:DE:99
X509v3 Authority Key Identifier:
keyid:7D:E9:8F:48:E9:88:79:0D:0E:07:93:53:79:41:B4:13:D2:E6:03:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/femPSOmIeQ0OB5NTeUG0E9LmAwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/oD_2okLE0SUJ0PtuUojLhaFr3pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/femPSOmIeQ0OB5NTeUG0E9LmAwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.44.0/22
91.102.128.0/22
91.102.134.0/23
IPv6:
2a01:7140::/32
Signature Algorithm: sha256WithRSAEncryption
71:52:d3:f8:16:90:ef:ff:35:55:18:ba:c8:de:c5:0e:8b:61:
da:b1:5b:6a:57:0b:89:48:f7:84:5b:f4:8c:93:3e:18:43:9c:
29:7a:c5:f2:cb:5c:be:93:14:bf:bb:a4:b8:b7:eb:16:1e:a1:
da:6b:0d:32:27:96:46:5b:27:71:45:c0:5c:2d:60:9e:1d:c4:
cf:db:fd:cc:1c:48:bb:da:b3:87:d2:f5:ac:d5:a4:9d:88:5e:
ee:2f:ba:ca:19:0e:ee:51:e4:eb:6c:3f:bc:f2:67:da:e7:dd:
71:d7:36:bb:d7:f5:76:c7:a1:6f:51:79:b3:cf:19:19:9e:35:
ef:78:5a:64:e8:fc:a3:2a:35:ae:b9:51:95:3e:c4:f3:90:da:
28:54:ec:a5:e3:cb:01:d6:cb:a1:e6:10:0d:3c:e2:df:02:24:
d0:16:ec:97:36:af:e4:79:3f:2a:a8:87:61:b2:08:6d:50:96:
42:6a:80:29:05:d8:67:62:c1:8c:a8:b6:9b:5f:33:a4:84:b3:
f6:57:f2:fd:24:6d:42:8c:f6:ec:22:5d:59:e3:68:4e:e7:1d:
63:95:35:5f:4f:2b:0b:67:87:93:a9:b1:57:e6:40:49:53:81:
ab:0a:1d:e2:1b:51:39:ec:40:00:d2:c8:26:0b:8b:d8:09:f6:
da:74:0c:0f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDtpEUY1AewJCdvP+2eSZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZTk4ZjQ4ZTk4ODc5MGQwZTA3OTM1Mzc5NDFiNDEzZDJl
NjAzMDYwHhcNMjQwMTAxMDYyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDNmZjZhMjQyYzRkMTI1MDlkMGZiNmU1Mjg4Y2I4NWExNmJkZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB406AKOX8uuzsAA7aUm1sgxQsvl
xkNySvV1JNx8R3wf6GwP8DOI9PLWMHBDW6hxc9tH9NSZnesxZAOxdK70Jzs99Ayb
rbSO1nR8nBl4AISRSL/h8IKceCuxQi2K1obmjkhgTMBuVzmj5IpTy51Y2kUPIJPp
xTkMy1uxbYU1GBcrFrQlQAYSjD5IkaWCZg4PwocywotH3Ck/15f+OJ3sJmtTyOxO
mZKfo06gBAeXL8XgiBh6oqnw9y0XS2K1p5m++HD7mKf/G7YG37fKj3MfEvABqdoE
SFigyP6p0nvKAOjztGyZy1pruCSDpEkZ9I7o1bmWU7VuPxNx4WIfoFy9JwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKA/9qJCxNElCdD7blKIy4Wha96ZMB8GA1UdIwQY
MBaAFH3pj0jpiHkNDgeTU3lBtBPS5gMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmVtUFNPbUllUTBPQjVOVGVVRzBFOUxtQXdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jMGZjMGEtMTVkNC00NmNjLWE4Yjkt
NDc2MzJjYjViODU0LzEvb0RfMm9rTEUwU1VKMFB0dVVvakxoYUZyM3BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jMGZjMGEtMTVkNC00NmNjLWE4YjktNDc2MzJjYjViODU0
LzEvZmVtUFNPbUllUTBPQjVOVGVVRzBFOUxtQXdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCBfwsAwQC
W2aAAwQBW2aGMA0EAgACMAcDBQAqAXFAMA0GCSqGSIb3DQEBCwUAA4IBAQBxUtP4
FpDv/zVVGLrI3sUOi2HasVtqVwuJSPeEW/SMkz4YQ5wpesXyy1y+kxS/u6S4t+sW
HqHaaw0yJ5ZGWydxRcBcLWCeHcTP2/3MHEi72rOH0vWs1aSdiF7uL7rKGQ7uUeTr
bD+88mfa591x1za71/V2x6FvUXmzzxkZnjXveFpk6PyjKjWuuVGVPsTzkNooVOyl
48sB1suh5hANPOLfAiTQFuyXNq/keT8qqIdhsghtUJZCaoApBdhnYsGMqLabXzOk
hLP2V/L9JG1CjPbsIl1Z42hO5x1jlTVfTysLZ4eTqbFX5kBJU4GrCh3iG1E57EAA
0sgmC4vYCfbadAwP
-----END CERTIFICATE-----
Generated at Sun Jun 23 00:51:40 2024 by rpki-client on console-fra.rpki-client.org