Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/rOvtfV8PkCA9zd-pd-HN0bG8hJo.roa
File: rOvtfV8PkCA9zd-pd-HN0bG8hJo.roa (raw, json)
Hash identifier: eLiV7JoCj/c9BXO9spCiYVyHG0vQZZXIZBbdmscZQvI=
Subject key identifier: AC:EB:ED:7D:5F:0F:90:20:3D:CD:DF:A9:77:E1:CD:D1:B1:BC:84:9A
Certificate issuer: /CN=35d2929f1652f958812d099a233f33ad3445bbfb
Certificate serial: 019078B48CC9EE3BB31DBDE8C89A81E4EC2E
Authority key identifier: 35:D2:92:9F:16:52:F9:58:81:2D:09:9A:23:3F:33:AD:34:45:BB:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NdKSnxZS-ViBLQmaIz8zrTRFu_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/rOvtfV8PkCA9zd-pd-HN0bG8hJo.roa
Signing time: Wed 03 Jul 2024 13:06:56 +0000
ROA not before: Wed 03 Jul 2024 13:06:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206807
IP address blocks: 93.114.249.0/24 maxlen: 24
185.187.69.0/24 maxlen: 24
185.187.70.0/24 maxlen: 24
194.116.220.0/24 maxlen: 24
2a10:22c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/NdKSnxZS-ViBLQmaIz8zrTRFu_s.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/NdKSnxZS-ViBLQmaIz8zrTRFu_s.mft
rsync://rpki.ripe.net/repository/DEFAULT/NdKSnxZS-ViBLQmaIz8zrTRFu_s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:78:b4:8c:c9:ee:3b:b3:1d:bd:e8:c8:9a:81:e4:ec:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35d2929f1652f958812d099a233f33ad3445bbfb
Validity
Not Before: Jul 3 13:06:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acebed7d5f0f90203dcddfa977e1cdd1b1bc849a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:36:bb:c3:af:39:f3:aa:24:0c:bb:96:1f:2c:
95:4d:44:d4:c6:3a:14:8d:02:33:a6:e7:5e:3a:dc:
ea:21:44:ec:b4:5d:44:36:46:a5:4d:83:03:2b:b7:
ef:fb:0c:be:57:bb:20:7e:c9:f9:1c:4e:9c:fe:ef:
34:27:64:04:5d:c3:50:bf:59:3b:08:9c:65:41:9a:
b6:6a:72:d6:c3:88:f9:e6:f6:00:d9:05:7a:a4:db:
6d:88:68:c7:be:4a:2f:64:fb:72:e0:86:76:0a:30:
28:79:81:88:a4:69:45:84:d3:ce:53:a8:6c:d6:6f:
58:3c:e9:6c:e8:ba:20:0e:b8:00:f6:8b:89:62:05:
75:a7:07:60:fb:53:f8:45:3f:ec:cd:4d:cd:c0:96:
7c:db:26:bb:da:0b:5e:e3:bf:05:57:bf:0d:09:10:
8a:9a:ac:4b:60:5a:ef:9d:de:6f:f2:cc:46:eb:a5:
05:4a:01:cc:96:24:48:42:3a:09:73:18:d5:e4:6a:
88:f5:e6:d2:9f:bb:f0:72:8a:6e:4e:19:5d:af:fc:
c8:77:49:35:52:9c:f8:f8:11:37:98:e6:73:a3:e8:
e3:cd:2d:53:0b:c3:30:26:d7:90:31:88:a6:44:40:
b1:82:9e:2a:c1:26:ab:31:8b:d0:71:2c:01:3c:e8:
03:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:EB:ED:7D:5F:0F:90:20:3D:CD:DF:A9:77:E1:CD:D1:B1:BC:84:9A
X509v3 Authority Key Identifier:
keyid:35:D2:92:9F:16:52:F9:58:81:2D:09:9A:23:3F:33:AD:34:45:BB:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NdKSnxZS-ViBLQmaIz8zrTRFu_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/rOvtfV8PkCA9zd-pd-HN0bG8hJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/NdKSnxZS-ViBLQmaIz8zrTRFu_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.249.0/24
185.187.69.0-185.187.70.255
194.116.220.0/24
IPv6:
2a10:22c0::/29
Signature Algorithm: sha256WithRSAEncryption
25:b4:ba:f2:c5:e6:3f:7c:26:9a:15:07:dd:64:6a:91:fc:48:
1f:62:6e:64:35:d6:49:7f:2a:7c:62:74:32:26:9a:43:43:00:
01:80:cd:e4:b8:ef:70:35:bb:5a:51:63:3e:91:9a:9e:ed:e0:
1c:da:b6:4e:0d:04:24:1e:0d:72:0f:1b:9c:e0:35:03:3b:ff:
74:96:4b:a4:21:4f:5b:61:ce:0e:5d:69:86:0c:c9:b2:4f:a9:
5e:3b:0e:71:f2:6f:62:43:ce:71:46:62:49:fb:44:b7:03:22:
bb:88:30:f8:91:50:96:9d:5b:1f:84:7f:e2:c3:47:bd:b7:2c:
0d:b2:99:38:db:d9:b9:c5:5f:9e:86:b9:dd:5d:e8:03:37:09:
12:a2:58:de:01:f8:cb:c0:59:0b:25:15:f1:b7:48:65:04:5b:
ba:bb:43:d6:6b:e0:f4:1d:c9:fb:14:b2:50:dc:a9:d0:fe:fc:
b7:22:4d:24:9e:f0:3f:98:17:20:5e:07:8a:94:7b:fc:4b:87:
3a:cd:9e:0b:8e:5d:aa:0a:08:0f:b7:7c:3f:98:d0:fe:a6:4f:
4c:96:fe:ca:2c:f2:81:f7:c0:66:cc:71:4f:26:d2:e8:a9:94:
db:82:cc:a2:1e:5b:f4:17:e0:44:46:4f:6c:ca:ea:94:54:83:
a0:01:6c:89
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZB4tIzJ7juzHb3oyJqB5OwuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZDI5MjlmMTY1MmY5NTg4MTJkMDk5YTIzM2YzM2FkMzQ0
NWJiZmIwHhcNMjQwNzAzMTMwNjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2ViZWQ3ZDVmMGY5MDIwM2RjZGRmYTk3N2UxY2RkMWIxYmM4NDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTa7w68586okDLuWHyyVTUTUxjoU
jQIzpudeOtzqIUTstF1ENkalTYMDK7fv+wy+V7sgfsn5HE6c/u80J2QEXcNQv1k7
CJxlQZq2anLWw4j55vYA2QV6pNttiGjHvkovZPty4IZ2CjAoeYGIpGlFhNPOU6hs
1m9YPOls6LogDrgA9ouJYgV1pwdg+1P4RT/szU3NwJZ82ya72gte478FV78NCRCK
mqxLYFrvnd5v8sxG66UFSgHMliRIQjoJcxjV5GqI9ebSn7vwcopuThldr/zId0k1
Upz4+BE3mOZzo+jjzS1TC8MwJteQMYimRECxgp4qwSarMYvQcSwBPOgDfwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFKzr7X1fD5AgPc3fqXfhzdGxvISaMB8GA1UdIwQY
MBaAFDXSkp8WUvlYgS0JmiM/M600Rbv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmRLU254WlMtVmlCTFFtYUl6OHpyVFJGdV9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jNDljYTAtOTUyZS00OTVhLThlYjEt
YjI4MGQ0YzYyNzQ1LzEvck92dGZWOFBrQ0E5emQtcGQtSE4wYkc4aEpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jNDljYTAtOTUyZS00OTVhLThlYjEtYjI4MGQ0YzYyNzQ1
LzEvTmRLU254WlMtVmlCTFFtYUl6OHpyVFJGdV9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQAXXL5MAwD
BAC5u0UDBAC5u0YDBADCdNwwDQQCAAIwBwMFAyoQIsAwDQYJKoZIhvcNAQELBQAD
ggEBACW0uvLF5j98JpoVB91kapH8SB9ibmQ11kl/KnxidDImmkNDAAGAzeS473A1
u1pRYz6Rmp7t4Bzatk4NBCQeDXIPG5zgNQM7/3SWS6QhT1thzg5daYYMybJPqV47
DnHyb2JDznFGYkn7RLcDIruIMPiRUJadWx+Ef+LDR723LA2ymTjb2bnFX56Gud1d
6AM3CRKiWN4B+MvAWQslFfG3SGUEW7q7Q9Zr4PQdyfsUslDcqdD+/LciTSSe8D+Y
FyBeB4qUe/xLhzrNnguOXaoKCA+3fD+Y0P6mT0yW/sos8oH3wGbMcU8m0uiplNuC
zKIeW/QX4ERGT2zK6pRUg6ABbIk=
-----END CERTIFICATE-----
Generated at Sat Sep 28 14:12:13 2024 by rpki-client on console-fra.rpki-client.org