Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/FI0w7KJuOncIYB6DF0_bJ9l72MQ.roa
File: FI0w7KJuOncIYB6DF0_bJ9l72MQ.roa (raw, json)
Hash identifier: oAmbxXXuip9OTF1Di0TutSwCv0JkJYeQi6qlS9yptC8=
Subject key identifier: 14:8D:30:EC:A2:6E:3A:77:08:60:1E:83:17:4F:DB:27:D9:7B:D8:C4
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 018CC500B0509B3ABA8F62E85A9357CED518
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/FI0w7KJuOncIYB6DF0_bJ9l72MQ.roa
Signing time: Mon 01 Jan 2024 12:30:05 +0000
ROA not before: Mon 01 Jan 2024 12:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2914
IP address blocks: 92.61.110.0/24 maxlen: 24
92.61.107.0/24 maxlen: 24
91.190.186.0/24 maxlen: 24
91.190.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:b0:50:9b:3a:ba:8f:62:e8:5a:93:57:ce:d5:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Jan 1 12:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=148d30eca26e3a7708601e83174fdb27d97bd8c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4f:39:d1:b4:c2:3b:55:b1:5b:e2:d4:ff:2d:
40:b3:ba:78:9c:69:87:d7:a4:a4:65:77:60:ec:fd:
e0:22:77:25:67:48:a6:77:d7:ac:67:4c:9a:27:e2:
e6:dc:7a:c4:da:d5:4a:5e:ea:ec:97:9e:f6:4e:27:
7e:a1:4d:a8:4e:ac:74:98:b4:87:9b:be:51:1f:b4:
3a:7f:7c:02:87:13:57:80:da:18:83:f6:6a:6f:52:
2c:21:8b:d6:52:19:5f:d3:e8:5a:19:6b:80:45:70:
2f:9e:e7:be:af:05:a1:31:9f:3e:0a:7f:33:d1:07:
c0:a3:50:23:04:6e:9b:48:ba:0f:be:ad:c9:f6:23:
f6:74:8f:7c:b3:42:52:ee:5a:1a:4e:70:24:11:1c:
43:3d:35:bc:35:c8:00:46:81:f1:89:f0:46:92:c1:
89:f3:06:17:6a:28:54:1d:11:80:ea:37:0d:cd:9f:
f2:e7:7f:5d:73:96:a5:89:8b:ed:3c:05:65:5a:6c:
21:2f:43:84:8b:15:e0:7a:35:25:7e:fe:43:91:42:
26:de:97:62:e7:fe:dd:08:4a:34:eb:e4:e3:bf:35:
6d:a5:9f:8d:35:44:2b:11:dd:8b:34:77:f6:2d:a1:
32:ab:f3:05:8e:df:6d:47:40:fd:cd:d0:db:8e:be:
90:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:8D:30:EC:A2:6E:3A:77:08:60:1E:83:17:4F:DB:27:D9:7B:D8:C4
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/FI0w7KJuOncIYB6DF0_bJ9l72MQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.186.0/24
91.190.191.0/24
92.61.107.0/24
92.61.110.0/24
Signature Algorithm: sha256WithRSAEncryption
98:5d:19:bb:28:49:25:a0:6e:b4:15:2a:76:d2:5b:22:89:06:
92:bb:03:06:45:25:b6:29:64:d3:0a:d4:1d:27:2d:e0:c6:fc:
03:c1:73:30:2a:fc:9c:f7:30:bc:b0:cc:a2:ce:02:0f:3f:9a:
4d:35:aa:c3:4b:e1:a3:e4:9d:67:4c:a1:4e:c8:02:12:1f:44:
da:92:c2:a7:e5:b8:d3:0d:88:ee:72:13:8f:1e:b2:e2:9e:69:
91:d6:2c:87:dc:67:e8:3c:b1:d3:bf:52:35:36:9d:36:9f:c1:
16:22:20:c4:ba:ab:24:f6:6b:ad:0e:1a:80:35:52:1a:7a:2d:
ba:08:98:a9:98:4d:05:9a:72:31:16:00:38:3a:8d:4d:1c:04:
6f:c1:b5:02:da:a2:14:36:73:25:b0:71:80:51:11:16:d0:66:
10:19:81:bf:f0:d8:78:a0:a0:9b:32:86:1c:75:42:0b:a9:38:
03:c6:7a:94:36:fc:9f:21:b9:0e:70:28:53:69:00:02:95:1d:
49:2a:bf:24:51:40:52:d6:50:8a:01:36:46:99:11:20:d2:84:
8e:7c:2a:6b:e4:ca:d7:76:3e:2b:e7:6f:ba:18:c1:c5:34:cf:
f9:83:c8:a7:b9:01:fb:3d:0e:ce:c9:49:19:c3:40:2a:87:e1:
91:a1:6b:54
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFALBQmzq6j2LoWpNXztUYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjQwMTAxMTIzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDhkMzBlY2EyNmUzYTc3MDg2MDFlODMxNzRmZGIyN2Q5N2JkOGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlk850bTCO1WxW+LU/y1As7p4nGmH
16SkZXdg7P3gInclZ0imd9esZ0yaJ+Lm3HrE2tVKXursl572Tid+oU2oTqx0mLSH
m75RH7Q6f3wChxNXgNoYg/Zqb1IsIYvWUhlf0+haGWuARXAvnue+rwWhMZ8+Cn8z
0QfAo1AjBG6bSLoPvq3J9iP2dI98s0JS7loaTnAkERxDPTW8NcgARoHxifBGksGJ
8wYXaihUHRGA6jcNzZ/y539dc5aliYvtPAVlWmwhL0OEixXgejUlfv5DkUIm3pdi
5/7dCEo06+TjvzVtpZ+NNUQrEd2LNHf2LaEyq/MFjt9tR0D9zdDbjr6QnwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBSNMOyibjp3CGAegxdP2yfZe9jEMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvRkkwdzdLSnVPbmNJWUI2REYwX2JKOWw3Mk1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW766AwQA
W76/AwQAXD1rAwQAXD1uMA0GCSqGSIb3DQEBCwUAA4IBAQCYXRm7KEkloG60FSp2
0lsiiQaSuwMGRSW2KWTTCtQdJy3gxvwDwXMwKvyc9zC8sMyizgIPP5pNNarDS+Gj
5J1nTKFOyAISH0TaksKn5bjTDYjuchOPHrLinmmR1iyH3GfoPLHTv1I1Np02n8EW
IiDEuqsk9mutDhqANVIaei26CJipmE0FmnIxFgA4Oo1NHARvwbUC2qIUNnMlsHGA
UREW0GYQGYG/8Nh4oKCbMoYcdUILqTgDxnqUNvyfIbkOcChTaQAClR1JKr8kUUBS
1lCKATZGmREg0oSOfCpr5MrXdj4r52+6GMHFNM/5g8inuQH7PQ7OyUkZw0Aqh+GR
oWtU
-----END CERTIFICATE-----
Generated at Mon May 6 05:15:56 2024 by rpki-client on console-fra.rpki-client.org