Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/_9J8B85rfLQf89br2WOu4yPWFHI.roa
File: _9J8B85rfLQf89br2WOu4yPWFHI.roa (raw, json)
Hash identifier: pmBio6M6PmjY6HE0emFwiWb4/d8aZ7o7ngU4OMHUOh8=
Subject key identifier: FF:D2:7C:07:CE:6B:7C:B4:1F:F3:D6:EB:D9:63:AE:E3:23:D6:14:72
Certificate issuer: /CN=72fa41a0a7a68102b53ab31742db61242f75908c
Certificate serial: 018CC8716059491C257CB7E7BF4C044CBAF9
Authority key identifier: 72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/_9J8B85rfLQf89br2WOu4yPWFHI.roa
Signing time: Tue 02 Jan 2024 04:32:02 +0000
ROA not before: Tue 02 Jan 2024 04:32:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43770
IP address blocks: 91.195.154.0/23 maxlen: 23
185.210.220.0/22 maxlen: 22
185.153.4.0/22 maxlen: 22
2a07:84c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:60:59:49:1c:25:7c:b7:e7:bf:4c:04:4c:ba:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72fa41a0a7a68102b53ab31742db61242f75908c
Validity
Not Before: Jan 2 04:32:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffd27c07ce6b7cb41ff3d6ebd963aee323d61472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:25:d7:f0:6c:b1:42:43:e1:0c:c1:0d:6b:c0:
7a:21:79:7a:ec:ce:36:a7:07:cc:81:6b:ca:a4:3c:
85:38:91:a5:b0:0c:95:df:3a:4d:3e:87:a4:3f:1c:
cb:67:f3:06:d4:4d:32:04:cf:71:ad:3f:34:02:f9:
74:c9:47:bc:7a:83:14:46:ee:8b:ca:88:f8:14:89:
4b:56:f8:59:55:e8:e8:e4:aa:0e:8e:6b:c4:b2:4e:
11:46:50:d7:cf:0e:3c:94:42:ba:18:c5:c1:80:c2:
d8:b3:6a:61:24:93:d8:8b:78:8c:db:f8:fb:25:f3:
c5:94:c5:eb:85:e9:ae:cd:b3:7a:cf:23:a2:41:76:
22:82:3c:1f:00:17:29:d5:f5:ce:08:b5:da:bc:42:
06:f9:19:82:2b:1f:15:d7:d1:2c:c6:a4:db:4b:9c:
6b:8f:65:2f:d1:7b:a5:8a:24:01:e4:ce:2b:43:b1:
c9:c4:2e:e9:21:49:de:83:94:dc:e2:bb:e3:20:55:
29:9f:72:c8:b4:dd:aa:03:6d:15:6d:b5:41:7e:82:
ca:5d:60:d9:40:5f:15:5e:17:fa:e3:d7:99:8d:c3:
23:e0:92:d8:20:ed:ed:05:58:1d:99:85:0a:70:25:
05:6c:49:c1:f6:5b:58:8e:9e:ce:8e:17:05:8d:d2:
55:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:D2:7C:07:CE:6B:7C:B4:1F:F3:D6:EB:D9:63:AE:E3:23:D6:14:72
X509v3 Authority Key Identifier:
keyid:72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/_9J8B85rfLQf89br2WOu4yPWFHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.154.0/23
185.153.4.0/22
185.210.220.0/22
IPv6:
2a07:84c0::/29
Signature Algorithm: sha256WithRSAEncryption
53:8a:b8:b5:50:a3:77:75:15:45:99:ab:87:02:fd:43:6e:43:
8a:41:d1:f7:b0:e4:6c:41:7c:46:31:58:81:d1:23:ca:74:93:
32:44:3f:8d:d9:48:33:6d:ca:70:23:97:bc:47:59:04:ed:45:
07:ed:63:2f:24:7d:b1:01:1e:e1:1d:90:7a:dc:98:94:41:e4:
07:01:41:26:79:02:49:70:ff:34:05:58:b3:cf:2e:3f:57:74:
1f:2b:2b:97:8f:69:eb:6e:4a:a9:ab:0e:0b:ee:03:30:36:ac:
49:9e:ca:97:73:af:1a:4a:44:54:be:0a:0f:8f:33:41:0c:bd:
6b:d8:25:32:37:fd:34:ec:d7:a0:59:e3:9f:a9:0f:31:dc:e3:
ea:03:bd:53:5a:bb:41:35:7d:67:d8:be:c9:13:ee:14:7f:56:
a3:4f:d5:9f:f7:18:19:5c:48:2d:6c:17:3b:ed:dd:10:86:49:
60:e4:71:35:f1:29:0e:21:f9:98:f3:e3:64:95:b0:a9:ed:d1:
af:e1:c8:51:cf:4d:f6:3e:40:4a:08:8b:76:85:c6:84:e4:5d:
0b:ff:6c:28:c4:7a:af:12:4a:d4:77:b1:75:43:bc:51:1a:31:
16:5b:63:0b:4a:b1:50:a2:3d:a5:1b:10:19:33:7b:70:f0:f1:
8b:73:ea:ce
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzIcWBZSRwlfLfnv0wETLr5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZmE0MWEwYTdhNjgxMDJiNTNhYjMxNzQyZGI2MTI0MmY3
NTkwOGMwHhcNMjQwMTAyMDQzMjAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmQyN2MwN2NlNmI3Y2I0MWZmM2Q2ZWJkOTYzYWVlMzIzZDYxNDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyXX8GyxQkPhDMENa8B6IXl67M42
pwfMgWvKpDyFOJGlsAyV3zpNPoekPxzLZ/MG1E0yBM9xrT80Avl0yUe8eoMURu6L
yoj4FIlLVvhZVejo5KoOjmvEsk4RRlDXzw48lEK6GMXBgMLYs2phJJPYi3iM2/j7
JfPFlMXrhemuzbN6zyOiQXYigjwfABcp1fXOCLXavEIG+RmCKx8V19EsxqTbS5xr
j2Uv0XuliiQB5M4rQ7HJxC7pIUneg5Tc4rvjIFUpn3LItN2qA20VbbVBfoLKXWDZ
QF8VXhf649eZjcMj4JLYIO3tBVgdmYUKcCUFbEnB9ltYjp7OjhcFjdJVWwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFP/SfAfOa3y0H/PW69ljruMj1hRyMB8GA1UdIwQY
MBaAFHL6QaCnpoECtTqzF0LbYSQvdZCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMt
ZmNlYmRjMGRmYzNmLzEvXzlKOEI4NXJmTFFmODlicjJXT3U0eVBXRkhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMtZmNlYmRjMGRmYzNm
LzEvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBW8OaAwQC
uZkEAwQCudLcMA0EAgACMAcDBQMqB4TAMA0GCSqGSIb3DQEBCwUAA4IBAQBTiri1
UKN3dRVFmauHAv1DbkOKQdH3sORsQXxGMViB0SPKdJMyRD+N2UgzbcpwI5e8R1kE
7UUH7WMvJH2xAR7hHZB63JiUQeQHAUEmeQJJcP80BVizzy4/V3QfKyuXj2nrbkqp
qw4L7gMwNqxJnsqXc68aSkRUvgoPjzNBDL1r2CUyN/007NegWeOfqQ8x3OPqA71T
WrtBNX1n2L7JE+4Uf1ajT9Wf9xgZXEgtbBc77d0Qhklg5HE18SkOIfmY8+NklbCp
7dGv4chRz032PkBKCIt2hcaE5F0L/2woxHqvEkrUd7F1Q7xRGjEWW2MLSrFQoj2l
GxAZM3tw8PGLc+rO
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:34:51 2024 by rpki-client on console-fra.rpki-client.org