Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/c752b2-18f9-4191-88f8-c065f242f020/1/kE6fCKwIFKrmQEkgrnCxlO6BLjA.roa
File: kE6fCKwIFKrmQEkgrnCxlO6BLjA.roa (raw, json)
Hash identifier: GOd5lBY9uKKrtFSqfJJo2+AfxCeefH0T3i9hEdJtxyM=
Subject key identifier: 90:4E:9F:08:AC:08:14:AA:E6:40:49:20:AE:70:B1:94:EE:81:2E:30
Certificate issuer: /CN=b795aaf033004c92d7a26c236c14d32552d78d94
Certificate serial: 018CC8DEC27C2ABAAC9892576C93B7395E9B
Authority key identifier: B7:95:AA:F0:33:00:4C:92:D7:A2:6C:23:6C:14:D3:25:52:D7:8D:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t5Wq8DMATJLXomwjbBTTJVLXjZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/c752b2-18f9-4191-88f8-c065f242f020/1/kE6fCKwIFKrmQEkgrnCxlO6BLjA.roa
Signing time: Tue 02 Jan 2024 06:31:31 +0000
ROA not before: Tue 02 Jan 2024 06:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199758
IP address blocks: 91.132.252.0/23 maxlen: 23
91.132.252.0/22 maxlen: 22
91.132.254.0/23 maxlen: 23
195.13.51.0/24 maxlen: 24
195.14.7.0/24 maxlen: 24
195.13.47.0/24 maxlen: 24
185.46.230.0/23 maxlen: 23
185.46.228.0/22 maxlen: 22
185.46.228.0/23 maxlen: 23
185.153.10.0/23 maxlen: 23
185.153.8.0/22 maxlen: 22
185.153.8.0/23 maxlen: 23
2a01:8760::/32 maxlen: 32
2a03:ac60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/c752b2-18f9-4191-88f8-c065f242f020/1/t5Wq8DMATJLXomwjbBTTJVLXjZQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/c752b2-18f9-4191-88f8-c065f242f020/1/t5Wq8DMATJLXomwjbBTTJVLXjZQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/t5Wq8DMATJLXomwjbBTTJVLXjZQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:c2:7c:2a:ba:ac:98:92:57:6c:93:b7:39:5e:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b795aaf033004c92d7a26c236c14d32552d78d94
Validity
Not Before: Jan 2 06:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=904e9f08ac0814aae6404920ae70b194ee812e30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d5:fc:4d:2c:16:ca:2e:bb:a5:44:eb:7d:cd:
d5:fa:3a:ea:7d:b3:dd:c0:da:d9:02:df:38:0d:aa:
4d:c3:e8:b5:e3:8c:a6:8a:24:b7:7c:22:b8:79:e9:
0b:9e:e0:c9:a6:6d:5b:6c:f3:1c:68:40:04:b8:50:
a8:63:95:e4:2b:6a:32:18:97:5d:a1:34:c2:78:ef:
92:50:77:85:62:dd:0c:1c:7b:df:1f:12:c3:2b:8b:
c5:b5:97:2c:6c:2d:fb:da:fb:ea:0f:20:26:b0:f2:
57:82:8e:e3:cc:75:c7:b5:d9:8c:a8:15:5b:2d:04:
25:98:ee:4b:bb:d3:b8:af:1f:61:46:76:8d:a7:59:
3c:35:a4:8e:89:34:54:74:51:fc:b4:95:e5:c5:f2:
2c:e6:df:7a:bf:ac:e3:b4:e4:ba:c7:4a:0b:e7:86:
30:74:03:05:03:00:70:f1:3b:11:d2:f1:a3:8b:56:
04:3e:ef:88:28:c5:eb:30:85:d0:c8:be:7c:f7:35:
73:34:45:4e:3b:ce:14:1e:be:d3:3d:06:fc:1a:10:
44:2b:66:22:47:3e:5d:06:24:7d:9f:c6:fe:89:9b:
f0:1c:22:89:a0:76:97:97:e0:1f:d1:2e:5f:f6:0e:
f0:86:67:b5:ea:d7:51:ca:67:f0:42:04:16:ef:e1:
9d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:4E:9F:08:AC:08:14:AA:E6:40:49:20:AE:70:B1:94:EE:81:2E:30
X509v3 Authority Key Identifier:
keyid:B7:95:AA:F0:33:00:4C:92:D7:A2:6C:23:6C:14:D3:25:52:D7:8D:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t5Wq8DMATJLXomwjbBTTJVLXjZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c752b2-18f9-4191-88f8-c065f242f020/1/kE6fCKwIFKrmQEkgrnCxlO6BLjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c752b2-18f9-4191-88f8-c065f242f020/1/t5Wq8DMATJLXomwjbBTTJVLXjZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.252.0/22
185.46.228.0/22
185.153.8.0/22
195.13.47.0/24
195.13.51.0/24
195.14.7.0/24
IPv6:
2a01:8760::/32
2a03:ac60::/32
Signature Algorithm: sha256WithRSAEncryption
2e:5d:97:d4:c3:5e:fa:68:c4:1d:11:99:64:38:29:9f:e2:e7:
63:c2:85:b3:ad:0b:e9:05:ba:f8:5d:49:75:2a:27:86:df:f9:
86:ad:3a:ac:0c:1a:5b:25:aa:3e:c4:42:80:b8:31:1b:ba:ab:
d3:a2:b6:c8:6d:82:ee:0d:6d:7d:35:82:17:c5:2f:a5:0e:f1:
21:f8:c2:12:8a:9c:25:9a:99:48:ac:6f:f3:56:fa:91:82:6d:
40:a9:b6:2d:4c:19:0a:bf:ec:b4:85:2f:dc:c2:0b:33:fc:0d:
13:08:8e:aa:49:9b:dc:9c:da:03:82:21:50:36:3a:5a:66:93:
e9:a2:b4:4a:a6:dc:ac:88:94:6b:dc:93:cc:f3:3e:69:a7:c2:
5f:bb:73:9c:1f:07:ae:2d:d2:57:ce:17:ec:15:02:b8:68:d3:
0d:6e:55:f6:82:4f:9c:7c:f4:18:2a:26:c0:3b:82:14:e8:08:
e6:98:26:76:6e:9c:6f:c2:14:16:a0:3a:89:79:cb:c3:1f:30:
bf:fd:72:ca:23:88:6e:a6:22:48:af:db:ce:2b:61:bc:47:86:
e8:09:e6:43:6c:15:1f:96:bc:c6:ea:29:40:8a:8b:10:34:95:
09:c5:7d:6e:bc:22:de:58:8d:57:35:2d:4c:57:32:f9:15:c4:
0e:fd:7e:e4
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzI3sJ8KrqsmJJXbJO3OV6bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3OTVhYWYwMzMwMDRjOTJkN2EyNmMyMzZjMTRkMzI1NTJk
NzhkOTQwHhcNMjQwMTAyMDYzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDRlOWYwOGFjMDgxNGFhZTY0MDQ5MjBhZTcwYjE5NGVlODEyZTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldX8TSwWyi67pUTrfc3V+jrqfbPd
wNrZAt84DapNw+i144ymiiS3fCK4eekLnuDJpm1bbPMcaEAEuFCoY5XkK2oyGJdd
oTTCeO+SUHeFYt0MHHvfHxLDK4vFtZcsbC372vvqDyAmsPJXgo7jzHXHtdmMqBVb
LQQlmO5Lu9O4rx9hRnaNp1k8NaSOiTRUdFH8tJXlxfIs5t96v6zjtOS6x0oL54Yw
dAMFAwBw8TsR0vGji1YEPu+IKMXrMIXQyL589zVzNEVOO84UHr7TPQb8GhBEK2Yi
Rz5dBiR9n8b+iZvwHCKJoHaXl+Af0S5f9g7whme16tdRymfwQgQW7+GdzwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFJBOnwisCBSq5kBJIK5wsZTugS4wMB8GA1UdIwQY
MBaAFLeVqvAzAEyS16JsI2wU0yVS142UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDVXcThETUFUSkxYb213amJCVFRKVkxYalpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9jNzUyYjItMThmOS00MTkxLTg4Zjgt
YzA2NWYyNDJmMDIwLzEva0U2ZkNLd0lGS3JtUUVrZ3JuQ3hsTzZCTGpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9jNzUyYjItMThmOS00MTkxLTg4ZjgtYzA2NWYyNDJmMDIw
LzEvdDVXcThETUFUSkxYb213amJCVFRKVkxYalpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCW4T8AwQC
uS7kAwQCuZkIAwQAww0vAwQAww0zAwQAww4HMBQEAgACMA4DBQAqAYdgAwUAKgOs
YDANBgkqhkiG9w0BAQsFAAOCAQEALl2X1MNe+mjEHRGZZDgpn+LnY8KFs60L6QW6
+F1JdSonht/5hq06rAwaWyWqPsRCgLgxG7qr06K2yG2C7g1tfTWCF8UvpQ7xIfjC
EoqcJZqZSKxv81b6kYJtQKm2LUwZCr/stIUv3MILM/wNEwiOqkmb3JzaA4IhUDY6
WmaT6aK0SqbcrIiUa9yTzPM+aafCX7tznB8Hri3SV84X7BUCuGjTDW5V9oJPnHz0
GComwDuCFOgI5pgmdm6cb8IUFqA6iXnLwx8wv/1yyiOIbqYiSK/bzithvEeG6Anm
Q2wVH5a8xuopQIqLEDSVCcV9brwi3liNVzUtTFcy+RXEDv1+5A==
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:51:19 2024 by rpki-client on console-fra.rpki-client.org