Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/8cHcyPFFC1bdrwa60Peqmyf8Go4.roa
File: 8cHcyPFFC1bdrwa60Peqmyf8Go4.roa (raw, json)
Hash identifier: fnJ/j6HykmJJlfKj1x//gEbILNMJiBlBqadi8rZe1aE=
Subject key identifier: F1:C1:DC:C8:F1:45:0B:56:DD:AF:06:BA:D0:F7:AA:9B:27:FC:1A:8E
Certificate issuer: /CN=6161470d39be4ba2dd5df8fa47b16396278e670a
Certificate serial: 019246FFE6B080D20E003663D96EF30D1476
Authority key identifier: 61:61:47:0D:39:BE:4B:A2:DD:5D:F8:FA:47:B1:63:96:27:8E:67:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/8cHcyPFFC1bdrwa60Peqmyf8Go4.roa
Signing time: Tue 01 Oct 2024 07:33:48 +0000
ROA not before: Tue 01 Oct 2024 07:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199524
IP address blocks: 91.188.250.0/24 maxlen: 24
91.188.251.0/24 maxlen: 24
91.202.245.0/24 maxlen: 24
91.202.246.0/23 maxlen: 23
185.109.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/YWFHDTm-S6LdXfj6R7FjlieOZwo.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/YWFHDTm-S6LdXfj6R7FjlieOZwo.mft
rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:46:ff:e6:b0:80:d2:0e:00:36:63:d9:6e:f3:0d:14:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6161470d39be4ba2dd5df8fa47b16396278e670a
Validity
Not Before: Oct 1 07:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1c1dcc8f1450b56ddaf06bad0f7aa9b27fc1a8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e9:39:3c:af:51:9b:7f:5f:22:e1:54:51:a4:
06:89:c4:02:cd:f6:8c:9b:b1:00:a6:f4:68:a1:0d:
5c:6b:47:a9:27:c4:0a:84:df:e0:a2:3c:61:56:ac:
c3:1f:df:f4:3c:5f:93:75:e7:d2:e9:de:3c:bb:a0:
4a:4a:95:69:72:73:4f:67:98:38:84:f7:bf:f9:9d:
87:bf:b8:89:f2:33:5c:f8:e9:51:46:81:ff:16:c3:
0e:97:60:65:55:f3:7a:4c:0e:86:99:24:c6:3b:1c:
f3:55:cf:17:0d:c7:2c:8e:94:11:0e:9d:1f:5a:09:
9d:e8:61:8c:91:a7:d6:cd:e0:a3:f4:81:2c:2e:16:
44:a0:b3:e3:5e:d2:14:48:31:45:1a:5b:b6:fc:51:
42:7e:4a:58:58:c4:54:71:41:3a:97:8f:2b:12:15:
92:b7:a9:4c:a5:3b:1b:95:37:b4:8d:6b:dc:dd:12:
fc:97:4d:6f:e6:a7:e9:b9:57:4c:7a:c6:25:09:ab:
0b:67:30:f7:64:57:56:cf:21:66:42:43:34:24:2e:
3a:07:5a:70:e9:81:fe:70:cb:91:e7:21:8f:0d:99:
d4:e0:ef:41:99:e2:12:74:76:70:ad:ca:ec:10:7c:
cf:74:4a:94:4a:1d:82:a8:0a:3d:93:fb:c3:85:0a:
e7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:C1:DC:C8:F1:45:0B:56:DD:AF:06:BA:D0:F7:AA:9B:27:FC:1A:8E
X509v3 Authority Key Identifier:
keyid:61:61:47:0D:39:BE:4B:A2:DD:5D:F8:FA:47:B1:63:96:27:8E:67:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/8cHcyPFFC1bdrwa60Peqmyf8Go4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/YWFHDTm-S6LdXfj6R7FjlieOZwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.250.0/23
91.202.245.0-91.202.247.255
185.109.31.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:f9:ab:70:71:42:76:da:e6:1a:a0:55:a6:66:31:8b:0d:e8:
6b:ce:6a:a4:b7:7c:12:72:21:c7:14:4f:8f:34:75:8f:46:12:
67:7d:81:2f:e4:7c:cb:9e:02:a3:9b:69:72:ba:96:e7:38:a3:
45:22:6b:7c:f5:24:db:58:00:a3:34:e7:53:dd:06:bb:b9:f4:
5f:6d:69:ba:27:08:b1:00:dc:b1:d9:f0:22:76:12:90:37:9e:
bf:b8:7a:a3:f0:71:34:23:f9:92:73:98:da:3b:25:ca:df:07:
f3:57:d9:16:0a:ff:81:87:4f:65:26:82:42:7b:ca:eb:d1:ed:
dd:64:df:7d:3a:0c:22:6e:60:01:b1:c9:eb:52:ad:f5:5b:d3:
3e:0c:aa:6d:71:1e:1f:05:0d:e4:e1:e1:4b:03:9c:3a:92:17:
28:01:96:f7:7d:7e:fc:a9:86:e7:f8:be:1f:0e:d7:39:84:17:
45:63:28:28:45:e5:3c:da:2d:8f:f5:42:3a:60:1b:2a:31:7a:
35:7c:80:dc:4d:0c:14:0d:90:c2:29:f9:28:4e:1b:07:95:6f:
91:8d:aa:4d:83:77:36:58:52:5f:36:3a:92:7c:fe:87:bb:c2:
5a:07:77:9a:93:1e:67:19:fa:5b:6d:82:26:74:76:01:8a:ff:
26:e8:4c:2a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZJG/+awgNIOADZj2W7zDRR2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNjE0NzBkMzliZTRiYTJkZDVkZjhmYTQ3YjE2Mzk2Mjc4
ZTY3MGEwHhcNMjQxMDAxMDczMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWMxZGNjOGYxNDUwYjU2ZGRhZjA2YmFkMGY3YWE5YjI3ZmMxYThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOk5PK9Rm39fIuFUUaQGicQCzfaM
m7EApvRooQ1ca0epJ8QKhN/gojxhVqzDH9/0PF+TdefS6d48u6BKSpVpcnNPZ5g4
hPe/+Z2Hv7iJ8jNc+OlRRoH/FsMOl2BlVfN6TA6GmSTGOxzzVc8XDccsjpQRDp0f
Wgmd6GGMkafWzeCj9IEsLhZEoLPjXtIUSDFFGlu2/FFCfkpYWMRUcUE6l48rEhWS
t6lMpTsblTe0jWvc3RL8l01v5qfpuVdMesYlCasLZzD3ZFdWzyFmQkM0JC46B1pw
6YH+cMuR5yGPDZnU4O9BmeISdHZwrcrsEHzPdEqUSh2CqAo9k/vDhQrnowIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPHB3MjxRQtW3a8GutD3qpsn/BqOMB8GA1UdIwQY
MBaAFGFhRw05vkui3V34+kexY5YnjmcKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVdGSERUbS1TNkxkWGZqNlI3RmpsaWVPWndvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9lNTE4NTYtZTUyZS00YjI0LThjOTkt
YzI0MGJmYzljYmMxLzEvOGNIY3lQRkZDMWJkcndhNjBQZXFteWY4R280LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9lNTE4NTYtZTUyZS00YjI0LThjOTktYzI0MGJmYzljYmMx
LzEvWVdGSERUbS1TNkxkWGZqNlI3RmpsaWVPWndvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBW7z6MAwD
BABbyvUDBANbyvADBAC5bR8wDQYJKoZIhvcNAQELBQADggEBAG35q3BxQnba5hqg
VaZmMYsN6GvOaqS3fBJyIccUT480dY9GEmd9gS/kfMueAqObaXK6luc4o0Uia3z1
JNtYAKM051PdBru59F9tabonCLEA3LHZ8CJ2EpA3nr+4eqPwcTQj+ZJzmNo7Jcrf
B/NX2RYK/4GHT2UmgkJ7yuvR7d1k3306DCJuYAGxyetSrfVb0z4Mqm1xHh8FDeTh
4UsDnDqSFygBlvd9fvyphuf4vh8O1zmEF0VjKChF5TzaLY/1QjpgGyoxejV8gNxN
DBQNkMIp+ShOGweVb5GNqk2DdzZYUl82OpJ8/oe7wloHd5qTHmcZ+lttgiZ0dgGK
/yboTCo=
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:30:16 2024 by rpki-client on console-fra.rpki-client.org