Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3f6178-5fd3-403f-8fec-1a89ff11965e/1/Dyo6jL-lYaEwhfYy6ambhHT_SXE.roa
File: Dyo6jL-lYaEwhfYy6ambhHT_SXE.roa (raw, json)
Hash identifier: av6YJQzepaOMEpX43TwN8tQZ2e0AmsFq3U4hrJndvgA=
Subject key identifier: 0F:2A:3A:8C:BF:A5:61:A1:30:85:F6:32:E9:A9:9B:84:74:FF:49:71
Certificate issuer: /CN=51ad6791b8dbe9c352bd64a9322172b41c4b2171
Certificate serial: 018D1C5D477BACAB33E799F11015400B42CE
Authority key identifier: 51:AD:67:91:B8:DB:E9:C3:52:BD:64:A9:32:21:72:B4:1C:4B:21:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ua1nkbjb6cNSvWSpMiFytBxLIXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3f6178-5fd3-403f-8fec-1a89ff11965e/1/Dyo6jL-lYaEwhfYy6ambhHT_SXE.roa
Signing time: Thu 18 Jan 2024 11:38:11 +0000
ROA not before: Thu 18 Jan 2024 11:38:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47790
IP address blocks: 91.206.210.0/24 maxlen: 24
91.206.211.0/24 maxlen: 24
91.226.196.0/24 maxlen: 24
91.226.197.0/24 maxlen: 24
91.230.8.0/24 maxlen: 24
91.230.9.0/24 maxlen: 24
185.142.160.0/22 maxlen: 24
185.152.120.0/24 maxlen: 24
185.152.121.0/24 maxlen: 24
185.152.122.0/24 maxlen: 24
185.152.123.0/24 maxlen: 24
2a14:7a80::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3f6178-5fd3-403f-8fec-1a89ff11965e/1/Ua1nkbjb6cNSvWSpMiFytBxLIXE.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3f6178-5fd3-403f-8fec-1a89ff11965e/1/Ua1nkbjb6cNSvWSpMiFytBxLIXE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ua1nkbjb6cNSvWSpMiFytBxLIXE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 20:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:5d:47:7b:ac:ab:33:e7:99:f1:10:15:40:0b:42:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51ad6791b8dbe9c352bd64a9322172b41c4b2171
Validity
Not Before: Jan 18 11:38:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f2a3a8cbfa561a13085f632e9a99b8474ff4971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e9:2b:e2:ed:75:73:92:9b:a8:40:4c:49:c6:
ce:07:e9:f3:14:3f:b4:51:d4:f1:98:9c:fb:3b:e3:
5d:7c:fd:a7:dc:df:ba:ef:10:f2:1f:0f:66:2e:c6:
cd:bd:e1:d8:fb:35:f3:2b:48:b7:dc:52:a0:d8:2b:
f4:dd:55:06:ee:1c:ba:50:19:58:37:25:6d:f5:7c:
ea:df:cc:13:1f:89:a2:9c:65:31:a5:a5:02:69:e7:
8d:58:64:5e:1d:26:59:1b:ec:93:e6:99:30:e7:59:
62:f1:30:67:6e:96:2b:59:b1:f0:4a:6b:82:0e:97:
48:df:ab:4a:64:0e:57:31:04:06:29:67:01:92:6b:
ee:f2:71:95:ba:76:8f:60:7d:26:9c:79:0e:bc:d2:
9e:e5:93:13:ca:e4:b5:b9:64:4a:68:bb:bc:d0:91:
98:0d:8c:75:b8:ce:d7:91:73:1c:4b:db:c3:15:20:
5a:10:e4:ae:68:8f:ba:b4:18:54:46:e9:74:0b:ce:
f8:20:84:f2:b0:b7:59:c6:fd:00:e5:08:70:ba:a7:
7d:5d:95:03:a6:7e:c7:62:a7:cc:cc:2e:15:53:9d:
4d:13:c7:2c:c2:ae:af:f4:e0:7b:0f:63:90:fc:ac:
3f:73:6e:6a:0f:ff:7f:91:50:9e:6f:32:6d:61:8a:
83:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:2A:3A:8C:BF:A5:61:A1:30:85:F6:32:E9:A9:9B:84:74:FF:49:71
X509v3 Authority Key Identifier:
keyid:51:AD:67:91:B8:DB:E9:C3:52:BD:64:A9:32:21:72:B4:1C:4B:21:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ua1nkbjb6cNSvWSpMiFytBxLIXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3f6178-5fd3-403f-8fec-1a89ff11965e/1/Dyo6jL-lYaEwhfYy6ambhHT_SXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3f6178-5fd3-403f-8fec-1a89ff11965e/1/Ua1nkbjb6cNSvWSpMiFytBxLIXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.210.0/23
91.226.196.0/23
91.230.8.0/23
185.142.160.0/22
185.152.120.0/22
IPv6:
2a14:7a80::/29
Signature Algorithm: sha256WithRSAEncryption
94:f6:af:5f:c4:06:31:76:3e:86:18:df:47:36:7b:da:8d:2a:
8d:f6:18:93:2c:69:ff:16:da:6c:86:48:20:a5:77:18:94:63:
3f:86:3a:5f:2e:f9:e8:09:36:17:3f:77:fa:1f:f9:13:d6:a2:
6b:76:8c:81:9c:9e:78:8e:e9:6c:fc:70:d0:7b:a8:df:5d:c9:
e5:5b:fa:f3:bb:b9:07:09:c7:90:60:2a:24:73:6a:04:6a:6c:
3c:ef:dd:1c:97:fb:bd:51:3f:f6:89:e4:3b:70:2c:9c:b1:98:
f5:b5:e3:d5:dc:31:32:e4:65:76:f5:4c:52:4a:a7:17:af:0c:
13:98:72:e4:1e:c6:58:d3:15:af:b9:df:90:cf:50:80:7e:2a:
ab:b3:93:64:88:36:a5:a7:19:b8:37:11:0c:ba:3b:1c:20:00:
64:70:ea:98:89:99:0c:be:f9:b0:93:52:55:06:0f:25:65:5a:
83:10:48:38:9b:56:b8:21:16:b7:e3:86:a9:48:22:61:32:ec:
b9:76:d4:9a:46:c3:67:5c:7b:fe:c5:b2:27:aa:66:c8:e7:52:
8d:74:e4:6b:68:3c:4c:03:e9:94:1e:cf:8c:5a:10:89:9e:f9:
aa:e2:83:96:49:94:1f:56:ce:32:a1:80:b2:c8:b7:e9:f8:53:
2a:fb:e1:52
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY0cXUd7rKsz55nxEBVAC0LOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYWQ2NzkxYjhkYmU5YzM1MmJkNjRhOTMyMjE3MmI0MWM0
YjIxNzEwHhcNMjQwMTE4MTEzODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjJhM2E4Y2JmYTU2MWExMzA4NWY2MzJlOWE5OWI4NDc0ZmY0OTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+kr4u11c5KbqEBMScbOB+nzFD+0
UdTxmJz7O+NdfP2n3N+67xDyHw9mLsbNveHY+zXzK0i33FKg2Cv03VUG7hy6UBlY
NyVt9Xzq38wTH4minGUxpaUCaeeNWGReHSZZG+yT5pkw51li8TBnbpYrWbHwSmuC
DpdI36tKZA5XMQQGKWcBkmvu8nGVunaPYH0mnHkOvNKe5ZMTyuS1uWRKaLu80JGY
DYx1uM7XkXMcS9vDFSBaEOSuaI+6tBhURul0C874IITysLdZxv0A5Qhwuqd9XZUD
pn7HYqfMzC4VU51NE8cswq6v9OB7D2OQ/Kw/c25qD/9/kVCebzJtYYqDZwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFA8qOoy/pWGhMIX2Mumpm4R0/0lxMB8GA1UdIwQY
MBaAFFGtZ5G42+nDUr1kqTIhcrQcSyFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWExbmtiamI2Y05TdldTcE1pRnl0QnhMSVhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zZjYxNzgtNWZkMy00MDNmLThmZWMt
MWE4OWZmMTE5NjVlLzEvRHlvNmpMLWxZYUV3aGZZeTZhbWJoSFRfU1hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zZjYxNzgtNWZkMy00MDNmLThmZWMtMWE4OWZmMTE5NjVl
LzEvVWExbmtiamI2Y05TdldTcE1pRnl0QnhMSVhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBW87SAwQB
W+LEAwQBW+YIAwQCuY6gAwQCuZh4MA0EAgACMAcDBQMqFHqAMA0GCSqGSIb3DQEB
CwUAA4IBAQCU9q9fxAYxdj6GGN9HNnvajSqN9hiTLGn/FtpshkggpXcYlGM/hjpf
LvnoCTYXP3f6H/kT1qJrdoyBnJ54juls/HDQe6jfXcnlW/rzu7kHCceQYCokc2oE
amw8790cl/u9UT/2ieQ7cCycsZj1tePV3DEy5GV29UxSSqcXrwwTmHLkHsZY0xWv
ud+Qz1CAfiqrs5NkiDalpxm4NxEMujscIABkcOqYiZkMvvmwk1JVBg8lZVqDEEg4
m1a4IRa344apSCJhMuy5dtSaRsNnXHv+xbInqmbI51KNdORraDxMA+mUHs+MWhCJ
nvmq4oOWSZQfVs4yoYCyyLfp+FMq++FS
-----END CERTIFICATE-----
Generated at Sat Jun 8 02:54:55 2024 by rpki-client on console-fra.rpki-client.org