Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/raykU5PfpLfafqMetKDFZvWIX9Y.roa
File: raykU5PfpLfafqMetKDFZvWIX9Y.roa (raw, json)
Hash identifier: HyMaAHJBN7TXjMfCjr27TK59FofhTvHoDWLMhEoF2Wg=
Subject key identifier: AD:AC:A4:53:93:DF:A4:B7:DA:7E:A3:1E:B4:A0:C5:66:F5:88:5F:D6
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 018CC4245684EAF43121A147E942D7D3BA8F
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/raykU5PfpLfafqMetKDFZvWIX9Y.roa
Signing time: Mon 01 Jan 2024 08:29:24 +0000
ROA not before: Mon 01 Jan 2024 08:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57246
IP address blocks: 91.108.41.0/24 maxlen: 24
95.140.84.0/24 maxlen: 24
95.140.84.0/22 maxlen: 22
95.140.85.0/24 maxlen: 24
95.140.87.0/24 maxlen: 24
95.140.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:56:84:ea:f4:31:21:a1:47:e9:42:d7:d3:ba:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Jan 1 08:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=adaca45393dfa4b7da7ea31eb4a0c566f5885fd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:89:c7:20:bb:1d:7b:c2:c8:db:a1:1a:79:8f:
4c:ad:76:0d:14:32:e8:58:5e:70:ce:57:0d:40:fb:
93:d6:bb:de:be:70:ac:84:14:87:4b:4a:e0:67:cb:
7e:b8:35:61:e7:4a:81:a1:64:c3:03:f5:af:0d:38:
79:f7:72:c8:ad:90:08:2e:85:9d:02:0d:78:d1:b9:
f2:df:bb:3d:3d:e5:c0:2a:12:13:d6:2e:2e:56:9b:
42:64:8c:3d:43:05:3d:9a:a2:cc:2f:0a:5c:07:b6:
c4:f5:1d:6e:0c:b8:47:2d:59:0c:7c:bc:9d:71:88:
63:a1:1d:b5:fa:68:66:5c:b3:f7:cb:c7:3d:9c:f4:
e8:a8:e4:d1:60:f0:48:2e:81:7a:e2:b4:bf:74:ba:
15:19:b7:bc:ea:db:9d:ff:eb:d7:12:63:0f:c8:ce:
33:42:50:85:3d:9f:66:6a:fd:16:72:8e:0b:3a:2d:
e3:c6:39:6c:aa:42:75:c0:df:9f:4e:15:f6:1a:c9:
f5:f6:6d:39:15:d7:d0:52:82:8c:dc:a4:89:3b:a0:
3a:90:76:8c:20:bd:42:7e:33:45:2f:3a:94:8d:34:
fa:61:63:b6:ab:26:ef:17:54:7e:a6:bd:20:c9:7a:
7a:98:d9:20:81:0b:24:9a:a8:a0:b5:f0:9e:35:1c:
58:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:AC:A4:53:93:DF:A4:B7:DA:7E:A3:1E:B4:A0:C5:66:F5:88:5F:D6
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/raykU5PfpLfafqMetKDFZvWIX9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.41.0/24
95.140.84.0/22
Signature Algorithm: sha256WithRSAEncryption
c2:1c:6c:ed:62:07:7b:68:0f:5e:26:e5:e1:cf:b5:9e:cd:19:
15:08:ec:f8:68:72:74:a1:ae:10:55:7f:88:45:fc:70:d9:3a:
08:be:21:64:7c:f8:44:d2:bf:04:73:10:16:8c:8f:e0:0c:1a:
d8:30:bf:2e:71:2d:7c:7f:9d:7a:4d:d8:22:2c:24:f4:69:c4:
20:7c:58:dd:ac:b3:02:d3:a3:74:6e:70:4c:e2:16:bf:53:19:
88:a9:34:22:8d:7f:13:47:fe:0a:6e:78:2c:94:31:60:cc:86:
b9:23:0d:c4:29:28:c8:86:f0:86:16:aa:9a:b2:29:bb:34:8f:
f3:8c:af:7d:1a:2b:ba:88:76:54:69:43:ae:27:24:e9:95:7d:
47:50:93:3d:d1:64:cb:df:fd:a9:1d:77:04:94:25:cc:e2:f2:
38:8a:4f:5b:eb:b0:88:c1:64:80:d2:40:2b:44:02:b1:54:b5:
ed:a1:e2:6b:9e:b8:9a:3f:4d:2a:2b:2d:83:d9:cd:0c:3f:69:
4f:88:23:98:0f:48:96:36:94:19:f7:0b:c0:29:99:d6:99:f8:
e1:c0:a8:11:31:90:73:25:11:6f:a7:eb:04:92:79:99:a2:e1:
0c:3c:16:55:1f:08:2b:a2:07:ed:86:8c:c1:bb:00:d2:79:3a:
ec:79:ca:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJFaE6vQxIaFH6ULX07qPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjQwMTAxMDgyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGFjYTQ1MzkzZGZhNGI3ZGE3ZWEzMWViNGEwYzU2NmY1ODg1ZmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlInHILsde8LI26EaeY9MrXYNFDLo
WF5wzlcNQPuT1rvevnCshBSHS0rgZ8t+uDVh50qBoWTDA/WvDTh593LIrZAILoWd
Ag140bny37s9PeXAKhIT1i4uVptCZIw9QwU9mqLMLwpcB7bE9R1uDLhHLVkMfLyd
cYhjoR21+mhmXLP3y8c9nPToqOTRYPBILoF64rS/dLoVGbe86tud/+vXEmMPyM4z
QlCFPZ9mav0Wco4LOi3jxjlsqkJ1wN+fThX2Gsn19m05FdfQUoKM3KSJO6A6kHaM
IL1CfjNFLzqUjTT6YWO2qybvF1R+pr0gyXp6mNkggQskmqigtfCeNRxYHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK2spFOT36S32n6jHrSgxWb1iF/WMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvcmF5a1U1UGZwTGZhZnFNZXRLREZadldJWDlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW2wpAwQC
X4xUMA0GCSqGSIb3DQEBCwUAA4IBAQDCHGztYgd7aA9eJuXhz7WezRkVCOz4aHJ0
oa4QVX+IRfxw2ToIviFkfPhE0r8EcxAWjI/gDBrYML8ucS18f516TdgiLCT0acQg
fFjdrLMC06N0bnBM4ha/UxmIqTQijX8TR/4KbngslDFgzIa5Iw3EKSjIhvCGFqqa
sim7NI/zjK99Giu6iHZUaUOuJyTplX1HUJM90WTL3/2pHXcElCXM4vI4ik9b67CI
wWSA0kArRAKxVLXtoeJrnriaP00qKy2D2c0MP2lPiCOYD0iWNpQZ9wvAKZnWmfjh
wKgRMZBzJRFvp+sEknmZouEMPBZVHwgrogfthozBuwDSeTrsecrQ
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:13:28 2024 by rpki-client on console-fra.rpki-client.org