Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d7a3ba-07e5-41d6-8c39-56a55c42de88/1/s2nzfnzgQuoLkcnSSIJdInXY4z0.roa
File: s2nzfnzgQuoLkcnSSIJdInXY4z0.roa (raw, json)
Hash identifier: 3eorkR4sDB/dWHtKanLlpwM74DGGs4x0T+rtg5eQb9Y=
Subject key identifier: B3:69:F3:7E:7C:E0:42:EA:0B:91:C9:D2:48:82:5D:22:75:D8:E3:3D
Certificate issuer: /CN=fabb49e688335ab1593f9d10e006ef5e9bc8bd56
Certificate serial: 018CC8DEE542D6F7FD92BFC19A3BD4FA3495
Authority key identifier: FA:BB:49:E6:88:33:5A:B1:59:3F:9D:10:E0:06:EF:5E:9B:C8:BD:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-rtJ5ogzWrFZP50Q4AbvXpvIvVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d7a3ba-07e5-41d6-8c39-56a55c42de88/1/s2nzfnzgQuoLkcnSSIJdInXY4z0.roa
Signing time: Tue 02 Jan 2024 06:31:40 +0000
ROA not before: Tue 02 Jan 2024 06:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57494
IP address blocks: 91.199.149.0/24 maxlen: 24
185.175.157.0/24 maxlen: 24
185.133.43.0/24 maxlen: 24
185.177.217.0/24 maxlen: 24
185.135.80.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/d7a3ba-07e5-41d6-8c39-56a55c42de88/1/1-rtJ5ogzWrFZP50Q4AbvXpvIvVY.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/d7a3ba-07e5-41d6-8c39-56a55c42de88/1/1-rtJ5ogzWrFZP50Q4AbvXpvIvVY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-rtJ5ogzWrFZP50Q4AbvXpvIvVY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 06:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:e5:42:d6:f7:fd:92:bf:c1:9a:3b:d4:fa:34:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fabb49e688335ab1593f9d10e006ef5e9bc8bd56
Validity
Not Before: Jan 2 06:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b369f37e7ce042ea0b91c9d248825d2275d8e33d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:63:92:4c:07:e5:5d:c2:19:df:c7:7b:92:a3:
29:26:f4:53:b9:8e:15:3d:3e:29:75:a9:01:7e:b3:
16:fa:9d:ae:ad:21:c1:b4:3a:e7:7b:38:84:e4:af:
e4:c5:a8:ec:85:f0:95:ec:3f:30:62:f4:85:f8:41:
c1:cd:a8:51:d1:01:06:f0:65:8d:cf:52:79:06:ac:
53:6e:55:b0:d3:d8:6b:93:b6:1d:b3:c8:0f:ed:9c:
1d:d1:8b:65:0b:36:e4:f3:54:26:dc:f4:ac:f0:44:
a9:f9:eb:43:58:3b:05:83:7e:fd:a7:e9:d1:b4:db:
75:a1:1b:e7:e6:1b:f3:79:0f:b6:00:f8:b2:1c:53:
13:61:a4:cf:61:63:a8:e4:68:6c:88:13:e9:6e:60:
c1:aa:25:59:6b:84:17:f0:87:6a:cb:68:41:2a:18:
6d:6f:6a:e6:2d:a9:1f:f2:07:b6:17:db:60:b5:6b:
80:07:31:8b:7b:05:3a:0a:c7:13:65:9e:60:be:44:
3a:ff:15:cb:3e:93:d9:d6:16:b6:99:12:6d:b4:98:
e9:90:fe:b9:ef:f1:40:fa:e9:57:0e:cc:ac:eb:01:
58:bf:a7:35:a8:a7:3e:25:75:ca:22:bb:7f:5b:79:
1a:58:05:cf:30:c6:63:9e:3e:b7:d7:c0:69:f2:f2:
74:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:69:F3:7E:7C:E0:42:EA:0B:91:C9:D2:48:82:5D:22:75:D8:E3:3D
X509v3 Authority Key Identifier:
keyid:FA:BB:49:E6:88:33:5A:B1:59:3F:9D:10:E0:06:EF:5E:9B:C8:BD:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-rtJ5ogzWrFZP50Q4AbvXpvIvVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d7a3ba-07e5-41d6-8c39-56a55c42de88/1/s2nzfnzgQuoLkcnSSIJdInXY4z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d7a3ba-07e5-41d6-8c39-56a55c42de88/1/1-rtJ5ogzWrFZP50Q4AbvXpvIvVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.149.0/24
185.133.43.0/24
185.135.80.0/22
185.175.157.0/24
185.177.217.0/24
Signature Algorithm: sha256WithRSAEncryption
63:60:ef:df:8d:fe:c4:ec:a5:e8:40:31:f7:88:39:8b:19:5b:
6b:32:f1:55:64:0e:5e:68:bb:b7:05:ac:c3:af:7c:b2:61:a8:
54:f5:bf:6a:91:1f:63:64:16:d3:2c:99:40:c6:e1:34:6c:97:
75:4e:c2:31:a5:4b:b8:88:42:26:4a:81:3a:85:fb:98:ac:11:
02:34:38:f0:be:bd:a5:29:4e:ae:4d:19:62:2f:51:dd:bf:1c:
54:7d:a3:e8:e2:18:68:d9:26:93:25:ad:2f:2c:49:94:b1:fd:
f2:63:37:38:8f:09:5c:d0:7c:8d:d5:30:c7:c7:74:11:cd:83:
a1:6e:b1:27:8e:04:3d:d1:09:ac:78:7b:f5:20:b7:f6:e1:0b:
3a:17:a0:41:9e:28:24:ba:05:d6:44:a7:9a:87:8d:d5:c1:6e:
bc:aa:69:e6:49:60:02:d7:bc:e4:0c:b1:63:d1:25:be:49:48:
d7:5c:65:32:85:41:99:9e:f5:ba:86:68:d7:fe:12:56:77:9f:
e7:1b:7d:91:0d:33:12:e8:54:b9:37:76:e8:f2:77:c2:d2:75:
14:c5:d3:d2:74:74:af:51:00:be:f8:05:00:01:19:77:12:b6:
94:59:80:fe:1e:8e:8b:bb:ce:7e:4a:96:bf:07:7f:9f:bf:8f:
ff:30:7f:58
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzI3uVC1vf9kr/BmjvU+jSVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhYmI0OWU2ODgzMzVhYjE1OTNmOWQxMGUwMDZlZjVlOWJj
OGJkNTYwHhcNMjQwMTAyMDYzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzY5ZjM3ZTdjZTA0MmVhMGI5MWM5ZDI0ODgyNWQyMjc1ZDhlMzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWOSTAflXcIZ38d7kqMpJvRTuY4V
PT4pdakBfrMW+p2urSHBtDrneziE5K/kxajshfCV7D8wYvSF+EHBzahR0QEG8GWN
z1J5BqxTblWw09hrk7Yds8gP7Zwd0YtlCzbk81Qm3PSs8ESp+etDWDsFg379p+nR
tNt1oRvn5hvzeQ+2APiyHFMTYaTPYWOo5GhsiBPpbmDBqiVZa4QX8Idqy2hBKhht
b2rmLakf8ge2F9tgtWuABzGLewU6CscTZZ5gvkQ6/xXLPpPZ1ha2mRJttJjpkP65
7/FA+ulXDsys6wFYv6c1qKc+JXXKIrt/W3kaWAXPMMZjnj6318Bp8vJ0fwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLNp83584ELqC5HJ0kiCXSJ12OM9MB8GA1UdIwQY
MBaAFPq7SeaIM1qxWT+dEOAG716byL1WMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ydEo1b2d6V3JGWlA1MFE0QWJ2WHB2SXZWWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYvZDdhM2JhLTA3ZTUtNDFkNi04YzM5
LTU2YTU1YzQyZGU4OC8xL3MybnpmbnpnUXVvTGtjblNTSUpkSW5YWTR6MC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGYvZDdhM2JhLTA3ZTUtNDFkNi04YzM5LTU2YTU1YzQyZGU4
OC8xLzEtcnRKNW9neldyRlpQNTBRNEFidlhwdkl2VlkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBABbx5UD
BAC5hSsDBAK5h1ADBAC5r50DBAC5sdkwDQYJKoZIhvcNAQELBQADggEBAGNg79+N
/sTspehAMfeIOYsZW2sy8VVkDl5ou7cFrMOvfLJhqFT1v2qRH2NkFtMsmUDG4TRs
l3VOwjGlS7iIQiZKgTqF+5isEQI0OPC+vaUpTq5NGWIvUd2/HFR9o+jiGGjZJpMl
rS8sSZSx/fJjNziPCVzQfI3VMMfHdBHNg6FusSeOBD3RCax4e/Ugt/bhCzoXoEGe
KCS6BdZEp5qHjdXBbryqaeZJYALXvOQMsWPRJb5JSNdcZTKFQZme9bqGaNf+ElZ3
n+cbfZENMxLoVLk3dujyd8LSdRTF09J0dK9RAL74BQABGXcStpRZgP4ejou7zn5K
lr8Hf5+/j/8wf1g=
-----END CERTIFICATE-----
Generated at Tue May 28 12:27:30 2024 by rpki-client on console-ams.rpki-client.org