Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/bb0fc3-d5f9-4bf5-9683-9edf0d17fb91/1/9skPVZV79hHIEUCzJ5MtPvk-gGI.roa
File: 9skPVZV79hHIEUCzJ5MtPvk-gGI.roa (raw, json)
Hash identifier: btSUc5LBRa4qZ0arfT7mBOlgvm0szv+i27KAfZUEDog=
Subject key identifier: F6:C9:0F:55:95:7B:F6:11:C8:11:40:B3:27:93:2D:3E:F9:3E:80:62
Certificate issuer: /CN=962ae3463938b26f83b76f0c4df81dfabb15a4eb
Certificate serial: 018E0A8B3D689A63FC398B32A610AB3B65DB
Authority key identifier: 96:2A:E3:46:39:38:B2:6F:83:B7:6F:0C:4D:F8:1D:FA:BB:15:A4:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lirjRjk4sm-Dt28MTfgd-rsVpOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/bb0fc3-d5f9-4bf5-9683-9edf0d17fb91/1/9skPVZV79hHIEUCzJ5MtPvk-gGI.roa
Signing time: Mon 04 Mar 2024 17:38:01 +0000
ROA not before: Mon 04 Mar 2024 17:38:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40975
IP address blocks: 86.104.254.0/23 maxlen: 23
86.107.192.0/24 maxlen: 24
89.35.6.0/23 maxlen: 23
185.84.64.0/23 maxlen: 23
185.84.66.0/24 maxlen: 24
217.19.14.0/23 maxlen: 23
2a03:6fe0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/bb0fc3-d5f9-4bf5-9683-9edf0d17fb91/1/lirjRjk4sm-Dt28MTfgd-rsVpOs.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/bb0fc3-d5f9-4bf5-9683-9edf0d17fb91/1/lirjRjk4sm-Dt28MTfgd-rsVpOs.mft
rsync://rpki.ripe.net/repository/DEFAULT/lirjRjk4sm-Dt28MTfgd-rsVpOs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0a:8b:3d:68:9a:63:fc:39:8b:32:a6:10:ab:3b:65:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=962ae3463938b26f83b76f0c4df81dfabb15a4eb
Validity
Not Before: Mar 4 17:38:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6c90f55957bf611c81140b327932d3ef93e8062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:51:6e:ed:76:e7:1a:f7:aa:ba:4a:0d:de:75:
70:e8:c0:48:6b:63:67:a3:c4:13:32:88:c4:a3:ac:
34:55:80:22:3d:1c:8c:f6:99:bc:75:f0:65:5c:5d:
b4:d5:b1:df:91:d2:f8:bc:d3:a2:b0:6d:fd:a4:7c:
94:41:b5:7c:25:9f:27:53:c5:fa:45:e8:ed:f2:2b:
58:04:d0:9b:c7:ec:17:b3:91:a6:5d:0a:d3:63:f7:
4d:28:ff:e2:fc:42:b5:e5:89:7c:aa:40:e9:ad:9f:
27:eb:23:a0:83:45:97:00:4c:1d:e8:96:d1:3c:c6:
d6:c9:37:f0:fb:db:72:59:5f:01:df:1b:12:c0:35:
47:43:cc:30:77:3a:ba:1f:ad:d9:54:c4:da:db:74:
4f:85:00:d9:d1:cf:36:ab:39:01:81:95:48:2b:5f:
23:6c:1c:99:78:61:5f:4e:f2:8f:83:bf:27:66:18:
52:d0:51:78:9a:d3:e2:b2:c3:7f:0b:d6:ff:21:fa:
50:83:09:38:3e:9d:97:4a:b7:4c:c1:b8:ab:ad:4b:
0c:87:5e:c2:f8:09:7f:c2:83:f1:c6:ca:26:73:67:
f7:aa:1b:d4:b5:e8:61:7f:70:e9:50:ad:1b:50:46:
30:64:8f:0d:de:c0:d3:6f:66:d9:82:98:2c:fc:c5:
34:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:C9:0F:55:95:7B:F6:11:C8:11:40:B3:27:93:2D:3E:F9:3E:80:62
X509v3 Authority Key Identifier:
keyid:96:2A:E3:46:39:38:B2:6F:83:B7:6F:0C:4D:F8:1D:FA:BB:15:A4:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lirjRjk4sm-Dt28MTfgd-rsVpOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/bb0fc3-d5f9-4bf5-9683-9edf0d17fb91/1/9skPVZV79hHIEUCzJ5MtPvk-gGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/bb0fc3-d5f9-4bf5-9683-9edf0d17fb91/1/lirjRjk4sm-Dt28MTfgd-rsVpOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.254.0/23
86.107.192.0/24
89.35.6.0/23
185.84.64.0-185.84.66.255
217.19.14.0/23
IPv6:
2a03:6fe0::/48
Signature Algorithm: sha256WithRSAEncryption
a6:dc:74:b5:b3:7d:82:72:be:63:a4:bd:17:76:77:31:8a:9a:
80:d4:cc:87:a3:ad:13:63:93:d2:10:78:22:e3:86:3e:51:66:
32:9a:21:6b:70:01:50:7a:eb:d6:9e:18:d9:34:8b:d6:81:63:
3b:58:ad:48:17:61:e0:6e:fd:b1:68:c9:a3:a8:a5:9d:43:9d:
55:19:49:95:a2:3d:01:a8:b5:ae:35:09:dd:35:3b:f4:de:1f:
c4:9b:94:86:27:e6:1c:44:fc:c9:38:04:72:9b:54:80:a5:13:
f2:3b:36:c2:37:25:d1:93:8d:ef:66:cd:cc:e9:9a:f3:21:69:
3d:47:d3:1c:b6:cf:1a:08:90:00:85:44:07:d0:5e:d2:fc:fc:
68:13:39:cc:b2:ef:9b:f2:d1:b7:4c:b9:29:86:f4:e1:d1:f3:
09:69:89:a0:81:63:37:04:08:2e:df:a7:c8:ce:da:6d:a7:a1:
2e:7d:12:50:1a:89:bb:8b:39:e1:56:d9:db:4d:6e:9c:cc:a2:
c5:61:42:34:94:6f:25:50:66:17:ef:e4:42:8c:bb:3b:2f:79:
2f:00:e6:92:27:38:a8:db:c4:de:26:fa:d0:0e:a9:ee:1f:a7:
63:39:e5:ed:6c:6c:06:99:45:a2:c9:f9:d2:c5:81:9d:dd:4a:
7e:bc:47:5d
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAY4Kiz1ommP8OYsyphCrO2XbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MmFlMzQ2MzkzOGIyNmY4M2I3NmYwYzRkZjgxZGZhYmIx
NWE0ZWIwHhcNMjQwMzA0MTczODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmM5MGY1NTk1N2JmNjExYzgxMTQwYjMyNzkzMmQzZWY5M2U4MDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1Fu7XbnGvequkoN3nVw6MBIa2Nn
o8QTMojEo6w0VYAiPRyM9pm8dfBlXF201bHfkdL4vNOisG39pHyUQbV8JZ8nU8X6
Rejt8itYBNCbx+wXs5GmXQrTY/dNKP/i/EK15Yl8qkDprZ8n6yOgg0WXAEwd6JbR
PMbWyTfw+9tyWV8B3xsSwDVHQ8wwdzq6H63ZVMTa23RPhQDZ0c82qzkBgZVIK18j
bByZeGFfTvKPg78nZhhS0FF4mtPissN/C9b/IfpQgwk4Pp2XSrdMwbirrUsMh17C
+Al/woPxxsomc2f3qhvUtehhf3DpUK0bUEYwZI8N3sDTb2bZgpgs/MU0XQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFPbJD1WVe/YRyBFAsyeTLT75PoBiMB8GA1UdIwQY
MBaAFJYq40Y5OLJvg7dvDE34Hfq7FaTrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGlyalJqazRzbS1EdDI4TVRmZ2QtcnNWcE9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iYjBmYzMtZDVmOS00YmY1LTk2ODMt
OWVkZjBkMTdmYjkxLzEvOXNrUFZaVjc5aEhJRVVDeko1TXRQdmstZ0dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iYjBmYzMtZDVmOS00YmY1LTk2ODMtOWVkZjBkMTdmYjkx
LzEvbGlyalJqazRzbS1EdDI4TVRmZ2QtcnNWcE9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAsBAIAATAmAwQBVmj+AwQA
VmvAAwQBWSMGMAwDBAa5VEADBAC5VEIDBAHZEw4wDwQCAAIwCQMHACoDb+AAADAN
BgkqhkiG9w0BAQsFAAOCAQEAptx0tbN9gnK+Y6S9F3Z3MYqagNTMh6OtE2OT0hB4
IuOGPlFmMpoha3ABUHrr1p4Y2TSL1oFjO1itSBdh4G79sWjJo6ilnUOdVRlJlaI9
Aai1rjUJ3TU79N4fxJuUhifmHET8yTgEcptUgKUT8js2wjcl0ZON72bNzOma8yFp
PUfTHLbPGgiQAIVEB9Be0vz8aBM5zLLvm/LRt0y5KYb04dHzCWmJoIFjNwQILt+n
yM7abaehLn0SUBqJu4s54VbZ201unMyixWFCNJRvJVBmF+/kQoy7Oy95LwDmkic4
qNvE3ib60A6p7h+nYznl7WxsBplFosn50sWBnd1KfrxHXQ==
-----END CERTIFICATE-----
Generated at Mon May 20 17:28:11 2024 by rpki-client on console-fra.rpki-client.org