Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/6703ca-ced4-4207-ab05-4a6f55771bd1/1/KWoBZDUND2eOV85UcHTSr20Yfb4.roa
File: KWoBZDUND2eOV85UcHTSr20Yfb4.roa (raw, json)
Hash identifier: w5aDhM9zhSNrwsJ7aoNcizT1zGlD9QFtoZj6rOKbUcc=
Subject key identifier: 29:6A:01:64:35:0D:0F:67:8E:57:CE:54:70:74:D2:AF:6D:18:7D:BE
Certificate issuer: /CN=bab453d97ba2f4a045843e6b4a953b3e5106eaf2
Certificate serial: 01917E828E9783A8DB7AFF5A7EABA25A0E5D
Authority key identifier: BA:B4:53:D9:7B:A2:F4:A0:45:84:3E:6B:4A:95:3B:3E:51:06:EA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/urRT2Xui9KBFhD5rSpU7PlEG6vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/6703ca-ced4-4207-ab05-4a6f55771bd1/1/KWoBZDUND2eOV85UcHTSr20Yfb4.roa
Signing time: Fri 23 Aug 2024 09:12:51 +0000
ROA not before: Fri 23 Aug 2024 09:12:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29385
IP address blocks: 94.230.224.0/24 maxlen: 24
94.230.227.0/24 maxlen: 24
213.206.32.0/24 maxlen: 24
213.206.33.0/24 maxlen: 24
213.206.34.0/24 maxlen: 24
213.206.35.0/24 maxlen: 24
213.206.36.0/24 maxlen: 24
213.206.37.0/24 maxlen: 24
213.206.38.0/24 maxlen: 24
213.206.41.0/24 maxlen: 24
213.206.43.0/24 maxlen: 24
213.206.46.0/24 maxlen: 24
213.206.49.0/24 maxlen: 24
213.206.56.0/24 maxlen: 24
213.206.57.0/24 maxlen: 24
213.206.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/6703ca-ced4-4207-ab05-4a6f55771bd1/1/urRT2Xui9KBFhD5rSpU7PlEG6vI.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/6703ca-ced4-4207-ab05-4a6f55771bd1/1/urRT2Xui9KBFhD5rSpU7PlEG6vI.mft
rsync://rpki.ripe.net/repository/DEFAULT/urRT2Xui9KBFhD5rSpU7PlEG6vI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7e:82:8e:97:83:a8:db:7a:ff:5a:7e:ab:a2:5a:0e:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bab453d97ba2f4a045843e6b4a953b3e5106eaf2
Validity
Not Before: Aug 23 09:12:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=296a0164350d0f678e57ce547074d2af6d187dbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d6:bd:12:ac:a6:3e:85:72:1d:a5:bd:59:cb:
45:77:8c:0a:28:59:be:ce:8d:82:7f:c3:cb:61:9a:
81:61:68:d6:a1:36:0b:a7:51:c2:e5:cc:bb:54:28:
6b:8a:d2:d1:f9:58:5a:92:aa:93:e7:b5:e4:97:6d:
4b:75:13:d5:bb:09:9d:ba:13:5c:92:7b:de:c0:4f:
2c:92:4d:2d:1d:31:76:9a:e7:7f:89:c1:09:6c:2f:
ed:35:70:41:4b:86:e5:fd:56:5a:ce:13:be:cc:41:
97:fa:e1:9a:72:53:c8:46:d5:f4:49:35:fd:38:e1:
16:64:35:8b:a9:0d:e7:19:d6:e7:cb:0b:ff:e6:3d:
2d:0b:92:fe:b6:1b:bc:07:19:ef:f4:94:14:e8:7c:
b0:d6:a1:f2:23:46:bf:da:d0:9d:7d:ff:85:44:4f:
26:4d:2c:9b:60:be:af:3a:c6:b8:d9:d4:ba:1c:a4:
c1:73:df:cd:cf:d1:92:1e:e8:ae:78:60:19:61:0d:
da:42:c1:cf:06:dd:2d:ca:20:72:f6:70:45:21:31:
b7:c3:8e:b5:f5:f2:cf:51:63:d7:69:e7:69:cc:3a:
5a:ec:1e:45:5b:55:2d:a5:61:51:ce:d4:fa:d0:58:
2e:88:72:28:70:43:2b:fd:d0:bf:94:56:65:a9:5b:
db:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:6A:01:64:35:0D:0F:67:8E:57:CE:54:70:74:D2:AF:6D:18:7D:BE
X509v3 Authority Key Identifier:
keyid:BA:B4:53:D9:7B:A2:F4:A0:45:84:3E:6B:4A:95:3B:3E:51:06:EA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urRT2Xui9KBFhD5rSpU7PlEG6vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6703ca-ced4-4207-ab05-4a6f55771bd1/1/KWoBZDUND2eOV85UcHTSr20Yfb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6703ca-ced4-4207-ab05-4a6f55771bd1/1/urRT2Xui9KBFhD5rSpU7PlEG6vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.230.224.0/24
94.230.227.0/24
213.206.32.0-213.206.38.255
213.206.41.0/24
213.206.43.0/24
213.206.46.0/24
213.206.49.0/24
213.206.56.0/23
213.206.59.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:da:af:86:e7:33:08:aa:44:84:da:92:10:b9:34:6f:58:77:
e2:37:c4:03:c0:ef:10:4d:8d:87:b7:fb:19:ea:8c:d0:71:cc:
00:df:6c:07:ab:e7:50:72:5f:d2:c0:31:68:39:86:9c:7f:07:
71:1a:32:a0:91:79:fb:68:e3:da:73:aa:63:41:08:31:ee:0c:
9f:04:36:27:2c:77:63:74:0b:3b:b9:a1:cb:00:94:c2:56:05:
4d:f4:88:fc:19:08:72:54:c5:2f:b6:ea:7d:25:b6:fd:ff:e0:
26:48:93:8c:42:f3:3f:81:c0:b1:25:ee:89:5f:73:3a:8c:ac:
71:97:74:75:11:2f:a8:08:00:f6:87:f6:90:c9:00:2f:9e:e6:
aa:6a:c7:0d:30:a1:00:86:69:38:ad:79:52:6b:d0:79:db:ef:
da:37:d6:00:1e:5e:bb:be:34:ea:c7:6e:d6:fd:00:21:2f:41:
1d:a8:04:1d:20:f4:94:26:25:fb:07:97:25:08:f8:45:44:30:
7a:ed:eb:81:d2:86:f9:00:e0:a7:bd:2f:3c:d6:13:fd:f5:73:
2d:79:f5:83:3e:68:cb:fd:22:cc:96:50:2b:e5:4c:27:1f:81:
a8:ce:32:35:9e:0f:df:0f:77:6c:8d:2c:f6:a0:99:78:92:54:
d3:73:f5:bb
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZF+go6Xg6jbev9afquiWg5dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYjQ1M2Q5N2JhMmY0YTA0NTg0M2U2YjRhOTUzYjNlNTEw
NmVhZjIwHhcNMjQwODIzMDkxMjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTZhMDE2NDM1MGQwZjY3OGU1N2NlNTQ3MDc0ZDJhZjZkMTg3ZGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNa9EqymPoVyHaW9WctFd4wKKFm+
zo2Cf8PLYZqBYWjWoTYLp1HC5cy7VChritLR+VhakqqT57Xkl21LdRPVuwmduhNc
knvewE8skk0tHTF2mud/icEJbC/tNXBBS4bl/VZazhO+zEGX+uGaclPIRtX0STX9
OOEWZDWLqQ3nGdbnywv/5j0tC5L+thu8Bxnv9JQU6Hyw1qHyI0a/2tCdff+FRE8m
TSybYL6vOsa42dS6HKTBc9/Nz9GSHuiueGAZYQ3aQsHPBt0tyiBy9nBFITG3w461
9fLPUWPXaedpzDpa7B5FW1UtpWFRztT60FguiHIocEMr/dC/lFZlqVvbrwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFClqAWQ1DQ9njlfOVHB00q9tGH2+MB8GA1UdIwQY
MBaAFLq0U9l7ovSgRYQ+a0qVOz5RBuryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJSVDJYdWk5S0JGaEQ1clNwVTdQbEVHNnZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82NzAzY2EtY2VkNC00MjA3LWFiMDUt
NGE2ZjU1NzcxYmQxLzEvS1dvQlpEVU5EMmVPVjg1VWNIVFNyMjBZZmI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82NzAzY2EtY2VkNC00MjA3LWFiMDUtNGE2ZjU1NzcxYmQx
LzEvdXJSVDJYdWk5S0JGaEQ1clNwVTdQbEVHNnZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAXubgAwQA
XubjMAwDBAXVziADBADVziYDBADVzikDBADVzisDBADVzi4DBADVzjEDBAHVzjgD
BADVzjswDQYJKoZIhvcNAQELBQADggEBAArar4bnMwiqRITakhC5NG9Yd+I3xAPA
7xBNjYe3+xnqjNBxzADfbAer51ByX9LAMWg5hpx/B3EaMqCRefto49pzqmNBCDHu
DJ8ENicsd2N0Czu5ocsAlMJWBU30iPwZCHJUxS+26n0ltv3/4CZIk4xC8z+BwLEl
7olfczqMrHGXdHURL6gIAPaH9pDJAC+e5qpqxw0woQCGaTiteVJr0Hnb79o31gAe
Xru+NOrHbtb9ACEvQR2oBB0g9JQmJfsHlyUI+EVEMHrt64HShvkA4Ke9LzzWE/31
cy159YM+aMv9IsyWUCvlTCcfgajOMjWeD98Pd2yNLPagmXiSVNNz9bs=
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:47:53 2024 by rpki-client on console-fra.rpki-client.org