Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/asVJqUNiaaLh1kPN5ccKX5hTZ5Y.roa
File: asVJqUNiaaLh1kPN5ccKX5hTZ5Y.roa (raw, json)
Hash identifier: bsW+aHq6JxYhHX0Ee66z/bLsbi+HleZFl92FQri8CLo=
Subject key identifier: 6A:C5:49:A9:43:62:69:A2:E1:D6:43:CD:E5:C7:0A:5F:98:53:67:96
Certificate issuer: /CN=0f21521a7127157f7daf0ad091394ad5a1cce779
Certificate serial: 018CC6B8BE35C59D5BCD438530288A6B6284
Authority key identifier: 0F:21:52:1A:71:27:15:7F:7D:AF:0A:D0:91:39:4A:D5:A1:CC:E7:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DyFSGnEnFX99rwrQkTlK1aHM53k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/asVJqUNiaaLh1kPN5ccKX5hTZ5Y.roa
Signing time: Mon 01 Jan 2024 20:30:45 +0000
ROA not before: Mon 01 Jan 2024 20:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201785
IP address blocks: 91.223.211.0/24 maxlen: 24
195.43.88.0/23 maxlen: 24
195.43.88.0/24 maxlen: 24
193.200.230.0/24 maxlen: 24
62.69.145.0/24 maxlen: 24
62.69.151.0/24 maxlen: 24
2a01:9ec0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/DyFSGnEnFX99rwrQkTlK1aHM53k.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/DyFSGnEnFX99rwrQkTlK1aHM53k.mft
rsync://rpki.ripe.net/repository/DEFAULT/DyFSGnEnFX99rwrQkTlK1aHM53k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:be:35:c5:9d:5b:cd:43:85:30:28:8a:6b:62:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f21521a7127157f7daf0ad091394ad5a1cce779
Validity
Not Before: Jan 1 20:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ac549a9436269a2e1d643cde5c70a5f98536796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:27:4e:a9:56:18:cf:a0:28:fb:e3:f9:08:11:
d8:e3:72:da:0c:3d:72:0f:2e:cf:db:8f:b1:5c:68:
78:c3:21:72:4e:74:d7:f8:3f:fd:ff:89:aa:fc:8e:
76:0a:d5:c9:95:cb:1d:a1:65:ae:85:39:dd:ab:17:
b4:ab:88:7d:20:d2:55:ff:f8:df:b4:75:7a:53:81:
67:f7:6c:0e:22:28:d0:be:1b:b9:ad:15:fe:87:12:
52:84:78:82:e1:fc:29:98:51:3c:4d:37:5f:a4:f8:
5d:e0:df:cb:a6:7a:71:82:7c:0c:08:7e:82:8a:98:
cb:79:d2:4f:e4:08:36:69:42:16:90:fa:e7:ba:cb:
2c:ff:e3:31:06:3b:7f:67:83:63:48:9c:3a:e0:00:
bc:4f:74:99:73:31:e9:3b:ef:eb:fd:0e:08:e5:d4:
52:a7:57:b8:da:78:ad:f7:cc:6f:8a:b5:50:ec:66:
89:25:58:a0:be:58:32:64:e3:fa:4f:5b:6d:1c:5c:
a1:22:c8:8a:ff:58:1c:a2:b1:04:15:16:5c:02:7f:
4e:1b:22:7a:3d:20:10:ab:23:86:44:d7:11:a3:f8:
e1:98:c4:71:43:ac:65:85:0c:07:0e:fc:ea:72:33:
e5:0a:ef:93:8c:63:08:a7:12:ae:a8:da:ae:4a:88:
a0:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:C5:49:A9:43:62:69:A2:E1:D6:43:CD:E5:C7:0A:5F:98:53:67:96
X509v3 Authority Key Identifier:
keyid:0F:21:52:1A:71:27:15:7F:7D:AF:0A:D0:91:39:4A:D5:A1:CC:E7:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DyFSGnEnFX99rwrQkTlK1aHM53k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/asVJqUNiaaLh1kPN5ccKX5hTZ5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/DyFSGnEnFX99rwrQkTlK1aHM53k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.69.145.0/24
62.69.151.0/24
91.223.211.0/24
193.200.230.0/24
195.43.88.0/23
IPv6:
2a01:9ec0::/29
Signature Algorithm: sha256WithRSAEncryption
48:ab:07:3e:2c:be:d1:cd:e8:f2:26:da:31:63:ae:6e:e8:ad:
8a:1b:b8:2e:9f:31:d2:18:74:09:a9:cd:0e:91:71:7f:42:d4:
9c:3e:47:58:b9:78:2c:76:81:9a:48:14:5f:a1:a1:8e:4f:4b:
3d:67:87:be:01:54:f7:b8:94:cd:63:c6:c8:2c:ab:28:99:da:
6c:59:a2:6d:0c:af:d2:d6:46:c0:60:75:62:44:9d:fc:6f:9a:
d8:d4:3d:a6:de:77:6e:e6:9d:3d:8c:53:7b:e7:9a:44:9f:64:
66:41:63:2d:f0:8a:5b:d6:4b:db:a9:02:87:39:35:ad:8e:5e:
94:c2:f9:95:4c:a7:89:19:a3:ee:77:01:a1:b2:0d:4c:44:aa:
42:c1:44:9e:db:74:c9:aa:d1:8e:de:e5:fc:d7:43:db:a1:c5:
2a:35:a6:ad:63:8d:5c:ed:3f:1d:90:35:7d:cd:04:56:61:ab:
02:7b:3d:84:13:23:6b:6e:07:f4:6d:de:16:e6:4d:d6:b0:22:
07:c7:25:6d:54:e9:ea:23:22:66:51:3f:6d:c5:75:05:e1:6a:
3a:ac:33:9d:1b:66:4a:00:f2:39:dd:b0:0a:93:2a:a4:77:e3:
ed:18:ee:fe:96:bd:fe:d8:f4:18:43:6a:e1:60:6d:89:32:6d:
48:86:1b:8b
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzGuL41xZ1bzUOFMCiKa2KEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMjE1MjFhNzEyNzE1N2Y3ZGFmMGFkMDkxMzk0YWQ1YTFj
Y2U3NzkwHhcNMjQwMTAxMjAzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWM1NDlhOTQzNjI2OWEyZTFkNjQzY2RlNWM3MGE1Zjk4NTM2Nzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAridOqVYYz6Ao++P5CBHY43LaDD1y
Dy7P24+xXGh4wyFyTnTX+D/9/4mq/I52CtXJlcsdoWWuhTndqxe0q4h9INJV//jf
tHV6U4Fn92wOIijQvhu5rRX+hxJShHiC4fwpmFE8TTdfpPhd4N/LpnpxgnwMCH6C
ipjLedJP5Ag2aUIWkPrnusss/+MxBjt/Z4NjSJw64AC8T3SZczHpO+/r/Q4I5dRS
p1e42nit98xvirVQ7GaJJVigvlgyZOP6T1ttHFyhIsiK/1gcorEEFRZcAn9OGyJ6
PSAQqyOGRNcRo/jhmMRxQ6xlhQwHDvzqcjPlCu+TjGMIpxKuqNquSoigEQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFGrFSalDYmmi4dZDzeXHCl+YU2eWMB8GA1UdIwQY
MBaAFA8hUhpxJxV/fa8K0JE5StWhzOd5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHlGU0duRW5GWDk5cndyUWtUbEsxYUhNNTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lODMxYjEtOWVjMC00NmYyLTg2MGQt
ZmFkNWZkNzk3MGJhLzEvYXNWSnFVTmlhYUxoMWtQTjVjY0tYNWhUWjVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lODMxYjEtOWVjMC00NmYyLTg2MGQtZmFkNWZkNzk3MGJh
LzEvRHlGU0duRW5GWDk5cndyUWtUbEsxYUhNNTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAPkWRAwQA
PkWXAwQAW9/TAwQAwcjmAwQBwytYMA0EAgACMAcDBQMqAZ7AMA0GCSqGSIb3DQEB
CwUAA4IBAQBIqwc+LL7RzejyJtoxY65u6K2KG7gunzHSGHQJqc0OkXF/QtScPkdY
uXgsdoGaSBRfoaGOT0s9Z4e+AVT3uJTNY8bILKsomdpsWaJtDK/S1kbAYHViRJ38
b5rY1D2m3ndu5p09jFN755pEn2RmQWMt8Ipb1kvbqQKHOTWtjl6UwvmVTKeJGaPu
dwGhsg1MRKpCwUSe23TJqtGO3uX810PbocUqNaatY41c7T8dkDV9zQRWYasCez2E
EyNrbgf0bd4W5k3WsCIHxyVtVOnqIyJmUT9txXUF4Wo6rDOdG2ZKAPI53bAKkyqk
d+PtGO7+lr3+2PQYQ2rhYG2JMm1IhhuL
-----END CERTIFICATE-----
Generated at Sat May 18 19:59:36 2024 by rpki-client on console-fra.rpki-client.org