Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/xQGYAqa1V6KtWo69VKB9L0lacOI.roa
File: xQGYAqa1V6KtWo69VKB9L0lacOI.roa (raw, json)
Hash identifier: n/Gbh2T0HFK7+hPKLvtbfgVOKrDT4t/Vzr5c9KGnnrA=
Subject key identifier: C5:01:98:02:A6:B5:57:A2:AD:5A:8E:BD:54:A0:7D:2F:49:5A:70:E2
Certificate issuer: /CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Certificate serial: 018D888C0AEDDD2F696993883902D3FCD0ED
Authority key identifier: FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/xQGYAqa1V6KtWo69VKB9L0lacOI.roa
Signing time: Thu 08 Feb 2024 11:48:15 +0000
ROA not before: Thu 08 Feb 2024 11:48:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48265
IP address blocks: 91.210.136.0/24 maxlen: 24
91.210.137.0/24 maxlen: 24
91.210.138.0/24 maxlen: 24
91.210.139.0/24 maxlen: 24
109.104.128.0/24 maxlen: 24
109.104.129.0/24 maxlen: 24
109.104.130.0/24 maxlen: 24
109.104.131.0/24 maxlen: 24
109.104.144.0/24 maxlen: 24
109.104.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/1-_YvdgYnP0GmzMjilWB288Ch61Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/1-_YvdgYnP0GmzMjilWB288Ch61Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:88:8c:0a:ed:dd:2f:69:69:93:88:39:02:d3:fc:d0:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Validity
Not Before: Feb 8 11:48:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5019802a6b557a2ad5a8ebd54a07d2f495a70e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:28:9a:4f:4d:fe:57:e5:07:f3:52:d0:ba:d3:
89:a7:14:76:7f:88:11:a2:5f:b7:bf:b7:d1:90:91:
2a:87:0b:94:19:51:70:30:35:3f:48:53:e1:9b:0d:
7d:9e:6f:b1:a6:c1:66:b1:31:79:77:ee:f5:03:a1:
4a:04:69:76:78:7d:c4:e6:20:5f:d5:d9:97:0a:59:
61:a7:f4:e3:46:2f:fb:f1:1d:6c:58:71:97:11:da:
4a:1d:ec:e0:79:5a:f9:87:fd:6b:48:57:fe:07:17:
3f:7a:bf:09:04:07:6b:16:c1:52:74:fc:15:2d:1d:
84:7f:06:2d:36:02:9e:32:d2:39:6c:e8:7d:3c:52:
d9:97:18:e3:0f:0f:41:4a:82:bc:2c:61:62:11:1e:
54:a2:f1:53:37:90:2e:ac:4a:56:36:fb:cc:ef:de:
a9:6d:bb:5a:b4:94:f5:42:f7:0f:5f:c5:ec:49:f0:
2e:7d:72:fa:e8:e5:35:98:a0:bf:98:b7:95:96:a8:
33:76:51:6a:b4:38:78:67:2e:b4:8e:44:f5:63:bd:
e1:06:2f:79:f2:27:cd:81:25:0f:e2:b7:61:a5:88:
82:de:27:7a:04:96:74:10:0e:82:42:16:e9:5a:d2:
79:b7:76:09:5c:3e:e7:8d:e1:42:52:4d:86:90:81:
1d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:01:98:02:A6:B5:57:A2:AD:5A:8E:BD:54:A0:7D:2F:49:5A:70:E2
X509v3 Authority Key Identifier:
keyid:FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/xQGYAqa1V6KtWo69VKB9L0lacOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/1-_YvdgYnP0GmzMjilWB288Ch61Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.136.0/22
109.104.128.0/22
109.104.144.0/23
Signature Algorithm: sha256WithRSAEncryption
71:9f:3d:b3:da:f5:11:33:7f:3b:f2:bd:e2:03:99:d8:44:88:
07:9e:5e:8e:d6:71:22:fc:e9:5b:ef:9b:0a:db:33:76:25:6f:
a9:c8:52:8b:32:c8:46:b8:71:a2:d5:5a:07:ae:26:d4:1c:10:
17:3e:f2:44:b7:2e:12:44:fb:5d:07:b1:8e:df:db:6d:a2:ef:
4f:b2:e3:71:09:73:65:89:da:5d:63:bc:52:83:e0:e1:b5:49:
d2:71:d3:11:d0:61:e5:cd:83:f0:66:fc:f2:6a:1e:bf:ac:cf:
eb:75:f8:3d:40:96:f7:80:2a:b4:6e:ff:76:f3:88:d7:b0:bc:
cf:ce:0d:a1:a6:98:8e:ca:51:4e:bb:6d:5e:29:98:76:1a:10:
31:50:60:84:bb:cf:22:9d:dd:51:20:6e:9d:2c:cd:4c:26:e7:
88:10:04:fe:bb:60:c4:6f:91:1b:f5:e9:fe:fe:ed:88:77:27:
f2:e7:01:09:fd:ee:2c:92:86:74:ef:8f:ad:cb:e5:ce:9c:d6:
74:9f:98:97:2c:da:b8:1f:2e:23:00:35:62:dc:93:5f:38:8a:
a5:e5:ae:4a:75:76:e6:ef:00:4b:d1:12:94:bf:f1:38:43:89:
d1:56:7f:92:aa:6e:ef:46:80:01:84:40:d4:6f:34:55:6e:fe:
06:e1:dd:39
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY2IjArt3S9paZOIOQLT/NDtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZjYyZjc2MDYyNzNmNDFhNmNjYzhlMjk1NjA3NmYzYzBh
MWViNTQwHhcNMjQwMjA4MTE0ODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTAxOTgwMmE2YjU1N2EyYWQ1YThlYmQ1NGEwN2QyZjQ5NWE3MGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSiaT03+V+UH81LQutOJpxR2f4gR
ol+3v7fRkJEqhwuUGVFwMDU/SFPhmw19nm+xpsFmsTF5d+71A6FKBGl2eH3E5iBf
1dmXCllhp/TjRi/78R1sWHGXEdpKHezgeVr5h/1rSFf+Bxc/er8JBAdrFsFSdPwV
LR2EfwYtNgKeMtI5bOh9PFLZlxjjDw9BSoK8LGFiER5UovFTN5AurEpWNvvM796p
bbtatJT1QvcPX8XsSfAufXL66OU1mKC/mLeVlqgzdlFqtDh4Zy60jkT1Y73hBi95
8ifNgSUP4rdhpYiC3id6BJZ0EA6CQhbpWtJ5t3YJXD7njeFCUk2GkIEdWQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMUBmAKmtVeirVqOvVSgfS9JWnDiMB8GA1UdIwQY
MBaAFPv2L3YGJz9BpszI4pVgdvPAoetUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1fWXZkZ1luUDBHbXpNamlsV0IyODhDaDYxUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMvOTVlZWJiLTBhOWQtNGY3MS1iM2Y5
LTU2NDllMWIxOTJiYi8xL3hRR1lBcWExVjZLdFdvNjlWS0I5TDBsYWNPSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjMvOTVlZWJiLTBhOWQtNGY3MS1iM2Y5LTU2NDllMWIxOTJi
Yi8xLzEtX1l2ZGdZblAwR216TWppbFdCMjg4Q2g2MVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAJb0ogD
BAJtaIADBAFtaJAwDQYJKoZIhvcNAQELBQADggEBAHGfPbPa9REzfzvyveIDmdhE
iAeeXo7WcSL86VvvmwrbM3Ylb6nIUosyyEa4caLVWgeuJtQcEBc+8kS3LhJE+10H
sY7f222i70+y43EJc2WJ2l1jvFKD4OG1SdJx0xHQYeXNg/Bm/PJqHr+sz+t1+D1A
lveAKrRu/3bziNewvM/ODaGmmI7KUU67bV4pmHYaEDFQYIS7zyKd3VEgbp0szUwm
54gQBP67YMRvkRv16f7+7Yh3J/LnAQn97iyShnTvj63L5c6c1nSfmJcs2rgfLiMA
NWLck184iqXlrkp1dubvAEvREpS/8ThDidFWf5Kqbu9GgAGEQNRvNFVu/gbh3Tk=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:54:04 2024 by rpki-client on console-fra.rpki-client.org