Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/a9tIn_ZM_4ZezVQU0H7J1So_bE4.roa
File: a9tIn_ZM_4ZezVQU0H7J1So_bE4.roa (raw, json)
Hash identifier: +l4lA6xtRq++2fxo838Y90bp5QYK1l9nMQX+kpY2vNA=
Subject key identifier: 6B:DB:48:9F:F6:4C:FF:86:5E:CD:54:14:D0:7E:C9:D5:2A:3F:6C:4E
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018CC2DB3D2B55B215E4BDB8F5B2B622E234
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/a9tIn_ZM_4ZezVQU0H7J1So_bE4.roa
Signing time: Mon 01 Jan 2024 02:29:57 +0000
ROA not before: Mon 01 Jan 2024 02:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209982
IP address blocks: 194.35.52.0/22 maxlen: 22
91.239.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 03:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:3d:2b:55:b2:15:e4:bd:b8:f5:b2:b6:22:e2:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 02:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6bdb489ff64cff865ecd5414d07ec9d52a3f6c4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:31:24:16:bd:a5:98:3d:88:cf:43:70:cd:b4:
27:3b:99:4b:f6:ed:92:4a:c9:30:46:7b:24:51:12:
c5:9c:12:66:3a:27:55:79:5a:63:02:be:e5:22:1c:
4e:fe:a7:1b:ad:a4:38:36:ac:61:c2:54:7e:ee:94:
f3:4d:de:d9:2a:89:f7:84:ac:44:b5:51:b1:25:5d:
fd:e4:3c:57:5a:03:bf:20:d4:3b:72:a4:fe:f5:6c:
6f:75:28:53:61:b1:89:6a:c5:db:9c:79:77:a7:c7:
d0:f7:a1:f1:90:e9:3a:6c:c5:29:90:af:6b:cf:87:
99:bf:d2:96:fc:5e:54:4f:b6:98:8e:83:8f:1f:6e:
d2:5f:23:5b:7e:a1:57:67:3a:75:d5:ba:52:07:b0:
76:c4:aa:21:a3:0c:40:72:90:c0:e4:22:83:56:93:
a5:9c:12:cd:1d:82:68:fc:22:6a:f2:28:ef:f0:6b:
2b:ef:2b:4e:0b:44:9e:36:65:ef:0a:ee:98:9b:e9:
69:18:cd:23:bd:c8:b0:a0:42:40:bf:65:39:1b:08:
b4:6f:bd:23:73:db:6d:d0:c8:14:78:bb:da:89:ce:
68:3c:82:0e:94:c0:52:6f:3a:28:41:40:5e:bc:0c:
47:92:aa:6e:7f:45:89:3f:a1:0e:a5:b0:67:ca:c7:
4e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:DB:48:9F:F6:4C:FF:86:5E:CD:54:14:D0:7E:C9:D5:2A:3F:6C:4E
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/a9tIn_ZM_4ZezVQU0H7J1So_bE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.59.0/24
194.35.52.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:ed:fa:65:01:11:29:55:eb:39:52:29:14:3a:34:f5:c6:af:
95:f5:d2:43:7a:bd:de:7a:81:c9:1d:a3:23:0e:c8:77:5a:a1:
7e:99:f7:db:e7:de:c5:5e:6b:af:39:cc:a9:74:43:fb:32:d9:
5d:9d:79:d9:42:9f:c2:88:5c:ea:a7:41:63:3c:91:dc:7a:2f:
f9:72:39:73:b1:93:62:42:a2:e4:36:8b:30:45:0e:13:93:2a:
2f:19:b3:d4:50:c5:3c:82:77:49:cb:f7:24:1f:a4:87:49:8f:
23:20:14:31:cf:2f:35:69:39:a9:fd:1e:1e:d7:6c:b2:15:06:
ab:7c:c5:5e:a8:89:a8:e0:86:a0:62:ca:10:4c:5d:5f:1c:02:
1a:a1:55:b5:a5:f8:9c:fe:e5:d6:4b:fc:50:73:f0:13:bb:ad:
4b:54:b6:66:89:a3:7a:70:d8:e7:44:8d:06:17:ec:12:09:87:
7b:fd:64:de:87:b6:8e:74:19:3c:3c:ff:db:fd:8a:9c:d9:e5:
8a:77:82:08:25:5f:1f:ff:f9:89:e4:6c:9c:b4:7d:3d:df:7a:
7c:08:2a:29:4d:99:56:23:81:1a:f3:e4:6b:b1:84:c7:76:1d:
10:5e:ff:f6:91:7b:1e:8b:96:95:14:80:86:3c:8c:10:51:4d:
67:08:75:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2z0rVbIV5L249bK2IuI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMTAxMDIyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmRiNDg5ZmY2NGNmZjg2NWVjZDU0MTRkMDdlYzlkNTJhM2Y2YzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTEkFr2lmD2Iz0NwzbQnO5lL9u2S
SskwRnskURLFnBJmOidVeVpjAr7lIhxO/qcbraQ4NqxhwlR+7pTzTd7ZKon3hKxE
tVGxJV395DxXWgO/INQ7cqT+9WxvdShTYbGJasXbnHl3p8fQ96HxkOk6bMUpkK9r
z4eZv9KW/F5UT7aYjoOPH27SXyNbfqFXZzp11bpSB7B2xKohowxAcpDA5CKDVpOl
nBLNHYJo/CJq8ijv8Gsr7ytOC0SeNmXvCu6Ym+lpGM0jvciwoEJAv2U5Gwi0b70j
c9tt0MgUeLvaic5oPIIOlMBSbzooQUBevAxHkqpuf0WJP6EOpbBnysdOmQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGvbSJ/2TP+GXs1UFNB+ydUqP2xOMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvYTl0SW5fWk1fNFplelZRVTBIN0oxU29fYkU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+87AwQC
wiM0MA0GCSqGSIb3DQEBCwUAA4IBAQBP7fplAREpVes5UikUOjT1xq+V9dJDer3e
eoHJHaMjDsh3WqF+mffb597FXmuvOcypdEP7MtldnXnZQp/CiFzqp0FjPJHcei/5
cjlzsZNiQqLkNoswRQ4TkyovGbPUUMU8gndJy/ckH6SHSY8jIBQxzy81aTmp/R4e
12yyFQarfMVeqImo4IagYsoQTF1fHAIaoVW1pfic/uXWS/xQc/ATu61LVLZmiaN6
cNjnRI0GF+wSCYd7/WTeh7aOdBk8PP/b/Yqc2eWKd4IIJV8f//mJ5GyctH0933p8
CCopTZlWI4Ea8+RrsYTHdh0QXv/2kXsei5aVFICGPIwQUU1nCHXZ
-----END CERTIFICATE-----
Generated at Sat May 4 08:46:23 2024 by rpki-client on console-fra.rpki-client.org