Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/svGpUi99G04AqB53x0ThGsVZcH0.roa
File: svGpUi99G04AqB53x0ThGsVZcH0.roa (raw, json)
Hash identifier: aTZloEMHHJHjYzlIG16uIth/O6+kwgudlJnShx2wDI4=
Subject key identifier: B2:F1:A9:52:2F:7D:1B:4E:00:A8:1E:77:C7:44:E1:1A:C5:59:70:7D
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018CC2DB29DD9F39101BBBE773CB6B77DD8C
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/svGpUi99G04AqB53x0ThGsVZcH0.roa
Signing time: Mon 01 Jan 2024 02:29:52 +0000
ROA not before: Mon 01 Jan 2024 02:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43094
IP address blocks: 91.242.84.0/23 maxlen: 23
91.242.104.0/21 maxlen: 21
194.114.144.0/24 maxlen: 25
194.114.144.128/27 maxlen: 27
91.242.78.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:29:dd:9f:39:10:1b:bb:e7:73:cb:6b:77:dd:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 02:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2f1a9522f7d1b4e00a81e77c744e11ac559707d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:a7:5c:93:f0:d8:59:79:13:65:b9:f8:35:cb:
72:f6:fe:fd:e4:4f:eb:0a:af:a4:36:2c:13:a5:67:
d3:35:77:52:ea:fb:66:cc:8c:f4:e5:97:1d:37:48:
e6:59:d9:e3:cf:fc:0f:b9:cf:d3:1c:1a:fe:51:ca:
17:1b:e3:ed:10:d2:2e:c6:27:c9:57:f1:38:d1:dc:
fc:19:9c:ae:a2:54:21:81:fc:f3:8c:2f:24:95:7d:
06:15:87:37:f6:1f:f1:ac:a5:39:d3:1d:72:2a:17:
eb:bb:87:25:1f:13:97:d0:f3:07:68:6f:2b:90:80:
74:a8:84:0b:96:a0:8d:ba:87:f1:63:d9:ce:ed:e8:
f8:6d:a5:dd:4c:5c:48:93:3f:07:15:46:71:84:7a:
da:97:7e:88:f0:ca:a6:40:d1:0f:13:51:0b:36:6e:
c1:f3:24:4c:45:70:5f:73:47:57:9d:55:79:5b:f9:
6c:32:47:1f:0b:69:9c:81:80:9d:69:8f:5d:d7:bd:
de:1f:75:a9:51:88:3e:ac:15:a9:79:b3:77:0a:4a:
88:57:3d:b6:21:55:cb:60:1b:2c:6f:b6:68:9a:74:
05:53:3a:96:e1:c2:3f:a5:b7:9f:1b:70:91:ac:72:
4b:a8:e1:bc:9b:71:2f:23:f6:84:6e:44:b8:53:34:
b4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:F1:A9:52:2F:7D:1B:4E:00:A8:1E:77:C7:44:E1:1A:C5:59:70:7D
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/svGpUi99G04AqB53x0ThGsVZcH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.78.0/23
91.242.84.0/23
91.242.104.0/21
194.114.144.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:a2:62:0a:50:00:60:74:55:5a:7a:68:f2:13:3b:23:89:91:
9f:95:3b:61:2c:c4:a1:f9:8b:47:3a:6e:0b:d7:fa:8b:6d:76:
95:88:06:e3:1b:27:8a:a6:1e:08:26:a2:d8:0f:92:b7:4b:b0:
d5:82:9f:2f:dd:40:bf:41:59:98:b8:1e:48:c3:06:96:46:71:
17:3d:ae:76:33:88:1e:df:e2:ea:45:c3:e8:2d:2e:02:7e:c0:
0a:ae:27:c0:4b:66:d8:38:b2:1c:42:28:fc:96:60:45:67:27:
9e:c9:1f:cf:a4:d7:11:0b:b1:3f:b8:52:f1:39:96:18:11:21:
b9:1e:e0:aa:55:d5:cf:88:01:16:42:46:9c:ad:d0:6d:0f:6b:
a9:15:c7:88:8f:3a:c6:79:eb:27:84:86:05:d9:31:4f:f7:08:
94:7a:d5:63:a4:57:3a:3e:e5:0c:a0:22:5a:ed:bd:a0:39:79:
ab:59:47:60:cd:e9:8b:16:48:0b:08:53:ff:de:7d:1a:43:a3:
7c:88:76:63:b7:e6:5c:44:c3:e5:0e:f7:2d:30:1f:76:f3:80:
f8:a8:3e:61:b9:c5:f3:9d:74:a1:8d:4c:f1:00:e6:61:66:04:
2f:0b:e4:37:0e:7b:30:c1:b0:1a:f2:e4:26:13:a5:2b:d4:c3:
d2:5e:71:a2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzC2yndnzkQG7vnc8trd92MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMTAxMDIyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmYxYTk1MjJmN2QxYjRlMDBhODFlNzdjNzQ0ZTExYWM1NTk3MDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA66dck/DYWXkTZbn4Ncty9v795E/r
Cq+kNiwTpWfTNXdS6vtmzIz05ZcdN0jmWdnjz/wPuc/THBr+UcoXG+PtENIuxifJ
V/E40dz8GZyuolQhgfzzjC8klX0GFYc39h/xrKU50x1yKhfru4clHxOX0PMHaG8r
kIB0qIQLlqCNuofxY9nO7ej4baXdTFxIkz8HFUZxhHral36I8MqmQNEPE1ELNm7B
8yRMRXBfc0dXnVV5W/lsMkcfC2mcgYCdaY9d173eH3WpUYg+rBWpebN3CkqIVz22
IVXLYBssb7ZomnQFUzqW4cI/pbefG3CRrHJLqOG8m3EvI/aEbkS4UzS0SwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLLxqVIvfRtOAKged8dE4RrFWXB9MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvc3ZHcFVpOTlHMDRBcUI1M3gwVGhHc1ZaY0gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW/JOAwQB
W/JUAwQDW/JoAwQAwnKQMA0GCSqGSIb3DQEBCwUAA4IBAQB8omIKUABgdFVaemjy
EzsjiZGflTthLMSh+YtHOm4L1/qLbXaViAbjGyeKph4IJqLYD5K3S7DVgp8v3UC/
QVmYuB5IwwaWRnEXPa52M4ge3+LqRcPoLS4CfsAKrifAS2bYOLIcQij8lmBFZyee
yR/PpNcRC7E/uFLxOZYYESG5HuCqVdXPiAEWQkacrdBtD2upFceIjzrGeesnhIYF
2TFP9wiUetVjpFc6PuUMoCJa7b2gOXmrWUdgzemLFkgLCFP/3n0aQ6N8iHZjt+Zc
RMPlDvctMB9284D4qD5hucXznXShjUzxAOZhZgQvC+Q3DnswwbAa8uQmE6Ur1MPS
XnGi
-----END CERTIFICATE-----
Generated at Sat May 4 12:54:50 2024 by rpki-client on console-fra.rpki-client.org