Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/6K-KcObaqA2vzI3dAHhweFbPq2k.roa
File: 6K-KcObaqA2vzI3dAHhweFbPq2k.roa (raw, json)
Hash identifier: magdDIkT0xOV4a5Mf2blMDEFvefMHjI4QLv7htNMtP4=
Subject key identifier: E8:AF:8A:70:E6:DA:A8:0D:AF:CC:8D:DD:00:78:70:78:56:CF:AB:69
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0191EA586BE96D8F998FD433650B3F28E69A
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/6K-KcObaqA2vzI3dAHhweFbPq2k.roa
Signing time: Fri 13 Sep 2024 07:45:48 +0000
ROA not before: Fri 13 Sep 2024 07:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209854
IP address blocks: 91.229.18.0/24 maxlen: 24
91.229.19.0/24 maxlen: 24
93.120.24.0/23 maxlen: 24
109.207.129.0/24 maxlen: 24
192.162.184.0/24 maxlen: 24
192.162.185.0/24 maxlen: 24
193.36.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ea:58:6b:e9:6d:8f:99:8f:d4:33:65:0b:3f:28:e6:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Sep 13 07:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8af8a70e6daa80dafcc8ddd0078707856cfab69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ce:2f:e7:79:86:0b:c5:3c:54:9e:03:f3:7e:
1d:0e:85:81:19:72:09:e2:3f:95:5f:98:f3:b9:69:
a6:cd:10:1a:8b:ac:78:67:81:29:45:11:a0:ab:ec:
39:8a:3b:67:4c:33:09:32:9f:01:0a:d3:75:40:e2:
32:f2:d8:d3:f0:15:1f:7f:f5:b1:47:8a:3d:57:36:
ca:d1:08:b4:80:d7:5a:68:67:05:29:48:4f:39:3b:
be:73:1c:48:a6:b2:02:95:17:a9:6f:54:f1:29:4f:
15:df:0b:ff:0d:cb:22:9d:ae:64:04:fc:fa:14:f6:
5a:b1:ff:6a:9b:00:dd:3a:40:94:db:1b:32:d3:47:
ae:56:48:48:a8:c4:15:46:a3:81:42:38:eb:90:5f:
9e:82:e1:ea:6b:12:d5:2e:c8:0e:f3:f7:02:93:ce:
3b:2a:6c:d5:34:d5:ab:b6:71:26:17:ca:ab:2d:7a:
aa:0a:22:4c:b1:8f:d5:e1:6d:c8:d2:3d:92:9f:72:
af:95:c7:64:21:80:db:ee:3d:80:6d:05:6b:85:f8:
7b:a0:ff:c8:32:0c:89:41:04:22:0d:1b:30:ba:64:
5a:89:7e:e2:e6:d0:9d:85:ff:20:2d:59:7f:4c:49:
d4:f5:85:81:e0:bb:c2:27:8c:09:36:78:df:1a:36:
8e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:AF:8A:70:E6:DA:A8:0D:AF:CC:8D:DD:00:78:70:78:56:CF:AB:69
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/6K-KcObaqA2vzI3dAHhweFbPq2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.18.0/23
93.120.24.0/23
109.207.129.0/24
192.162.184.0/23
193.36.203.0/24
Signature Algorithm: sha256WithRSAEncryption
89:59:75:a4:4d:33:d7:31:1c:04:4e:a4:96:2b:8e:fe:17:4d:
42:e1:fc:d5:59:bb:d3:eb:a6:83:84:1f:2f:99:f3:4e:32:ab:
95:4d:e6:2b:33:52:16:54:5e:05:29:c1:d3:83:85:13:ff:03:
41:a6:67:22:93:62:a9:ba:9b:11:d0:02:40:b2:70:32:1e:51:
4b:58:8a:79:db:e4:44:e3:25:cf:74:8c:dd:45:f5:bc:18:52:
d5:91:d2:33:df:7d:65:87:05:6b:a2:09:98:fa:d5:a5:4c:1f:
79:02:64:3f:b8:71:73:02:76:03:ae:2c:ab:7f:94:dc:6e:d9:
e5:a7:48:73:1e:c6:57:03:89:3a:5e:eb:a8:9d:78:50:dd:4c:
68:84:be:04:ec:f3:99:09:ce:b2:10:31:fe:25:8e:8c:45:fd:
fd:c9:17:b7:ea:82:24:28:02:d0:3b:fe:82:6b:30:2a:12:ab:
e5:d7:fa:b7:87:8d:56:4a:22:0a:86:1c:cb:76:87:bd:d1:ff:
57:16:5c:72:65:07:d6:59:d1:72:f2:6a:a3:5c:91:9f:07:e5:
4f:cc:11:6d:52:ea:27:0a:e9:c4:d6:26:54:d5:02:a7:d4:e7:
83:63:c1:60:9f:4f:86:91:89:bd:c2:c1:06:27:34:3b:2b:25:
b4:0c:14:f8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZHqWGvpbY+Zj9QzZQs/KOaaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwOTEzMDc0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGFmOGE3MGU2ZGFhODBkYWZjYzhkZGQwMDc4NzA3ODU2Y2ZhYjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp84v53mGC8U8VJ4D834dDoWBGXIJ
4j+VX5jzuWmmzRAai6x4Z4EpRRGgq+w5ijtnTDMJMp8BCtN1QOIy8tjT8BUff/Wx
R4o9VzbK0Qi0gNdaaGcFKUhPOTu+cxxIprIClRepb1TxKU8V3wv/Dcsina5kBPz6
FPZasf9qmwDdOkCU2xsy00euVkhIqMQVRqOBQjjrkF+eguHqaxLVLsgO8/cCk847
KmzVNNWrtnEmF8qrLXqqCiJMsY/V4W3I0j2Sn3KvlcdkIYDb7j2AbQVrhfh7oP/I
MgyJQQQiDRswumRaiX7i5tCdhf8gLVl/TEnU9YWB4LvCJ4wJNnjfGjaOtwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOivinDm2qgNr8yN3QB4cHhWz6tpMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvNkstS2NPYmFxQTJ2ekkzZEFIaHdlRmJQcTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBW+USAwQB
XXgYAwQAbc+BAwQBwKK4AwQAwSTLMA0GCSqGSIb3DQEBCwUAA4IBAQCJWXWkTTPX
MRwETqSWK47+F01C4fzVWbvT66aDhB8vmfNOMquVTeYrM1IWVF4FKcHTg4UT/wNB
pmcik2KpupsR0AJAsnAyHlFLWIp52+RE4yXPdIzdRfW8GFLVkdIz331lhwVrogmY
+tWlTB95AmQ/uHFzAnYDriyrf5Tcbtnlp0hzHsZXA4k6XuuonXhQ3UxohL4E7POZ
Cc6yEDH+JY6MRf39yRe36oIkKALQO/6CazAqEqvl1/q3h41WSiIKhhzLdoe90f9X
FlxyZQfWWdFy8mqjXJGfB+VPzBFtUuonCunE1iZU1QKn1OeDY8Fgn0+GkYm9wsEG
JzQ7KyW0DBT4
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:21:25 2024 by rpki-client on console-ams.rpki-client.org