Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ecSSesqRMg6Pvbm2ScbnenoLcG0.roa
File: ecSSesqRMg6Pvbm2ScbnenoLcG0.roa (raw, json)
Hash identifier: s6k6kUF6QwrQ+jgdcZKAXZjpe5/3N9AM2d1z+g7HO6U=
Subject key identifier: 79:C4:92:7A:CA:91:32:0E:8F:BD:B9:B6:49:C6:E7:7A:7A:0B:70:6D
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0190EF218B5B4CF9009A4B2BCD8D5FD8E930
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ecSSesqRMg6Pvbm2ScbnenoLcG0.roa
Signing time: Fri 26 Jul 2024 13:01:11 +0000
ROA not before: Fri 26 Jul 2024 13:01:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205655
IP address blocks: 31.135.6.0/24 maxlen: 24
64.43.65.0/24 maxlen: 24
64.43.74.0/23 maxlen: 23
91.224.40.0/24 maxlen: 24
91.245.90.0/24 maxlen: 24
176.103.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ef:21:8b:5b:4c:f9:00:9a:4b:2b:cd:8d:5f:d8:e9:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jul 26 13:01:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79c4927aca91320e8fbdb9b649c6e77a7a0b706d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e7:39:93:d8:22:e5:c1:c1:22:c9:ae:27:22:
e2:d0:21:b8:b2:e4:f0:95:c7:1d:6d:e9:2c:53:a8:
38:97:50:1f:2d:85:4e:8d:63:17:41:ed:07:c7:55:
57:73:79:51:b4:1a:d4:74:72:8f:f5:e2:bb:a6:dc:
c7:c3:22:79:cc:3e:c8:f8:c8:1c:88:e0:68:c1:e4:
df:f1:3f:39:71:3b:8b:f4:33:b4:d0:d6:1e:a3:b1:
87:b9:d1:b1:4e:2b:2e:82:cc:10:18:06:a5:ae:a7:
00:62:1c:7a:47:0e:71:09:ed:70:73:73:dc:8a:d4:
16:40:17:80:cb:16:22:6d:89:9d:c4:0b:7e:5a:f2:
06:c0:b1:61:62:a3:f8:9f:33:2b:31:15:d2:fc:56:
38:23:c2:0f:03:fd:10:8e:3a:75:dc:dc:d3:c3:9c:
4f:c2:35:ef:2f:5b:f5:c4:2c:9a:d5:b1:6a:06:fc:
f5:38:cb:ac:21:63:5c:79:5a:58:77:04:58:af:44:
78:fa:b6:d6:10:20:b3:9f:1a:b1:e9:4e:29:d1:65:
70:0a:bf:bc:47:5e:17:37:13:a8:82:89:cf:0e:d4:
d2:59:62:e7:b7:c7:5c:d6:3e:91:69:82:57:18:c0:
f6:8f:7f:40:24:64:53:f7:f3:34:c6:b0:57:24:80:
ff:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:C4:92:7A:CA:91:32:0E:8F:BD:B9:B6:49:C6:E7:7A:7A:0B:70:6D
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ecSSesqRMg6Pvbm2ScbnenoLcG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.6.0/24
64.43.65.0/24
64.43.74.0/23
91.224.40.0/24
91.245.90.0/24
176.103.120.0/24
Signature Algorithm: sha256WithRSAEncryption
91:e4:b8:8a:73:34:bf:7c:b2:7b:e5:21:90:80:9c:3f:22:9a:
da:b0:0b:fd:bb:8f:23:02:39:aa:51:2c:ed:63:1c:bf:db:c2:
43:c9:2e:c2:87:29:ab:e3:34:9b:0d:f6:e8:8c:f1:5a:99:87:
06:69:d8:5c:a8:2f:ec:ba:99:0f:c7:0e:92:65:84:18:18:27:
95:93:f6:37:5f:e4:f2:55:25:42:ce:a1:bc:56:c1:ed:1f:9b:
14:d8:14:b5:b7:44:57:99:60:05:d0:eb:14:d1:a0:41:ee:10:
3a:39:5f:c2:09:39:ba:81:8e:20:ba:e1:6f:e9:53:b7:25:45:
ba:fd:bc:35:5c:7b:11:cd:d0:a8:43:65:5e:28:08:71:3e:6e:
07:e8:0a:71:23:e6:a2:1e:d0:ec:da:f3:e9:64:4b:86:8d:7e:
b4:60:5d:ad:f7:d4:6e:1f:16:58:98:14:81:2c:81:0c:c6:ff:
64:0a:6d:3f:92:74:ad:34:1c:c2:95:83:a1:63:eb:72:48:29:
5b:97:6a:1f:30:f0:50:4b:61:dc:6c:de:73:b6:68:bd:46:db:
a8:fc:73:25:f7:e3:30:3b:a8:0b:57:74:6a:b7:8b:91:de:4c:
9e:e6:3f:94:cb:c7:b8:24:13:cc:d4:86:3c:6d:b7:57:67:62:
f7:ef:9e:9e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZDvIYtbTPkAmksrzY1f2OkwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwNzI2MTMwMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWM0OTI3YWNhOTEzMjBlOGZiZGI5YjY0OWM2ZTc3YTdhMGI3MDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+c5k9gi5cHBIsmuJyLi0CG4suTw
lccdbeksU6g4l1AfLYVOjWMXQe0Hx1VXc3lRtBrUdHKP9eK7ptzHwyJ5zD7I+Mgc
iOBoweTf8T85cTuL9DO00NYeo7GHudGxTisugswQGAalrqcAYhx6Rw5xCe1wc3Pc
itQWQBeAyxYibYmdxAt+WvIGwLFhYqP4nzMrMRXS/FY4I8IPA/0Qjjp13NzTw5xP
wjXvL1v1xCya1bFqBvz1OMusIWNceVpYdwRYr0R4+rbWECCznxqx6U4p0WVwCr+8
R14XNxOogonPDtTSWWLnt8dc1j6RaYJXGMD2j39AJGRT9/M0xrBXJID/4QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHnEknrKkTIOj725tknG53p6C3BtMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvZWNTU2VzcVJNZzZQdmJtMlNjYm5lbm9MY0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAH4cGAwQA
QCtBAwQBQCtKAwQAW+AoAwQAW/VaAwQAsGd4MA0GCSqGSIb3DQEBCwUAA4IBAQCR
5LiKczS/fLJ75SGQgJw/IprasAv9u48jAjmqUSztYxy/28JDyS7Chymr4zSbDfbo
jPFamYcGadhcqC/supkPxw6SZYQYGCeVk/Y3X+TyVSVCzqG8VsHtH5sU2BS1t0RX
mWAF0OsU0aBB7hA6OV/CCTm6gY4guuFv6VO3JUW6/bw1XHsRzdCoQ2VeKAhxPm4H
6ApxI+aiHtDs2vPpZEuGjX60YF2t99RuHxZYmBSBLIEMxv9kCm0/knStNBzClYOh
Y+tySClbl2ofMPBQS2HcbN5ztmi9Rtuo/HMl9+MwO6gLV3Rqt4uR3kye5j+Uy8e4
JBPM1IY8bbdXZ2L3756e
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:26:37 2024 by rpki-client on console-ams.rpki-client.org