Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/42217e-ead0-46be-8ad0-05f90ad24f3e/1/rv4xmT5dUec0qDUAUanuU-EYqTA.roa
File: rv4xmT5dUec0qDUAUanuU-EYqTA.roa (raw, json)
Hash identifier: DmLc7BC7LEBj2BSSt37CkZ4C9vtfPBXU41PBQPNJSMQ=
Subject key identifier: AE:FE:31:99:3E:5D:51:E7:34:A8:35:00:51:A9:EE:53:E1:18:A9:30
Certificate issuer: /CN=e97592f1eb41d6c893cd0dd72b63fc34ee553533
Certificate serial: 019368BD80B6C756F816D181BC4F54BF9A55
Authority key identifier: E9:75:92:F1:EB:41:D6:C8:93:CD:0D:D7:2B:63:FC:34:EE:55:35:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XWS8etB1siTzQ3XK2P8NO5VNTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/42217e-ead0-46be-8ad0-05f90ad24f3e/1/rv4xmT5dUec0qDUAUanuU-EYqTA.roa
Signing time: Tue 26 Nov 2024 13:51:09 +0000
ROA not before: Tue 26 Nov 2024 13:51:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16083
IP address blocks: 81.16.208.0/22 maxlen: 22
81.16.208.0/23 maxlen: 23
91.106.112.0/21 maxlen: 24
178.209.192.0/19 maxlen: 24
217.73.192.0/20 maxlen: 24
217.73.198.0/24 maxlen: 24
2a00:eb9::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/42217e-ead0-46be-8ad0-05f90ad24f3e/1/6XWS8etB1siTzQ3XK2P8NO5VNTM.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/42217e-ead0-46be-8ad0-05f90ad24f3e/1/6XWS8etB1siTzQ3XK2P8NO5VNTM.mft
rsync://rpki.ripe.net/repository/DEFAULT/6XWS8etB1siTzQ3XK2P8NO5VNTM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:bd:80:b6:c7:56:f8:16:d1:81:bc:4f:54:bf:9a:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e97592f1eb41d6c893cd0dd72b63fc34ee553533
Validity
Not Before: Nov 26 13:51:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aefe31993e5d51e734a8350051a9ee53e118a930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f2:1e:0e:fb:0b:44:93:0a:81:ee:c7:89:36:
4c:fe:4f:9f:b9:c3:63:77:39:6d:27:b9:0c:51:d2:
75:cc:9c:02:bb:96:b4:6c:66:53:7f:44:07:20:64:
d2:9c:1d:7c:71:a4:ff:e3:b5:8d:5d:82:15:77:81:
33:1c:d7:a0:09:21:59:1c:23:3e:37:3f:74:24:90:
e1:b8:3b:07:39:08:33:4b:2e:bf:c7:31:27:52:4c:
9c:33:c6:92:9b:4c:4e:31:e7:d7:fc:44:82:6c:03:
10:f9:29:cf:b7:37:f6:3a:9b:9a:60:71:2b:01:9f:
33:b3:7a:e5:5a:f0:ce:78:78:a8:cb:0c:b6:41:b4:
8f:a0:66:3f:6a:9f:46:ee:b7:c3:8b:ac:29:5d:d2:
96:92:16:b8:d5:31:d6:af:1e:ec:52:08:74:d4:ca:
16:24:42:89:1e:3e:35:e4:64:e6:57:3d:58:18:11:
33:aa:23:bb:fb:66:11:19:3e:53:9e:71:ef:38:7c:
9c:81:44:62:0d:82:b5:29:20:5a:8c:bf:d5:07:01:
ad:c2:ca:71:d7:31:14:97:83:90:ab:2e:e4:a4:34:
66:e3:ac:03:0a:e7:a3:59:a9:2e:62:5b:f3:ed:ac:
54:b7:0d:fe:de:b4:81:12:6a:25:7a:49:c0:a7:b7:
a1:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:FE:31:99:3E:5D:51:E7:34:A8:35:00:51:A9:EE:53:E1:18:A9:30
X509v3 Authority Key Identifier:
keyid:E9:75:92:F1:EB:41:D6:C8:93:CD:0D:D7:2B:63:FC:34:EE:55:35:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XWS8etB1siTzQ3XK2P8NO5VNTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/42217e-ead0-46be-8ad0-05f90ad24f3e/1/rv4xmT5dUec0qDUAUanuU-EYqTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/42217e-ead0-46be-8ad0-05f90ad24f3e/1/6XWS8etB1siTzQ3XK2P8NO5VNTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.16.208.0/22
91.106.112.0/21
178.209.192.0/19
217.73.192.0/20
IPv6:
2a00:eb9::/32
Signature Algorithm: sha256WithRSAEncryption
48:23:29:9b:e7:fb:c9:50:10:e3:ff:c1:dd:69:69:8e:50:a1:
c1:35:1c:00:1a:06:a6:9a:7d:b4:56:4c:61:e1:8b:52:46:cb:
01:1e:96:00:8a:cb:fc:35:4c:83:c1:6c:ba:7a:41:d4:67:61:
a7:cf:0a:63:9e:11:c4:43:45:4c:17:dc:e8:af:a3:b4:b4:69:
ba:e8:9c:a7:d4:e5:cb:ba:ea:96:c8:56:71:60:04:3b:95:33:
2a:73:37:a5:6f:ac:ef:79:1c:d4:45:1f:23:b7:1d:b1:4d:81:
d0:5d:06:2b:f2:62:ea:5c:5f:ed:2b:8d:16:a4:3e:b1:e2:eb:
df:9f:5d:00:f1:82:c4:01:a2:8c:9b:47:27:6e:72:40:22:dc:
90:96:01:0e:a5:22:7a:24:88:71:70:27:6e:89:e1:75:14:a8:
bf:fa:ef:63:c1:b9:d4:01:1d:cf:a2:c0:59:99:31:ab:9f:26:
fc:55:62:27:f1:d3:54:05:59:24:22:26:a1:13:64:52:56:40:
73:00:87:3e:b0:70:a8:e7:11:91:0d:15:df:1c:03:c1:21:6f:
d4:c5:af:11:75:55:f6:92:c8:35:d8:a7:e9:23:9c:d0:1e:e6:
5d:7d:e3:25:e6:f0:54:4d:d0:df:d7:5f:98:32:73:ec:79:5d:
5a:e8:f7:70
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZNovYC2x1b4FtGBvE9Uv5pVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzU5MmYxZWI0MWQ2Yzg5M2NkMGRkNzJiNjNmYzM0ZWU1
NTM1MzMwHhcNMjQxMTI2MTM1MTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWZlMzE5OTNlNWQ1MWU3MzRhODM1MDA1MWE5ZWU1M2UxMThhOTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfIeDvsLRJMKge7HiTZM/k+fucNj
dzltJ7kMUdJ1zJwCu5a0bGZTf0QHIGTSnB18caT/47WNXYIVd4EzHNegCSFZHCM+
Nz90JJDhuDsHOQgzSy6/xzEnUkycM8aSm0xOMefX/ESCbAMQ+SnPtzf2OpuaYHEr
AZ8zs3rlWvDOeHioywy2QbSPoGY/ap9G7rfDi6wpXdKWkha41THWrx7sUgh01MoW
JEKJHj415GTmVz1YGBEzqiO7+2YRGT5TnnHvOHycgURiDYK1KSBajL/VBwGtwspx
1zEUl4OQqy7kpDRm46wDCuejWakuYlvz7axUtw3+3rSBEmoleknAp7ehRQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFK7+MZk+XVHnNKg1AFGp7lPhGKkwMB8GA1UdIwQY
MBaAFOl1kvHrQdbIk80N1ytj/DTuVTUzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhXUzhldEIxc2lUelEzWEsyUDhOTzVWTlRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80MjIxN2UtZWFkMC00NmJlLThhZDAt
MDVmOTBhZDI0ZjNlLzEvcnY0eG1UNWRVZWMwcURVQVVhbnVVLUVZcVRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80MjIxN2UtZWFkMC00NmJlLThhZDAtMDVmOTBhZDI0ZjNl
LzEvNlhXUzhldEIxc2lUelEzWEsyUDhOTzVWTlRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCURDQAwQD
W2pwAwQFstHAAwQE2UnAMA0EAgACMAcDBQAqAA65MA0GCSqGSIb3DQEBCwUAA4IB
AQBIIymb5/vJUBDj/8HdaWmOUKHBNRwAGgammn20Vkxh4YtSRssBHpYAisv8NUyD
wWy6ekHUZ2GnzwpjnhHEQ0VMF9zor6O0tGm66Jyn1OXLuuqWyFZxYAQ7lTMqczel
b6zveRzURR8jtx2xTYHQXQYr8mLqXF/tK40WpD6x4uvfn10A8YLEAaKMm0cnbnJA
ItyQlgEOpSJ6JIhxcCduieF1FKi/+u9jwbnUAR3PosBZmTGrnyb8VWIn8dNUBVkk
IiahE2RSVkBzAIc+sHCo5xGRDRXfHAPBIW/Uxa8RdVX2ksg12KfpI5zQHuZdfeMl
5vBUTdDf11+YMnPseV1a6Pdw
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:39:12 2024 by rpki-client on console-fra.rpki-client.org