Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/KqqV_ftnr6XCliyXxFJx8JyjHHg.roa
File: KqqV_ftnr6XCliyXxFJx8JyjHHg.roa (raw, json)
Hash identifier: MJYE0McwYxAfUEQvEuohJtlq8ebWlVJScMunBLskvUM=
Subject key identifier: 2A:AA:95:FD:FB:67:AF:A5:C2:96:2C:97:C4:52:71:F0:9C:A3:1C:78
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018CC8DF3EBB61B4AAF4631036C8860B3C57
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/KqqV_ftnr6XCliyXxFJx8JyjHHg.roa
Signing time: Tue 02 Jan 2024 06:32:02 +0000
ROA not before: Tue 02 Jan 2024 06:32:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211936
IP address blocks: 213.209.136.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 01:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:3e:bb:61:b4:aa:f4:63:10:36:c8:86:0b:3c:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 2 06:32:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2aaa95fdfb67afa5c2962c97c45271f09ca31c78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8d:ae:1e:b6:19:56:bd:06:b1:3e:29:be:cb:
71:07:85:5d:0a:d7:82:09:88:f4:0f:c6:0f:8d:b9:
84:9d:64:db:34:13:e0:47:7f:24:21:06:3a:5a:46:
43:82:6b:9d:88:90:d6:48:1d:48:09:25:f9:92:8c:
58:ec:28:81:ac:c2:c0:7b:65:37:ad:d7:c8:12:43:
80:94:1a:f2:ec:af:ae:b4:5d:6e:c4:0e:07:23:f7:
aa:85:da:78:d4:2d:30:c5:8a:46:94:50:90:31:e9:
9a:33:19:80:28:1a:bf:cc:27:fd:42:cc:76:a7:64:
7a:c1:7b:5e:8d:69:e9:60:68:5e:dc:40:c8:60:c2:
ef:9c:a3:3d:95:70:a5:c7:77:4f:15:38:3d:a1:c3:
91:aa:9b:66:8b:c1:3e:d1:3b:a9:15:b6:83:21:64:
da:ff:6e:b4:13:13:dd:4e:2b:4f:b1:ca:21:e5:c4:
8a:23:03:e6:a0:c9:f8:cb:e8:92:ca:72:03:c7:df:
65:2c:b4:7b:31:d4:c8:60:aa:02:5f:f5:62:b9:ca:
f4:0c:90:7f:24:c9:97:f2:29:6a:06:e2:01:60:58:
65:0a:3c:56:e9:06:9a:7d:9f:df:68:12:39:f1:ef:
74:eb:c0:de:4c:fe:49:e6:e0:66:a4:b8:11:51:42:
dc:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:AA:95:FD:FB:67:AF:A5:C2:96:2C:97:C4:52:71:F0:9C:A3:1C:78
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/KqqV_ftnr6XCliyXxFJx8JyjHHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.156.0/24
77.90.184.0/24
213.209.136.0/24
213.209.149.0/24
213.209.156.0/24
Signature Algorithm: sha256WithRSAEncryption
94:bd:0e:06:c1:4d:2f:e2:5c:80:1d:62:23:34:73:dc:fb:4c:
78:0a:81:a5:15:6e:f7:20:e2:dc:b7:00:78:63:b1:2c:79:c6:
d6:38:a8:57:12:ce:d7:fc:56:11:8b:b5:dd:99:fc:87:f6:11:
5a:3d:04:0b:46:f9:67:d9:ab:f6:1c:fd:ae:fe:1c:f4:a3:c8:
e5:3a:98:af:5f:22:ab:b8:99:50:cf:c8:59:77:f3:aa:f0:55:
06:51:a5:39:e4:56:e2:16:67:51:74:78:ae:f1:65:cc:63:4f:
cf:7d:af:ef:2a:b9:a7:1c:1f:ed:4a:ff:af:08:3e:0e:57:a2:
0f:d0:46:a7:fc:af:bd:a3:d5:7d:41:47:f4:90:f3:a8:68:c8:
4a:1f:a5:cc:34:45:6d:f7:f1:47:47:c8:fb:a9:f7:8d:69:4a:
7d:c8:92:bf:80:4e:23:19:4a:0d:79:6c:9a:ff:41:19:8f:2c:
5e:fe:53:30:6c:53:88:f3:de:33:e0:19:02:67:ce:c4:a1:b8:
22:7f:8e:f6:df:6e:59:f3:b8:a1:1e:86:06:be:25:77:56:86:
7e:63:b0:23:6a:46:4b:7c:e6:aa:ae:0c:4c:52:3b:8b:70:36:
2b:8a:ff:3f:73:28:bc:66:23:aa:28:dd:b2:68:e6:62:9a:9e:
34:d5:3d:b9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzI3z67YbSq9GMQNsiGCzxXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMTAyMDYzMjAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWFhOTVmZGZiNjdhZmE1YzI5NjJjOTdjNDUyNzFmMDljYTMxYzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoo2uHrYZVr0GsT4pvstxB4VdCteC
CYj0D8YPjbmEnWTbNBPgR38kIQY6WkZDgmudiJDWSB1ICSX5koxY7CiBrMLAe2U3
rdfIEkOAlBry7K+utF1uxA4HI/eqhdp41C0wxYpGlFCQMemaMxmAKBq/zCf9Qsx2
p2R6wXtejWnpYGhe3EDIYMLvnKM9lXClx3dPFTg9ocORqptmi8E+0TupFbaDIWTa
/260ExPdTitPscoh5cSKIwPmoMn4y+iSynIDx99lLLR7MdTIYKoCX/Viucr0DJB/
JMmX8ilqBuIBYFhlCjxW6QaafZ/faBI58e9068DeTP5J5uBmpLgRUULchwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCqqlf37Z6+lwpYsl8RScfCcoxx4MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvS3FxVl9mdG5yNlhDbGl5WHhGSng4SnlqSEhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATVqcAwQA
TVq4AwQA1dGIAwQA1dGVAwQA1dGcMA0GCSqGSIb3DQEBCwUAA4IBAQCUvQ4GwU0v
4lyAHWIjNHPc+0x4CoGlFW73IOLctwB4Y7EsecbWOKhXEs7X/FYRi7XdmfyH9hFa
PQQLRvln2av2HP2u/hz0o8jlOpivXyKruJlQz8hZd/Oq8FUGUaU55FbiFmdRdHiu
8WXMY0/Pfa/vKrmnHB/tSv+vCD4OV6IP0Ean/K+9o9V9QUf0kPOoaMhKH6XMNEVt
9/FHR8j7qfeNaUp9yJK/gE4jGUoNeWya/0EZjyxe/lMwbFOI894z4BkCZ87Eobgi
f472325Z87ihHoYGviV3VoZ+Y7AjakZLfOaqrgxMUjuLcDYriv8/cyi8ZiOqKN2y
aOZimp401T25
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:37:38 2024 by rpki-client on console-fra.rpki-client.org