Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/xm2v6LeYtFWcp4SuC1msDawrIYM.roa
File: xm2v6LeYtFWcp4SuC1msDawrIYM.roa (raw, json)
Hash identifier: V9TL+3ayhugmeU8SdMqatmnEm6wvhZ4hijpq/y+ej/Q=
Subject key identifier: C6:6D:AF:E8:B7:98:B4:55:9C:A7:84:AE:0B:59:AC:0D:AC:2B:21:83
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DEBD9CD267A8076D4F7CD6A44C29AD97E
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/xm2v6LeYtFWcp4SuC1msDawrIYM.roa
Signing time: Tue 27 Feb 2024 18:35:36 +0000
ROA not before: Tue 27 Feb 2024 18:35:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26548
IP address blocks: 91.198.230.0/24 maxlen: 24
91.199.3.0/24 maxlen: 24
193.33.66.0/24 maxlen: 24
193.37.133.0/24 maxlen: 24
193.109.221.0/24 maxlen: 24
193.135.13.0/24 maxlen: 24
193.176.237.0/24 maxlen: 24
193.193.164.0/24 maxlen: 24
194.56.255.0/24 maxlen: 24
194.107.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 00:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:eb:d9:cd:26:7a:80:76:d4:f7:cd:6a:44:c2:9a:d9:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 27 18:35:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c66dafe8b798b4559ca784ae0b59ac0dac2b2183
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7e:56:27:cb:25:44:2b:6e:a9:d7:c2:3b:75:
9d:1c:64:30:25:e2:33:e2:a7:3a:a3:da:39:e8:98:
03:01:b1:f8:02:65:1d:87:21:70:5d:4c:20:27:14:
f4:bc:a4:dc:70:34:0f:33:a9:6e:46:03:21:90:aa:
20:f9:34:84:7f:4f:6c:4c:2f:ca:ab:88:60:ac:ae:
1d:71:e1:2d:6d:8e:95:2d:10:27:a1:a0:cf:6c:62:
4a:f7:f0:31:37:47:79:0f:84:14:ab:2e:50:e9:4b:
41:26:0d:5d:4c:43:fe:b7:4b:ce:f3:eb:59:73:ae:
de:ac:e2:ac:d9:d7:79:fd:57:e3:a1:66:cf:ce:6e:
99:d1:e0:9d:be:a0:8b:03:d3:48:b9:03:48:5e:a6:
6c:4e:4c:64:b3:90:18:ea:74:10:50:b6:80:9b:26:
e3:5c:10:24:f9:05:ac:60:fb:28:3f:bb:a8:04:05:
09:ad:ca:43:71:ee:2e:76:52:da:32:0a:55:d9:65:
17:03:f0:de:58:54:dd:a4:e9:52:b2:fd:6c:d5:43:
f6:10:1f:a4:0e:2e:ed:f2:b3:8e:3f:89:5e:39:93:
39:23:d6:cd:4b:26:b7:b9:2b:83:71:c7:e0:0d:5e:
f3:18:9a:67:4e:79:f8:44:a4:8d:9d:a2:0c:d5:e5:
67:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:6D:AF:E8:B7:98:B4:55:9C:A7:84:AE:0B:59:AC:0D:AC:2B:21:83
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/xm2v6LeYtFWcp4SuC1msDawrIYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.230.0/24
91.199.3.0/24
193.33.66.0/24
193.37.133.0/24
193.109.221.0/24
193.135.13.0/24
193.176.237.0/24
193.193.164.0/24
194.56.255.0/24
194.107.125.0/24
Signature Algorithm: sha256WithRSAEncryption
98:67:b8:06:49:71:c8:79:5d:1e:63:8d:48:7f:ed:5f:93:ca:
a4:e6:2a:e5:54:fd:2f:22:6a:3c:e3:6e:2e:9f:4a:72:2b:d2:
c2:3d:52:16:d8:a9:98:9b:d3:dd:c8:10:cc:6b:70:1e:9f:e1:
8c:ad:60:f5:02:7a:6f:81:ba:c4:23:90:55:20:42:ee:4e:31:
d9:47:ea:c1:b5:24:d5:bd:e2:d0:90:03:eb:50:f3:c0:9d:14:
ef:86:71:09:d7:43:5f:86:9c:28:41:d2:a4:e5:20:9a:df:76:
98:d6:74:1f:79:8a:4f:0b:60:4c:82:1a:5c:79:a7:64:33:21:
93:57:06:da:e2:fb:cc:f4:e4:b5:81:fd:48:d1:ee:fe:a7:c5:
2a:54:67:ad:8d:97:98:fe:75:3c:46:99:db:06:d6:36:b2:2d:
65:6f:64:8b:49:60:1f:61:11:8d:04:11:3c:c3:a9:98:31:61:
f7:a8:ac:25:47:fb:a5:38:5d:cf:e3:78:5c:74:82:8d:08:98:
04:d9:fc:b2:ec:22:f7:1f:aa:5f:07:c3:3b:7b:25:2a:dd:cd:
b4:08:d0:6e:51:70:c0:b7:90:ac:8c:1c:61:04:e3:23:cf:8b:
cf:cd:4b:3c:dd:28:ae:e9:29:71:7e:4e:95:a0:30:37:e6:12:
e8:89:a4:50
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY3r2c0meoB21PfNakTCmtl+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjI3MTgzNTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjZkYWZlOGI3OThiNDU1OWNhNzg0YWUwYjU5YWMwZGFjMmIyMTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnH5WJ8slRCtuqdfCO3WdHGQwJeIz
4qc6o9o56JgDAbH4AmUdhyFwXUwgJxT0vKTccDQPM6luRgMhkKog+TSEf09sTC/K
q4hgrK4dceEtbY6VLRAnoaDPbGJK9/AxN0d5D4QUqy5Q6UtBJg1dTEP+t0vO8+tZ
c67erOKs2dd5/VfjoWbPzm6Z0eCdvqCLA9NIuQNIXqZsTkxks5AY6nQQULaAmybj
XBAk+QWsYPsoP7uoBAUJrcpDce4udlLaMgpV2WUXA/DeWFTdpOlSsv1s1UP2EB+k
Di7t8rOOP4leOZM5I9bNSya3uSuDccfgDV7zGJpnTnn4RKSNnaIM1eVnpQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMZtr+i3mLRVnKeErgtZrA2sKyGDMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEveG0ydjZMZVl0RldjcDRTdUMxbXNEYXdySVlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAW8bmAwQA
W8cDAwQAwSFCAwQAwSWFAwQAwW3dAwQAwYcNAwQAwbDtAwQAwcGkAwQAwjj/AwQA
wmt9MA0GCSqGSIb3DQEBCwUAA4IBAQCYZ7gGSXHIeV0eY41If+1fk8qk5irlVP0v
Imo8424un0pyK9LCPVIW2KmYm9PdyBDMa3Aen+GMrWD1AnpvgbrEI5BVIELuTjHZ
R+rBtSTVveLQkAPrUPPAnRTvhnEJ10NfhpwoQdKk5SCa33aY1nQfeYpPC2BMghpc
eadkMyGTVwba4vvM9OS1gf1I0e7+p8UqVGetjZeY/nU8RpnbBtY2si1lb2SLSWAf
YRGNBBE8w6mYMWH3qKwlR/ulOF3P43hcdIKNCJgE2fyy7CL3H6pfB8M7eyUq3c20
CNBuUXDAt5CsjBxhBOMjz4vPzUs83Siu6Slxfk6VoDA35hLoiaRQ
-----END CERTIFICATE-----
Generated at Sun May 12 03:41:53 2024 by rpki-client on console-ams.rpki-client.org