Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/RSf41QZIl-nvdWvZI99qYcf0CZs.roa
File: RSf41QZIl-nvdWvZI99qYcf0CZs.roa (raw, json)
Hash identifier: onXoDr2k+g4LXF9AC5OMHnY+8NGPINU8nKQ0JYj2UfI=
Subject key identifier: 45:27:F8:D5:06:48:97:E9:EF:75:6B:D9:23:DF:6A:61:C7:F4:09:9B
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019091E8D985E7B212A4C143F1757C951F88
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/RSf41QZIl-nvdWvZI99qYcf0CZs.roa
Signing time: Mon 08 Jul 2024 10:34:34 +0000
ROA not before: Mon 08 Jul 2024 10:34:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 79.175.96.0/24 maxlen: 24
109.121.0.0/19 maxlen: 24
109.121.33.0/24 maxlen: 24
109.121.36.0/24 maxlen: 24
109.121.37.0/24 maxlen: 24
109.121.38.0/24 maxlen: 24
109.121.39.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
109.121.42.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
109.121.45.0/24 maxlen: 24
109.121.47.0/24 maxlen: 24
109.233.184.0/24 maxlen: 24
109.233.185.0/24 maxlen: 24
178.253.237.0/24 maxlen: 24
188.255.212.0/24 maxlen: 24
212.69.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:91:e8:d9:85:e7:b2:12:a4:c1:43:f1:75:7c:95:1f:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jul 8 10:34:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4527f8d5064897e9ef756bd923df6a61c7f4099b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ae:4c:b4:a9:2d:d6:a5:06:1e:e4:84:7b:61:
01:56:7c:59:29:5e:9e:74:58:c7:fa:2f:72:2d:71:
d4:db:40:35:e9:5f:5a:0b:d7:a9:af:b5:01:b8:55:
dc:50:6e:1e:12:89:98:a8:d2:d4:21:7c:17:a2:eb:
47:43:16:77:48:1f:9b:74:c0:d2:80:c6:7e:e6:35:
b3:c8:65:5b:9e:9e:2e:98:d6:1c:29:58:b5:95:d2:
44:52:b2:a6:cb:72:c2:b7:aa:9e:91:55:3a:41:7d:
bd:7c:60:1c:0d:21:e6:2d:3b:e4:cb:bd:1b:8c:34:
2b:5a:42:5d:c7:86:e4:ff:c4:7a:9a:8b:01:12:cd:
8e:a9:4f:77:b2:72:36:9e:4a:36:de:f1:04:a6:f1:
d1:e3:fe:64:81:b0:7b:f5:21:f5:ec:38:30:e5:70:
ba:ec:da:0b:a1:2d:d0:87:ac:4f:67:61:ae:85:75:
43:bd:3d:f8:8e:6d:04:6e:3e:8a:c3:8b:43:d4:cf:
a9:6e:3f:67:0b:0b:a7:69:e1:50:70:82:60:85:c3:
96:69:85:17:cd:ee:33:cb:88:7a:57:59:53:6f:58:
07:b6:92:25:53:6f:c5:90:ad:44:43:2c:dd:34:3e:
8c:0d:ee:4f:b4:8f:c8:f2:2f:11:8b:be:11:fd:cf:
67:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:27:F8:D5:06:48:97:E9:EF:75:6B:D9:23:DF:6A:61:C7:F4:09:9B
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/RSf41QZIl-nvdWvZI99qYcf0CZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.175.96.0/24
109.121.0.0/19
109.121.33.0/24
109.121.36.0-109.121.40.255
109.121.42.0/23
109.121.45.0/24
109.121.47.0/24
109.233.184.0/23
178.253.237.0/24
188.255.212.0/24
212.69.11.0/24
Signature Algorithm: sha256WithRSAEncryption
48:ee:8a:86:8d:e9:96:f8:d2:b3:db:d9:40:b7:43:2a:74:91:
d7:d8:04:0c:1e:3c:1f:6e:32:35:4e:71:f3:9f:9b:35:de:16:
33:d8:da:4b:17:2a:a0:48:d6:2b:be:76:d1:06:7b:c8:9d:ee:
58:0b:9f:d5:7d:53:59:e6:85:4b:c1:dc:0c:e0:73:9b:ba:9b:
45:16:54:88:0c:ec:15:fe:15:c9:db:fc:a9:91:f7:91:9e:a9:
42:73:d6:2e:34:62:12:19:ca:95:6e:da:26:2c:b6:a7:a5:d2:
b8:45:c4:53:86:d3:38:e7:48:dd:eb:05:fc:ae:0f:c2:e0:ca:
76:fb:48:df:b8:12:3d:e6:ad:f3:3f:08:62:73:2a:08:10:ef:
3d:ed:27:9f:65:47:ec:bb:73:83:2b:f7:9c:b1:cf:c8:38:50:
41:99:92:94:94:07:9b:5d:20:6e:8b:4c:da:77:ce:35:08:47:
3c:3b:29:1e:12:51:ec:34:35:b2:dd:35:76:82:3e:be:a6:db:
9b:0f:f6:9c:a4:db:e4:d9:6f:9f:1f:ac:ea:dd:44:c2:0e:9c:
8f:7c:f9:98:78:20:52:9a:93:22:57:12:03:5e:89:13:b8:dd:
fc:0a:d0:a0:8f:70:5f:5a:3b:ca:fd:49:ba:5b:ec:3a:99:a5:
9a:3c:30:24
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZCR6NmF57ISpMFD8XV8lR+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwNzA4MTAzNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTI3ZjhkNTA2NDg5N2U5ZWY3NTZiZDkyM2RmNmE2MWM3ZjQwOTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApa5MtKkt1qUGHuSEe2EBVnxZKV6e
dFjH+i9yLXHU20A16V9aC9epr7UBuFXcUG4eEomYqNLUIXwXoutHQxZ3SB+bdMDS
gMZ+5jWzyGVbnp4umNYcKVi1ldJEUrKmy3LCt6qekVU6QX29fGAcDSHmLTvky70b
jDQrWkJdx4bk/8R6mosBEs2OqU93snI2nko23vEEpvHR4/5kgbB79SH17Dgw5XC6
7NoLoS3Qh6xPZ2GuhXVDvT34jm0Ebj6Kw4tD1M+pbj9nCwunaeFQcIJghcOWaYUX
ze4zy4h6V1lTb1gHtpIlU2/FkK1EQyzdND6MDe5PtI/I8i8Ri74R/c9nvQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFEUn+NUGSJfp73Vr2SPfamHH9AmbMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvUlNmNDFRWklsLW52ZFd2Wkk5OXFZY2YwQ1pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAT69gAwQF
bXkAAwQAbXkhMAwDBAJteSQDBABteSgDBAFteSoDBABteS0DBABteS8DBAFt6bgD
BACy/e0DBAC8/9QDBADURQswDQYJKoZIhvcNAQELBQADggEBAEjuioaN6Zb40rPb
2UC3Qyp0kdfYBAwePB9uMjVOcfOfmzXeFjPY2ksXKqBI1iu+dtEGe8id7lgLn9V9
U1nmhUvB3Azgc5u6m0UWVIgM7BX+Fcnb/KmR95GeqUJz1i40YhIZypVu2iYstqel
0rhFxFOG0zjnSN3rBfyuD8Lgynb7SN+4Ej3mrfM/CGJzKggQ7z3tJ59lR+y7c4Mr
95yxz8g4UEGZkpSUB5tdIG6LTNp3zjUIRzw7KR4SUew0NbLdNXaCPr6m25sP9pyk
2+TZb58frOrdRMIOnI98+Zh4IFKakyJXEgNeiRO43fwK0KCPcF9aO8r9Sbpb7DqZ
pZo8MCQ=
-----END CERTIFICATE-----
Generated at Mon Nov 25 01:43:48 2024 by rpki-client on console-fra.rpki-client.org