Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/g-K66rj21wzF0waWDwtG511phW4.roa
File: g-K66rj21wzF0waWDwtG511phW4.roa (raw, json)
Hash identifier: NQxRQOCv6hoCM6HJn6a6qJhblPT2EYtOR0ecGFTGSZs=
Subject key identifier: 83:E2:BA:EA:B8:F6:D7:0C:C5:D3:06:96:0F:0B:46:E7:5D:69:85:6E
Certificate issuer: /CN=321ec4626ecde25335aff088b04c71395ae6bc24
Certificate serial: 018CC2DAC7AA1ED812E6F022F0071BA3AC30
Authority key identifier: 32:1E:C4:62:6E:CD:E2:53:35:AF:F0:88:B0:4C:71:39:5A:E6:BC:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/g-K66rj21wzF0waWDwtG511phW4.roa
Signing time: Mon 01 Jan 2024 02:29:27 +0000
ROA not before: Mon 01 Jan 2024 02:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62217
IP address blocks: 91.220.127.0/24 maxlen: 24
91.216.93.0/24 maxlen: 24
185.43.108.0/22 maxlen: 24
91.212.182.0/24 maxlen: 24
91.227.220.0/22 maxlen: 22
194.0.252.0/24 maxlen: 24
2a01:6c62::/32 maxlen: 32
2a01:6c61::/32 maxlen: 32
2a01:6c63::/32 maxlen: 32
2a01:6c60::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 04:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c7:aa:1e:d8:12:e6:f0:22:f0:07:1b:a3:ac:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=321ec4626ecde25335aff088b04c71395ae6bc24
Validity
Not Before: Jan 1 02:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83e2baeab8f6d70cc5d306960f0b46e75d69856e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:55:9a:d7:39:92:67:b6:20:81:de:d6:3c:ea:
2e:4e:c8:c1:b9:73:81:48:af:ec:5d:f2:a7:04:be:
05:b8:0d:a1:d5:69:57:34:12:02:5e:89:d2:b0:f7:
33:d5:91:78:f8:c1:89:e2:35:14:92:6b:50:8e:e2:
2f:26:be:d0:83:28:b7:6d:32:0f:3d:5e:b7:78:7f:
b8:49:0c:df:a4:89:ba:f6:b3:43:c7:7a:18:f4:cc:
d3:95:55:97:c1:72:f4:62:c9:a9:46:7d:0d:33:9b:
f6:99:0e:13:26:a4:47:c6:86:d1:8e:bf:80:c5:68:
34:50:2b:11:43:b1:0d:63:2b:ec:a5:1e:d6:fc:20:
c0:9f:5f:95:ec:a4:1a:9d:90:03:11:65:b8:04:45:
9f:ec:14:dd:8a:53:a5:51:98:ad:3e:3a:3f:71:73:
b6:12:a9:e8:de:d6:a6:58:a8:a3:d4:ca:18:e6:b5:
f2:18:1c:4b:e4:ad:48:0d:4d:5b:61:7c:76:c3:c9:
c5:2f:6e:05:c6:3f:09:14:ba:97:d2:f4:e0:f4:17:
de:9a:3c:c2:ac:70:61:32:db:81:0e:98:b6:05:fc:
79:01:36:23:77:92:d9:5c:2a:04:d3:ec:ae:98:49:
bc:3e:24:0e:58:52:bc:a8:ad:c8:89:55:b8:56:f8:
6d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:E2:BA:EA:B8:F6:D7:0C:C5:D3:06:96:0F:0B:46:E7:5D:69:85:6E
X509v3 Authority Key Identifier:
keyid:32:1E:C4:62:6E:CD:E2:53:35:AF:F0:88:B0:4C:71:39:5A:E6:BC:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/g-K66rj21wzF0waWDwtG511phW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.182.0/24
91.216.93.0/24
91.220.127.0/24
91.227.220.0/22
185.43.108.0/22
194.0.252.0/24
IPv6:
2a01:6c60::/30
Signature Algorithm: sha256WithRSAEncryption
83:81:9d:d4:31:f0:f2:5c:91:ce:93:56:93:39:fb:0d:16:e2:
e8:a6:96:82:fa:3f:54:e4:14:cb:77:16:d9:ee:f7:5c:a4:e3:
cf:fb:2a:b1:b9:ea:26:7e:c4:15:36:18:28:8a:ed:7a:16:15:
de:9b:b5:d7:ea:98:2a:66:d1:a1:20:55:56:ce:cd:09:5f:75:
34:45:78:b7:dd:e0:97:b6:b3:2d:d8:e0:5b:a7:2f:5b:4d:b2:
22:6c:19:d9:2c:ea:cc:74:76:72:ae:39:d9:4a:42:a9:c0:7d:
89:4c:75:10:1d:eb:51:24:4b:4a:59:5a:54:3e:61:e1:3f:03:
41:cd:d8:d9:31:0c:e5:21:7b:1f:00:19:10:43:f7:ab:b8:e5:
8b:bd:cc:40:05:2e:5b:9b:8d:9e:f0:de:09:f8:50:5f:ee:17:
a2:ca:a9:f7:2c:3b:a1:f5:47:48:20:8c:d1:89:06:57:dd:9d:
90:8e:1a:79:5e:bd:db:bd:0f:4a:74:b1:5f:94:90:9a:81:82:
d4:3a:8c:62:de:ec:33:37:88:64:10:1e:01:65:20:08:e4:87:
0d:6e:e3:e6:b7:54:b8:67:11:a9:fb:d6:f3:24:dc:9e:96:39:
1b:86:00:d8:1f:77:17:32:20:0c:30:23:1f:88:cf:ef:78:03:
c9:ce:57:96
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzC2seqHtgS5vAi8Acbo6wwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMWVjNDYyNmVjZGUyNTMzNWFmZjA4OGIwNGM3MTM5NWFl
NmJjMjQwHhcNMjQwMTAxMDIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2UyYmFlYWI4ZjZkNzBjYzVkMzA2OTYwZjBiNDZlNzVkNjk4NTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1Wa1zmSZ7Yggd7WPOouTsjBuXOB
SK/sXfKnBL4FuA2h1WlXNBICXonSsPcz1ZF4+MGJ4jUUkmtQjuIvJr7Qgyi3bTIP
PV63eH+4SQzfpIm69rNDx3oY9MzTlVWXwXL0YsmpRn0NM5v2mQ4TJqRHxobRjr+A
xWg0UCsRQ7ENYyvspR7W/CDAn1+V7KQanZADEWW4BEWf7BTdilOlUZitPjo/cXO2
Eqno3tamWKij1MoY5rXyGBxL5K1IDU1bYXx2w8nFL24Fxj8JFLqX0vTg9BfemjzC
rHBhMtuBDpi2Bfx5ATYjd5LZXCoE0+yumEm8PiQOWFK8qK3IiVW4VvhtxwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFIPiuuq49tcMxdMGlg8LRuddaYVuMB8GA1UdIwQY
MBaAFDIexGJuzeJTNa/wiLBMcTla5rwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWg3RVltN040bE0xcl9DSXNFeHhPVnJtdkNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84ZTA4YjMtNDg3Yy00ODVhLTk0Nzkt
YjA4NGM3Mzg2MWI4LzEvZy1LNjZyajIxd3pGMHdhV0R3dEc1MTFwaFc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84ZTA4YjMtNDg3Yy00ODVhLTk0NzktYjA4NGM3Mzg2MWI4
LzEvTWg3RVltN040bE0xcl9DSXNFeHhPVnJtdkNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAW9S2AwQA
W9hdAwQAW9x/AwQCW+PcAwQCuStsAwQAwgD8MA0EAgACMAcDBQIqAWxgMA0GCSqG
SIb3DQEBCwUAA4IBAQCDgZ3UMfDyXJHOk1aTOfsNFuLoppaC+j9U5BTLdxbZ7vdc
pOPP+yqxueomfsQVNhgoiu16FhXem7XX6pgqZtGhIFVWzs0JX3U0RXi33eCXtrMt
2OBbpy9bTbIibBnZLOrMdHZyrjnZSkKpwH2JTHUQHetRJEtKWVpUPmHhPwNBzdjZ
MQzlIXsfABkQQ/eruOWLvcxABS5bm42e8N4J+FBf7heiyqn3LDuh9UdIIIzRiQZX
3Z2Qjhp5Xr3bvQ9KdLFflJCagYLUOoxi3uwzN4hkEB4BZSAI5IcNbuPmt1S4ZxGp
+9bzJNyeljkbhgDYH3cXMiAMMCMfiM/veAPJzleW
-----END CERTIFICATE-----
Generated at Tue May 28 13:39:55 2024 by rpki-client on console-fra.rpki-client.org