Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/1a43f0-c027-4fdc-8515-45f496f2fe75/1/lOnrFGBwQHaaV2iKCFVs4tbp1b4.roa
File: lOnrFGBwQHaaV2iKCFVs4tbp1b4.roa (raw, json)
Hash identifier: PmV0HKGlve5P/12K8WHVQ9L0QlNZimfpnWY2JHHKGXY=
Subject key identifier: 94:E9:EB:14:60:70:40:76:9A:57:68:8A:08:55:6C:E2:D6:E9:D5:BE
Certificate issuer: /CN=46eb11af9355da9a2b5df73ecdd7fd0967a4b58c
Certificate serial: 01903092063CBC988AA59BB66BAD69202BCD
Authority key identifier: 46:EB:11:AF:93:55:DA:9A:2B:5D:F7:3E:CD:D7:FD:09:67:A4:B5:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RusRr5NV2porXfc-zdf9CWektYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/1a43f0-c027-4fdc-8515-45f496f2fe75/1/lOnrFGBwQHaaV2iKCFVs4tbp1b4.roa
Signing time: Wed 19 Jun 2024 12:56:34 +0000
ROA not before: Wed 19 Jun 2024 12:56:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16019
IP address blocks: 91.220.122.0/24 maxlen: 24
185.99.176.0/22 maxlen: 22
185.241.220.0/22 maxlen: 32
2a00:8e80::/29 maxlen: 29
2a0c:b180::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/1a43f0-c027-4fdc-8515-45f496f2fe75/1/RusRr5NV2porXfc-zdf9CWektYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/1a43f0-c027-4fdc-8515-45f496f2fe75/1/RusRr5NV2porXfc-zdf9CWektYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/RusRr5NV2porXfc-zdf9CWektYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:30:92:06:3c:bc:98:8a:a5:9b:b6:6b:ad:69:20:2b:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46eb11af9355da9a2b5df73ecdd7fd0967a4b58c
Validity
Not Before: Jun 19 12:56:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94e9eb14607040769a57688a08556ce2d6e9d5be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3f:87:0e:ef:65:bf:a0:33:9f:43:48:92:ba:
5d:86:e5:82:98:1a:13:da:f1:91:83:3b:ec:95:0e:
98:1d:cb:40:30:e2:34:e8:75:cb:28:a6:fe:10:73:
5c:47:ed:88:4d:c5:61:75:91:f9:54:f5:ff:2c:6d:
2b:75:ee:6a:17:ca:4e:b1:dc:b6:5f:44:c4:06:aa:
0e:fa:a5:40:5a:ad:92:da:f5:64:f6:36:0e:46:b6:
67:a3:86:b3:03:c4:64:37:b1:a2:d1:e7:b8:68:ac:
5e:ac:5e:eb:8c:cb:31:53:84:19:86:ac:d8:a7:2d:
00:c3:83:75:ac:f7:60:96:38:c1:fe:8d:f7:03:8e:
85:5b:fb:a5:52:4a:e0:4d:51:50:af:a3:ce:69:08:
e2:51:ca:ac:39:55:40:e9:f8:c8:04:7e:71:c5:06:
e4:19:ea:c4:46:6e:32:67:44:7f:ed:cc:0a:8b:fc:
31:f1:02:09:59:49:86:06:18:5e:59:4a:30:e9:42:
01:cb:ce:bd:ea:c8:ee:7a:84:65:8d:f9:6f:65:42:
7a:cd:8a:8d:25:8d:8d:5a:2c:69:3e:b4:e9:ca:0b:
f8:b8:f8:c8:b2:e4:49:9d:30:a7:91:93:57:73:ea:
e6:8d:1f:df:3d:32:a4:b4:ff:f4:16:34:ce:4a:66:
19:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:E9:EB:14:60:70:40:76:9A:57:68:8A:08:55:6C:E2:D6:E9:D5:BE
X509v3 Authority Key Identifier:
keyid:46:EB:11:AF:93:55:DA:9A:2B:5D:F7:3E:CD:D7:FD:09:67:A4:B5:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RusRr5NV2porXfc-zdf9CWektYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/1a43f0-c027-4fdc-8515-45f496f2fe75/1/lOnrFGBwQHaaV2iKCFVs4tbp1b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/1a43f0-c027-4fdc-8515-45f496f2fe75/1/RusRr5NV2porXfc-zdf9CWektYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.122.0/24
185.99.176.0/22
185.241.220.0/22
IPv6:
2a00:8e80::/29
2a0c:b180::/29
Signature Algorithm: sha256WithRSAEncryption
59:ab:25:5a:ab:09:e8:f9:28:0c:76:c3:db:18:52:c4:eb:bd:
b6:ab:ae:ab:39:54:b6:7e:a5:6e:49:18:a1:c9:38:69:f4:04:
ea:49:ab:10:10:29:c9:9b:ea:4a:bd:45:00:f5:6c:e9:80:ce:
c0:46:e6:74:71:51:ca:e5:f1:3e:b7:f5:4a:50:8b:5c:4c:dc:
c5:78:4f:e9:6f:5a:d9:2d:58:de:aa:7e:0f:a5:8c:68:0d:3a:
ab:d9:8c:c4:8a:59:96:bc:e8:8f:ab:7f:cf:d2:0b:6f:f4:73:
aa:42:8b:dd:55:f5:7e:ed:7b:39:72:bb:66:49:7f:53:6c:8b:
f9:0a:cd:ec:f7:9f:a4:96:a8:a2:47:f9:fe:8d:55:bb:41:16:
02:73:09:fc:11:21:aa:41:5d:c7:0d:02:5d:02:eb:e8:cf:82:
ec:cc:9e:df:d7:4c:4e:3f:6b:87:50:70:df:de:d0:1c:73:54:
c0:6b:7c:c9:e5:28:df:ae:d0:bd:ff:74:f4:2a:e0:3c:ed:68:
23:f8:32:8f:a3:00:66:60:fb:41:ed:1f:d7:cc:8d:97:6d:e2:
06:ff:38:f8:50:a3:b7:98:a3:26:22:63:e4:39:87:93:f3:f1:
df:14:70:ec:c8:ad:bb:4f:e1:60:51:9a:59:7d:6e:2b:f4:dc:
93:f7:0c:c5
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZAwkgY8vJiKpZu2a61pICvNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZWIxMWFmOTM1NWRhOWEyYjVkZjczZWNkZDdmZDA5Njdh
NGI1OGMwHhcNMjQwNjE5MTI1NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGU5ZWIxNDYwNzA0MDc2OWE1NzY4OGEwODU1NmNlMmQ2ZTlkNWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzD+HDu9lv6Azn0NIkrpdhuWCmBoT
2vGRgzvslQ6YHctAMOI06HXLKKb+EHNcR+2ITcVhdZH5VPX/LG0rde5qF8pOsdy2
X0TEBqoO+qVAWq2S2vVk9jYORrZno4azA8RkN7Gi0ee4aKxerF7rjMsxU4QZhqzY
py0Aw4N1rPdgljjB/o33A46FW/ulUkrgTVFQr6POaQjiUcqsOVVA6fjIBH5xxQbk
GerERm4yZ0R/7cwKi/wx8QIJWUmGBhheWUow6UIBy8696sjueoRljflvZUJ6zYqN
JY2NWixpPrTpygv4uPjIsuRJnTCnkZNXc+rmjR/fPTKktP/0FjTOSmYZtwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJTp6xRgcEB2mldoighVbOLW6dW+MB8GA1UdIwQY
MBaAFEbrEa+TVdqaK133Ps3X/QlnpLWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnVzUnI1TlYycG9yWGZjLXpkZjlDV2VrdFl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8xYTQzZjAtYzAyNy00ZmRjLTg1MTUt
NDVmNDk2ZjJmZTc1LzEvbE9uckZHQndRSGFhVjJpS0NGVnM0dGJwMWI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8xYTQzZjAtYzAyNy00ZmRjLTg1MTUtNDVmNDk2ZjJmZTc1
LzEvUnVzUnI1TlYycG9yWGZjLXpkZjlDV2VrdFl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQAW9x6AwQC
uWOwAwQCufHcMBQEAgACMA4DBQMqAI6AAwUDKgyxgDANBgkqhkiG9w0BAQsFAAOC
AQEAWaslWqsJ6PkoDHbD2xhSxOu9tquuqzlUtn6lbkkYock4afQE6kmrEBApyZvq
Sr1FAPVs6YDOwEbmdHFRyuXxPrf1SlCLXEzcxXhP6W9a2S1Y3qp+D6WMaA06q9mM
xIpZlrzoj6t/z9ILb/RzqkKL3VX1fu17OXK7Zkl/U2yL+QrN7PefpJaookf5/o1V
u0EWAnMJ/BEhqkFdxw0CXQLr6M+C7Mye39dMTj9rh1Bw397QHHNUwGt8yeUo367Q
vf909CrgPO1oI/gyj6MAZmD7Qe0f18yNl23iBv84+FCjt5ijJiJj5DmHk/Px3xRw
7Mitu0/hYFGaWX1uK/Tck/cMxQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:56:18 2024 by rpki-client on console-fra.rpki-client.org