Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/1aa951-6c48-493d-ad89-58b9b0c2440b/1/m1tiI43_unbG2QsfSGPeJu6S73Q.roa
File: m1tiI43_unbG2QsfSGPeJu6S73Q.roa (raw, json)
Hash identifier: JhYuuYSh3T1crUPQyMGhk5g1fxhDca2dphRp96pJ1uk=
Subject key identifier: 9B:5B:62:23:8D:FF:BA:76:C6:D9:0B:1F:48:63:DE:26:EE:92:EF:74
Certificate issuer: /CN=3b305f97a26f31d8006059fb3ab19eacfb783455
Certificate serial: 018CC3B67577662AEC8DC28F05E9777F410A
Authority key identifier: 3B:30:5F:97:A2:6F:31:D8:00:60:59:FB:3A:B1:9E:AC:FB:78:34:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OzBfl6JvMdgAYFn7OrGerPt4NFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/1aa951-6c48-493d-ad89-58b9b0c2440b/1/m1tiI43_unbG2QsfSGPeJu6S73Q.roa
Signing time: Mon 01 Jan 2024 06:29:23 +0000
ROA not before: Mon 01 Jan 2024 06:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44941
IP address blocks: 195.82.135.0/24 maxlen: 24
195.82.134.0/24 maxlen: 24
91.202.253.0/24 maxlen: 24
91.202.252.0/24 maxlen: 24
91.202.255.0/24 maxlen: 24
91.202.254.0/24 maxlen: 24
91.211.143.0/24 maxlen: 24
91.211.142.0/24 maxlen: 24
91.211.141.0/24 maxlen: 24
91.211.140.0/24 maxlen: 24
83.142.11.0/24 maxlen: 24
83.142.10.0/24 maxlen: 24
83.142.9.0/24 maxlen: 24
83.142.8.0/24 maxlen: 24
83.142.15.0/24 maxlen: 24
83.142.14.0/24 maxlen: 24
83.142.13.0/24 maxlen: 24
83.142.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/1aa951-6c48-493d-ad89-58b9b0c2440b/1/OzBfl6JvMdgAYFn7OrGerPt4NFU.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/1aa951-6c48-493d-ad89-58b9b0c2440b/1/OzBfl6JvMdgAYFn7OrGerPt4NFU.mft
rsync://rpki.ripe.net/repository/DEFAULT/OzBfl6JvMdgAYFn7OrGerPt4NFU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:75:77:66:2a:ec:8d:c2:8f:05:e9:77:7f:41:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b305f97a26f31d8006059fb3ab19eacfb783455
Validity
Not Before: Jan 1 06:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b5b62238dffba76c6d90b1f4863de26ee92ef74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9d:7a:af:cd:40:46:e4:c1:04:60:0e:43:9c:
94:0f:ec:8a:98:e9:40:9b:fc:73:83:84:83:3a:6f:
62:69:73:f1:e3:13:08:75:2b:60:1a:67:5e:14:bb:
df:b4:2c:85:c0:88:9d:db:87:81:b4:bb:29:f4:7a:
f9:83:c4:85:9e:db:21:05:0f:c7:6a:d1:6f:0d:e2:
eb:04:2f:e8:96:68:91:8b:08:59:9e:7c:99:17:95:
89:fe:f4:d7:0e:31:15:f9:38:fc:37:10:12:30:92:
52:a3:8e:c0:79:e5:70:fa:8d:25:a4:11:29:9a:ea:
74:7d:87:88:c1:b6:f5:fb:c5:42:0b:22:31:fd:fc:
bb:e4:07:d8:9f:bd:06:0f:da:f8:dd:60:8d:b5:c8:
fc:27:a1:d3:65:81:aa:25:2a:3f:1b:cd:2a:02:52:
08:77:19:9b:29:70:a3:dc:b8:da:5e:66:08:a6:ac:
c0:63:3b:2f:9a:30:9d:94:0d:1b:b8:53:d0:d1:a9:
74:19:47:fb:8b:bc:ec:a1:1b:a4:ba:fc:6d:55:7a:
e8:58:79:43:45:a1:0c:8b:78:95:77:ec:28:0d:0e:
4c:da:97:cf:b1:b3:65:ce:6a:4b:61:95:10:90:d1:
93:0f:05:ac:19:6b:28:ac:8b:13:47:71:d5:ea:31:
97:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:5B:62:23:8D:FF:BA:76:C6:D9:0B:1F:48:63:DE:26:EE:92:EF:74
X509v3 Authority Key Identifier:
keyid:3B:30:5F:97:A2:6F:31:D8:00:60:59:FB:3A:B1:9E:AC:FB:78:34:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OzBfl6JvMdgAYFn7OrGerPt4NFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/1aa951-6c48-493d-ad89-58b9b0c2440b/1/m1tiI43_unbG2QsfSGPeJu6S73Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/1aa951-6c48-493d-ad89-58b9b0c2440b/1/OzBfl6JvMdgAYFn7OrGerPt4NFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.142.8.0/21
91.202.252.0/22
91.211.140.0/22
195.82.134.0/23
Signature Algorithm: sha256WithRSAEncryption
b0:a9:02:51:cb:34:29:64:a9:a0:2c:ca:5a:6b:e0:27:db:ca:
b5:9c:f7:dd:54:63:9e:55:f1:61:dc:df:29:fd:d4:3a:d2:75:
17:29:af:1e:59:34:cf:c9:7a:8f:1f:bf:74:8c:02:ff:d5:48:
99:b8:85:2e:94:61:0e:a2:8e:b7:a6:94:1b:8a:be:d2:9d:b1:
a1:7c:66:2c:aa:ad:f9:70:32:fb:57:35:99:6a:e8:41:93:1f:
a9:b8:d6:c3:46:fb:fb:29:f9:77:df:be:9e:db:e3:bb:e6:1b:
1e:20:f8:bb:87:b4:7f:9e:8d:9a:45:bc:90:e9:66:4d:6c:cf:
d1:72:27:a4:14:9e:45:d2:50:85:4b:ec:0d:ea:53:91:2e:5e:
99:98:16:8f:34:45:1c:7b:4e:25:e6:7a:69:a0:c9:33:8b:2c:
25:7d:e0:bc:c3:e4:cb:ac:b8:f8:38:9d:3a:e0:5a:6f:31:15:
b7:a6:6c:ff:77:df:de:fd:32:4a:ce:a5:e5:85:70:c7:25:1d:
27:4a:3d:ef:82:b4:25:02:a0:2d:1c:95:21:93:6f:ef:6f:3d:
1a:95:cb:38:6a:17:a8:bd:03:22:04:34:47:4b:c9:12:1f:5e:
0d:0f:5b:e9:e9:70:a2:f8:ce:a9:8f:6e:05:b9:aa:de:e3:06:
b1:b9:ad:88
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDtnV3ZirsjcKPBel3f0EKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMzA1Zjk3YTI2ZjMxZDgwMDYwNTlmYjNhYjE5ZWFjZmI3
ODM0NTUwHhcNMjQwMTAxMDYyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjViNjIyMzhkZmZiYTc2YzZkOTBiMWY0ODYzZGUyNmVlOTJlZjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJ16r81ARuTBBGAOQ5yUD+yKmOlA
m/xzg4SDOm9iaXPx4xMIdStgGmdeFLvftCyFwIid24eBtLsp9Hr5g8SFntshBQ/H
atFvDeLrBC/olmiRiwhZnnyZF5WJ/vTXDjEV+Tj8NxASMJJSo47AeeVw+o0lpBEp
mup0fYeIwbb1+8VCCyIx/fy75AfYn70GD9r43WCNtcj8J6HTZYGqJSo/G80qAlII
dxmbKXCj3LjaXmYIpqzAYzsvmjCdlA0buFPQ0al0GUf7i7zsoRukuvxtVXroWHlD
RaEMi3iVd+woDQ5M2pfPsbNlzmpLYZUQkNGTDwWsGWsorIsTR3HV6jGXPwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJtbYiON/7p2xtkLH0hj3ibuku90MB8GA1UdIwQY
MBaAFDswX5eibzHYAGBZ+zqxnqz7eDRVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3pCZmw2SnZNZGdBWUZuN09yR2VyUHQ0TkZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8xYWE5NTEtNmM0OC00OTNkLWFkODkt
NThiOWIwYzI0NDBiLzEvbTF0aUk0M191bmJHMlFzZlNHUGVKdTZTNzNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8xYWE5NTEtNmM0OC00OTNkLWFkODktNThiOWIwYzI0NDBi
LzEvT3pCZmw2SnZNZGdBWUZuN09yR2VyUHQ0TkZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDU44IAwQC
W8r8AwQCW9OMAwQBw1KGMA0GCSqGSIb3DQEBCwUAA4IBAQCwqQJRyzQpZKmgLMpa
a+An28q1nPfdVGOeVfFh3N8p/dQ60nUXKa8eWTTPyXqPH790jAL/1UiZuIUulGEO
oo63ppQbir7SnbGhfGYsqq35cDL7VzWZauhBkx+puNbDRvv7Kfl3376e2+O75hse
IPi7h7R/no2aRbyQ6WZNbM/RciekFJ5F0lCFS+wN6lORLl6ZmBaPNEUce04l5npp
oMkziywlfeC8w+TLrLj4OJ064FpvMRW3pmz/d9/e/TJKzqXlhXDHJR0nSj3vgrQl
AqAtHJUhk2/vbz0alcs4aheovQMiBDRHS8kSH14ND1vp6XCi+M6pj24Fuare4wax
ua2I
-----END CERTIFICATE-----
Generated at Sat Sep 28 18:39:39 2024 by rpki-client on console-fra.rpki-client.org