Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/39b8ad-e653-4ccd-828c-b7eb12998b35/1/i6YnZQMCRaAdUUevKf3lqGfn55I.roa
File: i6YnZQMCRaAdUUevKf3lqGfn55I.roa (raw, json)
Hash identifier: zhIjzuwm8iRPElryed+eRVX1uUzRx4FO2Yk+WYH6hFU=
Subject key identifier: 8B:A6:27:65:03:02:45:A0:1D:51:47:AF:29:FD:E5:A8:67:E7:E7:92
Certificate issuer: /CN=0866af425ab3d39d7337c2b125d39593ad91c1d1
Certificate serial: 018CCA2A6F5AEE1709E54F64F35BABD1EA4E
Authority key identifier: 08:66:AF:42:5A:B3:D3:9D:73:37:C2:B1:25:D3:95:93:AD:91:C1:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CGavQlqz051zN8KxJdOVk62RwdE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/39b8ad-e653-4ccd-828c-b7eb12998b35/1/i6YnZQMCRaAdUUevKf3lqGfn55I.roa
Signing time: Tue 02 Jan 2024 12:33:47 +0000
ROA not before: Tue 02 Jan 2024 12:33:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205344
IP address blocks: 194.148.0.0/22 maxlen: 22
91.239.54.0/24 maxlen: 24
185.219.12.0/22 maxlen: 22
2a0c:bc00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/39b8ad-e653-4ccd-828c-b7eb12998b35/1/CGavQlqz051zN8KxJdOVk62RwdE.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/39b8ad-e653-4ccd-828c-b7eb12998b35/1/CGavQlqz051zN8KxJdOVk62RwdE.mft
rsync://rpki.ripe.net/repository/DEFAULT/CGavQlqz051zN8KxJdOVk62RwdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 19:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:6f:5a:ee:17:09:e5:4f:64:f3:5b:ab:d1:ea:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0866af425ab3d39d7337c2b125d39593ad91c1d1
Validity
Not Before: Jan 2 12:33:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ba62765030245a01d5147af29fde5a867e7e792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e9:c4:85:8e:de:09:81:dd:52:75:a5:e4:e4:
e5:a2:d6:03:5c:2d:97:ff:32:7a:cb:2e:b2:fb:77:
38:89:eb:da:fa:f4:34:5a:fe:39:ea:9a:88:81:e7:
fa:8f:d9:05:e2:9f:4c:8d:c4:15:71:6d:1d:a2:37:
eb:be:9a:c6:c4:29:43:18:ca:55:91:5d:aa:c8:91:
8e:68:ac:a1:c7:66:ad:50:bb:e4:13:30:88:b1:c6:
7b:32:f5:07:c3:62:10:7d:26:88:c7:c9:11:52:cf:
33:b5:40:01:3d:41:a0:fc:32:8a:8c:2d:0c:a8:f2:
69:13:2b:87:0b:01:93:fb:a9:d0:34:0b:c4:fb:f6:
1b:11:af:5d:23:e9:6a:52:36:6a:53:42:77:da:ed:
ce:d6:76:7b:1c:df:7f:32:fd:4b:ac:6c:61:83:73:
f3:43:1a:68:b3:db:6e:8d:3c:3d:d7:83:79:3b:b2:
63:1b:4e:21:96:83:c1:af:16:67:44:9d:70:9a:a7:
f4:f1:5e:fe:21:ea:1d:18:4d:96:5a:a2:9d:1c:bd:
56:84:3f:d3:0f:0d:ea:66:77:9f:5d:80:aa:09:ed:
c3:0d:81:e9:4f:99:e6:e0:89:0d:cf:90:85:5d:ad:
4a:c9:63:36:1f:b9:45:68:0f:eb:e3:04:81:19:e0:
3d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:A6:27:65:03:02:45:A0:1D:51:47:AF:29:FD:E5:A8:67:E7:E7:92
X509v3 Authority Key Identifier:
keyid:08:66:AF:42:5A:B3:D3:9D:73:37:C2:B1:25:D3:95:93:AD:91:C1:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CGavQlqz051zN8KxJdOVk62RwdE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/39b8ad-e653-4ccd-828c-b7eb12998b35/1/i6YnZQMCRaAdUUevKf3lqGfn55I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/39b8ad-e653-4ccd-828c-b7eb12998b35/1/CGavQlqz051zN8KxJdOVk62RwdE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.54.0/24
185.219.12.0/22
194.148.0.0/22
IPv6:
2a0c:bc00::/29
Signature Algorithm: sha256WithRSAEncryption
36:b3:1e:b7:84:88:95:67:95:15:36:bc:f9:e5:f2:d4:be:c1:
51:53:95:54:80:c8:47:8f:c0:a2:c1:73:a2:ed:4a:24:17:2d:
9c:29:b1:21:10:ad:28:33:84:ef:95:c1:45:74:88:12:90:65:
34:a8:92:cb:18:0c:3f:4f:45:02:c3:89:20:0d:f0:1f:fa:de:
2b:4d:6e:ee:1e:a8:5e:19:ac:b8:e3:6e:90:c5:9f:a1:4a:8e:
a2:e0:af:59:8a:86:a3:d2:65:67:82:67:8f:34:2a:2a:30:a5:
35:aa:25:ff:9d:13:34:9b:14:12:b3:4f:cc:ee:ef:a1:6f:24:
8d:53:2d:7d:d7:4d:ef:b6:8e:ab:91:60:2a:b4:77:ae:53:12:
29:4b:1f:f0:b4:cb:76:cb:12:ea:91:92:79:40:3d:88:27:70:
0c:6d:d7:6d:e9:31:85:a5:00:6d:64:c9:4a:11:34:51:f0:56:
1c:fe:73:6c:bc:49:c0:2f:6e:af:3c:4e:52:1c:af:76:33:46:
25:ef:54:5f:f6:94:2a:90:e4:8c:c0:d9:2d:dc:40:c9:12:21:
dd:58:14:38:88:e3:c5:ac:50:67:ab:76:43:e4:b5:b9:d0:d0:
16:46:e3:0f:ab:92:ca:06:2c:d5:6f:c5:9c:47:64:7e:66:3a:
e3:11:83:32
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzKKm9a7hcJ5U9k81ur0epOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NjZhZjQyNWFiM2QzOWQ3MzM3YzJiMTI1ZDM5NTkzYWQ5
MWMxZDEwHhcNMjQwMTAyMTIzMzQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmE2Mjc2NTAzMDI0NWEwMWQ1MTQ3YWYyOWZkZTVhODY3ZTdlNzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArunEhY7eCYHdUnWl5OTlotYDXC2X
/zJ6yy6y+3c4ieva+vQ0Wv456pqIgef6j9kF4p9MjcQVcW0dojfrvprGxClDGMpV
kV2qyJGOaKyhx2atULvkEzCIscZ7MvUHw2IQfSaIx8kRUs8ztUABPUGg/DKKjC0M
qPJpEyuHCwGT+6nQNAvE+/YbEa9dI+lqUjZqU0J32u3O1nZ7HN9/Mv1LrGxhg3Pz
Qxpos9tujTw914N5O7JjG04hloPBrxZnRJ1wmqf08V7+IeodGE2WWqKdHL1WhD/T
Dw3qZnefXYCqCe3DDYHpT5nm4IkNz5CFXa1KyWM2H7lFaA/r4wSBGeA9GQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIumJ2UDAkWgHVFHryn95ahn5+eSMB8GA1UdIwQY
MBaAFAhmr0Jas9OdczfCsSXTlZOtkcHRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0dhdlFscXowNTF6TjhLeEpkT1ZrNjJSd2RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8zOWI4YWQtZTY1My00Y2NkLTgyOGMt
YjdlYjEyOTk4YjM1LzEvaTZZblpRTUNSYUFkVVVldktmM2xxR2ZuNTVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8zOWI4YWQtZTY1My00Y2NkLTgyOGMtYjdlYjEyOTk4YjM1
LzEvQ0dhdlFscXowNTF6TjhLeEpkT1ZrNjJSd2RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW+82AwQC
udsMAwQCwpQAMA0EAgACMAcDBQMqDLwAMA0GCSqGSIb3DQEBCwUAA4IBAQA2sx63
hIiVZ5UVNrz55fLUvsFRU5VUgMhHj8CiwXOi7UokFy2cKbEhEK0oM4TvlcFFdIgS
kGU0qJLLGAw/T0UCw4kgDfAf+t4rTW7uHqheGay4426QxZ+hSo6i4K9Zioaj0mVn
gmePNCoqMKU1qiX/nRM0mxQSs0/M7u+hbySNUy19103vto6rkWAqtHeuUxIpSx/w
tMt2yxLqkZJ5QD2IJ3AMbddt6TGFpQBtZMlKETRR8FYc/nNsvEnAL26vPE5SHK92
M0Yl71Rf9pQqkOSMwNkt3EDJEiHdWBQ4iOPFrFBnq3ZD5LW50NAWRuMPq5LKBizV
b8WcR2R+ZjrjEYMy
-----END CERTIFICATE-----
Generated at Sat May 18 22:29:01 2024 by rpki-client on console-fra.rpki-client.org