Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/1gQr0ybQ-gBN29oRSrPHTtqSZ88.roa
File: 1gQr0ybQ-gBN29oRSrPHTtqSZ88.roa (raw, json)
Hash identifier: TkS+CAb2c3LHwOZoRYgbTdEhc/r9sCLYmDke+48tK58=
Subject key identifier: D6:04:2B:D3:26:D0:FA:00:4D:DB:DA:11:4A:B3:C7:4E:DA:92:67:CF
Certificate issuer: /CN=69a4d6916b93159aa80984a9b3774683bb550ebd
Certificate serial: 018DA21501377F0A47C50A17531D9B5AFF0D
Authority key identifier: 69:A4:D6:91:6B:93:15:9A:A8:09:84:A9:B3:77:46:83:BB:55:0E:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaTWkWuTFZqoCYSps3dGg7tVDr0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/1gQr0ybQ-gBN29oRSrPHTtqSZ88.roa
Signing time: Tue 13 Feb 2024 10:48:22 +0000
ROA not before: Tue 13 Feb 2024 10:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41535
IP address blocks: 77.221.130.0/24 maxlen: 24
89.253.192.0/21 maxlen: 21
89.253.200.0/21 maxlen: 21
89.253.202.0/24 maxlen: 24
89.253.203.0/24 maxlen: 24
89.253.208.0/21 maxlen: 21
89.253.216.0/21 maxlen: 21
89.253.224.0/21 maxlen: 21
89.253.232.0/21 maxlen: 21
89.253.240.0/21 maxlen: 21
89.253.248.0/21 maxlen: 21
109.120.162.0/24 maxlen: 24
109.120.167.0/24 maxlen: 24
109.120.172.0/24 maxlen: 24
193.32.198.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/aaTWkWuTFZqoCYSps3dGg7tVDr0.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/aaTWkWuTFZqoCYSps3dGg7tVDr0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aaTWkWuTFZqoCYSps3dGg7tVDr0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 07:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a2:15:01:37:7f:0a:47:c5:0a:17:53:1d:9b:5a:ff:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69a4d6916b93159aa80984a9b3774683bb550ebd
Validity
Not Before: Feb 13 10:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6042bd326d0fa004ddbda114ab3c74eda9267cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f6:87:28:f9:bc:68:28:11:78:ec:47:92:e1:
35:84:09:4c:f2:13:5b:18:00:ce:2b:b3:0f:15:3a:
9e:a6:21:ac:3f:f5:6d:d3:47:b5:f0:f2:ae:8a:12:
98:34:3a:de:57:26:3c:db:2d:95:5d:f8:58:a8:f6:
89:82:1f:d3:66:69:4e:54:98:f8:39:fe:39:08:23:
e3:9c:2c:0d:b9:0d:7d:90:08:92:27:4a:89:ba:b8:
fa:48:4b:7c:e6:33:f0:ed:f9:96:15:24:cd:f0:41:
b4:7a:c2:15:a9:29:ad:55:ca:7f:8b:bf:50:f8:87:
d6:ab:18:e4:b2:09:d0:1a:9a:d2:eb:88:e6:6d:60:
44:21:6a:b0:f5:9c:aa:83:6f:ae:3b:c3:bc:98:f2:
bb:f9:3e:75:3f:4e:29:f7:5e:d7:c5:60:5b:52:b7:
10:83:8a:88:42:83:bf:31:02:a6:a3:45:cd:e6:9a:
da:88:c0:75:ba:a4:a0:ad:74:1c:95:6b:33:56:ae:
18:b8:60:62:01:60:4a:d4:c6:0b:8e:5c:dd:18:50:
27:07:f3:9c:a4:87:35:89:7b:20:d5:03:88:f1:90:
6c:40:5d:3a:1f:1f:6f:00:34:78:1e:1c:8f:db:2e:
32:2b:ee:5c:42:54:e1:f8:5f:68:fb:54:fa:a0:29:
51:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:04:2B:D3:26:D0:FA:00:4D:DB:DA:11:4A:B3:C7:4E:DA:92:67:CF
X509v3 Authority Key Identifier:
keyid:69:A4:D6:91:6B:93:15:9A:A8:09:84:A9:B3:77:46:83:BB:55:0E:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaTWkWuTFZqoCYSps3dGg7tVDr0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/1gQr0ybQ-gBN29oRSrPHTtqSZ88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/aaTWkWuTFZqoCYSps3dGg7tVDr0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.130.0/24
89.253.192.0/18
109.120.162.0/24
109.120.167.0/24
109.120.172.0/24
193.32.198.0/23
Signature Algorithm: sha256WithRSAEncryption
cb:90:17:d9:64:93:43:60:db:e9:79:cd:87:f8:4a:b4:1a:7b:
62:01:81:c5:ad:e9:7c:e3:b1:7d:2e:e5:8e:39:33:34:e2:a4:
96:b3:f9:f4:85:55:f3:d4:26:42:db:c0:ed:82:32:b8:b4:79:
28:31:aa:18:6d:d0:1b:84:b4:25:f5:90:f8:ec:21:72:be:16:
47:5a:5c:72:f0:07:0a:a9:97:29:15:a2:c5:cc:71:b9:1d:30:
84:33:64:55:b2:f5:17:3f:a1:a9:ab:1b:b7:13:69:fd:c5:b4:
68:02:0d:c5:d3:b6:5f:26:8a:39:e2:dc:c8:48:dc:36:51:2e:
37:67:c8:8a:08:9a:b3:7b:60:9d:77:31:f9:77:88:37:e2:f3:
fc:41:ba:3c:51:84:9f:66:c4:20:7f:6b:cc:9b:e9:08:16:ae:
b1:16:d1:46:cc:50:93:22:9b:1e:eb:71:ac:d7:99:35:cb:29:
c7:c4:4c:eb:2a:64:f8:7e:54:99:d8:6d:57:5d:92:2e:ee:bb:
61:bd:56:01:09:00:03:72:10:be:8f:eb:60:9c:1f:a0:f1:35:
c9:22:a8:45:4b:9c:ca:1f:49:e8:bf:a8:ef:b9:d4:43:68:41:
12:b4:6a:d4:6a:4a:72:5f:18:7c:f2:57:bc:ab:3e:61:a1:ac:
21:a1:e6:d7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY2iFQE3fwpHxQoXUx2bWv8NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTRkNjkxNmI5MzE1OWFhODA5ODRhOWIzNzc0NjgzYmI1
NTBlYmQwHhcNMjQwMjEzMTA0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjA0MmJkMzI2ZDBmYTAwNGRkYmRhMTE0YWIzYzc0ZWRhOTI2N2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPaHKPm8aCgReOxHkuE1hAlM8hNb
GADOK7MPFTqepiGsP/Vt00e18PKuihKYNDreVyY82y2VXfhYqPaJgh/TZmlOVJj4
Of45CCPjnCwNuQ19kAiSJ0qJurj6SEt85jPw7fmWFSTN8EG0esIVqSmtVcp/i79Q
+IfWqxjksgnQGprS64jmbWBEIWqw9Zyqg2+uO8O8mPK7+T51P04p917XxWBbUrcQ
g4qIQoO/MQKmo0XN5praiMB1uqSgrXQclWszVq4YuGBiAWBK1MYLjlzdGFAnB/Oc
pIc1iXsg1QOI8ZBsQF06Hx9vADR4HhyP2y4yK+5cQlTh+F9o+1T6oClRlwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNYEK9Mm0PoATdvaEUqzx07akmfPMB8GA1UdIwQY
MBaAFGmk1pFrkxWaqAmEqbN3RoO7VQ69MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFUV2tXdVRGWnFvQ1lTcHMzZEdnN3RWRHIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jMDMxZTUtZmM2Ny00MWY1LThlYmUt
MzE5NzExMDA5N2M5LzEvMWdRcjB5YlEtZ0JOMjlvUlNyUEhUdHFTWjg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jMDMxZTUtZmM2Ny00MWY1LThlYmUtMzE5NzExMDA5N2M5
LzEvYWFUV2tXdVRGWnFvQ1lTcHMzZEdnN3RWRHIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATd2CAwQG
Wf3AAwQAbXiiAwQAbXinAwQAbXisAwQBwSDGMA0GCSqGSIb3DQEBCwUAA4IBAQDL
kBfZZJNDYNvpec2H+Eq0GntiAYHFrel847F9LuWOOTM04qSWs/n0hVXz1CZC28Dt
gjK4tHkoMaoYbdAbhLQl9ZD47CFyvhZHWlxy8AcKqZcpFaLFzHG5HTCEM2RVsvUX
P6Gpqxu3E2n9xbRoAg3F07ZfJoo54tzISNw2US43Z8iKCJqze2CddzH5d4g34vP8
Qbo8UYSfZsQgf2vMm+kIFq6xFtFGzFCTIpse63Gs15k1yynHxEzrKmT4flSZ2G1X
XZIu7rthvVYBCQADchC+j+tgnB+g8TXJIqhFS5zKH0nov6jvudRDaEEStGrUakpy
Xxh88le8qz5hoawhoebX
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:33:36 2024 by rpki-client on console-fra.rpki-client.org