Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/95ffd9-19d3-4517-8c47-c61661d1b71b/1/zBS7jRQqoQZRqC_HiRHC50AT9tY.roa
File: zBS7jRQqoQZRqC_HiRHC50AT9tY.roa (raw, json)
Hash identifier: icekQvvMZ0wsUCiBaikaALDfgymOOHpc0crqqGiLvGM=
Subject key identifier: CC:14:BB:8D:14:2A:A1:06:51:A8:2F:C7:89:11:C2:E7:40:13:F6:D6
Certificate issuer: /CN=3ee5a1dd0cee874c06e1ea1f72827d97cbc67187
Certificate serial: 018CC424F1A0A5256AA692C5F5FA2258AD7F
Authority key identifier: 3E:E5:A1:DD:0C:EE:87:4C:06:E1:EA:1F:72:82:7D:97:CB:C6:71:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PuWh3Qzuh0wG4eofcoJ9l8vGcYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/95ffd9-19d3-4517-8c47-c61661d1b71b/1/zBS7jRQqoQZRqC_HiRHC50AT9tY.roa
Signing time: Mon 01 Jan 2024 08:30:04 +0000
ROA not before: Mon 01 Jan 2024 08:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198611
IP address blocks: 91.237.70.0/24 maxlen: 24
91.231.205.0/24 maxlen: 24
91.237.68.0/24 maxlen: 24
91.237.71.0/24 maxlen: 24
91.237.69.0/24 maxlen: 24
2001:67c:16f8::/48 maxlen: 48
2001:67c:2ad8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/95ffd9-19d3-4517-8c47-c61661d1b71b/1/PuWh3Qzuh0wG4eofcoJ9l8vGcYc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/95ffd9-19d3-4517-8c47-c61661d1b71b/1/PuWh3Qzuh0wG4eofcoJ9l8vGcYc.mft
rsync://rpki.ripe.net/repository/DEFAULT/PuWh3Qzuh0wG4eofcoJ9l8vGcYc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:f1:a0:a5:25:6a:a6:92:c5:f5:fa:22:58:ad:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee5a1dd0cee874c06e1ea1f72827d97cbc67187
Validity
Not Before: Jan 1 08:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc14bb8d142aa10651a82fc78911c2e74013f6d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:07:14:86:ed:6e:c6:1d:97:31:a1:6d:c6:9d:
ac:aa:01:7f:17:82:c8:35:cd:ee:db:49:60:f6:8a:
be:c0:99:97:87:0a:4b:5c:86:46:1c:a7:25:00:e5:
47:66:cf:97:ca:77:42:86:bb:24:87:04:09:7a:a4:
f4:2d:35:dd:21:66:c2:ce:d5:e3:9b:c6:d4:6d:18:
3d:b7:2b:15:45:3a:e3:fa:28:91:40:fe:73:75:99:
5b:f3:72:09:9e:f5:dc:c1:73:d9:af:cb:58:5c:f4:
ea:ce:c1:f0:f0:f4:03:a8:b2:38:f1:9c:15:42:81:
77:0b:8d:8b:a3:21:34:10:0e:42:90:ae:fd:13:46:
62:b5:73:92:53:f5:3d:ad:0d:76:64:61:49:d6:e6:
bd:e2:6f:73:de:42:d8:ca:9d:74:02:c8:21:ad:18:
ec:e5:1f:07:a5:1d:fd:6e:45:8c:94:4b:fb:2e:f3:
98:65:7a:db:5f:1e:63:b5:4c:3f:af:2d:35:d3:bd:
1c:0c:cd:1a:21:f5:1e:66:d1:50:88:94:89:85:58:
a9:1a:ce:a0:d1:ba:ac:c8:f3:56:cf:da:3b:4a:21:
74:f7:1b:46:51:5c:f4:3b:2e:6b:fe:ff:26:4b:bd:
b8:a6:c4:27:47:4a:01:1e:7f:b8:e5:23:41:e2:68:
1a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:14:BB:8D:14:2A:A1:06:51:A8:2F:C7:89:11:C2:E7:40:13:F6:D6
X509v3 Authority Key Identifier:
keyid:3E:E5:A1:DD:0C:EE:87:4C:06:E1:EA:1F:72:82:7D:97:CB:C6:71:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PuWh3Qzuh0wG4eofcoJ9l8vGcYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/95ffd9-19d3-4517-8c47-c61661d1b71b/1/zBS7jRQqoQZRqC_HiRHC50AT9tY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/95ffd9-19d3-4517-8c47-c61661d1b71b/1/PuWh3Qzuh0wG4eofcoJ9l8vGcYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.205.0/24
91.237.68.0/22
IPv6:
2001:67c:16f8::/48
2001:67c:2ad8::/48
Signature Algorithm: sha256WithRSAEncryption
58:c9:6c:e9:27:f5:28:04:36:cd:72:82:96:07:67:bc:9e:ff:
08:5c:ee:4c:37:26:8d:19:94:65:c9:4f:2c:74:cb:6b:6b:14:
bc:21:f6:73:f7:37:02:e4:b2:f4:56:73:6b:53:17:2e:b9:7f:
bd:31:04:7e:b3:d5:11:c9:b8:7c:a0:c4:5a:5d:99:f6:58:d5:
c2:b9:68:76:af:9e:18:09:d4:72:b6:e0:15:f1:ce:05:fb:6b:
9f:f9:eb:8d:1f:a8:aa:e7:2e:97:4e:32:18:83:d2:8d:94:6f:
36:d5:fe:17:8c:8c:17:af:46:10:04:c0:94:aa:6b:b1:d7:b9:
f8:65:d5:89:4c:de:6f:5a:1f:d4:b7:cf:df:45:29:d1:b3:c9:
4f:e9:a6:6a:e0:8c:3c:03:01:77:1e:cc:f0:c3:82:44:99:1e:
87:55:de:a7:59:79:8c:3e:28:db:68:ea:84:a6:dc:36:3b:0e:
18:c5:40:32:b8:da:68:be:59:a5:16:0f:56:e1:e4:ea:71:fa:
54:32:36:e3:0a:69:99:49:63:4f:73:c2:8a:3a:1d:44:49:7f:
c0:a8:f1:b9:51:32:f7:58:5b:3e:3e:64:c6:79:1f:ac:77:3e:
45:27:9c:a1:52:79:d4:5f:ab:53:8d:42:7d:87:a3:63:ee:29:
54:20:ca:c9
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzEJPGgpSVqppLF9foiWK1/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTVhMWRkMGNlZTg3NGMwNmUxZWExZjcyODI3ZDk3Y2Jj
NjcxODcwHhcNMjQwMTAxMDgzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzE0YmI4ZDE0MmFhMTA2NTFhODJmYzc4OTExYzJlNzQwMTNmNmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAcUhu1uxh2XMaFtxp2sqgF/F4LI
Nc3u20lg9oq+wJmXhwpLXIZGHKclAOVHZs+XyndChrskhwQJeqT0LTXdIWbCztXj
m8bUbRg9tysVRTrj+iiRQP5zdZlb83IJnvXcwXPZr8tYXPTqzsHw8PQDqLI48ZwV
QoF3C42LoyE0EA5CkK79E0ZitXOSU/U9rQ12ZGFJ1ua94m9z3kLYyp10AsghrRjs
5R8HpR39bkWMlEv7LvOYZXrbXx5jtUw/ry01070cDM0aIfUeZtFQiJSJhVipGs6g
0bqsyPNWz9o7SiF09xtGUVz0Oy5r/v8mS724psQnR0oBHn+45SNB4mgaXQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMwUu40UKqEGUagvx4kRwudAE/bWMB8GA1UdIwQY
MBaAFD7lod0M7odMBuHqH3KCfZfLxnGHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVXaDNRenVoMHdHNGVvZmNvSjlsOHZHY1ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny85NWZmZDktMTlkMy00NTE3LThjNDct
YzYxNjYxZDFiNzFiLzEvekJTN2pSUXFvUVpScUNfSGlSSEM1MEFUOXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny85NWZmZDktMTlkMy00NTE3LThjNDctYzYxNjYxZDFiNzFi
LzEvUHVXaDNRenVoMHdHNGVvZmNvSjlsOHZHY1ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAW+fNAwQC
W+1EMBgEAgACMBIDBwAgAQZ8FvgDBwAgAQZ8KtgwDQYJKoZIhvcNAQELBQADggEB
AFjJbOkn9SgENs1ygpYHZ7ye/whc7kw3Jo0ZlGXJTyx0y2trFLwh9nP3NwLksvRW
c2tTFy65f70xBH6z1RHJuHygxFpdmfZY1cK5aHavnhgJ1HK24BXxzgX7a5/5640f
qKrnLpdOMhiD0o2UbzbV/heMjBevRhAEwJSqa7HXufhl1YlM3m9aH9S3z99FKdGz
yU/ppmrgjDwDAXcezPDDgkSZHodV3qdZeYw+KNto6oSm3DY7DhjFQDK42mi+WaUW
D1bh5Opx+lQyNuMKaZlJY09zwoo6HURJf8Co8blRMvdYWz4+ZMZ5H6x3PkUnnKFS
edRfq1ONQn2Ho2PuKVQgysk=
-----END CERTIFICATE-----
Generated at Sat Jun 8 01:58:21 2024 by rpki-client on console-fra.rpki-client.org