Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/lXVfJTQazE64iaaOlzFDYfhG8Pk.roa
File: lXVfJTQazE64iaaOlzFDYfhG8Pk.roa (raw, json)
Hash identifier: TiVsMco9eFx44GPlTR0R5Tg2qrWp5XeX/q4hTn5auFI=
Subject key identifier: 95:75:5F:25:34:1A:CC:4E:B8:89:A6:8E:97:31:43:61:F8:46:F0:F9
Certificate issuer: /CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Certificate serial: 018FC8EDF1B02D5130BE12250FFD2493956B
Authority key identifier: 8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/lXVfJTQazE64iaaOlzFDYfhG8Pk.roa
Signing time: Thu 30 May 2024 09:56:28 +0000
ROA not before: Thu 30 May 2024 09:56:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31004
IP address blocks: 91.230.140.0/23 maxlen: 23
91.230.140.0/24 maxlen: 24
93.157.32.0/21 maxlen: 24
193.203.120.0/23 maxlen: 23
194.116.210.0/23 maxlen: 23
194.150.244.0/23 maxlen: 23
2a00:4bc0::/32 maxlen: 32
2a00:4bc0:2000::/44 maxlen: 56
2a00:4bc0:2100::/40 maxlen: 48
2a00:4bc0:2300::/40 maxlen: 48
2a00:4bc0:2400::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c8:ed:f1:b0:2d:51:30:be:12:25:0f:fd:24:93:95:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Validity
Not Before: May 30 09:56:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95755f25341acc4eb889a68e97314361f846f0f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:47:79:b7:7d:cf:52:b4:a5:90:c3:4b:e8:6b:
0f:6b:73:4d:ba:79:45:dc:d1:46:ca:e5:21:cf:e5:
04:aa:74:a4:43:d0:1c:39:c1:52:18:e1:79:fa:b2:
ae:c6:9f:fa:de:ef:4a:51:20:9b:c4:3b:9c:d0:10:
4e:1e:e8:e4:c1:d4:20:1a:b9:d6:7d:3f:27:b7:b7:
a4:cc:c5:6a:41:79:87:15:a7:65:ef:0d:7e:ff:f4:
7b:a0:d8:62:1b:48:0c:41:73:e2:67:43:89:60:de:
d3:3b:5e:74:26:61:c5:0a:57:0c:97:50:04:7d:ae:
d1:89:44:b3:d3:c8:4f:cb:7b:4c:af:a8:d9:84:2f:
ab:b0:76:6f:0d:2b:55:c5:dc:43:a1:ff:9e:c3:3f:
a5:3c:5c:0a:30:c1:71:64:14:c5:29:09:73:e0:21:
c9:d2:39:22:3b:cf:a0:76:3c:c3:f6:fb:5e:40:9e:
e5:7c:c8:b3:93:8c:e7:92:b2:0a:44:65:b1:c7:d7:
dd:e7:10:0e:a5:67:cf:fa:58:6b:f4:80:56:b3:08:
97:22:34:d8:7d:2f:e4:20:3e:22:c4:30:84:b5:89:
41:42:1c:3c:fd:37:9b:d9:16:1a:fc:c5:21:5b:00:
04:07:20:46:c7:f3:df:94:9c:93:8a:a2:f5:fb:0c:
c4:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:75:5F:25:34:1A:CC:4E:B8:89:A6:8E:97:31:43:61:F8:46:F0:F9
X509v3 Authority Key Identifier:
keyid:8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/lXVfJTQazE64iaaOlzFDYfhG8Pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.140.0/23
93.157.32.0/21
193.203.120.0/23
194.116.210.0/23
194.150.244.0/23
IPv6:
2a00:4bc0::/32
Signature Algorithm: sha256WithRSAEncryption
05:73:a3:91:a0:25:92:f1:3c:13:da:00:41:02:da:1a:b2:b4:
7a:35:95:94:4d:a3:ff:46:4c:75:0b:da:b3:4f:6f:fb:75:f7:
26:dd:3b:75:35:a8:d3:c9:af:18:b4:aa:91:cd:3a:00:0b:f1:
48:f9:ce:a3:da:1d:49:b1:0f:74:8b:6e:9d:dd:1f:0b:c0:61:
af:7a:24:e9:fc:a9:3b:03:35:08:e9:32:05:a8:e4:f4:7b:80:
ba:a8:eb:fb:2d:55:03:61:42:55:b8:86:a5:7c:47:2d:00:ba:
77:f5:f2:49:fe:b7:5f:bc:2c:e4:b4:b1:39:77:b4:fc:a5:95:
ca:1a:9c:0f:50:92:bb:92:54:da:96:7f:02:e2:1d:7a:e8:5f:
1d:41:6c:71:d0:a6:b8:ac:ee:02:87:1a:66:48:4d:5f:7f:f3:
68:ad:b5:44:f7:e6:23:a9:a2:ec:5d:93:d2:f0:c3:8c:db:bc:
10:9e:3e:87:98:91:79:52:d5:da:85:8b:cb:a7:a4:7c:9a:36:
40:1d:fe:23:84:f1:21:36:0c:99:48:77:f7:c8:fc:c2:37:52:
22:b7:34:40:db:ab:27:83:e6:f4:fc:c6:fb:d9:27:83:4e:9c:
84:b4:19:08:1c:0e:78:c9:f7:a6:33:50:e7:45:6f:f0:83:c7:
37:f5:74:b6
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY/I7fGwLVEwvhIlD/0kk5VrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMjgyNGM2MTM1N2RjMzQ0YmJkZjM1YjgzNTc3NDU5Yjlk
M2ZjNDQwHhcNMjQwNTMwMDk1NjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTc1NWYyNTM0MWFjYzRlYjg4OWE2OGU5NzMxNDM2MWY4NDZmMGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Ud5t33PUrSlkMNL6GsPa3NNunlF
3NFGyuUhz+UEqnSkQ9AcOcFSGOF5+rKuxp/63u9KUSCbxDuc0BBOHujkwdQgGrnW
fT8nt7ekzMVqQXmHFadl7w1+//R7oNhiG0gMQXPiZ0OJYN7TO150JmHFClcMl1AE
fa7RiUSz08hPy3tMr6jZhC+rsHZvDStVxdxDof+ewz+lPFwKMMFxZBTFKQlz4CHJ
0jkiO8+gdjzD9vteQJ7lfMizk4znkrIKRGWxx9fd5xAOpWfP+lhr9IBWswiXIjTY
fS/kID4ixDCEtYlBQhw8/Teb2RYa/MUhWwAEByBGx/PflJyTiqL1+wzElQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJV1XyU0GsxOuImmjpcxQ2H4RvD5MB8GA1UdIwQY
MBaAFI8oJMYTV9w0S73zW4NXdFm50/xEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzIt
M2FlNzExYWYwMzRiLzEvbFhWZkpUUWF6RTY0aWFhT2x6RkRZZmhHOFBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzItM2FlNzExYWYwMzRi
LzEvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBW+aMAwQD
XZ0gAwQBwct4AwQBwnTSAwQBwpb0MA0EAgACMAcDBQAqAEvAMA0GCSqGSIb3DQEB
CwUAA4IBAQAFc6ORoCWS8TwT2gBBAtoasrR6NZWUTaP/Rkx1C9qzT2/7dfcm3Tt1
NajTya8YtKqRzToAC/FI+c6j2h1JsQ90i26d3R8LwGGveiTp/Kk7AzUI6TIFqOT0
e4C6qOv7LVUDYUJVuIalfEctALp39fJJ/rdfvCzktLE5d7T8pZXKGpwPUJK7klTa
ln8C4h166F8dQWxx0Ka4rO4ChxpmSE1ff/NorbVE9+YjqaLsXZPS8MOM27wQnj6H
mJF5UtXahYvLp6R8mjZAHf4jhPEhNgyZSHf3yPzCN1IitzRA26sng+b0/Mb72SeD
TpyEtBkIHA54yfemM1DnRW/wg8c39XS2
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:40:29 2024 by rpki-client on console-ams.rpki-client.org