Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/sBS3B8R-2XZHNYJIcLI6xNr2cdE.roa
File: sBS3B8R-2XZHNYJIcLI6xNr2cdE.roa (raw, json)
Hash identifier: a6p77eHzhiGL37f5n8GJvNrZ/fAAEp3rB3j8px3oFxk=
Subject key identifier: B0:14:B7:07:C4:7E:D9:76:47:35:82:48:70:B2:3A:C4:DA:F6:71:D1
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 0191318BB3994F54A7559AD9D8F20DF229AB
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/sBS3B8R-2XZHNYJIcLI6xNr2cdE.roa
Signing time: Thu 08 Aug 2024 10:32:04 +0000
ROA not before: Thu 08 Aug 2024 10:32:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25773
IP address blocks: 92.61.228.0/24 maxlen: 24
92.61.230.0/24 maxlen: 24
92.61.231.0/24 maxlen: 24
92.61.232.0/24 maxlen: 24
92.61.236.0/24 maxlen: 24
92.61.237.0/24 maxlen: 24
92.61.238.0/24 maxlen: 24
94.188.137.0/24 maxlen: 24
94.188.194.0/24 maxlen: 24
94.188.201.0/24 maxlen: 24
94.188.202.0/24 maxlen: 24
94.188.203.0/24 maxlen: 24
94.188.205.0/24 maxlen: 24
94.188.206.0/24 maxlen: 24
94.188.207.0/24 maxlen: 24
94.188.208.0/24 maxlen: 24
94.188.209.0/24 maxlen: 24
94.188.210.0/24 maxlen: 24
94.188.211.0/24 maxlen: 24
94.188.212.0/24 maxlen: 24
94.188.214.0/24 maxlen: 24
94.188.215.0/24 maxlen: 24
94.188.216.0/24 maxlen: 24
94.188.222.0/24 maxlen: 24
94.188.223.0/24 maxlen: 24
94.188.224.0/24 maxlen: 24
94.188.225.0/24 maxlen: 24
94.188.226.0/24 maxlen: 24
94.188.227.0/24 maxlen: 24
94.188.228.0/24 maxlen: 24
94.188.229.0/24 maxlen: 24
94.188.230.0/24 maxlen: 24
94.188.231.0/24 maxlen: 24
94.188.232.0/24 maxlen: 24
94.188.233.0/24 maxlen: 24
94.188.234.0/24 maxlen: 24
94.188.235.0/24 maxlen: 24
94.188.236.0/24 maxlen: 24
94.188.237.0/24 maxlen: 24
94.188.239.0/24 maxlen: 24
94.188.240.0/24 maxlen: 24
94.188.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:31:8b:b3:99:4f:54:a7:55:9a:d9:d8:f2:0d:f2:29:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Aug 8 10:32:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b014b707c47ed9764735824870b23ac4daf671d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f1:8e:f2:e3:7d:5a:75:cd:75:1c:b4:fd:a5:
c7:ae:05:16:11:93:6f:d5:f6:27:87:e2:df:a9:cf:
2f:40:78:eb:53:d0:1d:0d:ee:e2:ec:25:dc:f1:89:
ce:84:bb:e3:6c:55:10:56:9e:1a:a6:c3:8d:19:48:
43:f3:74:cd:ce:f2:2c:b2:c5:d5:2b:ce:2c:63:90:
a9:db:42:15:8a:7f:f5:83:09:e8:f5:7a:34:39:2d:
9d:87:af:1f:91:e5:33:6a:ea:04:f7:5e:42:0d:fe:
50:4e:9e:d0:92:a9:8e:79:84:49:01:93:7e:39:69:
47:1a:48:a1:d3:5b:01:48:57:0c:e5:fe:5c:9f:e1:
bf:bf:7f:7f:b2:e3:16:3e:94:52:88:e8:00:e5:e1:
5b:85:03:95:7d:6c:33:f6:66:df:47:ec:03:f6:40:
9f:c1:fe:e2:92:5a:52:b0:f7:a3:0b:48:0c:2d:5d:
29:8e:14:2e:d5:27:34:95:df:58:21:55:d8:b3:6e:
3f:8d:76:23:3e:f5:5a:89:90:d1:bc:28:c2:fe:d1:
9a:4f:74:c1:fe:4d:72:fd:ab:e1:5d:ca:4c:a8:d9:
18:de:ce:b0:be:71:e9:08:9e:3c:7b:01:05:7f:dc:
2b:17:96:d7:0f:07:3a:91:bb:28:e4:ec:33:f9:99:
ee:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:14:B7:07:C4:7E:D9:76:47:35:82:48:70:B2:3A:C4:DA:F6:71:D1
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/sBS3B8R-2XZHNYJIcLI6xNr2cdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.61.228.0/24
92.61.230.0-92.61.232.255
92.61.236.0-92.61.238.255
94.188.137.0/24
94.188.194.0/24
94.188.201.0-94.188.203.255
94.188.205.0-94.188.212.255
94.188.214.0-94.188.216.255
94.188.222.0-94.188.237.255
94.188.239.0-94.188.241.255
Signature Algorithm: sha256WithRSAEncryption
81:ce:a2:e4:db:c8:17:7f:7b:6a:76:8a:80:46:56:ab:9b:53:
18:d8:86:b0:bc:aa:4a:4a:dc:4f:09:b5:57:68:a0:21:5e:83:
81:03:dc:43:d1:ae:e8:96:71:6f:58:29:43:7a:35:78:6e:f6:
07:64:b8:48:82:3f:53:51:0e:cc:a2:e0:4d:c7:ff:7f:75:d6:
29:64:29:e4:7f:75:59:35:11:5e:c5:c5:82:b2:b0:36:78:7c:
7f:83:32:5c:10:b9:9d:c3:8c:89:b5:4b:66:ff:52:d1:82:cb:
ea:d0:9b:47:2c:3e:72:8d:17:fd:54:3a:d5:dc:81:f8:71:ff:
b0:99:81:d1:85:36:34:e5:0f:4e:48:49:99:c6:e8:78:28:7f:
b8:13:53:8b:7f:6d:73:f9:fc:cf:26:bc:d8:85:79:d5:75:09:
7b:90:74:24:a9:f6:14:2f:dd:ee:22:dc:17:8e:7a:c7:05:a6:
84:e0:35:79:49:25:b9:de:b6:06:b8:83:96:c5:22:c1:69:32:
0c:c2:e4:62:35:1e:7e:78:d9:40:cb:69:91:65:57:21:75:73:
01:c4:e0:58:5d:80:b7:96:ac:3d:70:d2:ba:74:39:2d:7f:25:
af:b1:88:33:5d:e5:1f:9e:44:30:ab:2a:fd:b8:af:b8:a1:8e:
1c:b3:96:5e
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZExi7OZT1SnVZrZ2PIN8imrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjQwODA4MTAzMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDE0YjcwN2M0N2VkOTc2NDczNTgyNDg3MGIyM2FjNGRhZjY3MWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/GO8uN9WnXNdRy0/aXHrgUWEZNv
1fYnh+Lfqc8vQHjrU9AdDe7i7CXc8YnOhLvjbFUQVp4apsONGUhD83TNzvIsssXV
K84sY5Cp20IVin/1gwno9Xo0OS2dh68fkeUzauoE915CDf5QTp7QkqmOeYRJAZN+
OWlHGkih01sBSFcM5f5cn+G/v39/suMWPpRSiOgA5eFbhQOVfWwz9mbfR+wD9kCf
wf7iklpSsPejC0gMLV0pjhQu1Sc0ld9YIVXYs24/jXYjPvVaiZDRvCjC/tGaT3TB
/k1y/avhXcpMqNkY3s6wvnHpCJ48ewEFf9wrF5bXDwc6kbso5Owz+ZnuXQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFLAUtwfEftl2RzWCSHCyOsTa9nHRMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvc0JTM0I4Ui0yWFpITllKSWNMSTZ4TnIyY2RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAFw95DAM
AwQBXD3mAwQAXD3oMAwDBAJcPewDBABcPe4DBABevIkDBABevMIwDAMEAF68yQME
Al68yDAMAwQAXrzNAwQAXrzUMAwDBAFevNYDBABevNgwDAMEAV683gMEAV687DAM
AwQAXrzvAwQBXrzwMA0GCSqGSIb3DQEBCwUAA4IBAQCBzqLk28gXf3tqdoqARlar
m1MY2IawvKpKStxPCbVXaKAhXoOBA9xD0a7olnFvWClDejV4bvYHZLhIgj9TUQ7M
ouBNx/9/ddYpZCnkf3VZNRFexcWCsrA2eHx/gzJcELmdw4yJtUtm/1LRgsvq0JtH
LD5yjRf9VDrV3IH4cf+wmYHRhTY05Q9OSEmZxuh4KH+4E1OLf21z+fzPJrzYhXnV
dQl7kHQkqfYUL93uItwXjnrHBaaE4DV5SSW53rYGuIOWxSLBaTIMwuRiNR5+eNlA
y2mRZVchdXMBxOBYXYC3lqw9cNK6dDktfyWvsYgzXeUfnkQwqyr9uK+4oY4cs5Ze
-----END CERTIFICATE-----
Generated at Fri Nov 22 05:51:45 2024 by rpki-client on console-fra.rpki-client.org