Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/91S51z7uFuv4L9kDAwq-elqVYeY.roa
File: 91S51z7uFuv4L9kDAwq-elqVYeY.roa (raw, json)
Hash identifier: ZwFJBpJvL3TeeluxPT7rQWUXp5rzL6OtWLA2kgdn+PU=
Subject key identifier: F7:54:B9:D7:3E:EE:16:EB:F8:2F:D9:03:03:0A:BE:7A:5A:95:61:E6
Certificate issuer: /CN=ee2259f158b9aa76aad0b1adfa62c1eed4559d14
Certificate serial: 01912235EB9DC48078EB534A89136567C06D
Authority key identifier: EE:22:59:F1:58:B9:AA:76:AA:D0:B1:AD:FA:62:C1:EE:D4:55:9D:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/91S51z7uFuv4L9kDAwq-elqVYeY.roa
Signing time: Mon 05 Aug 2024 11:04:04 +0000
ROA not before: Mon 05 Aug 2024 11:04:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34476
IP address blocks: 45.139.200.0/22 maxlen: 24
185.86.82.0/24 maxlen: 24
185.254.94.0/24 maxlen: 24
212.102.103.0/24 maxlen: 24
2a0f:8c80::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:22:35:eb:9d:c4:80:78:eb:53:4a:89:13:65:67:c0:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee2259f158b9aa76aad0b1adfa62c1eed4559d14
Validity
Not Before: Aug 5 11:04:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f754b9d73eee16ebf82fd903030abe7a5a9561e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a8:ae:a0:1a:e6:32:a3:2e:72:9f:e1:70:81:
3a:74:e5:c0:e7:83:f0:39:84:c2:e0:bd:5a:20:2e:
29:63:4a:57:10:76:b7:dd:fb:57:bc:cd:16:90:66:
36:7b:1e:96:e4:69:66:74:9e:31:5f:8b:74:22:1f:
44:32:ba:a5:33:b5:67:f9:68:5a:2e:54:b4:a9:6c:
ef:1c:21:36:b5:29:4c:e6:c5:a9:15:94:98:d4:58:
de:aa:db:28:de:f8:4b:ff:fb:3e:79:91:ae:cb:f5:
bc:25:41:38:a3:61:e2:1c:d5:39:9e:90:10:25:fd:
68:bc:49:34:37:93:30:ce:bc:33:be:ab:a5:b3:48:
f0:c3:d4:cd:63:40:0a:4d:4c:1a:89:d2:d4:25:2e:
81:2b:a7:9f:3b:72:97:b4:54:f2:35:bc:11:b9:09:
4e:fd:f4:ac:ef:54:f9:39:ce:21:cf:f6:96:12:e6:
00:6b:8f:bd:92:cc:a2:d8:17:db:8f:dc:73:a3:dd:
62:ec:e6:83:59:fa:f3:6b:5c:bb:76:70:a8:27:65:
2a:12:4b:86:af:1f:66:01:1c:41:28:02:5c:54:db:
c1:5c:e1:2b:eb:66:b6:71:f0:60:5b:a1:1f:0d:c9:
f6:8b:5a:93:47:3c:dc:02:d4:36:3b:33:6b:08:2a:
3a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:54:B9:D7:3E:EE:16:EB:F8:2F:D9:03:03:0A:BE:7A:5A:95:61:E6
X509v3 Authority Key Identifier:
keyid:EE:22:59:F1:58:B9:AA:76:AA:D0:B1:AD:FA:62:C1:EE:D4:55:9D:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/91S51z7uFuv4L9kDAwq-elqVYeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.200.0/22
185.86.82.0/24
185.254.94.0/24
212.102.103.0/24
IPv6:
2a0f:8c80::/29
Signature Algorithm: sha256WithRSAEncryption
86:d6:86:7d:37:ce:01:85:89:13:04:bf:5f:60:12:95:91:17:
3f:52:84:c3:11:c7:26:64:6f:37:4e:b8:d8:2e:8d:82:b1:75:
e6:da:37:1c:b4:53:fd:c5:d8:a9:b8:4c:4d:1e:45:c5:a1:5d:
ef:e3:ab:a8:11:91:d1:56:2b:90:09:68:03:5d:6b:e5:1a:87:
75:76:53:7b:1a:a9:9a:7e:d8:c5:8a:bd:0f:7a:9a:cc:cf:7b:
10:58:a8:7e:b3:ca:f0:eb:80:ad:6f:2b:9c:db:50:ba:ef:3a:
f3:5d:c4:e8:0a:70:fa:5c:be:78:0c:fd:dc:6d:a0:7d:84:6a:
bb:84:8f:2b:70:93:6e:8f:b7:56:73:3a:04:d9:8c:f4:e0:ae:
19:98:ce:68:2a:18:44:65:72:2f:12:3e:ee:4c:3a:76:b5:64:
5c:20:0f:71:e4:39:59:e9:84:16:32:f9:01:31:1b:84:34:f3:
4d:fe:9a:8e:f3:79:70:51:7a:15:27:dc:aa:c9:c1:b1:db:57:
87:65:67:c8:c8:51:16:7d:c9:4e:3c:2f:4a:b2:ff:61:22:56:
05:4a:04:0c:8c:19:2e:31:6c:ef:34:d1:0a:6c:91:ce:03:75:
2a:40:2c:91:bf:8b:57:3d:49:c1:e6:e2:b7:7b:54:85:af:d7:
4b:a9:65:85
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZEiNeudxIB461NKiRNlZ8BtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMjI1OWYxNThiOWFhNzZhYWQwYjFhZGZhNjJjMWVlZDQ1
NTlkMTQwHhcNMjQwODA1MTEwNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzU0YjlkNzNlZWUxNmViZjgyZmQ5MDMwMzBhYmU3YTVhOTU2MWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaiuoBrmMqMucp/hcIE6dOXA54Pw
OYTC4L1aIC4pY0pXEHa33ftXvM0WkGY2ex6W5GlmdJ4xX4t0Ih9EMrqlM7Vn+Wha
LlS0qWzvHCE2tSlM5sWpFZSY1Fjeqtso3vhL//s+eZGuy/W8JUE4o2HiHNU5npAQ
Jf1ovEk0N5Mwzrwzvquls0jww9TNY0AKTUwaidLUJS6BK6efO3KXtFTyNbwRuQlO
/fSs71T5Oc4hz/aWEuYAa4+9ksyi2Bfbj9xzo91i7OaDWfrza1y7dnCoJ2UqEkuG
rx9mARxBKAJcVNvBXOEr62a2cfBgW6EfDcn2i1qTRzzcAtQ2OzNrCCo67wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPdUudc+7hbr+C/ZAwMKvnpalWHmMB8GA1UdIwQY
MBaAFO4iWfFYuap2qtCxrfpiwe7UVZ0UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2lKWjhWaTVxbmFxMExHdC1tTEI3dFJWblJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80MTAxMmUtNzg4NS00ZjQwLWJkZjQt
MzQ5N2NlMWI3MWJmLzEvOTFTNTF6N3VGdXY0TDlrREF3cS1lbHFWWWVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80MTAxMmUtNzg4NS00ZjQwLWJkZjQtMzQ5N2NlMWI3MWJm
LzEvN2lKWjhWaTVxbmFxMExHdC1tTEI3dFJWblJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLYvIAwQA
uVZSAwQAuf5eAwQA1GZnMA0EAgACMAcDBQMqD4yAMA0GCSqGSIb3DQEBCwUAA4IB
AQCG1oZ9N84BhYkTBL9fYBKVkRc/UoTDEccmZG83TrjYLo2CsXXm2jcctFP9xdip
uExNHkXFoV3v46uoEZHRViuQCWgDXWvlGod1dlN7GqmaftjFir0PeprMz3sQWKh+
s8rw64Ctbyuc21C67zrzXcToCnD6XL54DP3cbaB9hGq7hI8rcJNuj7dWczoE2Yz0
4K4ZmM5oKhhEZXIvEj7uTDp2tWRcIA9x5DlZ6YQWMvkBMRuENPNN/pqO83lwUXoV
J9yqycGx21eHZWfIyFEWfclOPC9Ksv9hIlYFSgQMjBkuMWzvNNEKbJHOA3UqQCyR
v4tXPUnB5uK3e1SFr9dLqWWF
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:11:22 2024 by rpki-client on console-ams.rpki-client.org