Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/3d3b56-e4e1-4c07-99e6-2fdfe3507a2f/1/Z62ijgrzU1tjxD0MKSYpaO4l4bk.roa
File: Z62ijgrzU1tjxD0MKSYpaO4l4bk.roa (raw, json)
Hash identifier: TJCSgM4g0b4l5Ouch2wwdm/kK2fetKEntzuBk0nQtl8=
Subject key identifier: 67:AD:A2:8E:0A:F3:53:5B:63:C4:3D:0C:29:26:29:68:EE:25:E1:B9
Certificate issuer: /CN=52bab6d360e93d98fce9e7888e564bd464e89e8a
Certificate serial: 018CC8715C1AC36CD0624544AFF9FD0639A9
Authority key identifier: 52:BA:B6:D3:60:E9:3D:98:FC:E9:E7:88:8E:56:4B:D4:64:E8:9E:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Urq202DpPZj86eeIjlZL1GTonoo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/3d3b56-e4e1-4c07-99e6-2fdfe3507a2f/1/Z62ijgrzU1tjxD0MKSYpaO4l4bk.roa
Signing time: Tue 02 Jan 2024 04:32:01 +0000
ROA not before: Tue 02 Jan 2024 04:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35322
IP address blocks: 193.239.230.0/24 maxlen: 24
193.239.230.0/23 maxlen: 23
91.192.140.0/22 maxlen: 22
91.192.141.0/24 maxlen: 24
91.192.142.0/24 maxlen: 24
91.192.143.0/24 maxlen: 24
91.192.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/3d3b56-e4e1-4c07-99e6-2fdfe3507a2f/1/Urq202DpPZj86eeIjlZL1GTonoo.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/3d3b56-e4e1-4c07-99e6-2fdfe3507a2f/1/Urq202DpPZj86eeIjlZL1GTonoo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Urq202DpPZj86eeIjlZL1GTonoo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:5c:1a:c3:6c:d0:62:45:44:af:f9:fd:06:39:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52bab6d360e93d98fce9e7888e564bd464e89e8a
Validity
Not Before: Jan 2 04:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67ada28e0af3535b63c43d0c29262968ee25e1b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e0:35:39:75:c6:cb:ab:ea:bb:41:52:4a:a4:
c1:a4:44:8d:42:d2:2d:e7:ae:ff:23:16:7b:d4:f4:
83:05:7f:20:79:65:7b:b7:a9:2d:2e:8a:5e:11:d0:
7a:fc:4b:d5:7e:d6:d9:74:3b:b5:0e:cf:96:e6:b4:
0e:9a:89:7f:cb:4a:94:b6:0e:21:12:74:ed:17:7e:
fa:d4:05:99:dc:3a:b7:e9:d4:83:62:ec:5c:0b:68:
2b:a2:5a:6e:a3:b6:a8:f5:8a:25:fc:be:c8:35:09:
1c:0d:2a:28:15:39:25:cd:7e:0a:99:41:bb:3b:57:
ad:2c:55:67:80:d5:8b:89:7b:9b:7d:7e:32:02:8a:
b9:c2:78:8f:68:98:2d:14:f4:33:5e:fc:35:6a:80:
93:32:6c:83:0f:3e:c1:61:7c:eb:1b:d9:61:ac:4c:
66:bb:17:1e:82:f3:48:5e:af:6d:f1:a5:ea:d8:bd:
a7:60:d5:f8:47:e7:60:13:4f:1c:cd:0c:ff:6c:15:
25:b7:d7:44:1c:0e:eb:87:33:99:c4:de:3c:84:2f:
ab:da:09:1b:ea:1e:be:85:42:ce:fd:e4:d7:e4:7a:
60:d6:f6:63:d4:e2:e3:59:57:87:a9:94:bc:e6:38:
73:72:71:f7:ab:9b:66:65:3a:af:3f:aa:4d:cc:bf:
d4:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:AD:A2:8E:0A:F3:53:5B:63:C4:3D:0C:29:26:29:68:EE:25:E1:B9
X509v3 Authority Key Identifier:
keyid:52:BA:B6:D3:60:E9:3D:98:FC:E9:E7:88:8E:56:4B:D4:64:E8:9E:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Urq202DpPZj86eeIjlZL1GTonoo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/3d3b56-e4e1-4c07-99e6-2fdfe3507a2f/1/Z62ijgrzU1tjxD0MKSYpaO4l4bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/3d3b56-e4e1-4c07-99e6-2fdfe3507a2f/1/Urq202DpPZj86eeIjlZL1GTonoo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.140.0/22
193.239.230.0/23
Signature Algorithm: sha256WithRSAEncryption
31:f4:c9:09:bf:e2:f5:32:16:c3:27:73:3c:c2:5b:c3:5d:dd:
a6:f0:a0:7b:f7:e1:ee:dc:53:7b:37:75:94:00:c6:0b:61:9d:
64:d7:b4:7c:36:81:99:62:f1:5e:f8:23:33:58:bb:46:90:82:
f1:3f:5e:50:f1:01:b5:5e:61:9a:94:29:75:e4:83:5b:37:25:
04:53:fc:25:f0:42:94:b5:8d:23:bd:92:de:91:61:5b:40:f4:
34:fb:07:e0:2a:86:25:26:fd:5f:08:0e:d6:70:96:df:c4:5d:
83:62:0f:df:da:bf:11:79:e4:c4:ca:cf:84:2d:bb:a2:b6:0f:
3e:e5:5c:29:1d:0b:4f:05:b5:86:6d:6b:28:bc:3e:ef:29:5f:
7b:3a:a1:78:61:d1:ef:47:fb:90:b5:ac:02:3e:66:1e:37:be:
2e:07:fa:75:3a:73:b3:d2:32:b0:5e:3e:30:e0:76:6a:bf:f4:
8c:0f:45:bd:00:de:c7:50:1e:71:3f:53:27:51:4f:5c:0c:0d:
c5:d4:19:1a:a3:5b:f9:10:df:d0:0a:3e:b9:80:e2:be:81:c1:
8c:ac:d3:9c:a3:c7:35:88:da:d2:08:6c:60:65:16:5e:5c:25:
55:c1:bd:ac:a6:44:ca:b4:c1:63:05:16:ae:d7:b9:3b:dc:0a:
3d:65:51:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIcVwaw2zQYkVEr/n9BjmpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYmFiNmQzNjBlOTNkOThmY2U5ZTc4ODhlNTY0YmQ0NjRl
ODllOGEwHhcNMjQwMTAyMDQzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2FkYTI4ZTBhZjM1MzViNjNjNDNkMGMyOTI2Mjk2OGVlMjVlMWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+A1OXXGy6vqu0FSSqTBpESNQtIt
567/IxZ71PSDBX8geWV7t6ktLopeEdB6/EvVftbZdDu1Ds+W5rQOmol/y0qUtg4h
EnTtF3761AWZ3Dq36dSDYuxcC2grolpuo7ao9Yol/L7INQkcDSooFTklzX4KmUG7
O1etLFVngNWLiXubfX4yAoq5wniPaJgtFPQzXvw1aoCTMmyDDz7BYXzrG9lhrExm
uxcegvNIXq9t8aXq2L2nYNX4R+dgE08czQz/bBUlt9dEHA7rhzOZxN48hC+r2gkb
6h6+hULO/eTX5Hpg1vZj1OLjWVeHqZS85jhzcnH3q5tmZTqvP6pNzL/U6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGetoo4K81NbY8Q9DCkmKWjuJeG5MB8GA1UdIwQY
MBaAFFK6ttNg6T2Y/OnniI5WS9Rk6J6KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXJxMjAyRHBQWmo4NmVlSWpsWkwxR1Rvbm9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zZDNiNTYtZTRlMS00YzA3LTk5ZTYt
MmZkZmUzNTA3YTJmLzEvWjYyaWpncnpVMXRqeEQwTUtTWXBhTzRsNGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zZDNiNTYtZTRlMS00YzA3LTk5ZTYtMmZkZmUzNTA3YTJm
LzEvVXJxMjAyRHBQWmo4NmVlSWpsWkwxR1Rvbm9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8CMAwQB
we/mMA0GCSqGSIb3DQEBCwUAA4IBAQAx9MkJv+L1MhbDJ3M8wlvDXd2m8KB79+Hu
3FN7N3WUAMYLYZ1k17R8NoGZYvFe+CMzWLtGkILxP15Q8QG1XmGalCl15INbNyUE
U/wl8EKUtY0jvZLekWFbQPQ0+wfgKoYlJv1fCA7WcJbfxF2DYg/f2r8ReeTEys+E
Lbuitg8+5VwpHQtPBbWGbWsovD7vKV97OqF4YdHvR/uQtawCPmYeN74uB/p1OnOz
0jKwXj4w4HZqv/SMD0W9AN7HUB5xP1MnUU9cDA3F1Bkao1v5EN/QCj65gOK+gcGM
rNOco8c1iNrSCGxgZRZeXCVVwb2spkTKtMFjBRau17k73Ao9ZVEF
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:42:00 2024 by rpki-client on console-ams.rpki-client.org