Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/b0RKHFwh7g6LvKvmZC5AuhYjNGE.roa
File: b0RKHFwh7g6LvKvmZC5AuhYjNGE.roa (raw, json)
Hash identifier: ccT67XmIsIimM38sSnKbfOVl7ezHzrth9qONRdMqx/w=
Subject key identifier: 6F:44:4A:1C:5C:21:EE:0E:8B:BC:AB:E6:64:2E:40:BA:16:23:34:61
Certificate issuer: /CN=64d4e8723450d0a710c32d90ffea18529104e538
Certificate serial: 01935DA3B5E5500864C4636DB4FF7F70729A
Authority key identifier: 64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/b0RKHFwh7g6LvKvmZC5AuhYjNGE.roa
Signing time: Sun 24 Nov 2024 10:07:10 +0000
ROA not before: Sun 24 Nov 2024 10:07:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 91.216.155.0/24 maxlen: 24
91.217.90.0/24 maxlen: 24
91.226.212.0/24 maxlen: 24
91.226.213.0/24 maxlen: 24
193.203.50.0/23 maxlen: 23
193.203.50.0/24 maxlen: 24
193.203.51.0/24 maxlen: 24
195.211.40.0/23 maxlen: 23
2a13:f580:5::/48 maxlen: 48
2a13:f580:6::/48 maxlen: 48
2a13:f580:7::/48 maxlen: 48
2a13:f580:8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:5d:a3:b5:e5:50:08:64:c4:63:6d:b4:ff:7f:70:72:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d4e8723450d0a710c32d90ffea18529104e538
Validity
Not Before: Nov 24 10:07:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f444a1c5c21ee0e8bbcabe6642e40ba16233461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:8e:36:9d:98:53:64:23:6b:1e:93:0d:5c:77:
97:e2:c5:ef:13:85:1a:3c:b4:97:96:f7:d2:d1:3f:
6b:ce:d6:14:df:a5:dd:1a:70:00:54:de:4a:a2:30:
75:74:7b:9c:fe:1b:c7:cb:5b:a2:d5:ef:ce:35:ba:
1f:92:ad:ab:ad:58:be:d8:18:4a:b3:01:34:db:06:
a8:f8:31:68:7b:c3:92:a0:dc:69:14:cd:41:9b:33:
73:31:4a:74:cb:77:11:5b:57:a1:79:14:3a:14:3a:
44:ca:08:37:84:8d:2e:70:62:5d:91:5f:bb:89:07:
23:dd:1f:4b:46:75:4b:40:14:a7:53:12:4e:6b:dc:
65:21:66:2a:6b:64:e6:ca:96:8e:9b:61:f1:2f:56:
79:98:5a:29:8b:fa:35:a8:e3:80:34:90:5c:20:b4:
13:f6:aa:e4:51:22:fd:cd:f4:9e:70:ef:11:c7:94:
1b:de:21:46:ce:3f:27:e8:36:62:9b:44:e7:3e:d0:
04:33:aa:83:1e:51:81:60:e4:6e:0a:97:6e:b6:8f:
bb:25:98:a6:78:d3:bf:f6:45:cd:03:21:e8:34:ee:
0e:8b:c8:fe:ce:93:3f:5a:91:12:41:fa:b2:ec:4a:
56:29:3e:ad:83:f1:e0:84:30:29:bd:f0:93:e0:8e:
20:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:44:4A:1C:5C:21:EE:0E:8B:BC:AB:E6:64:2E:40:BA:16:23:34:61
X509v3 Authority Key Identifier:
keyid:64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/b0RKHFwh7g6LvKvmZC5AuhYjNGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.155.0/24
91.217.90.0/24
91.226.212.0/23
193.203.50.0/23
195.211.40.0/23
IPv6:
2a13:f580:5::-2a13:f580:8:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
57:6d:59:bc:13:a8:c7:19:6d:4b:2f:6f:74:d9:84:96:2e:f5:
2b:4a:99:c9:cf:fd:f8:b5:7c:89:2e:f2:01:fa:87:24:e0:d4:
e0:13:b0:04:8f:d0:eb:68:84:cc:60:92:77:bf:f2:a2:92:d0:
e6:d7:8d:55:b5:a1:99:52:53:7e:61:bc:72:1d:4d:df:b2:40:
06:f9:b9:f0:39:ef:ad:e8:60:6b:c4:ef:9d:e6:8b:bc:0e:fc:
72:36:68:53:55:d3:3d:c0:44:da:ab:48:03:81:7e:06:b4:ab:
80:7d:9b:2c:06:44:e2:4b:27:fa:2d:81:a1:9a:e3:fc:79:84:
7f:bd:46:de:d7:98:f9:13:c9:bb:8a:0c:1a:ab:14:f2:d2:85:
25:eb:6b:53:2b:73:5c:9d:d7:81:f3:8a:eb:8e:bd:73:e5:09:
d7:a7:3a:0f:38:66:1b:59:db:27:02:3f:51:42:05:bf:b1:cd:
2f:79:a5:38:75:0d:f7:e3:87:f3:ce:a4:4b:c4:e7:ee:73:d7:
87:b1:0e:30:8b:1b:2e:56:90:ef:a3:e4:5d:6c:15:90:a5:13:
21:62:5d:a9:4e:96:5a:32:4b:1c:22:6b:7c:94:82:50:20:96:
04:7a:e0:0f:db:6f:3a:6f:a3:7a:64:1a:c2:94:ff:21:44:b2:
d6:96:ab:58
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZNdo7XlUAhkxGNttP9/cHKaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDRlODcyMzQ1MGQwYTcxMGMzMmQ5MGZmZWExODUyOTEw
NGU1MzgwHhcNMjQxMTI0MTAwNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjQ0NGExYzVjMjFlZTBlOGJiY2FiZTY2NDJlNDBiYTE2MjMzNDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Y42nZhTZCNrHpMNXHeX4sXvE4Ua
PLSXlvfS0T9rztYU36XdGnAAVN5KojB1dHuc/hvHy1ui1e/ONbofkq2rrVi+2BhK
swE02wao+DFoe8OSoNxpFM1BmzNzMUp0y3cRW1eheRQ6FDpEygg3hI0ucGJdkV+7
iQcj3R9LRnVLQBSnUxJOa9xlIWYqa2TmypaOm2HxL1Z5mFopi/o1qOOANJBcILQT
9qrkUSL9zfSecO8Rx5Qb3iFGzj8n6DZim0TnPtAEM6qDHlGBYORuCpduto+7JZim
eNO/9kXNAyHoNO4Oi8j+zpM/WpESQfqy7EpWKT6tg/HghDApvfCT4I4g2QIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFG9EShxcIe4Oi7yr5mQuQLoWIzRhMB8GA1UdIwQY
MBaAFGTU6HI0UNCnEMMtkP/qGFKRBOU4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzIt
NDIyYWVkM2E3NzAyLzEvYjBSS0hGd2g3ZzZMdkt2bVpDNUF1aFlqTkdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzItNDIyYWVkM2E3NzAy
LzEvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAkBAIAATAeAwQAW9ibAwQA
W9laAwQBW+LUAwQBwcsyAwQBw9MoMBoEAgACMBQwEgMHACoT9YAABQMHACoT9YAA
CDANBgkqhkiG9w0BAQsFAAOCAQEAV21ZvBOoxxltSy9vdNmEli71K0qZyc/9+LV8
iS7yAfqHJODU4BOwBI/Q62iEzGCSd7/yopLQ5teNVbWhmVJTfmG8ch1N37JABvm5
8Dnvrehga8TvneaLvA78cjZoU1XTPcBE2qtIA4F+BrSrgH2bLAZE4ksn+i2BoZrj
/HmEf71G3teY+RPJu4oMGqsU8tKFJetrUytzXJ3XgfOK6469c+UJ16c6DzhmG1nb
JwI/UUIFv7HNL3mlOHUN9+OH886kS8Tn7nPXh7EOMIsbLlaQ76PkXWwVkKUTIWJd
qU6WWjJLHCJrfJSCUCCWBHrgD9tvOm+jemQawpT/IUSy1parWA==
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:26:16 2024 by rpki-client on console-fra.rpki-client.org