Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/hd6PJV56rpUsD-C7hZvztdDrBrw.roa
File: hd6PJV56rpUsD-C7hZvztdDrBrw.roa (raw, json)
Hash identifier: XDDYiJDYIBzoov4I3hBMR9OGQY13JDMXzqkmmj+yYyg=
Subject key identifier: 85:DE:8F:25:5E:7A:AE:95:2C:0F:E0:BB:85:9B:F3:B5:D0:EB:06:BC
Certificate issuer: /CN=64d4e8723450d0a710c32d90ffea18529104e538
Certificate serial: 0193161B3369DE1DA09620771FCF5816A210
Authority key identifier: 64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/hd6PJV56rpUsD-C7hZvztdDrBrw.roa
Signing time: Sun 10 Nov 2024 12:45:01 +0000
ROA not before: Sun 10 Nov 2024 12:45:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 91.216.155.0/24 maxlen: 24
91.217.90.0/24 maxlen: 24
91.226.212.0/24 maxlen: 24
193.203.50.0/23 maxlen: 23
193.203.50.0/24 maxlen: 24
193.203.51.0/24 maxlen: 24
195.211.40.0/23 maxlen: 23
2a13:f580:5::/48 maxlen: 48
2a13:f580:6::/48 maxlen: 48
2a13:f580:7::/48 maxlen: 48
2a13:f580:8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:16:1b:33:69:de:1d:a0:96:20:77:1f:cf:58:16:a2:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d4e8723450d0a710c32d90ffea18529104e538
Validity
Not Before: Nov 10 12:45:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85de8f255e7aae952c0fe0bb859bf3b5d0eb06bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a1:f4:a4:2f:50:c1:57:ed:ba:fc:2b:07:15:
17:88:9f:1c:65:ee:80:2b:6f:5a:65:5c:d2:d2:60:
25:a0:7d:c3:3a:d8:68:36:94:bf:c3:7c:34:36:27:
a8:87:65:53:60:a4:5a:59:f2:dd:8e:be:b2:19:7a:
57:56:0d:f1:8b:b2:12:9d:3e:ac:2a:52:7a:70:e9:
93:6c:22:72:d4:5d:ef:82:ad:3c:ea:9f:7e:4a:08:
d9:b2:a8:41:70:d1:55:53:c5:0e:e3:d5:67:46:0b:
cc:08:f1:25:1d:69:fa:ff:6a:bb:46:8e:d1:09:21:
06:c8:f6:f3:45:c1:40:bd:9b:ca:3b:b3:f0:99:46:
31:f4:42:9f:83:7f:a1:52:9f:d5:eb:4c:e2:1a:2d:
60:4b:5e:93:9d:0b:51:a4:85:8b:29:0d:27:26:d3:
03:60:82:2a:c0:0a:4e:da:fb:c3:08:65:ab:47:fd:
82:1e:1a:a7:57:3b:19:e7:cb:63:4c:8f:26:5f:c5:
48:54:db:f6:c0:2a:1a:08:67:44:ad:34:92:81:ad:
6f:20:e9:4b:66:aa:c3:6d:ab:db:d3:e8:4a:6f:d5:
71:20:dd:59:0b:1a:87:34:c2:51:31:e4:02:de:37:
7c:20:53:b8:0d:b4:16:9e:01:e8:3f:4d:a7:f4:3a:
af:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:DE:8F:25:5E:7A:AE:95:2C:0F:E0:BB:85:9B:F3:B5:D0:EB:06:BC
X509v3 Authority Key Identifier:
keyid:64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/hd6PJV56rpUsD-C7hZvztdDrBrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.155.0/24
91.217.90.0/24
91.226.212.0/24
193.203.50.0/23
195.211.40.0/23
IPv6:
2a13:f580:5::-2a13:f580:8:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
99:7d:e0:47:25:d3:db:6b:7c:36:3e:a7:46:91:3c:b1:5d:86:
25:e9:90:45:06:03:81:26:97:3a:85:a0:f6:2a:15:ab:4d:fc:
6f:d3:1a:2b:1a:6f:14:f3:11:f9:61:cc:83:75:99:0f:3b:a9:
e8:24:79:ba:a9:64:c0:95:eb:79:50:8f:9f:bc:05:76:6b:0e:
38:ce:f4:69:07:21:fe:28:22:aa:36:7f:74:d4:d7:81:1a:8f:
f5:44:8c:5b:cc:1b:7b:23:d4:a5:2d:af:5a:23:c0:df:dc:b1:
5f:6a:cd:8d:4c:66:66:ae:fd:68:ca:a6:0e:28:7e:65:87:5f:
42:c5:a9:dd:3b:b0:04:e7:81:3d:fd:ee:47:c8:dd:50:a3:43:
20:15:22:db:88:86:11:b6:d0:44:10:c1:65:d3:07:7d:70:e1:
4a:4e:a3:36:9d:39:51:d8:8d:ec:7f:88:c2:fc:08:23:e9:d1:
40:7d:8d:3e:63:66:ff:e8:37:ca:fc:c3:f9:77:1b:7c:16:d8:
f4:94:24:70:fe:30:d8:d4:c3:e7:ec:59:8a:1e:19:c4:bf:51:
53:dd:87:b5:3e:13:ea:fd:1e:b3:3d:e1:d8:7a:9c:ba:a8:70:
a9:74:39:51:01:13:9c:78:33:5f:a6:f5:ae:6b:e4:e2:70:c1:
15:33:f9:eb
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZMWGzNp3h2gliB3H89YFqIQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDRlODcyMzQ1MGQwYTcxMGMzMmQ5MGZmZWExODUyOTEw
NGU1MzgwHhcNMjQxMTEwMTI0NTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWRlOGYyNTVlN2FhZTk1MmMwZmUwYmI4NTliZjNiNWQwZWIwNmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6H0pC9QwVftuvwrBxUXiJ8cZe6A
K29aZVzS0mAloH3DOthoNpS/w3w0Nieoh2VTYKRaWfLdjr6yGXpXVg3xi7ISnT6s
KlJ6cOmTbCJy1F3vgq086p9+SgjZsqhBcNFVU8UO49VnRgvMCPElHWn6/2q7Ro7R
CSEGyPbzRcFAvZvKO7PwmUYx9EKfg3+hUp/V60ziGi1gS16TnQtRpIWLKQ0nJtMD
YIIqwApO2vvDCGWrR/2CHhqnVzsZ58tjTI8mX8VIVNv2wCoaCGdErTSSga1vIOlL
ZqrDbavb0+hKb9VxIN1ZCxqHNMJRMeQC3jd8IFO4DbQWngHoP02n9DqvwwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFIXejyVeeq6VLA/gu4Wb87XQ6wa8MB8GA1UdIwQY
MBaAFGTU6HI0UNCnEMMtkP/qGFKRBOU4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzIt
NDIyYWVkM2E3NzAyLzEvaGQ2UEpWNTZycFVzRC1DN2hadnp0ZERyQnJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzItNDIyYWVkM2E3NzAy
LzEvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAkBAIAATAeAwQAW9ibAwQA
W9laAwQAW+LUAwQBwcsyAwQBw9MoMBoEAgACMBQwEgMHACoT9YAABQMHACoT9YAA
CDANBgkqhkiG9w0BAQsFAAOCAQEAmX3gRyXT22t8Nj6nRpE8sV2GJemQRQYDgSaX
OoWg9ioVq038b9MaKxpvFPMR+WHMg3WZDzup6CR5uqlkwJXreVCPn7wFdmsOOM70
aQch/igiqjZ/dNTXgRqP9USMW8wbeyPUpS2vWiPA39yxX2rNjUxmZq79aMqmDih+
ZYdfQsWp3TuwBOeBPf3uR8jdUKNDIBUi24iGEbbQRBDBZdMHfXDhSk6jNp05UdiN
7H+IwvwII+nRQH2NPmNm/+g3yvzD+XcbfBbY9JQkcP4w2NTD5+xZih4ZxL9RU92H
tT4T6v0esz3h2HqcuqhwqXQ5UQETnHgzX6b1rmvk4nDBFTP56w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:11:26 2024 by rpki-client on console-fra.rpki-client.org