Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/zSaQY4MWlz6YpJCJCUQIexnNgtI.roa
File: zSaQY4MWlz6YpJCJCUQIexnNgtI.roa (raw, json)
Hash identifier: GNzCRbYdAZ9JgvR+ANFEZ+ogiZ6AvqH7yJgkni6gnLw=
Subject key identifier: CD:26:90:63:83:16:97:3E:98:A4:90:89:09:44:08:7B:19:CD:82:D2
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018DED398E0AED2AAD9396D4049CF5516068
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/zSaQY4MWlz6YpJCJCUQIexnNgtI.roa
Signing time: Wed 28 Feb 2024 00:59:48 +0000
ROA not before: Wed 28 Feb 2024 00:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60808
IP address blocks: 91.246.49.0/24 maxlen: 24
91.247.177.0/24 maxlen: 24
185.215.246.0/24 maxlen: 24
188.253.12.0/22 maxlen: 22
188.253.96.0/19 maxlen: 24
2a05:ec80::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ed:39:8e:0a:ed:2a:ad:93:96:d4:04:9c:f5:51:60:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Feb 28 00:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd2690638316973e98a490890944087b19cd82d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e6:15:c5:f0:6b:f1:2a:23:ab:13:9c:88:a3:
c0:b9:46:7e:49:33:86:e3:ff:17:68:d7:55:71:be:
1c:c9:8a:b1:a6:02:7d:44:9e:20:7d:4b:24:14:69:
66:54:3e:06:e6:09:b3:ab:56:4c:43:80:6c:10:e1:
e5:7c:ab:91:e1:cb:db:b2:f5:c8:b4:18:58:31:0c:
1f:fe:a4:ea:d4:f3:38:b6:9f:b1:1b:4c:cf:7d:c8:
e1:18:ac:66:74:e6:e8:20:bb:fc:04:e0:20:0c:05:
c4:51:a8:23:0d:29:50:ae:5f:d3:a8:b8:a9:9a:c8:
b1:19:f1:34:47:57:7b:d1:22:23:43:49:c7:70:0f:
bf:38:e5:36:ba:ab:01:12:ee:64:f9:1b:74:b1:34:
9e:4f:63:ba:5e:92:fa:76:ce:dc:3e:08:22:d9:2c:
dc:dd:85:92:0d:c9:5c:0b:00:1a:07:c5:01:a2:f0:
e8:79:7c:b7:f9:a5:ba:ed:02:dc:9b:dc:50:cc:35:
0a:7f:c4:ea:55:5a:ed:98:ed:0f:32:d5:29:47:f8:
91:fd:f2:dd:c9:36:f6:e1:72:c6:4f:da:aa:10:61:
80:84:86:21:f1:1c:45:e0:42:01:49:05:1b:40:6e:
21:30:27:19:37:9c:d8:70:d2:0b:9d:52:cb:e0:cc:
3c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:26:90:63:83:16:97:3E:98:A4:90:89:09:44:08:7B:19:CD:82:D2
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/zSaQY4MWlz6YpJCJCUQIexnNgtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.246.49.0/24
91.247.177.0/24
185.215.246.0/24
188.253.12.0/22
188.253.96.0/19
IPv6:
2a05:ec80::/29
Signature Algorithm: sha256WithRSAEncryption
af:e2:59:b9:0b:7f:e3:4f:e5:9f:9a:bc:8b:76:74:c7:64:22:
b9:1d:6d:87:88:79:76:4d:7b:9f:5f:11:a2:fc:be:c2:c9:a7:
8f:85:f0:9f:bf:b3:30:c4:cb:22:2a:5e:d3:9e:8f:c1:ed:06:
f0:9a:6a:03:4c:28:3d:84:dc:04:55:ec:9a:46:3a:3e:7e:f0:
e7:ca:87:40:a8:01:b1:89:54:67:e6:33:5a:30:c7:96:46:28:
de:c9:7b:93:fd:89:f7:f6:4f:60:a4:43:18:5c:e1:e0:af:a1:
77:1e:3c:9e:a5:03:34:21:68:ff:af:3e:78:91:b5:13:14:b2:
89:f8:53:bc:d8:10:64:1b:d8:16:b0:f3:fd:47:2d:d1:d1:62:
01:5b:54:37:e1:8d:4e:b6:3b:d8:d1:2e:ad:af:0d:e3:de:cf:
c5:3e:d4:3d:c2:fa:a4:00:82:fd:58:4e:54:88:57:8d:d4:a9:
5a:db:7b:75:aa:99:2d:f4:1d:da:ef:42:7c:4c:80:ba:f5:9f:
f4:82:4c:7e:ef:29:2d:53:00:73:ea:e7:80:aa:df:2f:44:82:
68:18:12:0b:55:37:40:12:0c:bc:23:aa:a0:72:af:2c:88:54:
4a:9d:82:11:73:38:df:88:c3:0b:8b:1f:34:f0:aa:20:b4:ae:
d3:9d:72:79
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY3tOY4K7Sqtk5bUBJz1UWBoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMjI4MDA1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDI2OTA2MzgzMTY5NzNlOThhNDkwODkwOTQ0MDg3YjE5Y2Q4MmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+YVxfBr8SojqxOciKPAuUZ+STOG
4/8XaNdVcb4cyYqxpgJ9RJ4gfUskFGlmVD4G5gmzq1ZMQ4BsEOHlfKuR4cvbsvXI
tBhYMQwf/qTq1PM4tp+xG0zPfcjhGKxmdOboILv8BOAgDAXEUagjDSlQrl/TqLip
msixGfE0R1d70SIjQ0nHcA+/OOU2uqsBEu5k+Rt0sTSeT2O6XpL6ds7cPggi2Szc
3YWSDclcCwAaB8UBovDoeXy3+aW67QLcm9xQzDUKf8TqVVrtmO0PMtUpR/iR/fLd
yTb24XLGT9qqEGGAhIYh8RxF4EIBSQUbQG4hMCcZN5zYcNILnVLL4Mw8nwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFM0mkGODFpc+mKSQiQlECHsZzYLSMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvelNhUVk0TVdsejZZcEpDSkNVUUlleG5OZ3RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAW/YxAwQA
W/exAwQAudf2AwQCvP0MAwQFvP1gMA0EAgACMAcDBQMqBeyAMA0GCSqGSIb3DQEB
CwUAA4IBAQCv4lm5C3/jT+WfmryLdnTHZCK5HW2HiHl2TXufXxGi/L7CyaePhfCf
v7MwxMsiKl7Tno/B7QbwmmoDTCg9hNwEVeyaRjo+fvDnyodAqAGxiVRn5jNaMMeW
RijeyXuT/Yn39k9gpEMYXOHgr6F3HjyepQM0IWj/rz54kbUTFLKJ+FO82BBkG9gW
sPP9Ry3R0WIBW1Q34Y1OtjvY0S6trw3j3s/FPtQ9wvqkAIL9WE5UiFeN1Kla23t1
qpkt9B3a70J8TIC69Z/0gkx+7yktUwBz6ueAqt8vRIJoGBILVTdAEgy8I6qgcq8s
iFRKnYIRczjfiMMLix808KogtK7TnXJ5
-----END CERTIFICATE-----
Generated at Mon May 6 09:48:00 2024 by rpki-client on console-fra.rpki-client.org