Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/fLEbvX2dved-p8L4Pc4D0ilQe08.roa
File: fLEbvX2dved-p8L4Pc4D0ilQe08.roa (raw, json)
Hash identifier: vh2w4KYc+AKJrQ0ACZ0F8nzwMnx5IXSIhHfFyjxRub4=
Subject key identifier: 7C:B1:1B:BD:7D:9D:BD:E7:7E:A7:C2:F8:3D:CE:03:D2:29:50:7B:4F
Certificate issuer: /CN=3691d2950145dceac00c0ca4eb536d92867b38d3
Certificate serial: 018FABB90D9263FD65C4DE1141F67DDD1AA4
Authority key identifier: 36:91:D2:95:01:45:DC:EA:C0:0C:0C:A4:EB:53:6D:92:86:7B:38:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/fLEbvX2dved-p8L4Pc4D0ilQe08.roa
Signing time: Fri 24 May 2024 17:49:42 +0000
ROA not before: Fri 24 May 2024 17:49:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206924
IP address blocks: 91.198.241.0/24 maxlen: 24
185.230.223.0/24 maxlen: 24
2a0c:2f05:3512::/48 maxlen: 48
2a0c:2f07:d::/48 maxlen: 48
2a0c:2f07:f::/48 maxlen: 48
2a0c:2f07:29::/48 maxlen: 48
2a0c:2f07:384::/48 maxlen: 48
2a0c:2f07:666::/48 maxlen: 48
2a0c:2f07:ac1::/48 maxlen: 48
2a0c:2f07:4663::/48 maxlen: 48
2a0c:2f07:4896::/48 maxlen: 48
2a0c:2f07:9459::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/NpHSlQFF3OrADAyk61NtkoZ7ONM.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/NpHSlQFF3OrADAyk61NtkoZ7ONM.mft
rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ab:b9:0d:92:63:fd:65:c4:de:11:41:f6:7d:dd:1a:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3691d2950145dceac00c0ca4eb536d92867b38d3
Validity
Not Before: May 24 17:49:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7cb11bbd7d9dbde77ea7c2f83dce03d229507b4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:15:90:a4:04:f2:d6:ef:6a:43:d7:ae:76:91:
fa:77:37:a5:67:5b:e8:d0:89:0a:7c:92:d1:95:2c:
a3:db:8a:b3:90:7c:e5:db:94:80:7d:fc:d8:f5:57:
5e:9c:cd:ea:e3:d2:cc:a4:f5:e7:ac:bf:b7:67:98:
01:67:cb:e5:27:37:da:92:9b:b2:47:6c:d0:d7:13:
75:ad:a0:f7:a7:5c:71:42:dd:e9:66:d0:be:36:2a:
9a:f0:14:8b:3b:0e:fd:cf:81:11:2c:0d:07:19:b6:
cf:db:99:52:ab:1b:7d:58:80:01:92:e7:5d:44:40:
bf:d3:c9:fd:e0:f4:32:18:94:6c:cb:a9:c1:85:15:
00:62:9f:35:92:8c:98:da:7d:fe:76:19:44:4a:fd:
13:96:4f:f5:fa:00:44:dc:88:3a:eb:78:d2:1a:0b:
15:3c:7f:a4:00:e0:7e:34:69:e9:c1:c1:a9:48:fb:
12:91:04:27:26:d9:3a:73:be:04:7a:b8:29:9c:f0:
28:4e:ec:76:9f:69:dc:59:d3:28:69:b5:eb:f9:6a:
b7:42:06:ad:8d:0a:62:f5:d2:55:2a:f5:d0:f6:c4:
66:c0:54:73:6a:77:bf:d7:2b:e1:45:6c:03:df:27:
7f:b5:9d:6d:cd:95:a7:76:38:9e:e1:60:97:5e:38:
96:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:B1:1B:BD:7D:9D:BD:E7:7E:A7:C2:F8:3D:CE:03:D2:29:50:7B:4F
X509v3 Authority Key Identifier:
keyid:36:91:D2:95:01:45:DC:EA:C0:0C:0C:A4:EB:53:6D:92:86:7B:38:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/fLEbvX2dved-p8L4Pc4D0ilQe08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/NpHSlQFF3OrADAyk61NtkoZ7ONM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.241.0/24
185.230.223.0/24
IPv6:
2a0c:2f05:3512::/48
2a0c:2f07:d::/48
2a0c:2f07:f::/48
2a0c:2f07:29::/48
2a0c:2f07:384::/48
2a0c:2f07:666::/48
2a0c:2f07:ac1::/48
2a0c:2f07:4663::/48
2a0c:2f07:4896::/48
2a0c:2f07:9459::/48
Signature Algorithm: sha256WithRSAEncryption
0e:90:2b:24:93:86:5c:01:0b:81:b2:40:89:99:93:df:db:fa:
20:81:9e:40:be:fe:f5:59:f6:83:2b:0a:34:36:2a:f2:e5:65:
46:6a:64:cf:fc:14:82:eb:d0:eb:27:45:f3:8f:eb:f2:23:a6:
56:61:e9:39:22:8c:a6:67:99:7f:4e:9d:16:f4:37:3a:c7:ed:
c3:a2:3b:8e:a4:e6:3f:6c:da:f3:e1:db:54:d1:6b:57:14:04:
88:64:8e:5d:a6:e3:8e:cd:0c:71:17:e6:54:7e:14:19:a6:96:
9e:3b:7f:76:a7:79:9d:cc:2a:45:0e:2c:04:79:1e:a9:c1:a1:
b0:c5:86:42:5a:bb:4a:05:de:a8:10:74:cf:c6:99:5f:e9:b1:
63:7d:c3:bd:39:f9:b1:83:a2:15:29:b1:7e:0e:b1:4e:8b:59:
42:99:7f:05:94:0b:04:f1:89:e6:49:f2:e7:15:0b:24:db:ee:
34:7f:f8:4e:31:1e:a6:27:5f:28:3e:31:71:22:83:67:2c:59:
19:c6:c8:e5:55:74:65:ef:93:ef:22:59:d9:4e:ba:48:f8:91:
25:a7:da:91:f9:04:d2:40:72:23:86:10:12:e1:32:98:8e:29:
30:8a:c4:23:bf:77:08:ed:81:75:83:f0:a1:e0:8a:b0:8f:58:
79:ab:94:26
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAY+ruQ2SY/1lxN4RQfZ93RqkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTFkMjk1MDE0NWRjZWFjMDBjMGNhNGViNTM2ZDkyODY3
YjM4ZDMwHhcNMjQwNTI0MTc0OTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2IxMWJiZDdkOWRiZGU3N2VhN2MyZjgzZGNlMDNkMjI5NTA3YjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRWQpATy1u9qQ9eudpH6dzelZ1vo
0IkKfJLRlSyj24qzkHzl25SAffzY9VdenM3q49LMpPXnrL+3Z5gBZ8vlJzfakpuy
R2zQ1xN1raD3p1xxQt3pZtC+Niqa8BSLOw79z4ERLA0HGbbP25lSqxt9WIABkudd
REC/08n94PQyGJRsy6nBhRUAYp81koyY2n3+dhlESv0Tlk/1+gBE3Ig663jSGgsV
PH+kAOB+NGnpwcGpSPsSkQQnJtk6c74EergpnPAoTux2n2ncWdMoabXr+Wq3Qgat
jQpi9dJVKvXQ9sRmwFRzane/1yvhRWwD3yd/tZ1tzZWndjie4WCXXjiWWwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFHyxG719nb3nfqfC+D3OA9IpUHtPMB8GA1UdIwQY
MBaAFDaR0pUBRdzqwAwMpOtTbZKGezjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBIU2xRRkYzT3JBREF5azYxTnRrb1o3T05NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8yYTk0MmEtZjFiZi00M2UyLWI5MmEt
MWRlYzQwNTg0ODA2LzEvZkxFYnZYMmR2ZWQtcDhMNFBjNEQwaWxRZTA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8yYTk0MmEtZjFiZi00M2UyLWI5MmEtMWRlYzQwNTg0ODA2
LzEvTnBIU2xRRkYzT3JBREF5azYxTnRrb1o3T05NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwEgQCAAEwDAMEAFvG8QME
ALnm3zBgBAIAAjBaAwcAKgwvBTUSAwcAKgwvBwANAwcAKgwvBwAPAwcAKgwvBwAp
AwcAKgwvBwOEAwcAKgwvBwZmAwcAKgwvBwrBAwcAKgwvB0ZjAwcAKgwvB0iWAwcA
KgwvB5RZMA0GCSqGSIb3DQEBCwUAA4IBAQAOkCskk4ZcAQuBskCJmZPf2/oggZ5A
vv71WfaDKwo0Niry5WVGamTP/BSC69DrJ0Xzj+vyI6ZWYek5IoymZ5l/Tp0W9Dc6
x+3DojuOpOY/bNrz4dtU0WtXFASIZI5dpuOOzQxxF+ZUfhQZppaeO392p3mdzCpF
DiwEeR6pwaGwxYZCWrtKBd6oEHTPxplf6bFjfcO9Ofmxg6IVKbF+DrFOi1lCmX8F
lAsE8YnmSfLnFQsk2+40f/hOMR6mJ18oPjFxIoNnLFkZxsjlVXRl75PvIlnZTrpI
+JElp9qR+QTSQHIjhhAS4TKYjikwisQjv3cI7YF1g/Ch4Iqwj1h5q5Qm
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:42:29 2024 by rpki-client on console-ams.rpki-client.org