Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/9f88d8-8a6d-4c5c-b194-e155acc6b84e/1/D6hfBg5pxOZD5aiTx0Dk3MctbuI.roa
File: D6hfBg5pxOZD5aiTx0Dk3MctbuI.roa (raw, json)
Hash identifier: HtJ3YUvNNqcp7wZruk3T3K3BD/ZipBGgd+nsH2lL9Kc=
Subject key identifier: 0F:A8:5F:06:0E:69:C4:E6:43:E5:A8:93:C7:40:E4:DC:C7:2D:6E:E2
Certificate issuer: /CN=3f47f75757413ccc172d3d1b826fae5ae9385a1b
Certificate serial: 018CC8DE60BA7DA366741054F2FEA6F4EBCF
Authority key identifier: 3F:47:F7:57:57:41:3C:CC:17:2D:3D:1B:82:6F:AE:5A:E9:38:5A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P0f3V1dBPMwXLT0bgm-uWuk4Whs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/9f88d8-8a6d-4c5c-b194-e155acc6b84e/1/D6hfBg5pxOZD5aiTx0Dk3MctbuI.roa
Signing time: Tue 02 Jan 2024 06:31:06 +0000
ROA not before: Tue 02 Jan 2024 06:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208684
IP address blocks: 91.230.168.0/24 maxlen: 24
91.230.188.0/24 maxlen: 24
91.231.47.0/24 maxlen: 24
45.89.112.0/22 maxlen: 22
91.231.89.0/24 maxlen: 24
2a0b:2640::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/9f88d8-8a6d-4c5c-b194-e155acc6b84e/1/P0f3V1dBPMwXLT0bgm-uWuk4Whs.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/9f88d8-8a6d-4c5c-b194-e155acc6b84e/1/P0f3V1dBPMwXLT0bgm-uWuk4Whs.mft
rsync://rpki.ripe.net/repository/DEFAULT/P0f3V1dBPMwXLT0bgm-uWuk4Whs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:60:ba:7d:a3:66:74:10:54:f2:fe:a6:f4:eb:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f47f75757413ccc172d3d1b826fae5ae9385a1b
Validity
Not Before: Jan 2 06:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fa85f060e69c4e643e5a893c740e4dcc72d6ee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:54:c6:43:01:52:10:07:bb:02:6f:97:38:22:
23:dd:17:d2:22:ba:3a:a1:95:0d:08:e6:31:15:dd:
33:b0:87:07:ca:15:6d:b9:2a:eb:c8:46:89:79:d0:
db:27:5a:1b:80:fe:2d:7a:ca:6b:8d:97:27:8a:00:
c7:1b:96:4a:b9:f6:9f:31:8c:03:44:8e:f6:d4:53:
7f:dc:92:1d:23:30:23:7c:1b:0d:eb:c1:98:ac:45:
6e:48:5b:15:88:c5:20:b6:b5:c8:9b:5b:68:9e:fb:
a5:a6:3a:7f:f9:de:e9:b1:4a:07:d8:d2:27:4b:eb:
ab:d4:3e:ab:09:98:50:57:2a:14:b2:fa:3a:48:dd:
cb:8f:96:5d:d5:e8:b1:40:90:e5:37:e7:1d:2b:0f:
97:9d:a4:a7:ac:39:5e:84:c8:b3:8b:a8:51:e4:66:
9f:c0:73:82:dc:23:04:03:cc:b5:a3:ad:4f:90:76:
60:a8:e9:02:a3:a2:8f:c9:98:af:59:60:e5:05:fa:
a8:c0:29:63:15:37:2b:0e:a7:aa:32:8a:b1:89:b0:
0c:c2:f0:6f:ba:9c:56:91:62:bc:84:97:09:a3:b5:
ba:fe:a1:0b:c9:c0:f9:ac:8a:0a:3c:66:d7:8b:c9:
00:b8:6e:61:84:e8:5a:9c:fe:e8:fa:ca:db:d6:8e:
45:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:A8:5F:06:0E:69:C4:E6:43:E5:A8:93:C7:40:E4:DC:C7:2D:6E:E2
X509v3 Authority Key Identifier:
keyid:3F:47:F7:57:57:41:3C:CC:17:2D:3D:1B:82:6F:AE:5A:E9:38:5A:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P0f3V1dBPMwXLT0bgm-uWuk4Whs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/9f88d8-8a6d-4c5c-b194-e155acc6b84e/1/D6hfBg5pxOZD5aiTx0Dk3MctbuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/9f88d8-8a6d-4c5c-b194-e155acc6b84e/1/P0f3V1dBPMwXLT0bgm-uWuk4Whs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.112.0/22
91.230.168.0/24
91.230.188.0/24
91.231.47.0/24
91.231.89.0/24
IPv6:
2a0b:2640::/29
Signature Algorithm: sha256WithRSAEncryption
53:5c:99:4b:55:f9:9c:e9:03:a7:b2:78:4b:fd:a5:8d:99:60:
73:a0:d7:a2:1e:8d:55:eb:29:18:a6:ac:b3:42:a4:f8:c9:44:
0e:0c:70:6c:7f:d3:fb:bd:c5:c6:ed:1d:5d:dc:16:27:0f:7b:
dd:b5:a8:69:d7:4d:ee:02:ab:03:88:6e:c2:00:08:7c:98:43:
0e:6d:82:a1:3c:b2:43:98:4e:e1:52:23:b1:b5:25:42:cc:1d:
1a:13:51:cc:08:f5:28:6e:e7:50:3f:bc:51:22:ba:37:2f:20:
b0:fa:a7:9c:3c:cb:62:aa:22:56:d0:ef:e5:f0:73:ed:ba:86:
04:52:6a:97:f7:17:70:57:26:9c:8b:11:15:9f:49:5e:9d:f3:
97:23:c1:d4:31:bf:e7:30:ed:49:6b:ff:b4:52:42:9f:51:a9:
aa:74:5a:9c:ba:a8:f9:31:0e:1a:74:c8:cb:c2:79:25:4e:74:
2e:34:2b:0e:69:97:36:45:13:ec:76:1f:97:4f:50:76:4f:22:
0b:0a:1f:34:59:65:e5:7a:b7:71:66:51:f1:21:0b:bb:33:76:
3d:d2:57:e2:12:89:54:4c:87:83:fe:1b:a8:ae:d6:a3:11:cc:
0e:24:2d:08:43:d3:01:e5:d4:34:e1:1f:d2:0c:e4:4b:69:0d:
4e:30:ea:eb
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzI3mC6faNmdBBU8v6m9OvPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNDdmNzU3NTc0MTNjY2MxNzJkM2QxYjgyNmZhZTVhZTkz
ODVhMWIwHhcNMjQwMTAyMDYzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmE4NWYwNjBlNjljNGU2NDNlNWE4OTNjNzQwZTRkY2M3MmQ2ZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFTGQwFSEAe7Am+XOCIj3RfSIro6
oZUNCOYxFd0zsIcHyhVtuSrryEaJedDbJ1obgP4tesprjZcnigDHG5ZKufafMYwD
RI721FN/3JIdIzAjfBsN68GYrEVuSFsViMUgtrXIm1tonvulpjp/+d7psUoH2NIn
S+ur1D6rCZhQVyoUsvo6SN3Lj5Zd1eixQJDlN+cdKw+XnaSnrDlehMizi6hR5Gaf
wHOC3CMEA8y1o61PkHZgqOkCo6KPyZivWWDlBfqowCljFTcrDqeqMoqxibAMwvBv
upxWkWK8hJcJo7W6/qELycD5rIoKPGbXi8kAuG5hhOhanP7o+srb1o5FrQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFA+oXwYOacTmQ+Wok8dA5NzHLW7iMB8GA1UdIwQY
MBaAFD9H91dXQTzMFy09G4JvrlrpOFobMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDBmM1YxZEJQTXdYTFQwYmdtLXVXdWs0V2hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC85Zjg4ZDgtOGE2ZC00YzVjLWIxOTQt
ZTE1NWFjYzZiODRlLzEvRDZoZkJnNXB4T1pENWFpVHgwRGszTWN0YnVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC85Zjg4ZDgtOGE2ZC00YzVjLWIxOTQtZTE1NWFjYzZiODRl
LzEvUDBmM1YxZEJQTXdYTFQwYmdtLXVXdWs0V2hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLVlwAwQA
W+aoAwQAW+a8AwQAW+cvAwQAW+dZMA0EAgACMAcDBQMqCyZAMA0GCSqGSIb3DQEB
CwUAA4IBAQBTXJlLVfmc6QOnsnhL/aWNmWBzoNeiHo1V6ykYpqyzQqT4yUQODHBs
f9P7vcXG7R1d3BYnD3vdtahp103uAqsDiG7CAAh8mEMObYKhPLJDmE7hUiOxtSVC
zB0aE1HMCPUobudQP7xRIro3LyCw+qecPMtiqiJW0O/l8HPtuoYEUmqX9xdwVyac
ixEVn0lenfOXI8HUMb/nMO1Ja/+0UkKfUamqdFqcuqj5MQ4adMjLwnklTnQuNCsO
aZc2RRPsdh+XT1B2TyILCh80WWXlerdxZlHxIQu7M3Y90lfiEolUTIeD/huortaj
EcwOJC0IQ9MB5dQ04R/SDORLaQ1OMOrr
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:56:53 2024 by rpki-client on console-fra.rpki-client.org