Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/kHhR6XXw5W4OrK3DDWGkt6y3LqQ.roa
File: kHhR6XXw5W4OrK3DDWGkt6y3LqQ.roa (raw, json)
Hash identifier: SnsZrKOJ+51083mkqFkmUXyLNlZFwWd3H0I4nDouxCI=
Subject key identifier: 90:78:51:E9:75:F0:E5:6E:0E:AC:AD:C3:0D:61:A4:B7:AC:B7:2E:A4
Certificate issuer: /CN=07c40d70160f308642129a1b72ae5ae52db883c4
Certificate serial: 018CC64B396C351CC7055CFEA7591D5C8B68
Authority key identifier: 07:C4:0D:70:16:0F:30:86:42:12:9A:1B:72:AE:5A:E5:2D:B8:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B8QNcBYPMIZCEpobcq5a5S24g8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/kHhR6XXw5W4OrK3DDWGkt6y3LqQ.roa
Signing time: Mon 01 Jan 2024 18:31:07 +0000
ROA not before: Mon 01 Jan 2024 18:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48166
IP address blocks: 91.210.84.0/22 maxlen: 22
178.213.192.0/21 maxlen: 21
185.61.94.0/23 maxlen: 23
185.61.92.0/23 maxlen: 23
185.61.92.0/22 maxlen: 22
91.133.0.0/19 maxlen: 19
5.250.232.0/21 maxlen: 21
89.22.16.0/20 maxlen: 20
194.9.224.0/20 maxlen: 20
2a02:7760::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/B8QNcBYPMIZCEpobcq5a5S24g8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/B8QNcBYPMIZCEpobcq5a5S24g8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/B8QNcBYPMIZCEpobcq5a5S24g8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:39:6c:35:1c:c7:05:5c:fe:a7:59:1d:5c:8b:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07c40d70160f308642129a1b72ae5ae52db883c4
Validity
Not Before: Jan 1 18:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=907851e975f0e56e0eacadc30d61a4b7acb72ea4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a0:58:4b:a0:3e:3c:7b:84:a5:98:6b:73:6b:
76:df:20:6b:18:f6:b8:3b:fc:d9:65:4a:d5:1a:2a:
3e:e3:cc:c0:ad:fa:6e:6f:38:db:0a:5f:69:37:d8:
0b:60:cc:5a:f8:a0:a5:25:47:21:a6:1a:57:ee:bd:
c9:c0:90:46:e2:ca:d8:f5:25:2f:95:ba:2f:a6:47:
e0:29:47:8c:c8:a1:db:7b:1b:62:6e:be:37:8c:0f:
6b:3d:5c:53:21:d9:7c:e9:37:5e:f0:88:de:09:85:
ab:12:1f:bd:c4:9f:1c:96:79:8f:69:4a:ff:5f:51:
84:51:4a:8a:fe:c6:7e:92:58:c1:65:55:2f:7f:83:
99:96:2b:cc:71:fd:a0:04:05:44:06:12:f2:08:8d:
97:52:bd:db:fc:02:7e:9c:0c:8c:22:98:6a:45:a2:
57:6f:61:93:58:e4:45:e3:e1:9a:3a:0f:9d:4b:12:
a3:09:bd:d7:51:a2:af:f0:dc:a2:8f:a3:e5:8d:b7:
a4:f1:7d:20:59:08:c9:6b:78:e6:43:5b:29:b7:fb:
44:0a:62:9c:89:9b:08:95:33:8c:d0:f1:4a:e7:d0:
15:2c:a8:94:2a:6b:d8:dd:ce:f1:d1:b4:7c:55:55:
ca:09:1d:01:28:7f:6f:2b:52:3e:e9:f8:3d:ec:be:
34:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:78:51:E9:75:F0:E5:6E:0E:AC:AD:C3:0D:61:A4:B7:AC:B7:2E:A4
X509v3 Authority Key Identifier:
keyid:07:C4:0D:70:16:0F:30:86:42:12:9A:1B:72:AE:5A:E5:2D:B8:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B8QNcBYPMIZCEpobcq5a5S24g8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/kHhR6XXw5W4OrK3DDWGkt6y3LqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/B8QNcBYPMIZCEpobcq5a5S24g8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.232.0/21
89.22.16.0/20
91.133.0.0/19
91.210.84.0/22
178.213.192.0/21
185.61.92.0/22
194.9.224.0/20
IPv6:
2a02:7760::/32
Signature Algorithm: sha256WithRSAEncryption
6a:17:8e:4b:f8:d7:44:c6:21:62:30:ce:5f:be:2d:a7:e9:d9:
24:90:a2:38:59:88:d6:47:8c:30:90:74:fa:5e:07:b5:93:a8:
22:9e:6b:5f:6b:1e:6c:bf:c5:8a:61:f1:94:1a:5b:5d:ad:77:
ec:b5:b5:e3:36:0a:17:82:32:14:30:c8:87:c4:de:fd:d3:27:
a8:70:f4:85:5c:e1:dc:37:c6:bd:66:ea:a7:bf:61:f5:ef:86:
55:74:b2:d3:d9:0e:b1:30:1b:ec:95:29:a2:ed:fa:79:d1:45:
7d:42:0d:a6:a0:0b:0f:d5:96:2b:1c:d6:89:69:ee:fb:80:f2:
81:56:de:c7:d8:72:20:6c:52:7b:20:b2:69:b9:9d:e3:db:3d:
80:63:31:41:24:66:f5:5e:8a:b8:a1:00:be:ba:a0:d7:cb:8f:
c5:fc:2d:0b:7b:57:96:fb:51:0b:66:93:07:07:48:64:f8:54:
95:83:57:bc:58:4a:f1:56:f3:1e:39:97:6c:8c:45:ca:9b:31:
7d:10:a7:16:97:a5:b2:80:47:27:62:13:e3:44:10:e2:fe:88:
27:8c:10:ea:4a:1e:a3:7e:64:b3:4f:1b:c6:4a:0e:ef:14:f5:
68:6f:13:3a:8b:aa:b5:27:52:4c:78:33:53:99:8f:7d:2f:33:
2c:7e:7a:d3
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzGSzlsNRzHBVz+p1kdXItoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YzQwZDcwMTYwZjMwODY0MjEyOWExYjcyYWU1YWU1MmRi
ODgzYzQwHhcNMjQwMTAxMTgzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDc4NTFlOTc1ZjBlNTZlMGVhY2FkYzMwZDYxYTRiN2FjYjcyZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6BYS6A+PHuEpZhrc2t23yBrGPa4
O/zZZUrVGio+48zArfpubzjbCl9pN9gLYMxa+KClJUchphpX7r3JwJBG4srY9SUv
lbovpkfgKUeMyKHbextibr43jA9rPVxTIdl86Tde8IjeCYWrEh+9xJ8clnmPaUr/
X1GEUUqK/sZ+kljBZVUvf4OZlivMcf2gBAVEBhLyCI2XUr3b/AJ+nAyMIphqRaJX
b2GTWORF4+GaOg+dSxKjCb3XUaKv8Nyij6Pljbek8X0gWQjJa3jmQ1spt/tECmKc
iZsIlTOM0PFK59AVLKiUKmvY3c7x0bR8VVXKCR0BKH9vK1I+6fg97L40xwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFJB4Uel18OVuDqytww1hpLesty6kMB8GA1UdIwQY
MBaAFAfEDXAWDzCGQhKaG3KuWuUtuIPEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjhRTmNCWVBNSVpDRXBvYmNxNWE1UzI0ZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9lMTE2YzItOGY4Mi00Y2JhLWI1YWUt
OTdkY2JiMDA4NmUzLzEva0hoUjZYWHc1VzRPckszRERXR2t0NnkzTHFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9lMTE2YzItOGY4Mi00Y2JhLWI1YWUtOTdkY2JiMDA4NmUz
LzEvQjhRTmNCWVBNSVpDRXBvYmNxNWE1UzI0ZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDBfroAwQE
WRYQAwQFW4UAAwQCW9JUAwQDstXAAwQCuT1cAwQEwgngMA0EAgACMAcDBQAqAndg
MA0GCSqGSIb3DQEBCwUAA4IBAQBqF45L+NdExiFiMM5fvi2n6dkkkKI4WYjWR4ww
kHT6Xge1k6ginmtfax5sv8WKYfGUGltdrXfstbXjNgoXgjIUMMiHxN790yeocPSF
XOHcN8a9Zuqnv2H174ZVdLLT2Q6xMBvslSmi7fp50UV9Qg2moAsP1ZYrHNaJae77
gPKBVt7H2HIgbFJ7ILJpuZ3j2z2AYzFBJGb1Xoq4oQC+uqDXy4/F/C0Le1eW+1EL
ZpMHB0hk+FSVg1e8WErxVvMeOZdsjEXKmzF9EKcWl6WygEcnYhPjRBDi/ognjBDq
Sh6jfmSzTxvGSg7vFPVobxM6i6q1J1JMeDNTmY99LzMsfnrT
-----END CERTIFICATE-----
Generated at Fri Dec 27 23:52:47 2024 by rpki-client on console-fra.rpki-client.org