Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/0V_CGtMLrxgrWdJwSqo8IxKqSSI.roa
File: 0V_CGtMLrxgrWdJwSqo8IxKqSSI.roa (raw, json)
Hash identifier: 5jcX3dBg7iiG4icSSJiryqANoNV5Wvmj+m0iC4heLDc=
Subject key identifier: D1:5F:C2:1A:D3:0B:AF:18:2B:59:D2:70:4A:AA:3C:23:12:AA:49:22
Certificate issuer: /CN=aa9e86a76bddc1203a029d31475d3ebc57d90a41
Certificate serial: 0191C788469623BA2A016D1F4F6751E5A24C
Authority key identifier: AA:9E:86:A7:6B:DD:C1:20:3A:02:9D:31:47:5D:3E:BC:57:D9:0A:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/0V_CGtMLrxgrWdJwSqo8IxKqSSI.roa
Signing time: Fri 06 Sep 2024 13:31:22 +0000
ROA not before: Fri 06 Sep 2024 13:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58075
IP address blocks: 91.210.125.0/24 maxlen: 24
185.40.8.0/22 maxlen: 24
185.114.236.0/22 maxlen: 24
194.29.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.mft
rsync://rpki.ripe.net/repository/DEFAULT/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c7:88:46:96:23:ba:2a:01:6d:1f:4f:67:51:e5:a2:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa9e86a76bddc1203a029d31475d3ebc57d90a41
Validity
Not Before: Sep 6 13:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d15fc21ad30baf182b59d2704aaa3c2312aa4922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2f:13:b4:20:46:37:89:bd:8d:10:12:c0:0e:
7c:76:58:c7:54:00:9c:0d:90:d3:2e:df:a4:84:c1:
ae:db:1f:89:0a:c3:7f:60:a0:ac:17:39:81:8a:ce:
64:49:c0:c0:d9:c1:8d:09:51:f2:aa:c4:b4:ea:57:
a8:60:11:dd:19:64:c7:5a:59:90:f9:7b:00:13:dd:
99:2e:20:24:1d:1f:49:2d:0f:f0:b6:e1:b5:37:b6:
fb:d5:68:18:58:d1:4d:9e:5d:d1:88:23:ec:e0:d7:
bd:6e:d0:44:ec:4f:51:69:71:0e:32:fa:ca:f9:e7:
ad:13:ea:6b:7d:a4:de:11:00:59:bc:45:97:91:4a:
1b:9d:65:d4:43:4b:ac:f4:72:34:bf:f3:1c:14:7f:
6a:d1:5a:1b:71:77:d4:28:ae:cc:94:7f:bb:ad:68:
8b:0c:e7:f6:f1:f4:93:72:bd:00:01:51:15:82:20:
bf:54:b3:e5:a0:be:30:a8:c0:65:b8:6b:cc:96:3d:
fc:8f:32:6d:84:5c:b8:e7:fd:a7:18:6d:54:c0:34:
cd:4b:95:50:ed:50:dc:af:78:3e:14:fd:f0:c1:29:
37:81:57:82:25:8c:11:8c:37:ef:c0:b9:e4:31:d0:
41:e6:67:9b:97:46:cb:89:19:3e:06:18:49:6a:73:
1d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:5F:C2:1A:D3:0B:AF:18:2B:59:D2:70:4A:AA:3C:23:12:AA:49:22
X509v3 Authority Key Identifier:
keyid:AA:9E:86:A7:6B:DD:C1:20:3A:02:9D:31:47:5D:3E:BC:57:D9:0A:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/0V_CGtMLrxgrWdJwSqo8IxKqSSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.125.0/24
185.40.8.0/22
185.114.236.0/22
194.29.52.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:b7:a6:7d:99:73:2d:fb:15:01:8e:e1:89:53:dd:7f:ed:72:
66:f4:4d:ef:96:7f:f9:1b:ce:99:4b:07:2b:59:4c:bb:a2:d5:
19:54:f6:66:a6:62:9f:59:77:45:54:ed:3c:52:42:c9:bd:e0:
73:77:a6:32:95:69:d7:d6:8e:c0:7a:0b:30:ff:e4:45:76:ae:
b8:4c:88:74:fc:d4:f7:82:34:44:04:b4:da:92:0f:a7:e9:0a:
55:c1:54:ae:20:58:ed:82:6e:f5:99:92:db:7d:17:33:1e:2e:
62:d3:a5:e4:86:c0:29:06:42:90:1a:e0:e5:44:1c:14:79:43:
ff:f8:ae:9b:51:0e:f5:72:14:5c:9d:c6:ef:d2:0c:d4:26:b2:
03:d8:b4:98:50:03:f0:33:8b:e1:81:60:84:4a:08:7f:58:01:
39:df:db:ed:a5:0c:3f:f1:2e:a3:cf:a5:4a:10:0d:2f:7d:6b:
09:e9:6e:35:7f:a2:4f:2e:a2:c6:4b:75:0a:ba:5f:a5:5f:1a:
51:20:62:09:a2:83:aa:8d:64:85:49:b5:53:16:a8:e1:36:3d:
71:36:46:65:3a:8b:7c:8f:23:5d:50:d1:aa:2a:d7:8c:84:cf:
64:8f:94:bd:96:09:59:2b:bf:c2:9c:e8:ab:70:87:6d:fe:60:
43:0e:bc:25
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZHHiEaWI7oqAW0fT2dR5aJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOWU4NmE3NmJkZGMxMjAzYTAyOWQzMTQ3NWQzZWJjNTdk
OTBhNDEwHhcNMjQwOTA2MTMzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTVmYzIxYWQzMGJhZjE4MmI1OWQyNzA0YWFhM2MyMzEyYWE0OTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApC8TtCBGN4m9jRASwA58dljHVACc
DZDTLt+khMGu2x+JCsN/YKCsFzmBis5kScDA2cGNCVHyqsS06leoYBHdGWTHWlmQ
+XsAE92ZLiAkHR9JLQ/wtuG1N7b71WgYWNFNnl3RiCPs4Ne9btBE7E9RaXEOMvrK
+eetE+prfaTeEQBZvEWXkUobnWXUQ0us9HI0v/McFH9q0VobcXfUKK7MlH+7rWiL
DOf28fSTcr0AAVEVgiC/VLPloL4wqMBluGvMlj38jzJthFy45/2nGG1UwDTNS5VQ
7VDcr3g+FP3wwSk3gVeCJYwRjDfvwLnkMdBB5mebl0bLiRk+BhhJanMdPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNFfwhrTC68YK1nScEqqPCMSqkkiMB8GA1UdIwQY
MBaAFKqehqdr3cEgOgKdMUddPrxX2QpBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXA2R3AydmR3U0E2QXAweFIxMC12RmZaQ2tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9iOTQ4MzEtNjViYi00MDZiLTg0YzQt
MDNiMGVlYzdmZjI5LzEvMFZfQ0d0TUxyeGdyV2RKd1NxbzhJeEtxU1NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9iOTQ4MzEtNjViYi00MDZiLTg0YzQtMDNiMGVlYzdmZjI5
LzEvcXA2R3AydmR3U0E2QXAweFIxMC12RmZaQ2tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW9J9AwQC
uSgIAwQCuXLsAwQAwh00MA0GCSqGSIb3DQEBCwUAA4IBAQBNt6Z9mXMt+xUBjuGJ
U91/7XJm9E3vln/5G86ZSwcrWUy7otUZVPZmpmKfWXdFVO08UkLJveBzd6YylWnX
1o7Aegsw/+RFdq64TIh0/NT3gjREBLTakg+n6QpVwVSuIFjtgm71mZLbfRczHi5i
06XkhsApBkKQGuDlRBwUeUP/+K6bUQ71chRcncbv0gzUJrID2LSYUAPwM4vhgWCE
Sgh/WAE539vtpQw/8S6jz6VKEA0vfWsJ6W41f6JPLqLGS3UKul+lXxpRIGIJooOq
jWSFSbVTFqjhNj1xNkZlOot8jyNdUNGqKteMhM9kj5S9lglZK7/CnOircIdt/mBD
Drwl
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:12:57 2024 by rpki-client on console-fra.rpki-client.org