Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/0a8b1f-ca72-4eda-a717-482c86db2040/1/X_nS6aX0gybOBxxzSnTI5vEkz58.roa
File: X_nS6aX0gybOBxxzSnTI5vEkz58.roa (raw, json)
Hash identifier: jRFkWiERcfNCmSMFyqqTorP2NWXlXklsMIAw3T/kPpU=
Subject key identifier: 5F:F9:D2:E9:A5:F4:83:26:CE:07:1C:73:4A:74:C8:E6:F1:24:CF:9F
Certificate issuer: /CN=cd0932bdb61085c76dd645c1e76eb71117547b93
Certificate serial: 019243247EEB58CA82E84EBF76170435E0F6
Authority key identifier: CD:09:32:BD:B6:10:85:C7:6D:D6:45:C1:E7:6E:B7:11:17:54:7B:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zQkyvbYQhcdt1kXB5263ERdUe5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/0a8b1f-ca72-4eda-a717-482c86db2040/1/X_nS6aX0gybOBxxzSnTI5vEkz58.roa
Signing time: Mon 30 Sep 2024 13:35:18 +0000
ROA not before: Mon 30 Sep 2024 13:35:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30779
IP address blocks: 88.135.224.0/19 maxlen: 19
193.19.74.0/23 maxlen: 23
193.34.20.0/22 maxlen: 22
2001:67c:203c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/0a8b1f-ca72-4eda-a717-482c86db2040/1/zQkyvbYQhcdt1kXB5263ERdUe5M.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/0a8b1f-ca72-4eda-a717-482c86db2040/1/zQkyvbYQhcdt1kXB5263ERdUe5M.mft
rsync://rpki.ripe.net/repository/DEFAULT/zQkyvbYQhcdt1kXB5263ERdUe5M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:43:24:7e:eb:58:ca:82:e8:4e:bf:76:17:04:35:e0:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd0932bdb61085c76dd645c1e76eb71117547b93
Validity
Not Before: Sep 30 13:35:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ff9d2e9a5f48326ce071c734a74c8e6f124cf9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:68:8c:b9:5c:60:41:b7:04:78:29:65:47:5f:
f9:8e:89:ce:aa:96:13:15:96:26:aa:3a:98:63:f6:
ac:0d:55:6e:06:87:70:9d:a6:22:d7:57:11:06:f5:
6c:96:f2:b7:8b:d0:8a:a6:f0:77:20:b8:d1:c4:f6:
f7:7c:53:39:23:5a:1c:aa:94:15:e2:3b:ce:f8:d9:
06:33:6d:ba:b4:58:44:9f:fc:bd:5e:75:c8:4f:34:
0d:23:98:25:e6:34:29:c0:08:ea:3d:75:0e:e6:8b:
2a:48:0d:b2:23:b3:d2:be:28:b1:a0:f7:af:61:ec:
a3:49:be:7c:ef:c6:33:d1:cd:c1:6f:18:29:b5:b0:
34:45:a3:78:e9:4b:eb:19:b7:4a:11:6a:c6:b2:a0:
d3:53:f5:ff:85:76:99:47:b6:44:68:fb:0d:d8:6d:
f4:e5:7a:43:f6:55:39:31:24:18:79:f3:61:82:62:
8a:77:d8:68:a5:83:ca:1d:d5:9f:54:ff:f5:eb:27:
a6:ca:98:ce:23:b9:9b:1b:da:e6:39:de:21:25:05:
29:25:31:c8:9c:f2:ec:32:bd:e7:1f:46:1b:b0:4f:
ee:7c:e2:60:96:df:da:64:55:56:71:c0:69:3e:c8:
01:22:0f:9a:63:04:20:46:00:3c:7d:6d:7f:65:4c:
2b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F9:D2:E9:A5:F4:83:26:CE:07:1C:73:4A:74:C8:E6:F1:24:CF:9F
X509v3 Authority Key Identifier:
keyid:CD:09:32:BD:B6:10:85:C7:6D:D6:45:C1:E7:6E:B7:11:17:54:7B:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zQkyvbYQhcdt1kXB5263ERdUe5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0a8b1f-ca72-4eda-a717-482c86db2040/1/X_nS6aX0gybOBxxzSnTI5vEkz58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0a8b1f-ca72-4eda-a717-482c86db2040/1/zQkyvbYQhcdt1kXB5263ERdUe5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.224.0/19
193.19.74.0/23
193.34.20.0/22
IPv6:
2001:67c:203c::/48
Signature Algorithm: sha256WithRSAEncryption
63:92:ee:fa:77:f0:b8:a2:1d:8d:80:7f:5b:eb:16:7b:e4:22:
c9:14:0e:6b:23:1a:fe:e1:44:c4:9a:cc:b4:e1:4d:0a:2c:bf:
d7:89:57:0a:87:f6:9d:e0:98:32:5d:44:9e:a0:12:6b:0a:11:
89:e0:40:6a:07:33:97:d5:5c:d3:ad:48:ab:09:4c:1a:a1:66:
4f:56:4b:53:b3:b5:23:75:2b:8a:4f:91:60:77:57:a4:9e:37:
57:2d:96:b0:91:d4:3d:43:10:ad:a5:3b:41:8e:47:d5:59:13:
5c:03:2d:3f:9b:10:2c:10:50:5b:d9:f9:d1:e0:d9:9f:0c:d4:
6f:85:8c:94:c1:25:3f:2a:10:ae:59:4f:e4:da:ab:32:36:3a:
7e:cb:a6:69:34:0f:7f:a3:12:c5:1f:cf:2e:fd:29:e6:61:36:
a7:01:70:02:54:37:5f:9d:7c:c8:d6:a6:08:f5:a9:d9:d5:b0:
e4:e8:05:a6:ca:a9:4d:4e:f2:64:76:c0:6f:92:c7:b4:19:53:
2f:39:32:00:b8:9a:47:0e:83:a1:ea:67:e8:28:81:26:26:c9:
80:d5:4b:76:ad:95:90:19:3e:cd:09:0a:b5:53:15:a2:5f:52:
f3:47:19:07:56:16:a4:f1:c3:b6:07:1b:35:b5:91:ae:ac:9c:
76:7d:6a:a5
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZJDJH7rWMqC6E6/dhcENeD2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMDkzMmJkYjYxMDg1Yzc2ZGQ2NDVjMWU3NmViNzExMTc1
NDdiOTMwHhcNMjQwOTMwMTMzNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmY5ZDJlOWE1ZjQ4MzI2Y2UwNzFjNzM0YTc0YzhlNmYxMjRjZjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGiMuVxgQbcEeCllR1/5jonOqpYT
FZYmqjqYY/asDVVuBodwnaYi11cRBvVslvK3i9CKpvB3ILjRxPb3fFM5I1ocqpQV
4jvO+NkGM226tFhEn/y9XnXITzQNI5gl5jQpwAjqPXUO5osqSA2yI7PSviixoPev
YeyjSb5878Yz0c3BbxgptbA0RaN46UvrGbdKEWrGsqDTU/X/hXaZR7ZEaPsN2G30
5XpD9lU5MSQYefNhgmKKd9hopYPKHdWfVP/16yemypjOI7mbG9rmOd4hJQUpJTHI
nPLsMr3nH0YbsE/ufOJglt/aZFVWccBpPsgBIg+aYwQgRgA8fW1/ZUwrlQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFF/50uml9IMmzgccc0p0yObxJM+fMB8GA1UdIwQY
MBaAFM0JMr22EIXHbdZFwedutxEXVHuTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelFreXZiWVFoY2R0MWtYQjUyNjNFUmRVZTVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8wYThiMWYtY2E3Mi00ZWRhLWE3MTct
NDgyYzg2ZGIyMDQwLzEvWF9uUzZhWDBneWJPQnh4elNuVEk1dkVrejU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8wYThiMWYtY2E3Mi00ZWRhLWE3MTctNDgyYzg2ZGIyMDQw
LzEvelFreXZiWVFoY2R0MWtYQjUyNjNFUmRVZTVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQFWIfgAwQB
wRNKAwQCwSIUMA8EAgACMAkDBwAgAQZ8IDwwDQYJKoZIhvcNAQELBQADggEBAGOS
7vp38LiiHY2Af1vrFnvkIskUDmsjGv7hRMSazLThTQosv9eJVwqH9p3gmDJdRJ6g
EmsKEYngQGoHM5fVXNOtSKsJTBqhZk9WS1OztSN1K4pPkWB3V6SeN1ctlrCR1D1D
EK2lO0GOR9VZE1wDLT+bECwQUFvZ+dHg2Z8M1G+FjJTBJT8qEK5ZT+TaqzI2On7L
pmk0D3+jEsUfzy79KeZhNqcBcAJUN1+dfMjWpgj1qdnVsOToBabKqU1O8mR2wG+S
x7QZUy85MgC4mkcOg6HqZ+gogSYmyYDVS3atlZAZPs0JCrVTFaJfUvNHGQdWFqTx
w7YHGzW1ka6snHZ9aqU=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:23:32 2024 by rpki-client on console-ams.rpki-client.org