Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/5oyJuMr-5Yw6eCvDnPJnmLm0EEo.roa
File: 5oyJuMr-5Yw6eCvDnPJnmLm0EEo.roa (raw, json)
Hash identifier: WBQARlTHl8SLjolR8Q3eU+IeBNv8UGXTbePF8OHN1Yc=
Subject key identifier: E6:8C:89:B8:CA:FE:E5:8C:3A:78:2B:C3:9C:F2:67:98:B9:B4:10:4A
Certificate issuer: /CN=a9a073b31d888e4439e272e007c9532fc305c80d
Certificate serial: 018CC86F9AA5B04F440135F03D380CCE63DB
Authority key identifier: A9:A0:73:B3:1D:88:8E:44:39:E2:72:E0:07:C9:53:2F:C3:05:C8:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qaBzsx2IjkQ54nLgB8lTL8MFyA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/5oyJuMr-5Yw6eCvDnPJnmLm0EEo.roa
Signing time: Tue 02 Jan 2024 04:30:06 +0000
ROA not before: Tue 02 Jan 2024 04:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40975
IP address blocks: 195.138.214.0/24 maxlen: 24
91.197.244.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/qaBzsx2IjkQ54nLgB8lTL8MFyA0.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/qaBzsx2IjkQ54nLgB8lTL8MFyA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/qaBzsx2IjkQ54nLgB8lTL8MFyA0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:9a:a5:b0:4f:44:01:35:f0:3d:38:0c:ce:63:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9a073b31d888e4439e272e007c9532fc305c80d
Validity
Not Before: Jan 2 04:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e68c89b8cafee58c3a782bc39cf26798b9b4104a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8a:84:32:e3:ec:69:3c:6f:2e:3d:ab:54:15:
9b:40:e6:83:b3:4d:b2:74:e1:57:23:7b:e6:22:5e:
df:73:31:24:d6:25:33:6f:97:fe:36:20:8f:c5:b4:
ae:56:21:da:09:8b:77:96:be:4b:e9:e1:85:f2:f8:
a8:fc:a5:e9:5b:63:ea:92:5b:df:f8:3d:ce:ae:ee:
52:9f:64:2d:02:cb:53:a1:49:73:9f:de:b0:5e:02:
49:62:b6:36:f7:9c:84:de:4d:29:f9:a3:66:df:56:
20:1b:a2:fc:25:51:01:f1:a8:95:45:fb:22:a0:ff:
d9:fc:fa:76:2d:01:a5:93:16:11:fa:c6:be:80:cf:
21:68:b3:b4:8f:b3:ee:f4:92:27:57:56:3f:47:1b:
35:d9:b4:7b:26:6c:21:a5:52:86:5f:dd:f2:d6:2c:
7e:eb:c9:e2:09:d0:c9:4d:f9:c7:21:43:d7:28:f2:
27:1f:7d:d2:81:d4:93:c3:c4:ac:09:35:9e:d2:21:
15:d1:71:25:2e:4a:b7:1a:e5:fe:92:d9:c2:c4:ee:
23:b9:04:1d:e4:ff:a4:d9:df:e1:58:80:ed:c9:2b:
7f:3e:ae:d5:e0:1f:ae:dd:9e:91:d0:10:8c:aa:0b:
41:1e:f2:6b:36:bd:df:50:37:9e:8d:ff:c2:56:9e:
d3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:8C:89:B8:CA:FE:E5:8C:3A:78:2B:C3:9C:F2:67:98:B9:B4:10:4A
X509v3 Authority Key Identifier:
keyid:A9:A0:73:B3:1D:88:8E:44:39:E2:72:E0:07:C9:53:2F:C3:05:C8:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qaBzsx2IjkQ54nLgB8lTL8MFyA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/5oyJuMr-5Yw6eCvDnPJnmLm0EEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/qaBzsx2IjkQ54nLgB8lTL8MFyA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.244.0/22
195.138.214.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:84:29:3a:14:ce:56:9c:75:e8:0a:a5:9f:b9:16:6c:7b:f1:
75:3c:86:84:58:20:c7:bf:8d:48:9a:97:90:16:b7:a4:b4:bb:
18:5a:c0:c2:4a:d1:06:9a:d0:a1:56:e0:1e:78:ad:94:55:ac:
8c:b5:ba:a3:2d:2f:29:fc:30:01:70:f6:ce:02:8c:ce:ae:e0:
4e:00:4b:b0:db:07:58:54:30:8e:bf:06:ca:1c:c4:71:eb:66:
f3:ba:44:e3:7d:fd:0c:fd:61:93:cd:f7:9a:1c:59:b3:ba:e1:
75:8f:e0:75:a8:d0:39:09:38:5b:b9:5d:2a:f2:b0:00:34:97:
44:cd:1d:25:06:45:75:8a:83:20:e0:21:17:8d:83:98:4f:da:
17:9a:f1:72:f9:f6:ca:f3:6d:ac:94:c3:3b:27:75:0f:9d:4c:
b0:bb:f4:f3:78:9b:eb:8d:cb:9a:c1:44:2a:a7:a5:79:d8:cb:
63:df:f7:01:aa:51:81:cf:56:5d:dd:09:cf:33:6b:bb:1c:fd:
66:be:ab:a3:76:0b:9c:d8:e0:33:76:bb:b9:50:ad:75:6c:73:
ca:6f:e7:ce:c1:67:94:b0:af:35:50:29:d8:3c:db:c2:c1:79:
ed:da:e7:b8:c1:c6:3d:ef:f1:8c:3b:fa:7d:d5:b5:9a:68:71:
c5:0a:54:5f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIb5qlsE9EATXwPTgMzmPbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YTA3M2IzMWQ4ODhlNDQzOWUyNzJlMDA3Yzk1MzJmYzMw
NWM4MGQwHhcNMjQwMTAyMDQzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjhjODliOGNhZmVlNThjM2E3ODJiYzM5Y2YyNjc5OGI5YjQxMDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYqEMuPsaTxvLj2rVBWbQOaDs02y
dOFXI3vmIl7fczEk1iUzb5f+NiCPxbSuViHaCYt3lr5L6eGF8vio/KXpW2Pqklvf
+D3Oru5Sn2QtAstToUlzn96wXgJJYrY295yE3k0p+aNm31YgG6L8JVEB8aiVRfsi
oP/Z/Pp2LQGlkxYR+sa+gM8haLO0j7Pu9JInV1Y/Rxs12bR7JmwhpVKGX93y1ix+
68niCdDJTfnHIUPXKPInH33SgdSTw8SsCTWe0iEV0XElLkq3GuX+ktnCxO4juQQd
5P+k2d/hWIDtySt/Pq7V4B+u3Z6R0BCMqgtBHvJrNr3fUDeejf/CVp7TeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOaMibjK/uWMOngrw5zyZ5i5tBBKMB8GA1UdIwQY
MBaAFKmgc7MdiI5EOeJy4AfJUy/DBcgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWFCenN4Mklqa1E1NG5MZ0I4bFRMOE1GeUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iYTNiMmYtYTI4OS00MDRlLWFlZjgt
NGU3MzdlMDZkMjkwLzEvNW95SnVNci01WXc2ZUN2RG5QSm5tTG0wRUVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iYTNiMmYtYTI4OS00MDRlLWFlZjgtNGU3MzdlMDZkMjkw
LzEvcWFCenN4Mklqa1E1NG5MZ0I4bFRMOE1GeUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8X0AwQA
w4rWMA0GCSqGSIb3DQEBCwUAA4IBAQCuhCk6FM5WnHXoCqWfuRZse/F1PIaEWCDH
v41ImpeQFrektLsYWsDCStEGmtChVuAeeK2UVayMtbqjLS8p/DABcPbOAozOruBO
AEuw2wdYVDCOvwbKHMRx62bzukTjff0M/WGTzfeaHFmzuuF1j+B1qNA5CThbuV0q
8rAANJdEzR0lBkV1ioMg4CEXjYOYT9oXmvFy+fbK822slMM7J3UPnUywu/TzeJvr
jcuawUQqp6V52Mtj3/cBqlGBz1Zd3QnPM2u7HP1mvqujdguc2OAzdru5UK11bHPK
b+fOwWeUsK81UCnYPNvCwXnt2ue4wcY97/GMO/p91bWaaHHFClRf
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:14:22 2024 by rpki-client on console-fra.rpki-client.org