Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/lDdt4UF2QZ-5z9pnvQ7IJUll3VA.roa
File: lDdt4UF2QZ-5z9pnvQ7IJUll3VA.roa (raw, json)
Hash identifier: 6sAsVdZtS2W9wj4jvjiepAhAd86DeeCsPkBnX/cSE7Y=
Subject key identifier: 94:37:6D:E1:41:76:41:9F:B9:CF:DA:67:BD:0E:C8:25:49:65:DD:50
Certificate issuer: /CN=50980fb6ade858f2652e736993126c85759f06d9
Certificate serial: 01924993FF65A0104E660967C5D8BE0FC171
Authority key identifier: 50:98:0F:B6:AD:E8:58:F2:65:2E:73:69:93:12:6C:85:75:9F:06:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/lDdt4UF2QZ-5z9pnvQ7IJUll3VA.roa
Signing time: Tue 01 Oct 2024 19:34:48 +0000
ROA not before: Tue 01 Oct 2024 19:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209372
IP address blocks: 91.204.180.0/24 maxlen: 24
91.204.181.0/24 maxlen: 24
91.204.182.0/23 maxlen: 23
91.204.182.0/24 maxlen: 24
91.218.176.0/22 maxlen: 24
91.232.8.0/22 maxlen: 24
195.234.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/UJgPtq3oWPJlLnNpkxJshXWfBtk.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/UJgPtq3oWPJlLnNpkxJshXWfBtk.mft
rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:49:93:ff:65:a0:10:4e:66:09:67:c5:d8:be:0f:c1:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50980fb6ade858f2652e736993126c85759f06d9
Validity
Not Before: Oct 1 19:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94376de14176419fb9cfda67bd0ec8254965dd50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:cb:5b:f8:c7:45:55:6e:e1:fb:9e:9a:61:e2:
d1:08:fc:50:6b:03:88:88:67:a3:8a:75:15:11:a9:
ad:07:a5:42:80:b9:a0:cb:76:af:21:65:ba:76:b2:
1b:32:87:6f:b8:8e:73:ca:33:d9:ea:b8:2f:f2:ce:
49:87:57:f3:6a:e0:b5:63:76:55:d2:ce:e3:6d:e3:
49:de:11:32:51:42:f4:a0:a8:6a:4f:cb:fd:b7:a5:
a9:da:fd:6a:37:11:54:24:54:b9:d4:4f:57:96:47:
8e:4c:c0:73:c3:ad:db:2f:b9:c1:ba:91:14:d0:ef:
eb:66:d7:40:b6:df:3f:d3:d8:eb:fc:02:f6:32:4e:
9a:d6:c8:18:e2:60:f1:73:dc:e8:7b:70:14:6b:b0:
e6:ff:fe:11:26:22:5f:7f:b0:f2:96:5d:3d:8e:f4:
87:e1:45:c0:ce:a0:db:a9:25:6f:56:f7:d0:7c:6f:
a3:a2:26:00:8e:e6:d5:09:20:62:d4:d8:1c:72:1e:
c9:cc:e4:9c:f9:af:c7:2c:01:0e:8a:86:7f:0b:68:
19:0b:d7:e4:1d:70:4d:da:fc:33:c9:ce:49:be:62:
2b:e7:68:02:5e:a8:f6:4d:ff:59:d2:fb:2c:f1:96:
ce:20:69:35:74:15:33:b3:eb:27:ee:f4:4f:f9:db:
eb:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:37:6D:E1:41:76:41:9F:B9:CF:DA:67:BD:0E:C8:25:49:65:DD:50
X509v3 Authority Key Identifier:
keyid:50:98:0F:B6:AD:E8:58:F2:65:2E:73:69:93:12:6C:85:75:9F:06:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/lDdt4UF2QZ-5z9pnvQ7IJUll3VA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/UJgPtq3oWPJlLnNpkxJshXWfBtk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.180.0/22
91.218.176.0/22
91.232.8.0/22
195.234.90.0/24
Signature Algorithm: sha256WithRSAEncryption
80:bd:84:2b:39:0f:79:eb:a2:22:7d:aa:5e:06:39:04:79:8f:
db:50:9d:b8:a7:bc:e3:36:4e:5b:f7:65:09:8e:40:a7:d5:dd:
71:87:d7:a0:4d:4a:7e:ab:10:a0:af:e6:15:1f:4b:7f:84:c2:
e1:9b:e2:5d:88:da:15:f4:3e:eb:f9:bd:78:79:c0:6c:8b:1d:
c1:c5:8e:93:e7:18:e6:61:56:c5:2a:2b:e7:35:23:51:6d:c1:
8e:5f:9f:09:73:2b:27:9c:5e:59:d1:1b:f8:9d:3b:a3:6e:7a:
d5:99:c4:9a:20:79:33:aa:13:46:a8:0e:45:64:4d:cb:1b:fc:
80:5b:63:fe:14:a1:38:c3:25:67:ff:79:50:57:00:fd:54:50:
7d:42:fa:e8:a3:ff:77:01:14:8a:7c:57:bd:16:06:55:33:e4:
03:dd:a0:76:0a:4d:1a:c4:b9:f5:e2:9a:29:03:3c:bb:bb:08:
f9:66:56:ad:74:87:ab:fd:23:8e:a5:8d:fa:6d:42:2a:5b:c6:
c6:10:8b:26:37:9e:5a:43:7f:25:d0:46:37:35:14:38:09:b1:
17:3f:90:80:7b:35:08:a7:f8:dd:c8:ab:65:2f:28:2b:53:5a:
be:41:e5:9c:ba:2a:ab:c0:a4:a5:6e:3c:50:48:39:1f:32:1c:
d7:82:38:e0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZJJk/9loBBOZglnxdi+D8FxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOTgwZmI2YWRlODU4ZjI2NTJlNzM2OTkzMTI2Yzg1NzU5
ZjA2ZDkwHhcNMjQxMDAxMTkzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDM3NmRlMTQxNzY0MTlmYjljZmRhNjdiZDBlYzgyNTQ5NjVkZDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3stb+MdFVW7h+56aYeLRCPxQawOI
iGejinUVEamtB6VCgLmgy3avIWW6drIbModvuI5zyjPZ6rgv8s5Jh1fzauC1Y3ZV
0s7jbeNJ3hEyUUL0oKhqT8v9t6Wp2v1qNxFUJFS51E9XlkeOTMBzw63bL7nBupEU
0O/rZtdAtt8/09jr/AL2Mk6a1sgY4mDxc9zoe3AUa7Dm//4RJiJff7Dyll09jvSH
4UXAzqDbqSVvVvfQfG+joiYAjubVCSBi1Ngcch7JzOSc+a/HLAEOioZ/C2gZC9fk
HXBN2vwzyc5JvmIr52gCXqj2Tf9Z0vss8ZbOIGk1dBUzs+sn7vRP+dvrKQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJQ3beFBdkGfuc/aZ70OyCVJZd1QMB8GA1UdIwQY
MBaAFFCYD7at6FjyZS5zaZMSbIV1nwbZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpnUHRxM29XUEpsTG5OcGt4SnNoWFdmQnRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8zYzdhZjYtZjQ2Ni00ZDg3LWI5ZjEt
Y2NhNzlhNjk4MjBhLzEvbERkdDRVRjJRWi01ejlwbnZRN0lKVWxsM1ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8zYzdhZjYtZjQ2Ni00ZDg3LWI5ZjEtY2NhNzlhNjk4MjBh
LzEvVUpnUHRxM29XUEpsTG5OcGt4SnNoWFdmQnRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW8y0AwQC
W9qwAwQCW+gIAwQAw+paMA0GCSqGSIb3DQEBCwUAA4IBAQCAvYQrOQ9566Iifape
BjkEeY/bUJ24p7zjNk5b92UJjkCn1d1xh9egTUp+qxCgr+YVH0t/hMLhm+JdiNoV
9D7r+b14ecBsix3BxY6T5xjmYVbFKivnNSNRbcGOX58JcysnnF5Z0Rv4nTujbnrV
mcSaIHkzqhNGqA5FZE3LG/yAW2P+FKE4wyVn/3lQVwD9VFB9Qvroo/93ARSKfFe9
FgZVM+QD3aB2Ck0axLn14popAzy7uwj5ZlatdIer/SOOpY36bUIqW8bGEIsmN55a
Q38l0EY3NRQ4CbEXP5CAezUIp/jdyKtlLygrU1q+QeWcuiqrwKSlbjxQSDkfMhzX
gjjg
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:47:05 2024 by rpki-client on console-ams.rpki-client.org