Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/2ec4b3-e65d-4612-9304-a39303d85066/1/38abtJSj_1tVTHjnfbMFySnt0Ck.roa
File: 38abtJSj_1tVTHjnfbMFySnt0Ck.roa (raw, json)
Hash identifier: rihVHZASi4lYq50CCrCrvD+5Ev3qocMvbEx1ZzfHph4=
Subject key identifier: DF:C6:9B:B4:94:A3:FF:5B:55:4C:78:E7:7D:B3:05:C9:29:ED:D0:29
Certificate issuer: /CN=f1af8bb98e405539ea983384fafa82b2b4b71724
Certificate serial: 0192A89D07168579B0508FBA6AFEAB18422F
Authority key identifier: F1:AF:8B:B9:8E:40:55:39:EA:98:33:84:FA:FA:82:B2:B4:B7:17:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8a-LuY5AVTnqmDOE-vqCsrS3FyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/2ec4b3-e65d-4612-9304-a39303d85066/1/38abtJSj_1tVTHjnfbMFySnt0Ck.roa
Signing time: Sun 20 Oct 2024 06:28:36 +0000
ROA not before: Sun 20 Oct 2024 06:28:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51399
IP address blocks: 91.103.144.0/22 maxlen: 24
91.103.144.0/24 maxlen: 24
91.217.0.0/23 maxlen: 24
91.218.200.0/22 maxlen: 24
91.218.208.0/22 maxlen: 24
110.172.146.0/24 maxlen: 24
185.157.12.0/22 maxlen: 24
2a07:a080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/2ec4b3-e65d-4612-9304-a39303d85066/1/8a-LuY5AVTnqmDOE-vqCsrS3FyQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/2ec4b3-e65d-4612-9304-a39303d85066/1/8a-LuY5AVTnqmDOE-vqCsrS3FyQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/8a-LuY5AVTnqmDOE-vqCsrS3FyQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a8:9d:07:16:85:79:b0:50:8f:ba:6a:fe:ab:18:42:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1af8bb98e405539ea983384fafa82b2b4b71724
Validity
Not Before: Oct 20 06:28:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfc69bb494a3ff5b554c78e77db305c929edd029
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:61:15:d7:9e:82:c0:d1:44:a8:2e:e3:91:57:
20:87:dd:49:4e:23:7d:67:f5:1b:56:64:96:5c:e4:
5b:d8:ff:b8:45:e4:0d:86:b3:cf:83:ed:c6:01:a1:
4e:2f:21:55:32:ea:fa:00:cc:55:51:50:d6:9f:03:
98:80:1e:da:c3:07:38:2f:7b:ba:7e:29:6d:db:4f:
81:45:be:e7:fb:9e:09:89:08:3d:e8:0d:17:78:1f:
37:10:8b:5b:e5:e0:84:7b:ad:8c:9b:f3:6e:a1:d1:
f1:a4:24:ce:73:46:95:ca:a2:fc:04:62:da:e1:9a:
0d:de:bf:19:96:c5:eb:55:49:14:36:66:c0:ae:a6:
be:6b:5f:44:a5:49:f5:31:42:cb:5f:31:2a:75:56:
7f:f4:d8:5f:0b:20:59:e8:38:37:4d:4e:44:02:4f:
1a:77:24:94:32:a5:bf:0a:53:18:c5:66:cb:8e:c9:
63:3a:84:21:2a:8f:c9:0e:3d:4c:81:d2:ec:52:48:
90:d9:87:69:d0:d9:2d:8e:8f:e6:87:c3:2d:53:17:
3a:8e:00:0c:ff:a2:94:84:1a:c4:f0:d9:88:32:be:
49:bd:cf:d9:f7:78:92:07:2e:ba:ab:34:73:79:58:
29:cc:13:16:1d:a7:93:5f:7b:fb:8c:15:98:1d:7d:
82:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:C6:9B:B4:94:A3:FF:5B:55:4C:78:E7:7D:B3:05:C9:29:ED:D0:29
X509v3 Authority Key Identifier:
keyid:F1:AF:8B:B9:8E:40:55:39:EA:98:33:84:FA:FA:82:B2:B4:B7:17:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a-LuY5AVTnqmDOE-vqCsrS3FyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/2ec4b3-e65d-4612-9304-a39303d85066/1/38abtJSj_1tVTHjnfbMFySnt0Ck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/2ec4b3-e65d-4612-9304-a39303d85066/1/8a-LuY5AVTnqmDOE-vqCsrS3FyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.144.0/22
91.217.0.0/23
91.218.200.0/22
91.218.208.0/22
110.172.146.0/24
185.157.12.0/22
IPv6:
2a07:a080::/29
Signature Algorithm: sha256WithRSAEncryption
b9:a5:b9:52:ef:b8:cf:90:2a:fc:32:d5:3a:8d:85:5c:4d:80:
b2:b7:6b:3f:54:35:fa:fe:3c:98:ed:e5:9e:4a:67:71:9e:37:
11:a6:19:45:e3:73:8a:88:a6:6f:66:c0:84:ac:05:f6:a7:5d:
5f:24:e1:40:d7:04:ba:03:f9:43:df:a7:97:f4:1b:7b:7f:52:
92:93:0c:bf:1c:42:c7:81:f7:62:59:84:d6:ff:a2:0b:58:99:
ec:7e:fc:66:43:e0:ea:47:31:28:ca:6d:22:51:61:43:83:89:
f2:14:88:c4:4e:5f:21:d1:85:6b:d6:34:30:91:2f:d0:16:7d:
59:03:60:3f:b7:2b:15:a4:b9:46:06:76:74:a5:72:6a:f3:eb:
84:47:02:d8:2a:f6:a3:d7:58:b6:65:52:e0:5f:60:c0:66:11:
7f:b5:1f:53:38:6e:9f:69:b9:24:88:7e:7c:42:5d:a9:c9:47:
8a:13:a6:c4:bd:43:21:1d:72:5e:4e:f7:81:92:d0:59:45:23:
bd:26:96:30:3d:41:d9:56:82:f9:0d:ea:99:3e:36:b9:cd:d9:
2f:71:18:28:44:48:37:6e:c5:35:86:67:b7:87:af:62:47:e2:
ea:d3:d9:5a:e5:9b:bc:9d:d7:62:07:e7:8f:17:80:cb:8c:17:
9b:b8:ea:1c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZKonQcWhXmwUI+6av6rGEIvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYWY4YmI5OGU0MDU1MzllYTk4MzM4NGZhZmE4MmIyYjRi
NzE3MjQwHhcNMjQxMDIwMDYyODM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmM2OWJiNDk0YTNmZjViNTU0Yzc4ZTc3ZGIzMDVjOTI5ZWRkMDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGEV156CwNFEqC7jkVcgh91JTiN9
Z/UbVmSWXORb2P+4ReQNhrPPg+3GAaFOLyFVMur6AMxVUVDWnwOYgB7awwc4L3u6
filt20+BRb7n+54JiQg96A0XeB83EItb5eCEe62Mm/NuodHxpCTOc0aVyqL8BGLa
4ZoN3r8ZlsXrVUkUNmbArqa+a19EpUn1MULLXzEqdVZ/9NhfCyBZ6Dg3TU5EAk8a
dySUMqW/ClMYxWbLjsljOoQhKo/JDj1MgdLsUkiQ2Ydp0Nktjo/mh8MtUxc6jgAM
/6KUhBrE8NmIMr5Jvc/Z93iSBy66qzRzeVgpzBMWHaeTX3v7jBWYHX2CuwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFN/Gm7SUo/9bVUx4532zBckp7dApMB8GA1UdIwQY
MBaAFPGvi7mOQFU56pgzhPr6grK0txckMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGEtTHVZNUFWVG5xbURPRS12cUNzclMzRnlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8yZWM0YjMtZTY1ZC00NjEyLTkzMDQt
YTM5MzAzZDg1MDY2LzEvMzhhYnRKU2pfMXRWVEhqbmZiTUZ5U250MENrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8yZWM0YjMtZTY1ZC00NjEyLTkzMDQtYTM5MzAzZDg1MDY2
LzEvOGEtTHVZNUFWVG5xbURPRS12cUNzclMzRnlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCW2eQAwQB
W9kAAwQCW9rIAwQCW9rQAwQAbqySAwQCuZ0MMA0EAgACMAcDBQMqB6CAMA0GCSqG
SIb3DQEBCwUAA4IBAQC5pblS77jPkCr8MtU6jYVcTYCyt2s/VDX6/jyY7eWeSmdx
njcRphlF43OKiKZvZsCErAX2p11fJOFA1wS6A/lD36eX9Bt7f1KSkwy/HELHgfdi
WYTW/6ILWJnsfvxmQ+DqRzEoym0iUWFDg4nyFIjETl8h0YVr1jQwkS/QFn1ZA2A/
tysVpLlGBnZ0pXJq8+uERwLYKvaj11i2ZVLgX2DAZhF/tR9TOG6fabkkiH58Ql2p
yUeKE6bEvUMhHXJeTveBktBZRSO9JpYwPUHZVoL5DeqZPja5zdkvcRgoREg3bsU1
hme3h69iR+Lq09la5Zu8nddiB+ePF4DLjBebuOoc
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:11:40 2024 by rpki-client on console-fra.rpki-client.org