Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/8b05bf-33f1-4b5b-88a4-1673ad8c4012/1/TrwHIRfT9VfYbNlh-Wv_L1M56e8.roa
File: TrwHIRfT9VfYbNlh-Wv_L1M56e8.roa (raw, json)
Hash identifier: NhukywNPnQaxERKSAjSKgEUJQOZlAlJUap6KZWSLXdA=
Subject key identifier: 4E:BC:07:21:17:D3:F5:57:D8:6C:D9:61:F9:6B:FF:2F:53:39:E9:EF
Certificate issuer: /CN=cd68f7a391b7b1649ed4903482d3e931ed34e3d8
Certificate serial: 018CC500D2CB9E0794A1ACEE882BF45FC8F0
Authority key identifier: CD:68:F7:A3:91:B7:B1:64:9E:D4:90:34:82:D3:E9:31:ED:34:E3:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWj3o5G3sWSe1JA0gtPpMe0049g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/8b05bf-33f1-4b5b-88a4-1673ad8c4012/1/TrwHIRfT9VfYbNlh-Wv_L1M56e8.roa
Signing time: Mon 01 Jan 2024 12:30:14 +0000
ROA not before: Mon 01 Jan 2024 12:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59491
IP address blocks: 91.238.134.0/23 maxlen: 23
31.6.70.0/23 maxlen: 23
31.6.68.0/23 maxlen: 23
178.19.96.0/24 maxlen: 24
178.19.99.0/24 maxlen: 24
178.19.104.0/21 maxlen: 21
212.59.229.0/24 maxlen: 24
212.59.240.0/23 maxlen: 23
212.59.243.0/24 maxlen: 24
212.59.244.0/22 maxlen: 22
91.188.125.0/24 maxlen: 24
185.24.216.0/24 maxlen: 24
185.24.218.0/23 maxlen: 23
2a02:2430:5::/48 maxlen: 48
2a02:2430:40::/42 maxlen: 42
2a02:2430:3::/48 maxlen: 48
2a02:2430:7::/48 maxlen: 48
2a02:2430:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/8b05bf-33f1-4b5b-88a4-1673ad8c4012/1/zWj3o5G3sWSe1JA0gtPpMe0049g.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/8b05bf-33f1-4b5b-88a4-1673ad8c4012/1/zWj3o5G3sWSe1JA0gtPpMe0049g.mft
rsync://rpki.ripe.net/repository/DEFAULT/zWj3o5G3sWSe1JA0gtPpMe0049g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 09:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:d2:cb:9e:07:94:a1:ac:ee:88:2b:f4:5f:c8:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd68f7a391b7b1649ed4903482d3e931ed34e3d8
Validity
Not Before: Jan 1 12:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ebc072117d3f557d86cd961f96bff2f5339e9ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:9d:ee:75:b4:03:01:ca:51:51:6f:c3:88:d6:
85:20:e2:2a:7d:f2:94:ab:43:9c:5c:81:e3:a3:ca:
ca:6e:82:8a:a5:17:cb:ad:9b:be:4e:bd:c2:5b:03:
98:64:a6:67:18:9a:8a:53:d4:4e:a9:b5:f7:3c:53:
9d:16:5c:eb:6a:29:3c:59:86:04:a5:f9:52:44:d0:
0d:4f:43:17:2d:f6:d6:9e:a6:c4:1c:f2:0e:8c:73:
fd:49:9e:18:51:84:a5:4c:c3:17:77:54:25:57:2f:
42:3f:0f:74:c7:f8:18:f3:4c:33:15:4c:e2:fa:ad:
31:28:72:d0:77:82:c6:83:5b:7e:b1:1e:2c:ce:f4:
1e:f2:eb:23:f6:6e:28:f2:a8:e1:89:5d:ca:34:d2:
45:08:16:c6:2e:44:1e:ba:da:47:a5:a9:b6:2e:0c:
50:f9:b6:c6:15:3d:9f:2c:a7:86:d4:db:a3:75:35:
c6:80:7e:e5:41:08:8d:5e:1d:6f:3f:ac:ea:20:a4:
ff:60:02:d4:01:47:9a:16:9b:74:dc:9f:e8:f6:6a:
cd:1c:2f:5d:c9:6b:7d:b7:f7:43:f8:14:c0:06:ec:
20:3f:c2:79:7c:2a:93:0f:25:d0:4d:c6:58:a0:54:
65:af:02:3b:db:1e:52:95:fe:43:22:ec:08:fa:60:
3b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:BC:07:21:17:D3:F5:57:D8:6C:D9:61:F9:6B:FF:2F:53:39:E9:EF
X509v3 Authority Key Identifier:
keyid:CD:68:F7:A3:91:B7:B1:64:9E:D4:90:34:82:D3:E9:31:ED:34:E3:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWj3o5G3sWSe1JA0gtPpMe0049g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8b05bf-33f1-4b5b-88a4-1673ad8c4012/1/TrwHIRfT9VfYbNlh-Wv_L1M56e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8b05bf-33f1-4b5b-88a4-1673ad8c4012/1/zWj3o5G3sWSe1JA0gtPpMe0049g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.68.0/22
91.188.125.0/24
91.238.134.0/23
178.19.96.0/24
178.19.99.0/24
178.19.104.0/21
185.24.216.0/24
185.24.218.0/23
212.59.229.0/24
212.59.240.0/23
212.59.243.0-212.59.247.255
IPv6:
2a02:2430:3::/48
2a02:2430:5::-2a02:2430:7:ffff:ffff:ffff:ffff:ffff
2a02:2430:40::/42
Signature Algorithm: sha256WithRSAEncryption
72:f2:37:ef:f7:89:03:43:91:f9:77:79:7e:6d:8c:59:cb:c4:
5b:90:aa:7e:8d:c3:46:30:c7:0f:7a:67:69:91:d6:ba:b3:1b:
15:d3:1d:d0:8c:c1:51:41:77:b2:8d:9e:8e:bf:b6:ae:3b:77:
e7:ab:eb:50:0f:4b:8f:a0:eb:23:33:bc:b6:be:1e:3c:b6:db:
0a:67:b1:d7:87:ff:40:63:ef:9f:ab:7d:6c:e3:e5:5d:d7:a3:
c8:b0:1c:ee:e5:07:a9:85:8e:5b:89:0d:a9:9a:3b:20:fa:79:
c4:f5:5f:46:76:65:02:a9:bb:2e:93:3b:89:ca:9d:d8:da:86:
ef:36:30:78:ed:07:63:66:82:49:ae:cd:42:7a:fb:2d:f0:86:
27:eb:65:fc:72:2c:f9:eb:48:d5:88:80:f4:62:bd:de:5d:e1:
3f:1f:0e:5f:8a:55:d8:f0:65:db:59:db:4d:3f:c3:f5:4b:48:
32:9f:b9:23:53:a4:43:54:80:e7:8c:fd:27:ea:38:04:57:42:
49:03:53:13:fd:7f:07:b6:51:9a:ee:64:20:d3:86:12:a1:7e:
c1:1a:c8:14:75:e1:43:d0:80:f1:28:ae:a2:5a:4c:08:ed:fd:
76:d7:08:65:f5:06:3c:cf:4e:ef:32:c4:f2:73:18:09:2c:e1:
28:14:17:6c
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYzFANLLngeUoazuiCv0X8jwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNjhmN2EzOTFiN2IxNjQ5ZWQ0OTAzNDgyZDNlOTMxZWQz
NGUzZDgwHhcNMjQwMTAxMTIzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWJjMDcyMTE3ZDNmNTU3ZDg2Y2Q5NjFmOTZiZmYyZjUzMzllOWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0J3udbQDAcpRUW/DiNaFIOIqffKU
q0OcXIHjo8rKboKKpRfLrZu+Tr3CWwOYZKZnGJqKU9ROqbX3PFOdFlzraik8WYYE
pflSRNANT0MXLfbWnqbEHPIOjHP9SZ4YUYSlTMMXd1QlVy9CPw90x/gY80wzFUzi
+q0xKHLQd4LGg1t+sR4szvQe8usj9m4o8qjhiV3KNNJFCBbGLkQeutpHpam2LgxQ
+bbGFT2fLKeG1NujdTXGgH7lQQiNXh1vP6zqIKT/YALUAUeaFpt03J/o9mrNHC9d
yWt9t/dD+BTABuwgP8J5fCqTDyXQTcZYoFRlrwI72x5Slf5DIuwI+mA7rwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFE68ByEX0/VX2GzZYflr/y9TOenvMB8GA1UdIwQY
MBaAFM1o96ORt7FkntSQNILT6THtNOPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveldqM281RzNzV1NlMUpBMGd0UHBNZTAwNDlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS84YjA1YmYtMzNmMS00YjViLTg4YTQt
MTY3M2FkOGM0MDEyLzEvVHJ3SElSZlQ5VmZZYk5saC1Xdl9MMU01NmU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS84YjA1YmYtMzNmMS00YjViLTg4YTQtMTY3M2FkOGM0MDEy
LzEveldqM281RzNzV1NlMUpBMGd0UHBNZTAwNDlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDBQBAIAATBKAwQCHwZE
AwQAW7x9AwQBW+6GAwQAshNgAwQAshNjAwQDshNoAwQAuRjYAwQBuRjaAwQA1Dvl
AwQB1DvwMAwDBADUO/MDBAPUO/AwLAQCAAIwJgMHACoCJDAAAzASAwcAKgIkMAAF
AwcDKgIkMAAAAwcGKgIkMABAMA0GCSqGSIb3DQEBCwUAA4IBAQBy8jfv94kDQ5H5
d3l+bYxZy8RbkKp+jcNGMMcPemdpkda6sxsV0x3QjMFRQXeyjZ6Ov7auO3fnq+tQ
D0uPoOsjM7y2vh48ttsKZ7HXh/9AY++fq31s4+Vd16PIsBzu5QephY5biQ2pmjsg
+nnE9V9GdmUCqbsukzuJyp3Y2obvNjB47QdjZoJJrs1Cevst8IYn62X8ciz560jV
iID0Yr3eXeE/Hw5filXY8GXbWdtNP8P1S0gyn7kjU6RDVIDnjP0n6jgEV0JJA1MT
/X8HtlGa7mQg04YSoX7BGsgUdeFD0IDxKK6iWkwI7f121whl9QY8z07vMsTycxgJ
LOEoFBds
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:31:58 2024 by rpki-client on console-fra.rpki-client.org