Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/lOD1LivQ79P--EWvMKrJ2f3poGg.roa
File: lOD1LivQ79P--EWvMKrJ2f3poGg.roa (raw, json)
Hash identifier: +7O++nvqvu92NYcnNHW9HRWJxwjv6JqCzKuU2jDygqo=
Subject key identifier: 94:E0:F5:2E:2B:D0:EF:D3:FE:F8:45:AF:30:AA:C9:D9:FD:E9:A0:68
Certificate issuer: /CN=2bc8695772f0e64f3b9a1621733cc02506f74702
Certificate serial: 018CC56E4539BF1FC31D7035B1A6C6AF9DE9
Authority key identifier: 2B:C8:69:57:72:F0:E6:4F:3B:9A:16:21:73:3C:C0:25:06:F7:47:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K8hpV3Lw5k87mhYhczzAJQb3RwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/lOD1LivQ79P--EWvMKrJ2f3poGg.roa
Signing time: Mon 01 Jan 2024 14:29:47 +0000
ROA not before: Mon 01 Jan 2024 14:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35732
IP address blocks: 91.188.208.0/24 maxlen: 24
91.188.209.0/24 maxlen: 24
91.188.210.0/24 maxlen: 24
91.188.211.0/24 maxlen: 24
91.188.208.80/28 maxlen: 28
2a0f:b1c2:1::/48 maxlen: 48
2a0f:b1c2:3::/48 maxlen: 48
2a0f:b1c1::/32 maxlen: 32
2a0f:b1c2::/48 maxlen: 48
2a0f:b1c0::/32 maxlen: 32
2a0f:b1c2:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/K8hpV3Lw5k87mhYhczzAJQb3RwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/K8hpV3Lw5k87mhYhczzAJQb3RwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/K8hpV3Lw5k87mhYhczzAJQb3RwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 10:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:45:39:bf:1f:c3:1d:70:35:b1:a6:c6:af:9d:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bc8695772f0e64f3b9a1621733cc02506f74702
Validity
Not Before: Jan 1 14:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94e0f52e2bd0efd3fef845af30aac9d9fde9a068
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:12:5c:01:6a:5b:63:1d:5e:a4:3d:93:b4:0c:
ac:f0:a5:8c:66:25:5d:03:e7:99:ba:62:c0:95:df:
f9:38:09:c7:aa:0d:e1:4d:14:8c:df:91:95:6e:7a:
f5:84:f4:40:ad:b4:74:af:05:18:a2:5e:27:98:d6:
7b:ee:aa:46:7c:03:6a:65:21:ad:65:89:b3:c4:f4:
ac:c7:5a:43:14:71:8d:c2:08:d5:6d:bb:3a:04:ac:
bb:6e:e3:d5:fb:b8:7e:4b:da:38:b2:7a:3e:c3:a7:
0e:e7:a4:3e:74:42:6a:c8:92:28:8f:45:f8:40:97:
1c:a1:39:32:96:f3:ce:8a:5c:15:25:e2:40:eb:fc:
f6:4a:5b:14:6e:e2:00:4f:5f:d0:c9:ab:41:54:ec:
9d:6e:ab:c3:de:d8:30:d2:2a:01:8b:77:f2:c6:90:
dc:a7:29:23:72:47:7c:3c:6c:f9:07:88:45:27:64:
bb:2d:87:a1:35:ab:3c:7f:21:b0:9b:66:29:37:e2:
e5:80:2f:c1:e0:91:f4:40:cc:6c:af:58:57:9a:4b:
a5:12:35:85:d6:5c:04:56:d7:18:2a:93:77:49:26:
2b:a9:64:17:c0:5f:1c:0b:6d:ed:d2:0d:8a:a6:80:
18:d0:19:70:e8:76:77:46:7f:42:64:29:df:9c:93:
bc:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:E0:F5:2E:2B:D0:EF:D3:FE:F8:45:AF:30:AA:C9:D9:FD:E9:A0:68
X509v3 Authority Key Identifier:
keyid:2B:C8:69:57:72:F0:E6:4F:3B:9A:16:21:73:3C:C0:25:06:F7:47:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K8hpV3Lw5k87mhYhczzAJQb3RwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/lOD1LivQ79P--EWvMKrJ2f3poGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/K8hpV3Lw5k87mhYhczzAJQb3RwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.208.0/22
IPv6:
2a0f:b1c0::-2a0f:b1c2:3:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
42:3f:4b:8c:f5:5c:0e:98:6b:d9:fe:b1:8c:d7:0b:64:fd:01:
0b:62:91:68:d2:5b:fb:24:b0:68:8f:5c:37:a2:ce:2d:d7:84:
f5:83:3d:88:54:66:7b:c6:1f:95:a5:08:0b:10:4f:a9:05:8b:
b9:09:ae:00:53:ef:eb:12:ce:81:4d:8e:5e:20:ca:be:bd:e9:
de:e6:da:93:2d:e2:a8:2b:d4:75:ab:ee:f6:c1:c7:be:0e:39:
4a:68:b1:77:f5:a2:f3:6a:06:3f:08:75:e9:80:fd:a7:88:bf:
0a:f5:44:5e:fb:85:6f:5c:1a:e7:ed:e7:77:fd:5d:67:72:e8:
42:04:d9:72:7a:38:a2:29:a6:a1:5f:13:b5:3b:3f:6d:82:93:
8b:8a:80:c7:af:e5:6a:eb:14:cc:b1:1e:bf:3c:00:64:f1:a4:
d3:93:0f:bb:3f:f6:42:70:ea:08:e1:25:53:1a:29:13:14:13:
e6:f7:09:02:1f:16:f3:2f:7c:eb:df:15:25:75:0a:de:1c:72:
e5:b3:9e:32:07:e9:2f:6b:31:ee:b0:18:53:c3:4e:a8:07:ae:
a7:53:eb:6f:ae:6d:36:53:87:43:36:3b:3e:a8:74:02:77:13:
f1:b1:60:65:c6:1e:85:ed:d0:d5:53:7d:77:11:54:75:50:73:
78:0a:ee:8d
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzFbkU5vx/DHXA1sabGr53pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYzg2OTU3NzJmMGU2NGYzYjlhMTYyMTczM2NjMDI1MDZm
NzQ3MDIwHhcNMjQwMTAxMTQyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGUwZjUyZTJiZDBlZmQzZmVmODQ1YWYzMGFhYzlkOWZkZTlhMDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRJcAWpbYx1epD2TtAys8KWMZiVd
A+eZumLAld/5OAnHqg3hTRSM35GVbnr1hPRArbR0rwUYol4nmNZ77qpGfANqZSGt
ZYmzxPSsx1pDFHGNwgjVbbs6BKy7buPV+7h+S9o4sno+w6cO56Q+dEJqyJIoj0X4
QJccoTkylvPOilwVJeJA6/z2SlsUbuIAT1/QyatBVOydbqvD3tgw0ioBi3fyxpDc
pykjckd8PGz5B4hFJ2S7LYehNas8fyGwm2YpN+LlgC/B4JH0QMxsr1hXmkulEjWF
1lwEVtcYKpN3SSYrqWQXwF8cC23t0g2KpoAY0Blw6HZ3Rn9CZCnfnJO85QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJTg9S4r0O/T/vhFrzCqydn96aBoMB8GA1UdIwQY
MBaAFCvIaVdy8OZPO5oWIXM8wCUG90cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzhocFYzTHc1azg3bWhZaGN6ekFKUWIzUndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9jYmZhOWItMDI5MS00OGUzLTgwNWMt
NDNkNjZhMDMzMWVjLzEvbE9EMUxpdlE3OVAtLUVXdk1LckoyZjNwb0dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9jYmZhOWItMDI5MS00OGUzLTgwNWMtNDNkNjZhMDMzMWVj
LzEvSzhocFYzTHc1azg3bWhZaGN6ekFKUWIzUndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCW7zQMBgE
AgACMBIwEAMFBioPscADBwIqD7HCAAAwDQYJKoZIhvcNAQELBQADggEBAEI/S4z1
XA6Ya9n+sYzXC2T9AQtikWjSW/sksGiPXDeizi3XhPWDPYhUZnvGH5WlCAsQT6kF
i7kJrgBT7+sSzoFNjl4gyr696d7m2pMt4qgr1HWr7vbBx74OOUposXf1ovNqBj8I
demA/aeIvwr1RF77hW9cGuft53f9XWdy6EIE2XJ6OKIppqFfE7U7P22Ck4uKgMev
5WrrFMyxHr88AGTxpNOTD7s/9kJw6gjhJVMaKRMUE+b3CQIfFvMvfOvfFSV1Ct4c
cuWznjIH6S9rMe6wGFPDTqgHrqdT62+ubTZTh0M2Oz6odAJ3E/GxYGXGHoXt0NVT
fXcRVHVQc3gK7o0=
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:39:15 2024 by rpki-client on console-fra.rpki-client.org