Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/aV3O0hoZk3qdHJbbDnlB7fNwxGY.roa
File: aV3O0hoZk3qdHJbbDnlB7fNwxGY.roa (raw, json)
Hash identifier: 4DkD+pB05bZZAwA0VCibOpwi5k+487wuKrvY4+LyV04=
Subject key identifier: 69:5D:CE:D2:1A:19:93:7A:9D:1C:96:DB:0E:79:41:ED:F3:70:C4:66
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 018CC348ADA59FDA87B3B1ACD1A840920581
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/aV3O0hoZk3qdHJbbDnlB7fNwxGY.roa
Signing time: Mon 01 Jan 2024 04:29:29 +0000
ROA not before: Mon 01 Jan 2024 04:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202228
IP address blocks: 94.240.60.0/24 maxlen: 24
94.240.60.0/23 maxlen: 23
94.240.61.0/24 maxlen: 24
91.106.26.0/23 maxlen: 23
91.106.26.0/24 maxlen: 24
91.106.27.0/24 maxlen: 24
94.240.16.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 10:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ad:a5:9f:da:87:b3:b1:ac:d1:a8:40:92:05:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Jan 1 04:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=695dced21a19937a9d1c96db0e7941edf370c466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a0:52:74:4f:d3:f6:7f:f1:33:08:e9:4a:fa:
04:bd:0f:44:f9:23:ea:0d:2c:b2:0c:e5:00:8c:74:
3b:28:58:5d:54:f9:e4:0b:c5:25:cc:4c:b7:95:4e:
6f:58:10:78:40:92:13:71:ff:45:84:1d:a9:ea:5d:
70:fb:24:ec:86:96:07:d7:b1:68:29:d2:b2:00:68:
a5:f9:06:95:78:4f:dc:59:f0:05:4d:9c:37:0a:38:
f0:de:70:fb:03:9a:59:0f:4e:a1:58:8d:f3:ee:70:
48:9c:57:00:a8:3a:42:59:fa:be:d0:72:76:02:68:
98:8c:8f:77:00:f8:3e:c7:9e:36:90:e2:45:6b:c3:
b2:fa:56:50:b8:9e:4d:36:91:8a:a6:58:d7:a5:39:
5b:60:0a:8b:b3:32:68:fa:e7:08:66:49:57:71:13:
dd:06:af:8e:d6:38:bf:85:7b:56:0f:38:1d:50:ff:
a6:73:ba:a6:5b:7d:16:a2:36:f7:bf:ef:eb:c4:21:
82:cb:e3:7b:37:d4:84:6a:0d:02:26:0f:67:9f:ea:
a6:ce:2a:18:5a:e9:d6:72:f5:3e:ec:95:44:ee:77:
22:7b:16:ca:d7:90:21:a3:ee:0b:4a:20:21:d9:f9:
25:1c:c4:8b:79:4f:c3:b8:d4:06:08:97:24:db:e3:
df:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:5D:CE:D2:1A:19:93:7A:9D:1C:96:DB:0E:79:41:ED:F3:70:C4:66
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/aV3O0hoZk3qdHJbbDnlB7fNwxGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.26.0/23
94.240.16.0/22
94.240.60.0/23
Signature Algorithm: sha256WithRSAEncryption
87:01:a1:7b:26:f1:f2:c4:6f:d1:0f:b6:b3:4c:e9:20:a1:1d:
e7:90:4e:e5:cc:cd:7c:d6:50:36:17:37:3f:22:e7:16:b5:cb:
0c:32:6a:24:93:0c:8b:90:dd:17:eb:29:8c:d3:23:6c:03:90:
db:9c:b2:b3:5c:4b:4c:e0:10:6f:5c:48:c4:09:44:7c:ba:91:
8e:0b:e9:98:ea:9e:04:e0:9e:be:36:28:ff:17:29:0f:2c:70:
ca:99:a1:19:21:6a:f3:4d:a8:a5:5d:36:de:e9:6a:35:ac:8d:
7b:1d:47:b8:8c:e9:42:f6:bb:f7:fb:d9:77:11:ce:f3:63:e6:
7d:81:f6:9c:d7:78:e5:44:b4:28:87:b3:00:f0:0b:5c:b8:82:
3e:e3:05:35:25:da:aa:ff:df:83:ed:ad:6b:71:ed:e3:6c:33:
e3:9c:0e:d1:80:d8:d2:ec:14:af:00:34:32:23:1c:f3:44:ab:
0a:76:66:60:a2:6f:33:0f:cd:f3:ec:ac:91:cf:20:3b:1d:84:
30:f1:cd:c7:a6:39:71:80:2b:ad:a7:a7:b2:15:f4:e2:c1:11:
a8:cf:16:63:ae:8a:67:22:96:ae:cb:fe:3f:a3:64:d6:98:d5:
b2:2a:ea:5b:ce:8c:e1:c2:b0:24:3f:88:5a:bc:3a:b8:ab:03:
c2:ef:30:1a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSK2ln9qHs7Gs0ahAkgWBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjQwMTAxMDQyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTVkY2VkMjFhMTk5MzdhOWQxYzk2ZGIwZTc5NDFlZGYzNzBjNDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaBSdE/T9n/xMwjpSvoEvQ9E+SPq
DSyyDOUAjHQ7KFhdVPnkC8UlzEy3lU5vWBB4QJITcf9FhB2p6l1w+yTshpYH17Fo
KdKyAGil+QaVeE/cWfAFTZw3Cjjw3nD7A5pZD06hWI3z7nBInFcAqDpCWfq+0HJ2
AmiYjI93APg+x542kOJFa8Oy+lZQuJ5NNpGKpljXpTlbYAqLszJo+ucIZklXcRPd
Bq+O1ji/hXtWDzgdUP+mc7qmW30Wojb3v+/rxCGCy+N7N9SEag0CJg9nn+qmzioY
WunWcvU+7JVE7nciexbK15Aho+4LSiAh2fklHMSLeU/DuNQGCJck2+PfowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGldztIaGZN6nRyW2w55Qe3zcMRmMB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvYVYzTzBob1prM3FkSEpiYkRubEI3Zk53eEdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW2oaAwQC
XvAQAwQBXvA8MA0GCSqGSIb3DQEBCwUAA4IBAQCHAaF7JvHyxG/RD7azTOkgoR3n
kE7lzM181lA2Fzc/IucWtcsMMmokkwyLkN0X6ymM0yNsA5DbnLKzXEtM4BBvXEjE
CUR8upGOC+mY6p4E4J6+Nij/FykPLHDKmaEZIWrzTailXTbe6Wo1rI17HUe4jOlC
9rv3+9l3Ec7zY+Z9gfac13jlRLQoh7MA8AtcuII+4wU1Jdqq/9+D7a1rce3jbDPj
nA7RgNjS7BSvADQyIxzzRKsKdmZgom8zD83z7KyRzyA7HYQw8c3HpjlxgCutp6ey
FfTiwRGozxZjropnIpauy/4/o2TWmNWyKupbzozhwrAkP4havDq4qwPC7zAa
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:33:47 2024 by rpki-client on console-fra.rpki-client.org