Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/94d5a1-1cc3-48fc-99cc-830b22dd2dea/1/3lngZbGtVJQy1njtJGDpmKyQysI.roa
File: 3lngZbGtVJQy1njtJGDpmKyQysI.roa (raw, json)
Hash identifier: +Z3R0iyT0wliWm5YxZk9z0XWkYE2dW4/2BZp6nn1Hes=
Subject key identifier: DE:59:E0:65:B1:AD:54:94:32:D6:78:ED:24:60:E9:98:AC:90:CA:C2
Certificate issuer: /CN=2fae412cffa8cb5cfb93bb31ab5e989038784d7f
Certificate serial: 018DF3B825F5F65CC5E2A6C867E95741E4F1
Authority key identifier: 2F:AE:41:2C:FF:A8:CB:5C:FB:93:BB:31:AB:5E:98:90:38:78:4D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L65BLP-oy1z7k7sxq16YkDh4TX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/94d5a1-1cc3-48fc-99cc-830b22dd2dea/1/3lngZbGtVJQy1njtJGDpmKyQysI.roa
Signing time: Thu 29 Feb 2024 07:15:48 +0000
ROA not before: Thu 29 Feb 2024 07:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210220
IP address blocks: 91.213.96.0/24 maxlen: 24
2001:67c:da4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/94d5a1-1cc3-48fc-99cc-830b22dd2dea/1/L65BLP-oy1z7k7sxq16YkDh4TX8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/94d5a1-1cc3-48fc-99cc-830b22dd2dea/1/L65BLP-oy1z7k7sxq16YkDh4TX8.mft
rsync://rpki.ripe.net/repository/DEFAULT/L65BLP-oy1z7k7sxq16YkDh4TX8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f3:b8:25:f5:f6:5c:c5:e2:a6:c8:67:e9:57:41:e4:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fae412cffa8cb5cfb93bb31ab5e989038784d7f
Validity
Not Before: Feb 29 07:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de59e065b1ad549432d678ed2460e998ac90cac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c5:2d:1f:42:17:75:c7:70:3c:b3:93:a9:ce:
64:b6:50:2b:3c:0c:cd:5b:83:ba:ad:82:9b:2b:51:
52:55:47:97:52:60:ab:f1:cb:77:7c:35:15:d4:dc:
08:6b:5c:26:80:f4:37:b3:14:d3:5c:66:12:ca:ea:
ca:9c:d2:6f:7f:a1:df:e4:91:45:41:85:fd:46:f9:
15:58:74:80:cc:1a:94:14:49:4a:be:18:cc:6a:af:
b9:54:c9:75:e5:49:ae:ab:ef:22:89:61:79:53:46:
f0:47:42:5a:75:b4:3d:a2:09:16:0a:c8:56:8b:e1:
35:de:06:95:9c:3c:33:bb:d9:81:d5:63:32:84:9b:
ed:e1:30:31:97:42:92:d7:77:63:f0:85:09:11:2f:
33:45:09:75:a4:fb:d8:94:8c:2f:6e:f2:ea:9b:70:
dc:0d:07:b5:76:a2:b7:ec:1a:76:0d:9f:7c:f5:95:
59:2e:be:a2:81:54:30:9a:4d:b6:a5:e9:5e:69:cc:
62:2f:bf:79:df:d8:63:ae:85:93:2e:64:98:b6:a5:
f7:f6:90:86:69:1a:d5:11:8e:82:61:70:85:7a:09:
25:33:92:50:49:a5:5a:c8:ca:44:61:cc:12:f7:e8:
40:0c:02:ac:35:46:ab:08:81:3e:36:09:46:d9:0e:
9c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:59:E0:65:B1:AD:54:94:32:D6:78:ED:24:60:E9:98:AC:90:CA:C2
X509v3 Authority Key Identifier:
keyid:2F:AE:41:2C:FF:A8:CB:5C:FB:93:BB:31:AB:5E:98:90:38:78:4D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L65BLP-oy1z7k7sxq16YkDh4TX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/94d5a1-1cc3-48fc-99cc-830b22dd2dea/1/3lngZbGtVJQy1njtJGDpmKyQysI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/94d5a1-1cc3-48fc-99cc-830b22dd2dea/1/L65BLP-oy1z7k7sxq16YkDh4TX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.96.0/24
IPv6:
2001:67c:da4::/48
Signature Algorithm: sha256WithRSAEncryption
a7:75:86:52:43:dc:a0:c5:ff:6a:fe:6d:d2:c2:02:0a:0f:ff:
a3:55:9d:23:d0:72:1f:98:49:f8:fe:b5:14:42:a1:a4:2f:9d:
61:31:f8:2f:c7:06:bc:1c:a9:fa:1f:24:4c:97:cb:d8:9b:20:
fc:25:40:5c:a7:8c:11:83:56:a5:3e:50:89:07:2b:66:92:d3:
ee:ed:df:2d:42:d0:d9:e7:71:b2:ad:7f:9a:44:ae:23:8c:8d:
35:3e:c1:83:a6:57:b8:a1:5d:1f:ee:c4:e3:56:5d:8e:b0:10:
0e:98:2c:d8:f1:a0:5f:e0:69:8f:50:29:51:fa:d8:68:93:7c:
3e:0e:87:a3:87:38:5e:d5:15:4d:a9:5d:4c:37:29:32:11:f3:
f4:ff:29:68:66:36:28:26:ff:7b:3a:28:ef:5e:aa:64:01:e0:
cc:ff:8a:59:ab:7d:67:de:27:93:c2:96:d7:0c:05:e5:b0:0a:
d6:52:d2:eb:8b:83:75:0f:d9:75:9b:e3:37:5f:af:45:e1:9b:
d8:82:a0:54:41:50:05:19:eb:8b:a9:c1:aa:7f:37:97:6f:7d:
5c:8c:29:f1:34:3f:e9:df:7e:e5:90:c0:b7:a9:34:68:35:da:
49:b5:05:4e:ad:0c:82:85:7d:c2:42:33:bd:82:d8:08:9c:74:
2e:af:82:4c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3zuCX19lzF4qbIZ+lXQeTxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYWU0MTJjZmZhOGNiNWNmYjkzYmIzMWFiNWU5ODkwMzg3
ODRkN2YwHhcNMjQwMjI5MDcxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTU5ZTA2NWIxYWQ1NDk0MzJkNjc4ZWQyNDYwZTk5OGFjOTBjYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsUtH0IXdcdwPLOTqc5ktlArPAzN
W4O6rYKbK1FSVUeXUmCr8ct3fDUV1NwIa1wmgPQ3sxTTXGYSyurKnNJvf6Hf5JFF
QYX9RvkVWHSAzBqUFElKvhjMaq+5VMl15Umuq+8iiWF5U0bwR0JadbQ9ogkWCshW
i+E13gaVnDwzu9mB1WMyhJvt4TAxl0KS13dj8IUJES8zRQl1pPvYlIwvbvLqm3Dc
DQe1dqK37Bp2DZ989ZVZLr6igVQwmk22peleacxiL79539hjroWTLmSYtqX39pCG
aRrVEY6CYXCFegklM5JQSaVayMpEYcwS9+hADAKsNUarCIE+NglG2Q6cQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN5Z4GWxrVSUMtZ47SRg6ZiskMrCMB8GA1UdIwQY
MBaAFC+uQSz/qMtc+5O7MatemJA4eE1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDY1QkxQLW95MXo3azdzeHExNllrRGg0VFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi85NGQ1YTEtMWNjMy00OGZjLTk5Y2Mt
ODMwYjIyZGQyZGVhLzEvM2xuZ1piR3RWSlF5MW5qdEpHRHBtS3lReXNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi85NGQ1YTEtMWNjMy00OGZjLTk5Y2MtODMwYjIyZGQyZGVh
LzEvTDY1QkxQLW95MXo3azdzeHExNllrRGg0VFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9VgMA8E
AgACMAkDBwAgAQZ8DaQwDQYJKoZIhvcNAQELBQADggEBAKd1hlJD3KDF/2r+bdLC
AgoP/6NVnSPQch+YSfj+tRRCoaQvnWEx+C/HBrwcqfofJEyXy9ibIPwlQFynjBGD
VqU+UIkHK2aS0+7t3y1C0NnncbKtf5pEriOMjTU+wYOmV7ihXR/uxONWXY6wEA6Y
LNjxoF/gaY9QKVH62GiTfD4Oh6OHOF7VFU2pXUw3KTIR8/T/KWhmNigm/3s6KO9e
qmQB4Mz/ilmrfWfeJ5PCltcMBeWwCtZS0uuLg3UP2XWb4zdfr0Xhm9iCoFRBUAUZ
64upwap/N5dvfVyMKfE0P+nffuWQwLepNGg12km1BU6tDIKFfcJCM72C2AicdC6v
gkw=
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:53:36 2024 by rpki-client on console-fra.rpki-client.org