Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/8NrkEfHhOfyprS-1MC097etJKvo.roa
File: 8NrkEfHhOfyprS-1MC097etJKvo.roa (raw, json)
Hash identifier: F90RSW6EJfqrSRaf/LqBjpHBSg9OVs+X1NcVzJbQ/Gc=
Subject key identifier: F0:DA:E4:11:F1:E1:39:FC:A9:AD:2F:B5:30:2D:3D:ED:EB:49:2A:FA
Certificate issuer: /CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Certificate serial: 0191B7FE4F99A6A093E1E74BFBAB5FAD4022
Authority key identifier: 30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/8NrkEfHhOfyprS-1MC097etJKvo.roa
Signing time: Tue 03 Sep 2024 13:06:22 +0000
ROA not before: Tue 03 Sep 2024 13:06:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203596
IP address blocks: 91.213.223.0/24 maxlen: 24
91.216.15.0/24 maxlen: 24
185.14.176.0/24 maxlen: 24
185.14.178.0/24 maxlen: 24
185.122.100.0/22 maxlen: 24
185.222.88.0/22 maxlen: 24
2a06:a400::/29 maxlen: 29
2a06:a400:20::/44 maxlen: 48
2a06:a400:22::/48 maxlen: 48
2a06:a401::/32 maxlen: 48
2a06:a402::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 19:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b7:fe:4f:99:a6:a0:93:e1:e7:4b:fb:ab:5f:ad:40:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Validity
Not Before: Sep 3 13:06:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0dae411f1e139fca9ad2fb5302d3dedeb492afa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:53:bb:ee:81:21:8b:6f:94:d9:3a:9b:25:d1:
d7:f2:bb:64:4c:3a:3d:2d:0c:ae:85:d9:fd:eb:ce:
85:ba:ce:2d:ed:be:cd:81:bb:34:22:5a:65:73:8f:
52:de:8e:2c:18:6c:34:4d:8d:3c:1c:d5:f1:e6:b7:
8e:33:04:fc:9e:e1:fa:55:6a:5e:f6:f2:5b:27:0c:
13:fd:d8:47:1f:db:7a:82:e8:bf:4d:60:27:5a:22:
ae:27:fc:da:ab:54:d8:3c:c8:68:c2:d1:e9:d4:9e:
6f:72:ad:e5:c4:7c:81:81:8d:4f:08:2f:7f:22:96:
ef:a6:a9:26:33:31:b5:a8:60:38:d3:d1:fa:d8:11:
3b:4b:e7:c2:ff:e2:f5:5b:b2:2d:f0:4c:82:11:b8:
6c:0a:61:7e:3e:fe:34:0c:3c:8c:65:ce:fe:23:c8:
ee:91:cb:07:c3:f8:61:c5:39:6e:0e:9c:fd:72:3a:
6a:a9:d6:fa:5d:02:90:89:c4:28:a9:34:8c:eb:f7:
77:98:24:9d:da:b6:6a:3c:a2:ec:40:59:ca:28:5f:
05:37:52:ba:43:78:64:4c:ab:2d:5b:85:2f:54:6b:
e9:72:15:69:ad:c5:ba:28:f9:93:67:73:7f:65:6a:
02:e3:a5:9a:e6:0c:2b:8e:16:84:bf:7b:34:29:49:
87:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:DA:E4:11:F1:E1:39:FC:A9:AD:2F:B5:30:2D:3D:ED:EB:49:2A:FA
X509v3 Authority Key Identifier:
keyid:30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/8NrkEfHhOfyprS-1MC097etJKvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.223.0/24
91.216.15.0/24
185.14.176.0/24
185.14.178.0/24
185.122.100.0/22
185.222.88.0/22
IPv6:
2a06:a400::/29
Signature Algorithm: sha256WithRSAEncryption
71:f2:d1:44:8f:06:25:4f:fe:53:8d:25:83:e7:a6:cc:64:3b:
8c:6f:e9:09:17:57:c3:8b:19:b8:23:d9:65:c9:9e:72:a5:aa:
73:76:b2:9b:3c:8e:b2:d1:0d:be:f6:b6:9a:0a:1a:2e:77:1e:
2f:23:28:86:d0:b9:2d:b6:cd:50:92:c5:78:3a:89:11:c7:6a:
cb:b9:5f:e2:f5:b7:79:32:88:09:56:c9:e8:28:dc:b5:3d:78:
58:c1:b9:ca:78:e1:7f:3b:88:f3:f9:ed:21:9d:6b:16:60:1a:
51:24:af:79:1e:7e:e4:df:73:27:f3:43:48:57:af:86:b5:b9:
f4:f2:54:90:2b:a6:9e:e4:33:cd:2f:80:bd:ca:37:58:be:e2:
f9:30:c6:bc:13:88:20:d6:9c:c0:55:37:74:01:3c:4b:96:9b:
22:83:c6:18:99:07:c5:b7:69:cc:df:79:b9:83:e3:b3:fb:26:
d7:f1:30:b7:ea:74:02:a5:32:07:d7:69:c9:83:7a:01:ef:f9:
bf:8b:3e:76:df:21:86:c9:9c:43:17:5e:92:9f:15:27:46:93:
d4:e5:58:8d:16:ed:c9:0b:d2:81:48:c0:bb:ae:2c:3e:6b:c8:
2d:29:fd:c3:68:6f:d8:8c:ba:7d:a9:d2:a5:6a:7b:fe:29:a7:
12:dc:4e:fb
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZG3/k+ZpqCT4edL+6tfrUAiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZjFiYTYxMTFjOGYxZDNmMzdjMWI3YzFhNWVkNzM3NDAy
MTkyZjIwHhcNMjQwOTAzMTMwNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGRhZTQxMWYxZTEzOWZjYTlhZDJmYjUzMDJkM2RlZGViNDkyYWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVO77oEhi2+U2TqbJdHX8rtkTDo9
LQyuhdn9686Fus4t7b7Ngbs0Ilplc49S3o4sGGw0TY08HNXx5reOMwT8nuH6VWpe
9vJbJwwT/dhHH9t6gui/TWAnWiKuJ/zaq1TYPMhowtHp1J5vcq3lxHyBgY1PCC9/
IpbvpqkmMzG1qGA409H62BE7S+fC/+L1W7It8EyCEbhsCmF+Pv40DDyMZc7+I8ju
kcsHw/hhxTluDpz9cjpqqdb6XQKQicQoqTSM6/d3mCSd2rZqPKLsQFnKKF8FN1K6
Q3hkTKstW4UvVGvpchVprcW6KPmTZ3N/ZWoC46Wa5gwrjhaEv3s0KUmH+QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPDa5BHx4Tn8qa0vtTAtPe3rSSr6MB8GA1UdIwQY
MBaAFDDxumERyPHT83wbfBpe1zdAIZLyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQt
YzMzMDE4NjMzZDMzLzEvOE5ya0VmSGhPZnlwclMtMU1DMDk3ZXRKS3ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQtYzMzMDE4NjMzZDMz
LzEvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAW9XfAwQA
W9gPAwQAuQ6wAwQAuQ6yAwQCuXpkAwQCud5YMA0EAgACMAcDBQMqBqQAMA0GCSqG
SIb3DQEBCwUAA4IBAQBx8tFEjwYlT/5TjSWD56bMZDuMb+kJF1fDixm4I9llyZ5y
papzdrKbPI6y0Q2+9raaChoudx4vIyiG0Lktts1QksV4OokRx2rLuV/i9bd5MogJ
VsnoKNy1PXhYwbnKeOF/O4jz+e0hnWsWYBpRJK95Hn7k33Mn80NIV6+Gtbn08lSQ
K6ae5DPNL4C9yjdYvuL5MMa8E4gg1pzAVTd0ATxLlpsig8YYmQfFt2nM33m5g+Oz
+ybX8TC36nQCpTIH12nJg3oB7/m/iz523yGGyZxDF16SnxUnRpPU5ViNFu3JC9KB
SMC7riw+a8gtKf3DaG/YjLp9qdKlanv+KacS3E77
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:36:16 2024 by rpki-client on console-fra.rpki-client.org