Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/t6V3C37X_ODXvmI_dBxBALgYH9M.roa
File: t6V3C37X_ODXvmI_dBxBALgYH9M.roa (raw, json)
Hash identifier: lZ5HDcFwzMAZk2XAAS0mR3nuMBnO/gefqXQ6vJ3rcU0=
Subject key identifier: B7:A5:77:0B:7E:D7:FC:E0:D7:BE:62:3F:74:1C:41:00:B8:18:1F:D3
Certificate issuer: /CN=0beb38e34bbe17e15772706c7a961a85e5d18b5c
Certificate serial: 018CC94C0ABCA1986D622DD111E8BE580E0C
Authority key identifier: 0B:EB:38:E3:4B:BE:17:E1:57:72:70:6C:7A:96:1A:85:E5:D1:8B:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C-s440u-F-FXcnBsepYaheXRi1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/t6V3C37X_ODXvmI_dBxBALgYH9M.roa
Signing time: Tue 02 Jan 2024 08:30:53 +0000
ROA not before: Tue 02 Jan 2024 08:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196670
IP address blocks: 91.213.26.0/24 maxlen: 24
194.36.92.0/24 maxlen: 24
195.200.255.0/24 maxlen: 24
195.200.254.0/23 maxlen: 23
195.200.254.0/24 maxlen: 24
2a04:9140:3041::/48 maxlen: 48
2a04:9140:3001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/C-s440u-F-FXcnBsepYaheXRi1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/C-s440u-F-FXcnBsepYaheXRi1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/C-s440u-F-FXcnBsepYaheXRi1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:0a:bc:a1:98:6d:62:2d:d1:11:e8:be:58:0e:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0beb38e34bbe17e15772706c7a961a85e5d18b5c
Validity
Not Before: Jan 2 08:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7a5770b7ed7fce0d7be623f741c4100b8181fd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:55:03:92:99:ef:58:2f:80:ce:69:36:9a:74:
82:a3:c5:c7:32:27:0e:dc:10:99:fd:23:f1:33:c8:
40:1c:ca:ce:f7:f9:74:51:b1:1d:58:5f:42:88:13:
29:ac:a2:bb:fc:33:ff:1c:f9:da:22:c0:98:ce:7d:
59:ee:95:9d:cb:52:88:40:f8:c7:a7:f5:e0:27:d8:
29:de:07:a8:81:a1:41:28:e0:94:e4:b3:88:49:d8:
d8:68:c5:fe:ed:e1:38:cc:ac:1a:a3:0a:54:94:6e:
3c:7d:c8:a7:f2:bc:9f:f3:c5:f4:d9:8e:5a:2e:2c:
a6:5e:9e:e7:b4:1d:00:fe:0e:40:16:c4:ef:f8:6e:
38:63:72:9c:b2:08:c3:ce:a2:af:c3:87:44:e4:d1:
36:d5:b2:f9:27:73:cd:41:ed:80:a0:91:34:69:ef:
3f:14:68:e2:f9:60:08:af:1f:52:85:93:28:d4:20:
33:39:f8:f2:e1:ad:b7:52:de:1b:e1:7c:f0:6b:96:
70:43:e4:9a:a7:48:46:c1:7e:2a:86:ce:84:11:7f:
b5:bc:e5:46:ef:fb:45:ca:f2:f1:2d:af:86:ce:6f:
14:0f:72:21:0e:d6:92:11:bc:cf:bf:b6:d9:55:7e:
a8:c4:ad:1c:97:d3:9b:24:b4:d8:d2:9a:62:7f:89:
4c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:A5:77:0B:7E:D7:FC:E0:D7:BE:62:3F:74:1C:41:00:B8:18:1F:D3
X509v3 Authority Key Identifier:
keyid:0B:EB:38:E3:4B:BE:17:E1:57:72:70:6C:7A:96:1A:85:E5:D1:8B:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C-s440u-F-FXcnBsepYaheXRi1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/t6V3C37X_ODXvmI_dBxBALgYH9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/C-s440u-F-FXcnBsepYaheXRi1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.26.0/24
194.36.92.0/24
195.200.254.0/23
IPv6:
2a04:9140:3001::/48
2a04:9140:3041::/48
Signature Algorithm: sha256WithRSAEncryption
3d:aa:94:bc:55:00:36:6f:93:a4:f7:f8:be:78:22:41:f0:f5:
29:8b:15:1b:ab:8e:c3:af:2e:26:16:b3:07:50:b1:38:f6:ec:
8d:ab:86:08:fc:90:92:9a:71:7b:10:b7:d0:ba:00:b2:d3:a4:
e0:dc:05:e8:38:b5:bf:f0:42:6e:3c:0a:cf:9e:57:b0:ea:e9:
72:6e:e7:e0:78:6f:57:90:5c:a5:2c:82:f6:16:4d:8e:38:d7:
85:de:6d:9e:36:07:3b:94:55:3e:6a:18:b8:de:58:58:3f:f7:
ad:3d:c0:d9:74:6b:30:13:3e:c0:b5:3c:60:4c:03:9a:aa:c2:
74:25:51:45:35:32:23:9c:8c:d5:91:f9:4f:cb:2f:89:11:12:
dc:16:c7:63:15:7f:0a:76:41:0e:9a:4a:33:c5:dd:3c:bc:59:
26:99:5b:7f:3f:0e:6d:eb:6d:b5:0f:c3:85:0a:aa:46:43:b4:
49:da:4b:12:09:bb:90:7a:63:cc:c7:d1:e0:a1:36:e7:cd:88:
34:9c:56:cb:9e:be:69:3f:ab:6d:1f:68:80:99:2e:09:4b:7e:
9a:65:fb:b8:55:a2:ea:88:da:69:13:96:ce:33:90:d0:c9:31:
a8:fd:80:fb:01:fa:d7:2b:35:37:76:9b:42:7a:55:24:59:6f:
da:08:4b:ed
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzJTAq8oZhtYi3REei+WA4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZWIzOGUzNGJiZTE3ZTE1NzcyNzA2YzdhOTYxYTg1ZTVk
MThiNWMwHhcNMjQwMTAyMDgzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2E1NzcwYjdlZDdmY2UwZDdiZTYyM2Y3NDFjNDEwMGI4MTgxZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklUDkpnvWC+Azmk2mnSCo8XHMicO
3BCZ/SPxM8hAHMrO9/l0UbEdWF9CiBMprKK7/DP/HPnaIsCYzn1Z7pWdy1KIQPjH
p/XgJ9gp3geogaFBKOCU5LOISdjYaMX+7eE4zKwaowpUlG48fcin8ryf88X02Y5a
LiymXp7ntB0A/g5AFsTv+G44Y3KcsgjDzqKvw4dE5NE21bL5J3PNQe2AoJE0ae8/
FGji+WAIrx9ShZMo1CAzOfjy4a23Ut4b4Xzwa5ZwQ+Sap0hGwX4qhs6EEX+1vOVG
7/tFyvLxLa+Gzm8UD3IhDtaSEbzPv7bZVX6oxK0cl9ObJLTY0ppif4lMEwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLeldwt+1/zg175iP3QcQQC4GB/TMB8GA1UdIwQY
MBaAFAvrOONLvhfhV3JwbHqWGoXl0YtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQy1zNDQwdS1GLUZYY25Cc2VwWWFoZVhSaTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8zNzMxNDYtMmM5ZC00NWNjLTg1Y2Mt
OWI3OTk3NDgxZjcyLzEvdDZWM0MzN1hfT0RYdm1JX2RCeEJBTGdZSDlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8zNzMxNDYtMmM5ZC00NWNjLTg1Y2MtOWI3OTk3NDgxZjcy
LzEvQy1zNDQwdS1GLUZYY25Cc2VwWWFoZVhSaTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQAW9UaAwQA
wiRcAwQBw8j+MBgEAgACMBIDBwAqBJFAMAEDBwAqBJFAMEEwDQYJKoZIhvcNAQEL
BQADggEBAD2qlLxVADZvk6T3+L54IkHw9SmLFRurjsOvLiYWswdQsTj27I2rhgj8
kJKacXsQt9C6ALLTpODcBeg4tb/wQm48Cs+eV7Dq6XJu5+B4b1eQXKUsgvYWTY44
14XebZ42BzuUVT5qGLjeWFg/9609wNl0azATPsC1PGBMA5qqwnQlUUU1MiOcjNWR
+U/LL4kREtwWx2MVfwp2QQ6aSjPF3Ty8WSaZW38/Dm3rbbUPw4UKqkZDtEnaSxIJ
u5B6Y8zH0eChNufNiDScVsuevmk/q20faICZLglLfppl+7hVouqI2mkTls4zkNDJ
Maj9gPsB+tcrNTd2m0J6VSRZb9oIS+0=
-----END CERTIFICATE-----
Generated at Fri May 24 19:51:50 2024 by rpki-client on console-ams.rpki-client.org