Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/bF6__JwUZxNQIVj6LE0vr5NnDZQ.roa
File: bF6__JwUZxNQIVj6LE0vr5NnDZQ.roa (raw, json)
Hash identifier: ZGQeSF5pMp+njcWDIfqB2eSBWCehbw+berYHQileep8=
Subject key identifier: 6C:5E:BF:FC:9C:14:67:13:50:21:58:FA:2C:4D:2F:AF:93:67:0D:94
Certificate issuer: /CN=57c1fe8083646749816ad3fa64098345fb61e9f5
Certificate serial: 019270F9CC504F551CD23ABCAA9110606050
Authority key identifier: 57:C1:FE:80:83:64:67:49:81:6A:D3:FA:64:09:83:45:FB:61:E9:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8H-gINkZ0mBatP6ZAmDRfth6fU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/bF6__JwUZxNQIVj6LE0vr5NnDZQ.roa
Signing time: Wed 09 Oct 2024 11:11:11 +0000
ROA not before: Wed 09 Oct 2024 11:11:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57099
IP address blocks: 91.229.222.0/24 maxlen: 24
91.229.223.0/24 maxlen: 24
146.255.104.0/21 maxlen: 21
146.255.104.0/24 maxlen: 24
146.255.105.0/24 maxlen: 24
146.255.106.0/23 maxlen: 23
146.255.108.0/22 maxlen: 22
164.138.80.0/21 maxlen: 21
185.16.224.0/22 maxlen: 22
185.47.216.0/24 maxlen: 24
185.47.217.0/24 maxlen: 24
185.47.218.0/24 maxlen: 24
185.47.219.0/24 maxlen: 24
185.56.40.0/24 maxlen: 24
185.56.41.0/24 maxlen: 24
185.56.42.0/24 maxlen: 24
185.56.43.0/24 maxlen: 24
2a04:3c0::/29 maxlen: 29
2a04:d840::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/V8H-gINkZ0mBatP6ZAmDRfth6fU.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/V8H-gINkZ0mBatP6ZAmDRfth6fU.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8H-gINkZ0mBatP6ZAmDRfth6fU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:70:f9:cc:50:4f:55:1c:d2:3a:bc:aa:91:10:60:60:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c1fe8083646749816ad3fa64098345fb61e9f5
Validity
Not Before: Oct 9 11:11:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c5ebffc9c146713502158fa2c4d2faf93670d94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f6:45:17:a6:d7:b5:b1:30:7a:0a:cd:6d:ee:
32:e2:c0:27:08:44:6c:3a:11:be:1d:c0:6a:55:92:
e2:75:1f:69:5a:de:bf:0c:23:fc:a9:e8:8a:d2:5b:
37:c5:6a:84:d4:76:6b:b8:e0:50:03:2d:62:26:74:
22:0f:65:4a:d6:57:2d:22:98:48:41:fa:42:6f:3c:
53:56:3d:05:8a:37:c8:54:1e:3e:ca:aa:fc:45:8f:
bc:00:6c:f8:e8:35:ed:e6:4f:c8:48:44:74:fa:5d:
b2:da:6d:96:60:d2:c4:e6:33:f1:78:35:ba:cf:08:
8b:e0:0c:a0:c1:d5:e8:96:c2:75:30:b9:40:74:c0:
61:50:ce:02:e3:32:c8:44:ce:da:fd:d6:8b:fe:ed:
ba:e0:8a:0d:ef:c6:ea:9c:fc:1a:35:07:b3:14:16:
60:18:a3:68:16:c2:be:dd:a5:3a:e8:6a:25:0a:7e:
ff:41:12:fe:fc:64:eb:89:a9:68:eb:36:ed:1f:79:
62:1e:70:52:1d:b9:bd:93:a6:30:2f:cd:30:e0:ca:
04:d3:ca:e6:94:31:16:ee:fe:26:60:87:51:31:dd:
d8:7c:1d:bf:3b:bf:d0:a6:38:de:4a:76:ca:6e:25:
12:1d:0e:e0:29:fd:8c:bc:95:d1:4e:38:e9:79:0c:
f3:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:5E:BF:FC:9C:14:67:13:50:21:58:FA:2C:4D:2F:AF:93:67:0D:94
X509v3 Authority Key Identifier:
keyid:57:C1:FE:80:83:64:67:49:81:6A:D3:FA:64:09:83:45:FB:61:E9:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8H-gINkZ0mBatP6ZAmDRfth6fU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/bF6__JwUZxNQIVj6LE0vr5NnDZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/V8H-gINkZ0mBatP6ZAmDRfth6fU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.222.0/23
146.255.104.0/21
164.138.80.0/21
185.16.224.0/22
185.47.216.0/22
185.56.40.0/22
IPv6:
2a04:3c0::/29
2a04:d840::/29
Signature Algorithm: sha256WithRSAEncryption
90:c2:d4:dd:47:33:87:c7:f3:5c:28:23:59:87:a8:2b:78:0b:
5c:fd:c0:74:56:0b:2e:35:29:11:cd:73:e0:7b:87:5f:c1:e6:
c7:06:7b:da:44:ee:dc:ee:f3:83:34:c2:ae:1f:03:89:4b:be:
87:76:f9:fe:9a:bc:64:96:0f:bd:a6:ba:f2:fc:8d:88:df:03:
64:68:f3:37:6b:96:36:05:66:2e:95:56:c7:68:a6:14:91:b2:
2c:7e:1d:84:f4:72:63:fc:f1:d2:65:d4:00:65:8a:c4:f7:46:
8c:51:7f:d8:bc:b7:3f:a2:40:2d:c9:4c:40:2b:66:8d:74:9a:
e7:0d:3d:80:c9:09:6c:da:a0:5a:fe:0a:67:d3:5a:2e:0f:aa:
9c:02:5a:3d:30:af:9a:97:95:fc:d5:70:97:27:c4:63:37:02:
a8:bf:70:90:6a:4f:a7:7f:1e:ea:a7:80:c3:66:e2:4d:bd:ce:
02:92:01:c5:53:74:f2:cc:de:c0:65:ff:6b:6c:e3:7d:0e:e9:
58:dc:97:4d:11:23:7a:da:3e:a5:13:3f:4a:f1:51:b1:54:f2:
9c:7b:c0:f0:c8:b3:f3:d4:68:25:9f:78:76:51:97:38:90:e2:
5e:e0:b0:7f:f0:65:9b:02:a1:d7:44:f6:b8:21:61:01:84:a3:
3b:b1:54:d1
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZJw+cxQT1Uc0jq8qpEQYGBQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzFmZTgwODM2NDY3NDk4MTZhZDNmYTY0MDk4MzQ1ZmI2
MWU5ZjUwHhcNMjQxMDA5MTExMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzVlYmZmYzljMTQ2NzEzNTAyMTU4ZmEyYzRkMmZhZjkzNjcwZDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvZFF6bXtbEwegrNbe4y4sAnCERs
OhG+HcBqVZLidR9pWt6/DCP8qeiK0ls3xWqE1HZruOBQAy1iJnQiD2VK1lctIphI
QfpCbzxTVj0FijfIVB4+yqr8RY+8AGz46DXt5k/ISER0+l2y2m2WYNLE5jPxeDW6
zwiL4AygwdXolsJ1MLlAdMBhUM4C4zLIRM7a/daL/u264IoN78bqnPwaNQezFBZg
GKNoFsK+3aU66GolCn7/QRL+/GTrialo6zbtH3liHnBSHbm9k6YwL80w4MoE08rm
lDEW7v4mYIdRMd3YfB2/O7/QpjjeSnbKbiUSHQ7gKf2MvJXRTjjpeQzzJQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFGxev/ycFGcTUCFY+ixNL6+TZw2UMB8GA1UdIwQY
MBaAFFfB/oCDZGdJgWrT+mQJg0X7Yen1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhILWdJTmtaMG1CYXRQNlpBbURSZnRoNmZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xYjQ3MDgtZWVmOS00OWRlLWI4ODct
ZjMyMDY5ZWM0ZWU1LzEvYkY2X19Kd1VaeE5RSVZqNkxFMHZyNU5uRFpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xYjQ3MDgtZWVmOS00OWRlLWI4ODctZjMyMDY5ZWM0ZWU1
LzEvVjhILWdJTmtaMG1CYXRQNlpBbURSZnRoNmZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQBW+XeAwQD
kv9oAwQDpIpQAwQCuRDgAwQCuS/YAwQCuTgoMBQEAgACMA4DBQMqBAPAAwUDKgTY
QDANBgkqhkiG9w0BAQsFAAOCAQEAkMLU3Uczh8fzXCgjWYeoK3gLXP3AdFYLLjUp
Ec1z4HuHX8HmxwZ72kTu3O7zgzTCrh8DiUu+h3b5/pq8ZJYPvaa68vyNiN8DZGjz
N2uWNgVmLpVWx2imFJGyLH4dhPRyY/zx0mXUAGWKxPdGjFF/2Ly3P6JALclMQCtm
jXSa5w09gMkJbNqgWv4KZ9NaLg+qnAJaPTCvmpeV/NVwlyfEYzcCqL9wkGpPp38e
6qeAw2biTb3OApIBxVN08szewGX/a2zjfQ7pWNyXTREjeto+pRM/SvFRsVTynHvA
8Miz89RoJZ94dlGXOJDiXuCwf/BlmwKh10T2uCFhAYSjO7FU0Q==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:57:36 2024 by rpki-client on console-fra.rpki-client.org