Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/dVKIIttXFQi7UIpZk5gFXRX_1oo.roa
File: dVKIIttXFQi7UIpZk5gFXRX_1oo.roa (raw, json)
Hash identifier: kh/+KkVHoX+Ytqv0jm7TDVd5AW7GlJpZRnlYQ7y95w8=
Subject key identifier: 75:52:88:22:DB:57:15:08:BB:50:8A:59:93:98:05:5D:15:FF:D6:8A
Certificate issuer: /CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Certificate serial: 0191BDA303A00EF4E9BB764F08640CAF7919
Authority key identifier: CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/dVKIIttXFQi7UIpZk5gFXRX_1oo.roa
Signing time: Wed 04 Sep 2024 15:24:22 +0000
ROA not before: Wed 04 Sep 2024 15:24:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 79.137.133.0/24 maxlen: 24
85.192.48.0/24 maxlen: 24
85.192.49.0/24 maxlen: 24
89.208.137.0/24 maxlen: 24
89.208.142.0/24 maxlen: 24
92.38.240.0/24 maxlen: 24
92.38.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/yhx1cVluREqjI3HLq3JNRtPDxSw.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/yhx1cVluREqjI3HLq3JNRtPDxSw.mft
rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bd:a3:03:a0:0e:f4:e9:bb:76:4f:08:64:0c:af:79:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Validity
Not Before: Sep 4 15:24:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75528822db571508bb508a599398055d15ffd68a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e1:b5:ac:72:10:4c:e7:41:76:3f:20:33:b1:
5b:ff:dc:08:9f:f2:5b:bd:72:0c:25:bc:80:be:97:
69:94:6f:5f:2e:d1:57:89:58:9a:ca:66:df:61:19:
86:5d:33:d3:c9:aa:07:ea:7e:17:c2:eb:38:bb:f0:
0c:4b:31:4e:57:c7:9f:61:ba:cd:99:28:4a:7a:59:
63:66:6c:7b:af:d8:2a:8f:91:36:22:af:17:16:35:
e3:38:16:cc:e9:fe:b0:00:27:fb:35:71:52:ad:66:
62:91:76:63:df:b4:a4:dd:8b:e1:9c:52:e2:af:c6:
4a:9f:2c:a5:d2:c6:93:0c:c3:73:fd:dc:e3:c6:d0:
ed:e0:e9:af:da:84:91:c2:a8:ed:d8:e3:8a:69:b6:
be:c7:96:e4:ab:a9:82:62:0d:38:50:d0:d5:25:08:
54:cc:af:4f:94:c7:e6:2b:f6:65:eb:fd:c8:95:66:
ca:39:71:03:e0:24:16:ca:3f:b5:68:59:25:59:af:
47:84:e7:8c:3d:f3:03:52:aa:a1:f6:54:41:59:90:
44:06:0c:1b:ac:ed:a8:ea:7b:2a:c0:ff:a6:c5:97:
30:1f:c4:5d:f7:d2:04:cd:55:51:9b:37:7c:4f:44:
fe:dd:75:14:cd:61:c9:df:89:81:ec:92:d6:e0:7c:
2b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:52:88:22:DB:57:15:08:BB:50:8A:59:93:98:05:5D:15:FF:D6:8A
X509v3 Authority Key Identifier:
keyid:CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/dVKIIttXFQi7UIpZk5gFXRX_1oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/yhx1cVluREqjI3HLq3JNRtPDxSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.137.133.0/24
85.192.48.0/23
89.208.137.0/24
89.208.142.0/24
92.38.240.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:bd:da:d8:7b:11:4b:2f:08:d1:86:89:c6:eb:ae:8f:4f:ee:
45:d9:c1:3f:83:ce:d8:bc:f8:ba:65:7a:c7:87:d5:3e:5d:d1:
e3:6b:8f:2b:3b:70:c4:31:0b:0e:01:06:f6:7a:dc:2b:87:15:
97:0c:66:1e:3b:7a:bd:28:00:85:8c:f4:64:b7:5d:21:d1:37:
23:37:ec:81:30:6a:00:e9:27:5e:e4:fd:a3:cf:be:37:12:5b:
88:cf:dc:b3:75:79:57:3b:14:5d:04:8b:be:16:d6:97:47:e1:
64:e0:fd:53:14:b2:45:2c:01:4b:87:cd:df:30:0d:93:b1:7e:
86:3a:2d:bf:2a:4f:86:40:23:c4:31:a1:02:87:30:7d:91:12:
30:64:85:11:d3:5d:1e:a3:b0:2d:1d:60:6a:64:c0:cb:9f:a5:
07:1e:19:5b:34:66:c8:fc:b2:52:76:ef:01:94:51:e8:18:26:
df:3b:bd:0a:ee:1a:f1:a4:5d:d8:a4:ea:bd:f0:94:4c:3f:c8:
80:d9:a5:72:71:06:88:5f:03:49:a0:60:63:5e:8c:8e:5a:bc:
a3:90:ff:ad:ec:e1:d2:3d:72:af:00:37:bf:aa:c9:82:32:b9:
b9:83:ec:f3:90:6e:8a:a1:76:8c:24:b0:80:42:92:1f:53:5d:
7f:1d:79:ac
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZG9owOgDvTpu3ZPCGQMr3kZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWM3NTcxNTk2ZTQ0NGFhMzIzNzFjYmFiNzI0ZDQ2ZDNj
M2M1MmMwHhcNMjQwOTA0MTUyNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTUyODgyMmRiNTcxNTA4YmI1MDhhNTk5Mzk4MDU1ZDE1ZmZkNjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+G1rHIQTOdBdj8gM7Fb/9wIn/Jb
vXIMJbyAvpdplG9fLtFXiViaymbfYRmGXTPTyaoH6n4Xwus4u/AMSzFOV8efYbrN
mShKelljZmx7r9gqj5E2Iq8XFjXjOBbM6f6wACf7NXFSrWZikXZj37Sk3YvhnFLi
r8ZKnyyl0saTDMNz/dzjxtDt4Omv2oSRwqjt2OOKaba+x5bkq6mCYg04UNDVJQhU
zK9PlMfmK/Zl6/3IlWbKOXED4CQWyj+1aFklWa9HhOeMPfMDUqqh9lRBWZBEBgwb
rO2o6nsqwP+mxZcwH8Rd99IEzVVRmzd8T0T+3XUUzWHJ34mB7JLW4HwrsQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHVSiCLbVxUIu1CKWZOYBV0V/9aKMB8GA1UdIwQY
MBaAFMocdXFZbkRKoyNxy6tyTUbTw8UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEt
Yjc2MmMwMTc1ZjI3LzEvZFZLSUl0dFhGUWk3VUlwWms1Z0ZYUlhfMW9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEtYjc2MmMwMTc1ZjI3
LzEveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAT4mFAwQB
VcAwAwQAWdCJAwQAWdCOAwQBXCbwMA0GCSqGSIb3DQEBCwUAA4IBAQBdvdrYexFL
LwjRhonG666PT+5F2cE/g87YvPi6ZXrHh9U+XdHja48rO3DEMQsOAQb2etwrhxWX
DGYeO3q9KACFjPRkt10h0TcjN+yBMGoA6Sde5P2jz743EluIz9yzdXlXOxRdBIu+
FtaXR+Fk4P1TFLJFLAFLh83fMA2TsX6GOi2/Kk+GQCPEMaEChzB9kRIwZIUR010e
o7AtHWBqZMDLn6UHHhlbNGbI/LJSdu8BlFHoGCbfO70K7hrxpF3YpOq98JRMP8iA
2aVycQaIXwNJoGBjXoyOWryjkP+t7OHSPXKvADe/qsmCMrm5g+zzkG6KoXaMJLCA
QpIfU11/HXms
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:23:39 2024 by rpki-client on console-fra.rpki-client.org