Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/goNNlWpp0GAHEhFcaNcAq01c6uQ.roa
File: goNNlWpp0GAHEhFcaNcAq01c6uQ.roa (raw, json)
Hash identifier: 44jDG/bTSF0PVFBRtyba3lvRLLtNrQ0m67TbRxyt39A=
Subject key identifier: 82:83:4D:95:6A:69:D0:60:07:12:11:5C:68:D7:00:AB:4D:5C:EA:E4
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 018CC94BE366A3D428C01AB58C65A9DA2785
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/goNNlWpp0GAHEhFcaNcAq01c6uQ.roa
Signing time: Tue 02 Jan 2024 08:30:43 +0000
ROA not before: Tue 02 Jan 2024 08:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49287
IP address blocks: 91.192.82.0/24 maxlen: 24
213.183.35.0/24 maxlen: 24
213.183.34.0/24 maxlen: 24
5.188.174.0/24 maxlen: 24
5.188.175.0/24 maxlen: 24
185.224.251.0/24 maxlen: 24
93.189.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.mft
rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4b:e3:66:a3:d4:28:c0:1a:b5:8c:65:a9:da:27:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Jan 2 08:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82834d956a69d0600712115c68d700ab4d5ceae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b4:df:49:d4:81:fb:be:c4:a9:4c:83:ee:c0:
a8:c0:9a:21:1a:cf:b5:f1:02:d9:94:2a:76:cf:10:
18:d2:c5:9c:91:b9:e9:ec:4d:80:dc:dd:0e:cf:12:
e5:fa:3f:26:2b:16:14:ec:48:b1:89:86:81:88:54:
2c:9d:18:dd:9b:24:e1:50:47:d0:38:eb:59:fc:94:
2a:a6:4c:b6:d5:87:52:d1:9a:3c:ce:01:6a:ee:e7:
e4:d8:05:1c:10:b5:57:d4:16:c6:a7:c3:5f:54:7b:
f9:83:1d:c8:b0:ef:bd:a4:3d:3f:b4:ef:59:48:ec:
54:26:8a:7a:fd:80:72:18:9a:b4:65:36:a2:f1:50:
27:f1:49:6b:39:78:88:e0:32:70:31:92:6d:30:25:
ab:54:aa:99:da:4b:5c:31:77:1a:07:ec:48:05:de:
e8:ea:0f:d5:76:2e:f1:a4:a2:e0:09:3a:bd:3a:9d:
0c:c5:93:ff:92:68:d6:2c:06:e2:4f:7e:17:5f:86:
db:15:d4:8a:f0:f2:1c:72:20:d6:36:89:e6:89:88:
1a:bf:b3:41:01:ff:cb:6d:73:b9:85:c5:c0:d6:e7:
97:d3:70:6f:d9:74:e4:b3:16:12:41:92:ec:e1:40:
b8:c6:2d:2a:6b:e4:86:2f:f9:eb:8e:5e:7a:f1:20:
aa:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:83:4D:95:6A:69:D0:60:07:12:11:5C:68:D7:00:AB:4D:5C:EA:E4
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/goNNlWpp0GAHEhFcaNcAq01c6uQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.174.0/23
91.192.82.0/24
93.189.59.0/24
185.224.251.0/24
213.183.34.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:f2:c1:82:47:44:f0:78:a5:b0:75:03:01:b1:ac:98:f4:73:
c4:a0:41:2a:15:a1:62:13:bd:b7:3c:82:1a:81:90:c2:70:c4:
8f:83:f5:78:18:d4:75:28:b0:0c:0d:80:5d:90:3d:01:94:d1:
72:90:38:f6:77:ca:63:18:5d:18:e4:05:1e:86:7d:93:9c:5c:
f4:a6:b1:0a:cf:0e:2b:a8:a8:50:e0:5f:aa:a6:6a:d0:6d:6b:
f2:d1:b1:5e:01:5a:b6:69:48:b3:fb:60:1a:d1:7a:fe:b6:75:
9c:fa:46:2d:3d:85:24:2a:3f:10:43:fc:53:38:14:f4:42:7a:
e5:86:66:53:d2:f9:2f:a4:9e:5f:95:47:f0:9e:80:92:31:76:
e2:77:a5:64:f4:1c:16:a6:28:31:b8:3b:d9:30:c5:be:4e:9c:
81:dd:b0:18:4e:2d:7f:57:99:6f:bb:5b:ee:ea:8c:d1:1e:77:
5b:a0:af:bc:96:4b:df:89:27:69:a6:92:41:43:44:05:b0:e6:
4c:ed:be:5d:f3:6b:35:ab:10:d4:18:38:e6:df:7c:6e:04:12:
f7:d9:a7:1c:5c:8f:fa:f3:56:69:71:43:fe:4e:5b:ae:de:d0:
55:1f:91:1e:66:88:c0:1e:42:61:a6:33:cd:40:cf:0b:d8:46:
c7:c9:2b:9c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzJS+Nmo9QowBq1jGWp2ieFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjQwMTAyMDgzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjgzNGQ5NTZhNjlkMDYwMDcxMjExNWM2OGQ3MDBhYjRkNWNlYWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybTfSdSB+77EqUyD7sCowJohGs+1
8QLZlCp2zxAY0sWckbnp7E2A3N0OzxLl+j8mKxYU7EixiYaBiFQsnRjdmyThUEfQ
OOtZ/JQqpky21YdS0Zo8zgFq7ufk2AUcELVX1BbGp8NfVHv5gx3IsO+9pD0/tO9Z
SOxUJop6/YByGJq0ZTai8VAn8UlrOXiI4DJwMZJtMCWrVKqZ2ktcMXcaB+xIBd7o
6g/Vdi7xpKLgCTq9Op0MxZP/kmjWLAbiT34XX4bbFdSK8PIcciDWNonmiYgav7NB
Af/LbXO5hcXA1ueX03Bv2XTksxYSQZLs4UC4xi0qa+SGL/nrjl568SCqMQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIKDTZVqadBgBxIRXGjXAKtNXOrkMB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEvZ29OTmxXcHAwR0FIRWhGY2FOY0FxMDFjNnVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBBbyuAwQA
W8BSAwQAXb07AwQAueD7AwQB1bciMA0GCSqGSIb3DQEBCwUAA4IBAQA/8sGCR0Tw
eKWwdQMBsayY9HPEoEEqFaFiE723PIIagZDCcMSPg/V4GNR1KLAMDYBdkD0BlNFy
kDj2d8pjGF0Y5AUehn2TnFz0prEKzw4rqKhQ4F+qpmrQbWvy0bFeAVq2aUiz+2Aa
0Xr+tnWc+kYtPYUkKj8QQ/xTOBT0QnrlhmZT0vkvpJ5flUfwnoCSMXbid6Vk9BwW
pigxuDvZMMW+TpyB3bAYTi1/V5lvu1vu6ozRHndboK+8lkvfiSdpppJBQ0QFsOZM
7b5d82s1qxDUGDjm33xuBBL32accXI/681ZpcUP+Tluu3tBVH5EeZojAHkJhpjPN
QM8L2EbHySuc
-----END CERTIFICATE-----
Generated at Fri May 10 13:00:19 2024 by rpki-client on console-fra.rpki-client.org