Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/1f7c98-18aa-47d8-ab41-1161edb9bf0e/1/0rh5B4XYLHgN4ie-Klb9PhKYJTQ.roa
File: 0rh5B4XYLHgN4ie-Klb9PhKYJTQ.roa (raw, json)
Hash identifier: +SUQ68hMAN4Bmk83BlT/mha4XdtKuoyigFoY86j4XHE=
Subject key identifier: D2:B8:79:07:85:D8:2C:78:0D:E2:27:BE:2A:56:FD:3E:12:98:25:34
Certificate issuer: /CN=966afc14d4a19a7c2c168eb2c81d5622b30149eb
Certificate serial: 018CC86F150379ADCB94F197F9906BE6C249
Authority key identifier: 96:6A:FC:14:D4:A1:9A:7C:2C:16:8E:B2:C8:1D:56:22:B3:01:49:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lmr8FNShmnwsFo6yyB1WIrMBSes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/1f7c98-18aa-47d8-ab41-1161edb9bf0e/1/0rh5B4XYLHgN4ie-Klb9PhKYJTQ.roa
Signing time: Tue 02 Jan 2024 04:29:32 +0000
ROA not before: Tue 02 Jan 2024 04:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43273
IP address blocks: 91.238.168.0/22 maxlen: 22
91.196.248.0/22 maxlen: 22
5.252.172.0/22 maxlen: 22
185.149.244.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/1f7c98-18aa-47d8-ab41-1161edb9bf0e/1/lmr8FNShmnwsFo6yyB1WIrMBSes.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/1f7c98-18aa-47d8-ab41-1161edb9bf0e/1/lmr8FNShmnwsFo6yyB1WIrMBSes.mft
rsync://rpki.ripe.net/repository/DEFAULT/lmr8FNShmnwsFo6yyB1WIrMBSes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:15:03:79:ad:cb:94:f1:97:f9:90:6b:e6:c2:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=966afc14d4a19a7c2c168eb2c81d5622b30149eb
Validity
Not Before: Jan 2 04:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2b8790785d82c780de227be2a56fd3e12982534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:60:46:ed:02:f9:31:ce:b1:12:f4:40:43:06:
64:24:d6:d9:3e:2a:22:67:23:34:11:fd:6f:37:97:
28:91:08:40:d3:5d:14:9f:34:95:99:69:f8:af:dd:
df:3b:a5:3f:62:a4:fd:c2:a2:62:2d:b1:db:17:42:
e4:0a:c1:a2:74:9d:96:19:bd:58:86:ce:e0:1c:3c:
03:86:18:d2:3d:c0:ea:08:3d:50:bd:0f:4b:28:ba:
86:1c:63:f3:eb:cd:cd:83:52:34:42:f9:4f:01:da:
b3:be:7a:0d:70:4e:9d:97:f0:62:58:cb:93:b5:84:
08:d2:35:5e:ed:93:3a:ec:c2:4b:8a:9c:3d:fd:22:
99:1e:70:9c:ef:d0:62:3b:a3:94:28:09:81:36:b0:
85:a4:94:b9:ed:e3:5c:bb:a2:9a:14:52:34:0d:fe:
c0:d0:e0:2a:87:b3:e4:38:39:fb:6f:7d:6e:b8:89:
e3:ae:8a:f3:b8:f1:85:d3:91:96:00:e6:70:ce:63:
1c:37:19:69:79:36:c3:fb:55:e5:e5:93:6c:ea:08:
e9:36:b3:0d:1c:9f:85:34:f4:82:77:52:6e:38:e5:
61:91:35:2e:b8:44:23:a1:df:20:3e:e8:5a:f0:cd:
c1:2d:9a:d0:d5:5c:e8:a8:a3:3f:b1:1e:d4:e9:2e:
b0:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:B8:79:07:85:D8:2C:78:0D:E2:27:BE:2A:56:FD:3E:12:98:25:34
X509v3 Authority Key Identifier:
keyid:96:6A:FC:14:D4:A1:9A:7C:2C:16:8E:B2:C8:1D:56:22:B3:01:49:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lmr8FNShmnwsFo6yyB1WIrMBSes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/1f7c98-18aa-47d8-ab41-1161edb9bf0e/1/0rh5B4XYLHgN4ie-Klb9PhKYJTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/1f7c98-18aa-47d8-ab41-1161edb9bf0e/1/lmr8FNShmnwsFo6yyB1WIrMBSes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.172.0/22
91.196.248.0/22
91.238.168.0/22
185.149.244.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:25:02:7e:58:26:e6:67:1c:7f:7e:b6:3d:21:b3:f7:29:f2:
3d:1d:41:ae:f6:e1:a0:1b:4f:d4:33:60:be:91:f4:44:99:a7:
77:ad:c3:54:97:67:a1:b9:22:46:aa:95:e0:aa:56:0d:32:3d:
5d:6c:d0:71:67:d5:c5:75:d5:22:17:f7:fe:01:ed:70:de:1d:
5c:09:34:74:c9:ef:d4:5c:81:87:b6:eb:67:37:62:b8:a8:b2:
d2:45:27:c2:c3:36:56:7a:0a:7a:a4:a5:a6:a4:95:b4:d2:26:
bc:1c:57:c6:3f:a4:d2:9d:0f:5b:c9:99:40:7b:70:4b:06:1d:
42:6b:a1:6a:a3:82:2c:ca:a0:c3:da:95:76:2f:12:53:d3:52:
f7:1c:47:39:9c:76:da:4b:9f:af:29:39:99:47:54:27:60:57:
40:17:86:94:f6:f8:e7:aa:0f:ca:f5:ee:cf:59:1d:8c:fa:79:
6d:0b:5b:54:25:51:2b:d0:b0:56:3c:25:84:f2:03:65:72:03:
96:2a:18:bf:3c:3f:58:7d:c9:5e:71:1c:1b:69:d6:d1:bd:b1:
f1:bd:5e:a7:14:a2:c9:99:69:49:96:45:c8:94:fe:8c:29:51:
b4:4a:6f:38:9a:b3:13:96:a4:3e:4d:c2:fb:9b:b2:03:e3:d9:
1e:ec:8e:05
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIbxUDea3LlPGX+ZBr5sJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NmFmYzE0ZDRhMTlhN2MyYzE2OGViMmM4MWQ1NjIyYjMw
MTQ5ZWIwHhcNMjQwMTAyMDQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmI4NzkwNzg1ZDgyYzc4MGRlMjI3YmUyYTU2ZmQzZTEyOTgyNTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGBG7QL5Mc6xEvRAQwZkJNbZPioi
ZyM0Ef1vN5cokQhA010UnzSVmWn4r93fO6U/YqT9wqJiLbHbF0LkCsGidJ2WGb1Y
hs7gHDwDhhjSPcDqCD1QvQ9LKLqGHGPz683Ng1I0QvlPAdqzvnoNcE6dl/BiWMuT
tYQI0jVe7ZM67MJLipw9/SKZHnCc79BiO6OUKAmBNrCFpJS57eNcu6KaFFI0Df7A
0OAqh7PkODn7b31uuInjrorzuPGF05GWAOZwzmMcNxlpeTbD+1Xl5ZNs6gjpNrMN
HJ+FNPSCd1JuOOVhkTUuuEQjod8gPuha8M3BLZrQ1VzoqKM/sR7U6S6wfQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNK4eQeF2Cx4DeInvipW/T4SmCU0MB8GA1UdIwQY
MBaAFJZq/BTUoZp8LBaOssgdViKzAUnrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbG1yOEZOU2htbndzRm82eXlCMVdJck1CU2VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8xZjdjOTgtMThhYS00N2Q4LWFiNDEt
MTE2MWVkYjliZjBlLzEvMHJoNUI0WFlMSGdONGllLUtsYjlQaEtZSlRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8xZjdjOTgtMThhYS00N2Q4LWFiNDEtMTE2MWVkYjliZjBl
LzEvbG1yOEZOU2htbndzRm82eXlCMVdJck1CU2VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBfysAwQC
W8T4AwQCW+6oAwQCuZX0MA0GCSqGSIb3DQEBCwUAA4IBAQBKJQJ+WCbmZxx/frY9
IbP3KfI9HUGu9uGgG0/UM2C+kfREmad3rcNUl2ehuSJGqpXgqlYNMj1dbNBxZ9XF
ddUiF/f+Ae1w3h1cCTR0ye/UXIGHtutnN2K4qLLSRSfCwzZWegp6pKWmpJW00ia8
HFfGP6TSnQ9byZlAe3BLBh1Ca6Fqo4IsyqDD2pV2LxJT01L3HEc5nHbaS5+vKTmZ
R1QnYFdAF4aU9vjnqg/K9e7PWR2M+nltC1tUJVEr0LBWPCWE8gNlcgOWKhi/PD9Y
fclecRwbadbRvbHxvV6nFKLJmWlJlkXIlP6MKVG0Sm84mrMTlqQ+TcL7m7ID49ke
7I4F
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:15:09 2024 by rpki-client on console-fra.rpki-client.org