Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ec2d89-44dd-4bab-ae7a-cf20e5b67fc8/1/O_NTmzn1qnkpFO5O5WlRUxevV5U.roa
File: O_NTmzn1qnkpFO5O5WlRUxevV5U.roa (raw, json)
Hash identifier: ngqr/SkjaNZ+H/rJp52d1lZX/GbsQSpkmTlfAruZEjs=
Subject key identifier: 3B:F3:53:9B:39:F5:AA:79:29:14:EE:4E:E5:69:51:53:17:AF:57:95
Certificate issuer: /CN=ff29e70af2f7e18cbc19f97cca8fd6c05099741d
Certificate serial: 018CC26D6CC52F8F5934EDAE5B7A99B5C28E
Authority key identifier: FF:29:E7:0A:F2:F7:E1:8C:BC:19:F9:7C:CA:8F:D6:C0:50:99:74:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ynnCvL34Yy8Gfl8yo_WwFCZdB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/ec2d89-44dd-4bab-ae7a-cf20e5b67fc8/1/O_NTmzn1qnkpFO5O5WlRUxevV5U.roa
Signing time: Mon 01 Jan 2024 00:30:00 +0000
ROA not before: Mon 01 Jan 2024 00:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15552
IP address blocks: 91.204.22.0/24 maxlen: 24
91.204.23.0/24 maxlen: 24
37.114.0.0/21 maxlen: 21
85.232.96.0/19 maxlen: 19
145.255.32.0/20 maxlen: 20
5.101.224.0/19 maxlen: 19
212.232.0.0/20 maxlen: 20
5.56.136.0/21 maxlen: 21
185.6.216.0/22 maxlen: 22
185.6.116.0/22 maxlen: 22
5.57.216.0/21 maxlen: 21
2a04:d2c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/ec2d89-44dd-4bab-ae7a-cf20e5b67fc8/1/_ynnCvL34Yy8Gfl8yo_WwFCZdB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/ec2d89-44dd-4bab-ae7a-cf20e5b67fc8/1/_ynnCvL34Yy8Gfl8yo_WwFCZdB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/_ynnCvL34Yy8Gfl8yo_WwFCZdB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:6c:c5:2f:8f:59:34:ed:ae:5b:7a:99:b5:c2:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff29e70af2f7e18cbc19f97cca8fd6c05099741d
Validity
Not Before: Jan 1 00:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bf3539b39f5aa792914ee4ee569515317af5795
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:92:60:5a:a2:e3:76:e3:f7:04:d7:da:b3:44:
f7:6e:d9:f5:53:6d:1c:b9:55:14:12:90:8a:db:1e:
c5:11:7c:0c:86:60:1d:78:94:27:7b:94:6c:d0:19:
33:e3:d7:11:83:a5:51:7f:33:0e:22:d6:71:9c:19:
61:d6:ac:dd:52:4d:4b:38:57:87:3f:fa:4e:f0:37:
73:fa:55:65:00:5b:58:ca:f8:f9:f4:ce:71:68:83:
5c:08:bf:66:c3:66:d2:1a:8a:83:13:79:9a:c8:0e:
e3:03:98:c0:d0:7e:e1:56:bd:c4:ed:55:38:43:21:
1c:40:e2:39:54:a7:81:f1:d7:96:a9:b5:e0:e6:a4:
98:3e:3c:3e:42:07:39:52:49:f7:1b:d0:aa:0e:b9:
3f:06:08:5e:b9:e8:be:df:2f:9a:85:92:58:20:af:
c4:48:61:80:12:4a:2e:19:37:0e:5c:4c:4c:cb:15:
87:f8:3c:fe:b4:02:1c:cb:3f:9d:d0:32:bd:bf:36:
94:09:30:d3:7a:d9:2d:9c:a6:c5:01:5c:32:c5:80:
71:ab:9c:33:91:87:4f:7a:ab:3c:b4:15:51:ee:6f:
45:a9:94:9f:55:4e:28:ad:75:9a:69:73:e7:b4:bd:
a4:1a:47:08:11:ed:9c:23:64:86:8e:2f:70:8a:6a:
53:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F3:53:9B:39:F5:AA:79:29:14:EE:4E:E5:69:51:53:17:AF:57:95
X509v3 Authority Key Identifier:
keyid:FF:29:E7:0A:F2:F7:E1:8C:BC:19:F9:7C:CA:8F:D6:C0:50:99:74:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ynnCvL34Yy8Gfl8yo_WwFCZdB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ec2d89-44dd-4bab-ae7a-cf20e5b67fc8/1/O_NTmzn1qnkpFO5O5WlRUxevV5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ec2d89-44dd-4bab-ae7a-cf20e5b67fc8/1/_ynnCvL34Yy8Gfl8yo_WwFCZdB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.136.0/21
5.57.216.0/21
5.101.224.0/19
37.114.0.0/21
85.232.96.0/19
91.204.22.0/23
145.255.32.0/20
185.6.116.0/22
185.6.216.0/22
212.232.0.0/20
IPv6:
2a04:d2c0::/29
Signature Algorithm: sha256WithRSAEncryption
58:24:c6:e3:ff:d0:3d:9c:ba:f4:d6:44:d0:0e:9f:b2:53:b1:
4d:59:67:a5:54:41:b8:6d:c8:02:e0:84:f0:41:da:d8:b0:06:
fe:d7:dc:ec:82:84:fe:3a:12:15:53:6a:bd:9f:0d:eb:c4:45:
5c:84:89:6d:38:84:fe:e9:ec:f3:01:ab:c2:4d:da:f4:4a:a7:
32:2e:41:57:a9:e4:b1:b4:fb:1a:2e:a0:d9:e7:97:49:5b:5c:
3f:64:bc:3e:5a:76:37:6a:d4:7b:23:4b:68:29:47:22:aa:89:
df:db:95:0a:d5:4a:39:61:c7:33:cf:ee:0a:ac:f0:da:c0:a8:
b3:f7:10:a4:92:a2:43:e4:83:38:15:55:2d:4f:59:c6:cc:2d:
8f:97:8c:f2:92:26:41:ff:7c:a8:32:c0:5c:5a:61:07:0a:3c:
c1:14:b5:6d:2f:5a:b5:86:f4:4a:6a:e8:e2:db:b9:53:32:24:
cc:76:25:54:83:2d:7d:4e:3a:6d:74:eb:eb:a3:6c:50:80:1c:
d6:92:98:0c:15:6e:e0:32:9b:74:a6:a5:f1:f3:af:2b:8f:c9:
c1:c5:84:ca:40:72:84:76:2a:5c:c0:55:7e:31:ff:c9:8b:ea:
b9:55:bb:e3:68:cb:fd:16:bd:e4:ad:02:ed:4a:ac:18:11:e2:
84:b8:1e:80
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYzCbWzFL49ZNO2uW3qZtcKOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMjllNzBhZjJmN2UxOGNiYzE5Zjk3Y2NhOGZkNmMwNTA5
OTc0MWQwHhcNMjQwMTAxMDAzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmYzNTM5YjM5ZjVhYTc5MjkxNGVlNGVlNTY5NTE1MzE3YWY1Nzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJJgWqLjduP3BNfas0T3btn1U20c
uVUUEpCK2x7FEXwMhmAdeJQne5Rs0Bkz49cRg6VRfzMOItZxnBlh1qzdUk1LOFeH
P/pO8Ddz+lVlAFtYyvj59M5xaINcCL9mw2bSGoqDE3mayA7jA5jA0H7hVr3E7VU4
QyEcQOI5VKeB8deWqbXg5qSYPjw+Qgc5Ukn3G9CqDrk/Bgheuei+3y+ahZJYIK/E
SGGAEkouGTcOXExMyxWH+Dz+tAIcyz+d0DK9vzaUCTDTetktnKbFAVwyxYBxq5wz
kYdPeqs8tBVR7m9FqZSfVU4orXWaaXPntL2kGkcIEe2cI2SGji9wimpTXQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFDvzU5s59ap5KRTuTuVpUVMXr1eVMB8GA1UdIwQY
MBaAFP8p5wry9+GMvBn5fMqP1sBQmXQdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3lubkN2TDM0WXk4R2ZsOHlvX1d3RkNaZEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lYzJkODktNDRkZC00YmFiLWFlN2Et
Y2YyMGU1YjY3ZmM4LzEvT19OVG16bjFxbmtwRk81TzVXbFJVeGV2VjVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lYzJkODktNDRkZC00YmFiLWFlN2EtY2YyMGU1YjY3ZmM4
LzEvX3lubkN2TDM0WXk4R2ZsOHlvX1d3RkNaZEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQDBTiIAwQD
BTnYAwQFBWXgAwQDJXIAAwQFVehgAwQBW8wWAwQEkf8gAwQCuQZ0AwQCuQbYAwQE
1OgAMA0EAgACMAcDBQMqBNLAMA0GCSqGSIb3DQEBCwUAA4IBAQBYJMbj/9A9nLr0
1kTQDp+yU7FNWWelVEG4bcgC4ITwQdrYsAb+19zsgoT+OhIVU2q9nw3rxEVchIlt
OIT+6ezzAavCTdr0SqcyLkFXqeSxtPsaLqDZ55dJW1w/ZLw+WnY3atR7I0toKUci
qonf25UK1Uo5Ycczz+4KrPDawKiz9xCkkqJD5IM4FVUtT1nGzC2Pl4zykiZB/3yo
MsBcWmEHCjzBFLVtL1q1hvRKauji27lTMiTMdiVUgy19TjptdOvro2xQgBzWkpgM
FW7gMpt0pqXx868rj8nBxYTKQHKEdipcwFV+Mf/Ji+q5VbvjaMv9Fr3krQLtSqwY
EeKEuB6A
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:01:28 2024 by rpki-client on console-fra.rpki-client.org