Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/088677-80be-4130-b360-1cf6fd9f80fa/1/1-obFN_Ank8Tj4hvd_Zbl04TRtaE.roa
File: 1-obFN_Ank8Tj4hvd_Zbl04TRtaE.roa (raw, json)
Hash identifier: cG0329SOo7S6RF+Z/RtiOX2/G0/Ot3tTI7cmDl+AZro=
Subject key identifier: FA:86:C5:37:F0:27:93:C4:E3:E2:1B:DD:FD:96:E5:D3:84:D1:B5:A1
Certificate issuer: /CN=50aa99eb8c1b18b1aa7d4245ce481fb888fbf254
Certificate serial: 01902AE429F1E482283A83E7205F5F31432F
Authority key identifier: 50:AA:99:EB:8C:1B:18:B1:AA:7D:42:45:CE:48:1F:B8:88:FB:F2:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UKqZ64wbGLGqfUJFzkgfuIj78lQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/088677-80be-4130-b360-1cf6fd9f80fa/1/1-obFN_Ank8Tj4hvd_Zbl04TRtaE.roa
Signing time: Tue 18 Jun 2024 10:28:34 +0000
ROA not before: Tue 18 Jun 2024 10:28:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50401
IP address blocks: 91.222.112.0/22 maxlen: 22
91.242.192.0/23 maxlen: 23
91.242.192.0/24 maxlen: 24
91.242.193.0/24 maxlen: 24
91.242.194.0/23 maxlen: 23
91.242.194.0/24 maxlen: 24
91.242.195.0/24 maxlen: 24
91.242.196.0/23 maxlen: 23
91.242.196.0/24 maxlen: 24
91.242.197.0/24 maxlen: 24
91.242.198.0/23 maxlen: 23
91.242.198.0/24 maxlen: 24
91.242.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/088677-80be-4130-b360-1cf6fd9f80fa/1/UKqZ64wbGLGqfUJFzkgfuIj78lQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/088677-80be-4130-b360-1cf6fd9f80fa/1/UKqZ64wbGLGqfUJFzkgfuIj78lQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/UKqZ64wbGLGqfUJFzkgfuIj78lQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2a:e4:29:f1:e4:82:28:3a:83:e7:20:5f:5f:31:43:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50aa99eb8c1b18b1aa7d4245ce481fb888fbf254
Validity
Not Before: Jun 18 10:28:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa86c537f02793c4e3e21bddfd96e5d384d1b5a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:30:6a:bf:ea:ea:0e:b3:ab:ac:b5:be:52:4c:
0c:26:b8:89:d2:8b:7b:65:06:43:53:bf:c9:94:1a:
b2:76:f6:d1:cb:fc:6b:e9:31:32:38:fa:bf:7c:38:
ad:c5:8e:28:b2:97:87:d9:02:d1:08:ca:50:d7:89:
3a:11:b8:a1:bf:e6:4e:ca:9e:9c:07:b4:32:cc:6f:
d5:23:50:57:b2:72:bc:02:1a:15:59:80:4d:ee:9e:
33:18:08:e8:af:0d:67:62:3b:54:c2:2f:a6:e6:3a:
4d:64:ae:a6:c6:61:b1:be:c5:0b:a1:06:3e:d3:38:
41:9e:72:03:14:cf:60:b6:6e:2f:ee:09:84:a6:b6:
8f:98:2b:26:88:10:6c:32:1f:d8:79:5e:f7:c2:6c:
fa:f7:70:63:a5:e0:a1:00:2c:81:9c:8d:22:7e:d5:
c6:2f:e0:47:93:fe:4e:99:31:52:f6:79:06:be:9a:
e4:8b:3e:ca:d4:69:23:40:3b:9c:b1:68:a3:c9:46:
00:eb:a9:01:21:28:52:5e:3e:11:af:0a:6f:bd:3a:
97:44:c8:a4:b5:92:00:8f:09:25:82:a6:f4:29:0f:
ee:85:fd:ae:8e:16:cb:58:f2:17:b7:60:f1:26:3b:
30:de:f2:3c:49:ef:79:e5:54:56:2b:e3:e4:20:35:
66:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:86:C5:37:F0:27:93:C4:E3:E2:1B:DD:FD:96:E5:D3:84:D1:B5:A1
X509v3 Authority Key Identifier:
keyid:50:AA:99:EB:8C:1B:18:B1:AA:7D:42:45:CE:48:1F:B8:88:FB:F2:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UKqZ64wbGLGqfUJFzkgfuIj78lQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/088677-80be-4130-b360-1cf6fd9f80fa/1/1-obFN_Ank8Tj4hvd_Zbl04TRtaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/088677-80be-4130-b360-1cf6fd9f80fa/1/UKqZ64wbGLGqfUJFzkgfuIj78lQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.112.0/22
91.242.192.0/21
Signature Algorithm: sha256WithRSAEncryption
a9:ce:bc:f8:b4:4d:ba:99:02:71:46:b9:5a:38:58:02:aa:3a:
1b:4c:a4:c8:b2:49:cc:d8:40:6d:7b:45:73:6d:57:73:98:1e:
cc:bf:93:3c:c4:5b:03:10:f9:a2:bc:22:61:82:ce:3c:95:f3:
f1:98:45:9e:51:9b:7e:56:11:4c:ed:d5:8c:5d:61:5f:95:44:
50:8f:ec:43:90:25:75:71:7d:b9:22:51:b1:86:21:46:aa:ee:
13:62:6b:06:cc:c8:51:fc:09:28:1c:1f:16:12:57:d8:f4:0c:
6a:4d:7a:c4:34:45:1a:a2:c8:79:f3:1a:f1:75:30:e8:f9:01:
ae:c3:42:3b:76:d6:1d:19:b3:0f:81:6f:23:a6:73:d3:07:8e:
f4:e9:60:34:f5:39:5e:6a:0c:2b:f1:2c:7c:47:8b:e5:92:85:
76:5d:d1:fc:ed:79:92:fe:7f:8a:63:3e:a7:c7:98:aa:21:b2:
75:ed:3f:c4:dd:eb:e0:ae:34:d0:6a:d5:3c:06:c1:f0:b8:7c:
0c:62:7d:72:b2:2c:ef:63:f1:bf:a6:d4:f1:c2:c9:46:2a:52:
a2:d3:aa:cd:d4:e8:b1:5e:f0:65:28:5c:58:a4:0c:f5:91:12:
0d:b2:b5:21:96:e8:06:8b:2f:e6:c4:ec:13:fa:56:2f:05:9b:
dc:cc:2e:2f
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZAq5Cnx5IIoOoPnIF9fMUMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYWE5OWViOGMxYjE4YjFhYTdkNDI0NWNlNDgxZmI4ODhm
YmYyNTQwHhcNMjQwNjE4MTAyODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTg2YzUzN2YwMjc5M2M0ZTNlMjFiZGRmZDk2ZTVkMzg0ZDFiNWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTBqv+rqDrOrrLW+UkwMJriJ0ot7
ZQZDU7/JlBqydvbRy/xr6TEyOPq/fDitxY4ospeH2QLRCMpQ14k6Ebihv+ZOyp6c
B7QyzG/VI1BXsnK8AhoVWYBN7p4zGAjorw1nYjtUwi+m5jpNZK6mxmGxvsULoQY+
0zhBnnIDFM9gtm4v7gmEpraPmCsmiBBsMh/YeV73wmz693BjpeChACyBnI0iftXG
L+BHk/5OmTFS9nkGvprkiz7K1GkjQDucsWijyUYA66kBIShSXj4RrwpvvTqXRMik
tZIAjwklgqb0KQ/uhf2ujhbLWPIXt2DxJjsw3vI8Se955VRWK+PkIDVmpQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPqGxTfwJ5PE4+Ib3f2W5dOE0bWhMB8GA1UdIwQY
MBaAFFCqmeuMGxixqn1CRc5IH7iI+/JUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUtxWjY0d2JHTEdxZlVKRnprZ2Z1SWo3OGxRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wODg2NzctODBiZS00MTMwLWIzNjAt
MWNmNmZkOWY4MGZhLzEvMS1vYkZOX0FuazhUajRodmRfWmJsMDRUUnRhRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZGEvMDg4Njc3LTgwYmUtNDEzMC1iMzYwLTFjZjZmZDlmODBm
YS8xL1VLcVo2NHdiR0xHcWZVSkZ6a2dmdUlqNzhsUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlvecAME
A1vywDANBgkqhkiG9w0BAQsFAAOCAQEAqc68+LRNupkCcUa5WjhYAqo6G0ykyLJJ
zNhAbXtFc21Xc5gezL+TPMRbAxD5orwiYYLOPJXz8ZhFnlGbflYRTO3VjF1hX5VE
UI/sQ5AldXF9uSJRsYYhRqruE2JrBszIUfwJKBwfFhJX2PQMak16xDRFGqLIefMa
8XUw6PkBrsNCO3bWHRmzD4FvI6Zz0weO9OlgNPU5XmoMK/EsfEeL5ZKFdl3R/O15
kv5/imM+p8eYqiGyde0/xN3r4K400GrVPAbB8Lh8DGJ9crIs72Pxv6bU8cLJRipS
otOqzdTosV7wZShcWKQM9ZESDbK1IZboBosv5sTsE/pWLwWb3MwuLw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:16:10 2024 by rpki-client on console-fra.rpki-client.org