Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/84VQswCBuB148vEFTfifm-H4ako.roa
File: 84VQswCBuB148vEFTfifm-H4ako.roa (raw, json)
Hash identifier: lwTJBRvS0/kAi7lrVMOhyaLWkxLgr01Rnv8LhhXGjrc=
Subject key identifier: F3:85:50:B3:00:81:B8:1D:78:F2:F1:05:4D:F8:9F:9B:E1:F8:6A:4A
Certificate issuer: /CN=69fdfe8249f943aabad1881fca5836613a6a67bc
Certificate serial: 018CC7932DF79DA63F99F96DC807B349D87C
Authority key identifier: 69:FD:FE:82:49:F9:43:AA:BA:D1:88:1F:CA:58:36:61:3A:6A:67:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/84VQswCBuB148vEFTfifm-H4ako.roa
Signing time: Tue 02 Jan 2024 00:29:20 +0000
ROA not before: Tue 02 Jan 2024 00:29:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198936
IP address blocks: 91.105.253.0/24 maxlen: 24
91.105.252.0/24 maxlen: 24
91.105.248.0/24 maxlen: 24
91.105.249.0/24 maxlen: 24
91.105.251.0/24 maxlen: 24
91.105.250.0/24 maxlen: 24
91.105.254.0/24 maxlen: 24
91.105.255.0/24 maxlen: 24
185.159.239.0/24 maxlen: 24
185.159.238.0/23 maxlen: 23
185.159.238.0/24 maxlen: 24
2a01:7bc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:2d:f7:9d:a6:3f:99:f9:6d:c8:07:b3:49:d8:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69fdfe8249f943aabad1881fca5836613a6a67bc
Validity
Not Before: Jan 2 00:29:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f38550b30081b81d78f2f1054df89f9be1f86a4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:fa:6a:4f:18:86:77:55:92:83:db:a6:68:82:
14:65:0b:f4:18:91:38:7f:65:b4:44:3b:56:05:1e:
97:0a:a2:b6:dc:84:68:b9:2d:e1:21:4f:c8:cf:b2:
fe:c2:6a:1f:38:59:51:f1:4c:8e:9e:1c:df:be:1f:
a3:43:b7:c4:d3:db:de:2e:97:42:14:59:ea:a6:49:
90:2a:eb:58:e5:7d:b4:d8:71:b8:a6:0f:f8:47:3b:
34:fe:74:d0:b8:c4:9a:d8:f0:c6:7a:39:e0:2c:5f:
48:bb:fe:13:75:ce:07:d9:44:8c:a3:ac:77:2f:04:
ac:b7:87:08:46:98:c5:4c:03:72:d1:d7:6c:2f:2a:
ac:be:a4:0e:66:15:3c:53:0f:82:03:37:81:d9:f6:
d5:5a:3f:a4:ef:b7:55:38:2b:a6:e5:d9:d6:a0:22:
ff:19:a9:4f:5a:9a:38:30:37:c9:78:33:33:22:6e:
ad:5e:52:97:60:68:23:36:3f:dd:4d:8d:31:7a:3e:
1b:11:3e:59:30:52:87:2c:6b:43:64:7a:73:30:45:
dc:37:0a:b7:88:5b:46:25:eb:d1:57:88:06:c1:ea:
76:03:a1:ca:29:61:73:8a:06:ee:f9:7d:64:91:6a:
bc:e6:a6:a3:1f:4d:1e:71:fa:7f:fb:1f:1b:9c:2b:
3a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:85:50:B3:00:81:B8:1D:78:F2:F1:05:4D:F8:9F:9B:E1:F8:6A:4A
X509v3 Authority Key Identifier:
keyid:69:FD:FE:82:49:F9:43:AA:BA:D1:88:1F:CA:58:36:61:3A:6A:67:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/84VQswCBuB148vEFTfifm-H4ako.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.105.248.0/21
185.159.238.0/23
IPv6:
2a01:7bc0::/32
Signature Algorithm: sha256WithRSAEncryption
0d:cb:af:58:5f:5f:4f:12:e8:00:67:54:99:fc:ef:b5:d1:e4:
9a:7d:6c:b1:88:b3:2b:4b:71:99:3f:1c:89:92:57:90:16:4c:
b4:d2:c5:6c:64:40:e1:f5:59:66:28:da:68:e0:ea:c5:3e:5e:
5b:16:f1:4e:2a:e1:c5:75:33:db:3f:9c:34:59:f1:fe:b5:14:
d3:38:88:f9:38:d8:da:68:45:f0:9e:94:3e:4d:bf:eb:09:97:
8a:b1:4d:65:75:cd:79:ae:80:c0:86:a1:70:aa:e3:cc:59:f4:
09:4a:2c:33:11:9c:71:36:4c:98:4a:62:53:54:12:56:3d:cd:
c5:f6:9a:a1:bd:2e:3f:bf:0f:2a:d6:cb:57:c9:fc:1e:53:b8:
a0:25:6a:6f:ff:72:16:63:cc:10:c6:36:e6:d9:4c:fd:42:50:
1b:08:fd:99:21:86:b4:69:3e:8c:c9:46:c6:1a:fd:39:c9:a6:
f2:ba:4e:5b:3c:04:b7:77:32:04:c1:7c:08:d2:9b:0b:7d:aa:
76:a8:65:7e:44:f0:7f:01:2f:61:7c:b0:b0:8d:8a:f3:ae:0e:
40:22:df:3e:2f:26:06:dd:c6:41:a4:c4:58:e1:0e:6a:e7:c8:
28:01:75:76:8b:bb:2a:ca:3b:97:bd:2d:26:67:a0:85:69:4a:
9f:12:63:44
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHky33naY/mfltyAezSdh8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZmRmZTgyNDlmOTQzYWFiYWQxODgxZmNhNTgzNjYxM2E2
YTY3YmMwHhcNMjQwMTAyMDAyOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzg1NTBiMzAwODFiODFkNzhmMmYxMDU0ZGY4OWY5YmUxZjg2YTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvpqTxiGd1WSg9umaIIUZQv0GJE4
f2W0RDtWBR6XCqK23IRouS3hIU/Iz7L+wmofOFlR8UyOnhzfvh+jQ7fE09veLpdC
FFnqpkmQKutY5X202HG4pg/4Rzs0/nTQuMSa2PDGejngLF9Iu/4Tdc4H2USMo6x3
LwSst4cIRpjFTANy0ddsLyqsvqQOZhU8Uw+CAzeB2fbVWj+k77dVOCum5dnWoCL/
GalPWpo4MDfJeDMzIm6tXlKXYGgjNj/dTY0xej4bET5ZMFKHLGtDZHpzMEXcNwq3
iFtGJevRV4gGwep2A6HKKWFzigbu+X1kkWq85qajH00ecfp/+x8bnCs6YQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPOFULMAgbgdePLxBU34n5vh+GpKMB8GA1UdIwQY
MBaAFGn9/oJJ+UOqutGIH8pYNmE6ame8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jY2Y3NzctOTQ2NS00YTJlLTgxMTIt
NzFkOGI4ODUwODUzLzEvODRWUXN3Q0J1QjE0OHZFRlRmaWZtLUg0YWtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jY2Y3NzctOTQ2NS00YTJlLTgxMTItNzFkOGI4ODUwODUz
LzEvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDW2n4AwQB
uZ/uMA0EAgACMAcDBQAqAXvAMA0GCSqGSIb3DQEBCwUAA4IBAQANy69YX19PEugA
Z1SZ/O+10eSafWyxiLMrS3GZPxyJkleQFky00sVsZEDh9VlmKNpo4OrFPl5bFvFO
KuHFdTPbP5w0WfH+tRTTOIj5ONjaaEXwnpQ+Tb/rCZeKsU1ldc15roDAhqFwquPM
WfQJSiwzEZxxNkyYSmJTVBJWPc3F9pqhvS4/vw8q1stXyfweU7igJWpv/3IWY8wQ
xjbm2Uz9QlAbCP2ZIYa0aT6MyUbGGv05yabyuk5bPAS3dzIEwXwI0psLfap2qGV+
RPB/AS9hfLCwjYrzrg5AIt8+LyYG3cZBpMRY4Q5q58goAXV2i7sqyjuXvS0mZ6CF
aUqfEmNE
-----END CERTIFICATE-----
Generated at Sat Jun 8 04:20:57 2024 by rpki-client on console-ams.rpki-client.org