Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/i6bL7j7FlzJhnHPfe-kyD-jL2R4.roa
File: i6bL7j7FlzJhnHPfe-kyD-jL2R4.roa (raw, json)
Hash identifier: xH1b4WrvHmxOgstvK52+lTPyjfiSFBqcl26M3kPtmbo=
Subject key identifier: 8B:A6:CB:EE:3E:C5:97:32:61:9C:73:DF:7B:E9:32:0F:E8:CB:D9:1E
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018F19A2BE5534AA017CCCB600CE9487B347
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/i6bL7j7FlzJhnHPfe-kyD-jL2R4.roa
Signing time: Fri 26 Apr 2024 09:00:47 +0000
ROA not before: Fri 26 Apr 2024 09:00:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199218
IP address blocks: 91.92.45.0/24 maxlen: 24
91.92.46.0/24 maxlen: 24
91.92.47.0/24 maxlen: 24
93.152.219.0/24 maxlen: 24
93.152.225.0/24 maxlen: 24
94.26.90.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:19:a2:be:55:34:aa:01:7c:cc:b6:00:ce:94:87:b3:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Apr 26 09:00:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ba6cbee3ec59732619c73df7be9320fe8cbd91e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c0:c9:82:9e:e6:8e:02:6a:ca:58:f2:a8:94:
88:c5:53:81:c3:4c:da:c7:20:fa:ab:d9:19:4f:4a:
b3:f7:3f:f6:d0:bc:d2:5b:dd:9d:0a:4e:a4:ef:54:
fb:e6:51:ac:d6:df:87:51:e8:a2:47:7e:ce:d6:84:
64:fa:23:82:fe:cd:37:43:84:8a:11:88:84:fe:8f:
a6:ec:9d:4d:b3:6b:05:5e:37:d0:85:5f:75:52:c8:
83:97:cf:f6:17:92:35:c2:9b:44:ce:de:a0:bb:84:
aa:39:df:53:7e:0a:2b:1f:16:26:07:88:78:f0:4e:
d0:86:43:42:2f:8f:b3:80:d4:d1:4d:8f:3c:1e:cf:
b9:f6:1e:6c:03:75:e2:82:d3:95:72:b0:f9:8e:68:
60:bf:58:89:35:c9:b6:21:c3:c5:27:67:12:78:c0:
ed:fa:d5:a9:44:4d:e7:17:98:e9:bb:58:c0:73:37:
28:a6:0b:de:61:36:52:fa:c8:da:eb:c2:46:06:40:
81:25:7d:06:63:2e:89:95:90:97:c4:de:53:60:f6:
5c:13:20:1a:59:c3:fb:83:28:f2:4d:c2:33:a3:5c:
90:b8:df:c9:1e:18:6b:14:76:50:09:ec:77:71:d9:
46:a1:54:0e:c2:28:8d:7e:ef:e1:b0:b0:60:6b:9d:
83:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:A6:CB:EE:3E:C5:97:32:61:9C:73:DF:7B:E9:32:0F:E8:CB:D9:1E
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/i6bL7j7FlzJhnHPfe-kyD-jL2R4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.45.0-91.92.47.255
93.152.219.0/24
93.152.225.0/24
94.26.90.0/24
94.190.195.0/24
Signature Algorithm: sha256WithRSAEncryption
38:b7:33:11:7d:00:01:47:f8:bb:91:aa:91:d4:e2:46:03:06:
e9:b7:d9:81:44:b7:b6:96:81:f3:3c:5e:87:d5:8b:03:c6:86:
c9:80:a7:ed:10:b9:b9:f5:20:a0:69:bb:8e:9f:3c:6a:8b:5f:
d9:12:4c:1a:f0:40:d3:3b:ef:7e:5b:04:66:d2:c8:1b:db:0d:
3c:05:6a:bb:19:96:ab:d6:b4:43:51:e2:d3:15:17:1e:55:7d:
84:7f:99:44:35:eb:13:eb:08:75:89:62:7e:af:0b:c1:0e:ff:
2e:e1:26:c2:1d:ad:98:3e:e7:f5:6e:82:ff:04:75:c3:22:98:
fb:74:e1:c9:30:ec:40:f7:9b:9c:e6:53:f1:7d:a1:66:04:bc:
2b:46:f4:e9:dc:b6:5b:fd:9a:f0:d6:41:b9:3c:65:d5:3b:cc:
db:8d:81:a7:01:27:33:85:7b:ac:18:01:d7:60:30:22:fd:3d:
e7:5f:6b:06:46:22:3d:37:c4:7a:9d:84:94:6b:c1:1b:98:d7:
c2:88:df:fe:bd:60:88:97:ea:9e:c9:6e:a6:ca:6b:9a:4a:8d:
8d:94:56:74:dd:33:82:e3:54:c0:16:d9:6a:ee:85:3d:ef:59:
f3:1c:df:82:c9:0a:f5:8f:60:de:a4:72:b4:15:6b:2f:8a:e9:
35:bf:c4:1d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY8Zor5VNKoBfMy2AM6Uh7NHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwNDI2MDkwMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmE2Y2JlZTNlYzU5NzMyNjE5YzczZGY3YmU5MzIwZmU4Y2JkOTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcDJgp7mjgJqyljyqJSIxVOBw0za
xyD6q9kZT0qz9z/20LzSW92dCk6k71T75lGs1t+HUeiiR37O1oRk+iOC/s03Q4SK
EYiE/o+m7J1Ns2sFXjfQhV91UsiDl8/2F5I1wptEzt6gu4SqOd9TfgorHxYmB4h4
8E7QhkNCL4+zgNTRTY88Hs+59h5sA3XigtOVcrD5jmhgv1iJNcm2IcPFJ2cSeMDt
+tWpRE3nF5jpu1jAczcopgveYTZS+sja68JGBkCBJX0GYy6JlZCXxN5TYPZcEyAa
WcP7gyjyTcIzo1yQuN/JHhhrFHZQCex3cdlGoVQOwiiNfu/hsLBga52DSwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIumy+4+xZcyYZxz33vpMg/oy9keMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvaTZiTDdqN0ZsekpobkhQZmUta3lELWpMMlI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBABbXC0D
BARbXCADBABdmNsDBABdmOEDBABeGloDBABevsMwDQYJKoZIhvcNAQELBQADggEB
ADi3MxF9AAFH+LuRqpHU4kYDBum32YFEt7aWgfM8XofViwPGhsmAp+0Qubn1IKBp
u46fPGqLX9kSTBrwQNM7735bBGbSyBvbDTwFarsZlqvWtENR4tMVFx5VfYR/mUQ1
6xPrCHWJYn6vC8EO/y7hJsIdrZg+5/Vugv8EdcMimPt04ckw7ED3m5zmU/F9oWYE
vCtG9Onctlv9mvDWQbk8ZdU7zNuNgacBJzOFe6wYAddgMCL9PedfawZGIj03xHqd
hJRrwRuY18KI3/69YIiX6p7JbqbKa5pKjY2UVnTdM4LjVMAW2WruhT3vWfMc34LJ
CvWPYN6kcrQVay+K6TW/xB0=
-----END CERTIFICATE-----
Generated at Mon May 13 06:21:17 2024 by rpki-client on console-fra.rpki-client.org