Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/BaCr841P63oWhCTUB0tpXJeEy4s.roa
File: BaCr841P63oWhCTUB0tpXJeEy4s.roa (raw, json)
Hash identifier: iKj4L8bqM2WogG1RhxhID6UPOQEwPsClDJ5wsYCbF44=
Subject key identifier: 05:A0:AB:F3:8D:4F:EB:7A:16:84:24:D4:07:4B:69:5C:97:84:CB:8B
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 0191C305CC604D25EB0A6DAC40E3FE3727A3
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/BaCr841P63oWhCTUB0tpXJeEy4s.roa
Signing time: Thu 05 Sep 2024 16:30:22 +0000
ROA not before: Thu 05 Sep 2024 16:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 2.58.99.0/24 maxlen: 24
91.240.33.0/24 maxlen: 24
109.196.104.0/24 maxlen: 24
109.196.106.0/24 maxlen: 24
109.196.107.0/24 maxlen: 24
109.196.108.0/24 maxlen: 24
109.196.109.0/24 maxlen: 24
109.196.111.0/24 maxlen: 24
176.101.56.0/24 maxlen: 24
176.101.57.0/24 maxlen: 24
176.101.58.0/24 maxlen: 24
176.101.59.0/24 maxlen: 24
176.101.60.0/24 maxlen: 24
176.101.61.0/24 maxlen: 24
176.101.62.0/24 maxlen: 24
176.101.63.0/24 maxlen: 24
213.109.109.0/24 maxlen: 24
213.109.110.0/24 maxlen: 24
213.109.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:25:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c3:05:cc:60:4d:25:eb:0a:6d:ac:40:e3:fe:37:27:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Sep 5 16:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05a0abf38d4feb7a168424d4074b695c9784cb8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:cc:50:b9:50:d8:ee:08:97:e7:8a:c3:6c:87:
54:28:f0:06:2f:f8:2b:ff:1a:a8:91:bb:64:b0:cb:
19:99:6d:36:55:76:5f:51:b7:30:e3:63:0c:a4:92:
ae:bd:59:70:12:49:8c:c2:97:2c:64:e4:a2:60:a9:
3e:28:56:8b:b7:49:13:45:68:45:03:b2:31:0b:d0:
51:70:97:a7:44:57:18:f0:3d:f9:d5:fc:8d:6a:d9:
86:04:ab:61:e2:9c:43:26:c0:35:de:1b:70:86:de:
17:26:bd:7c:a9:0b:c9:69:12:e7:3c:80:52:d3:11:
f5:28:e8:c0:3e:2a:88:c5:21:72:14:ac:ae:63:94:
13:43:5f:f2:39:2c:f8:3a:be:3e:05:e9:d1:cc:45:
48:c9:0b:db:ff:cf:bd:ff:c2:34:05:40:df:40:aa:
df:7c:25:56:72:ad:c8:a0:16:ba:86:2e:47:e4:e1:
6a:82:dd:96:48:d3:85:78:f2:ad:01:42:80:13:7c:
42:0a:05:95:c1:a9:1f:c6:10:e6:af:db:4e:da:55:
f1:df:16:d9:c7:0d:b1:fe:b2:4b:81:ec:8a:45:fe:
5d:cf:f2:8d:0d:57:7a:0e:8f:52:ad:70:01:c8:9f:
d0:af:db:28:bf:c6:c2:b2:c2:47:51:92:34:32:ee:
e5:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:A0:AB:F3:8D:4F:EB:7A:16:84:24:D4:07:4B:69:5C:97:84:CB:8B
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/BaCr841P63oWhCTUB0tpXJeEy4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.99.0/24
91.240.33.0/24
109.196.104.0/24
109.196.106.0-109.196.109.255
109.196.111.0/24
176.101.56.0/21
213.109.109.0-213.109.111.255
Signature Algorithm: sha256WithRSAEncryption
08:9e:5f:07:a7:c8:dc:68:96:d5:7b:54:7b:27:98:f4:09:10:
89:d9:00:9f:16:b4:49:50:be:0f:ac:3c:75:0f:98:2d:9d:04:
6f:b3:14:b1:9d:32:2d:10:b3:5b:fb:1e:a6:70:cb:dc:c2:0f:
c8:25:44:4d:86:55:3e:d4:7d:12:39:ee:28:7e:19:3c:0a:3e:
e1:4d:f0:99:d3:e6:d2:28:9e:ec:b0:f5:52:3d:50:6b:c1:fd:
c8:47:e3:af:b4:96:50:e7:4b:d9:98:d0:89:26:51:80:2a:4e:
4a:c0:76:8c:6d:b3:c4:ad:9b:27:a1:97:8c:d7:4b:73:e5:f4:
31:ba:52:0b:ba:8a:3b:fb:02:5e:c9:56:52:33:7c:30:04:d9:
b2:d7:3d:a3:79:00:ab:5a:5a:db:f6:2c:dc:53:62:0a:84:45:
1b:16:24:5f:c3:0a:f2:20:5d:ae:a1:72:34:83:db:15:93:af:
22:af:78:e9:6e:a2:77:bd:46:bb:22:eb:83:b1:8b:85:83:95:
46:41:52:cd:44:72:de:27:d8:ee:f3:99:72:e7:35:59:d4:66:
0e:c7:48:5d:bf:3f:7f:05:c5:d1:ea:cd:48:31:27:cd:da:75:
48:aa:47:2b:40:b3:f2:e0:d8:52:54:38:29:0c:65:37:f5:e4:
c1:df:3c:89
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZHDBcxgTSXrCm2sQOP+NyejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjQwOTA1MTYzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWEwYWJmMzhkNGZlYjdhMTY4NDI0ZDQwNzRiNjk1Yzk3ODRjYjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcxQuVDY7giX54rDbIdUKPAGL/gr
/xqokbtksMsZmW02VXZfUbcw42MMpJKuvVlwEkmMwpcsZOSiYKk+KFaLt0kTRWhF
A7IxC9BRcJenRFcY8D351fyNatmGBKth4pxDJsA13htwht4XJr18qQvJaRLnPIBS
0xH1KOjAPiqIxSFyFKyuY5QTQ1/yOSz4Or4+BenRzEVIyQvb/8+9/8I0BUDfQKrf
fCVWcq3IoBa6hi5H5OFqgt2WSNOFePKtAUKAE3xCCgWVwakfxhDmr9tO2lXx3xbZ
xw2x/rJLgeyKRf5dz/KNDVd6Do9SrXAByJ/Qr9sov8bCssJHUZI0Mu7lrwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFAWgq/ONT+t6FoQk1AdLaVyXhMuLMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvQmFDcjg0MVA2M29XaENUVUIwdHBYSmVFeTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAAjpjAwQA
W/AhAwQAbcRoMAwDBAFtxGoDBAFtxGwDBABtxG8DBAOwZTgwDAMEANVtbQMEBNVt
YDANBgkqhkiG9w0BAQsFAAOCAQEACJ5fB6fI3GiW1XtUeyeY9AkQidkAnxa0SVC+
D6w8dQ+YLZ0Eb7MUsZ0yLRCzW/sepnDL3MIPyCVETYZVPtR9EjnuKH4ZPAo+4U3w
mdPm0iie7LD1Uj1Qa8H9yEfjr7SWUOdL2ZjQiSZRgCpOSsB2jG2zxK2bJ6GXjNdL
c+X0MbpSC7qKO/sCXslWUjN8MATZstc9o3kAq1pa2/Ys3FNiCoRFGxYkX8MK8iBd
rqFyNIPbFZOvIq946W6id71GuyLrg7GLhYOVRkFSzURy3ifY7vOZcuc1WdRmDsdI
Xb8/fwXF0erNSDEnzdp1SKpHK0Cz8uDYUlQ4KQxlN/Xkwd88iQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:46:11 2024 by rpki-client on console-fra.rpki-client.org