Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/9ZgLqRnMDYlRNRYAo4O5xCT6df4.roa
File: 9ZgLqRnMDYlRNRYAo4O5xCT6df4.roa (raw, json)
Hash identifier: FuFTK4+mL2YK8YzzewZOwsyiu565j2syY2Vd4IjzhT4=
Subject key identifier: F5:98:0B:A9:19:CC:0D:89:51:35:16:00:A3:83:B9:C4:24:FA:75:FE
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 018F39D38EFEA701798536EA7FBFE5B56B6D
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/9ZgLqRnMDYlRNRYAo4O5xCT6df4.roa
Signing time: Thu 02 May 2024 15:01:56 +0000
ROA not before: Thu 02 May 2024 15:01:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 94.232.248.0/24 maxlen: 24
2a06:ddc0::/29 maxlen: 29
2a0b:8040::/29 maxlen: 29
2a0c:6980::/29 maxlen: 29
2a0c:f642::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:39:d3:8e:fe:a7:01:79:85:36:ea:7f:bf:e5:b5:6b:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: May 2 15:01:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5980ba919cc0d8951351600a383b9c424fa75fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:dd:a5:be:a5:f9:55:bf:d1:2b:c3:1f:7a:3c:
5f:ca:2a:22:da:58:c9:f6:5b:32:bd:54:2c:4e:b2:
e3:dc:9d:7b:f8:c1:a3:d6:76:c1:82:cc:3f:c0:f3:
86:2e:17:6d:29:e1:4d:b2:c0:ce:cc:07:3d:e1:86:
98:1f:7b:bb:1b:89:a1:f0:2c:31:84:dc:9b:f4:de:
84:4c:cb:fb:70:11:2a:c6:8e:b3:c7:be:c5:56:c9:
db:81:d5:97:d3:fc:5c:73:03:bd:33:be:7a:bd:dd:
ca:6c:d7:cd:0f:8d:6f:f4:b6:c1:ec:88:5f:7c:64:
c6:a6:ab:82:96:bb:8e:5d:95:e3:17:20:9e:3a:52:
c9:31:98:82:84:40:23:3a:fa:34:34:ff:65:b1:75:
8a:67:d1:b9:af:78:71:bd:32:f1:c5:d2:ec:38:c0:
1b:b0:2d:b1:f4:96:c5:b4:78:95:90:c0:9e:3c:9b:
da:27:10:2a:e2:d4:36:b7:2d:e1:e1:5b:07:1b:66:
39:9f:2d:ac:26:1c:09:31:40:04:67:15:fe:c5:d9:
15:bd:d9:82:e2:94:11:8b:6f:82:39:e1:3a:b0:f4:
e8:58:1c:6b:53:7f:66:13:10:75:e0:48:36:1d:dc:
27:da:e2:40:46:5a:30:78:87:c1:29:ad:d5:48:43:
1b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:98:0B:A9:19:CC:0D:89:51:35:16:00:A3:83:B9:C4:24:FA:75:FE
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/9ZgLqRnMDYlRNRYAo4O5xCT6df4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.232.248.0/24
IPv6:
2a06:ddc0::/29
2a0b:8040::/29
2a0c:6980::/29
2a0c:f642::/32
Signature Algorithm: sha256WithRSAEncryption
91:b5:be:a7:59:57:9c:2c:79:64:31:dd:d9:0e:5c:35:d2:fa:
88:51:e7:60:87:a9:12:55:42:75:ac:2e:5e:e4:a1:21:68:79:
3c:42:c7:89:1f:e7:8f:5b:e9:be:5f:b5:ce:7b:6b:53:96:94:
90:64:0f:6e:27:27:90:a2:6d:98:83:93:60:2a:3f:6f:0f:ed:
e3:2a:9a:1a:25:c0:30:36:bb:89:1d:92:c2:21:69:c9:2e:33:
c3:09:ae:c5:3f:42:26:56:ae:ff:9a:da:a0:60:09:b7:34:d7:
d6:00:55:7e:03:af:e5:db:68:43:28:19:87:c9:4c:14:29:3d:
aa:4c:0f:be:09:d9:e1:8a:ff:d1:9d:e4:6d:c1:9a:08:15:1d:
11:57:2e:f2:aa:4b:bd:28:a6:23:92:70:e7:3d:4e:b9:94:37:
27:12:96:f1:2e:14:70:c0:07:96:16:ab:22:b2:bc:cb:59:5e:
72:92:91:3f:df:56:cb:c8:4b:72:db:a9:77:a6:a1:0c:9b:98:
c1:1f:91:d6:e8:2a:69:9b:79:53:df:b2:1c:73:c6:21:d2:a3:
84:83:5f:98:73:13:09:b3:70:af:60:80:38:62:c0:b6:18:6f:
7d:3f:fd:e1:83:c6:fc:7c:4f:2a:f5:d8:8c:15:db:a3:53:d8:
db:94:ba:7a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY85047+pwF5hTbqf7/ltWttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjQwNTAyMTUwMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTk4MGJhOTE5Y2MwZDg5NTEzNTE2MDBhMzgzYjljNDI0ZmE3NWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5t2lvqX5Vb/RK8Mfejxfyioi2ljJ
9lsyvVQsTrLj3J17+MGj1nbBgsw/wPOGLhdtKeFNssDOzAc94YaYH3u7G4mh8Cwx
hNyb9N6ETMv7cBEqxo6zx77FVsnbgdWX0/xccwO9M756vd3KbNfND41v9LbB7Ihf
fGTGpquClruOXZXjFyCeOlLJMZiChEAjOvo0NP9lsXWKZ9G5r3hxvTLxxdLsOMAb
sC2x9JbFtHiVkMCePJvaJxAq4tQ2ty3h4VsHG2Y5ny2sJhwJMUAEZxX+xdkVvdmC
4pQRi2+COeE6sPToWBxrU39mExB14Eg2Hdwn2uJARloweIfBKa3VSEMbXQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPWYC6kZzA2JUTUWAKODucQk+nX+MB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvOVpnTHFSbk1EWWxSTlJZQW80TzV4Q1Q2ZGY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAMBAIAATAGAwQAXuj4MCIE
AgACMBwDBQMqBt3AAwUDKguAQAMFAyoMaYADBQAqDPZCMA0GCSqGSIb3DQEBCwUA
A4IBAQCRtb6nWVecLHlkMd3ZDlw10vqIUedgh6kSVUJ1rC5e5KEhaHk8QseJH+eP
W+m+X7XOe2tTlpSQZA9uJyeQom2Yg5NgKj9vD+3jKpoaJcAwNruJHZLCIWnJLjPD
Ca7FP0ImVq7/mtqgYAm3NNfWAFV+A6/l22hDKBmHyUwUKT2qTA++Cdnhiv/RneRt
wZoIFR0RVy7yqku9KKYjknDnPU65lDcnEpbxLhRwwAeWFqsisrzLWV5ykpE/31bL
yEty26l3pqEMm5jBH5HW6Cppm3lT37Icc8Yh0qOEg1+YcxMJs3CvYIA4YsC2GG99
P/3hg8b8fE8q9diMFdujU9jblLp6
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:32:39 2024 by rpki-client on console-fra.rpki-client.org