Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/_CTtiKjQYHzlVcO-U7zpVQq42Ic.roa
File: _CTtiKjQYHzlVcO-U7zpVQq42Ic.roa (raw, json)
Hash identifier: A5Fc1lVhonAbfXeh+B7QMfWWJa2Vh+v37IUPcwfiGn8=
Subject key identifier: FC:24:ED:88:A8:D0:60:7C:E5:55:C3:BE:53:BC:E9:55:0A:B8:D8:87
Certificate issuer: /CN=7021d7528be713a4ba2cb4db5e58d64d882eb555
Certificate serial: 01922E8E45E5AF0174F65197A7539B6E0175
Authority key identifier: 70:21:D7:52:8B:E7:13:A4:BA:2C:B4:DB:5E:58:D6:4D:88:2E:B5:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cCHXUovnE6S6LLTbXljWTYgutVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/_CTtiKjQYHzlVcO-U7zpVQq42Ic.roa
Signing time: Thu 26 Sep 2024 13:38:48 +0000
ROA not before: Thu 26 Sep 2024 13:38:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212219
IP address blocks: 80.253.246.0/24 maxlen: 24
91.151.88.0/24 maxlen: 24
91.151.89.0/24 maxlen: 24
91.151.95.0/24 maxlen: 24
213.142.148.0/24 maxlen: 24
213.142.151.0/24 maxlen: 24
213.142.159.0/24 maxlen: 24
2a0f:bf00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/cCHXUovnE6S6LLTbXljWTYgutVU.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/cCHXUovnE6S6LLTbXljWTYgutVU.mft
rsync://rpki.ripe.net/repository/DEFAULT/cCHXUovnE6S6LLTbXljWTYgutVU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 04:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2e:8e:45:e5:af:01:74:f6:51:97:a7:53:9b:6e:01:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7021d7528be713a4ba2cb4db5e58d64d882eb555
Validity
Not Before: Sep 26 13:38:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc24ed88a8d0607ce555c3be53bce9550ab8d887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:32:cb:f4:b2:b1:3e:e7:8b:cd:af:f0:d3:2f:
56:8f:48:0d:a3:3e:f9:5c:54:72:06:4d:9e:dd:45:
93:92:c4:fe:8f:c3:84:5f:0a:94:e3:ac:43:87:4c:
b0:ba:3f:67:53:1b:55:67:aa:de:5a:ff:f4:c4:c3:
75:c6:36:15:65:c2:0d:6d:67:ef:d7:6d:cc:10:24:
d6:f0:e8:c7:b5:05:59:e5:78:7f:a4:59:44:01:e0:
34:a9:d9:d7:bf:6f:38:6d:b2:a4:c6:96:7e:7c:82:
79:a4:4d:74:98:59:e4:e9:08:35:aa:f7:4a:9f:d8:
e3:a4:9b:9c:a3:f4:98:2f:3a:a1:64:2f:df:f5:68:
f5:2e:cb:94:82:bb:dd:f2:18:e9:4d:76:97:81:29:
9d:26:e9:27:bb:5a:9e:39:42:7b:2b:c1:2d:05:d0:
68:e5:0f:49:3f:4d:2e:6b:09:27:7c:a5:46:7e:75:
3a:0a:5e:ad:95:04:ca:4a:1b:54:bc:7f:e2:03:1f:
18:b7:cf:58:38:0b:a7:f8:1f:ec:d4:8d:f8:72:b1:
b1:13:16:a1:20:6b:a4:1a:37:9d:08:c3:72:cd:23:
e5:ff:80:98:8d:f6:eb:e2:18:e0:cf:31:5c:d8:6f:
8c:3d:20:ad:49:0e:7b:c5:37:25:b2:dd:20:96:6e:
2b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:24:ED:88:A8:D0:60:7C:E5:55:C3:BE:53:BC:E9:55:0A:B8:D8:87
X509v3 Authority Key Identifier:
keyid:70:21:D7:52:8B:E7:13:A4:BA:2C:B4:DB:5E:58:D6:4D:88:2E:B5:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cCHXUovnE6S6LLTbXljWTYgutVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/_CTtiKjQYHzlVcO-U7zpVQq42Ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/cCHXUovnE6S6LLTbXljWTYgutVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.246.0/24
91.151.88.0/23
91.151.95.0/24
213.142.148.0/24
213.142.151.0/24
213.142.159.0/24
IPv6:
2a0f:bf00::/29
Signature Algorithm: sha256WithRSAEncryption
80:d0:df:08:68:38:67:ad:64:71:dd:77:55:9f:65:2e:24:eb:
a3:e3:c8:b7:53:eb:36:6d:85:a3:72:7a:e9:48:d7:fc:a1:50:
69:1b:fa:f8:38:85:80:d7:bb:72:2b:ba:ca:20:48:1c:5d:ff:
93:e6:71:2d:5d:cf:ca:f5:b7:d9:a2:b1:89:23:d8:06:ce:9b:
6b:86:47:15:8f:7a:6e:25:1a:d0:58:90:6f:0f:f6:94:3d:2c:
2a:0b:85:77:31:96:95:cb:85:74:f4:1b:07:a1:51:f8:37:10:
2d:d6:ad:a5:34:16:40:06:4b:72:df:5d:e0:69:da:58:c8:35:
27:6d:99:6b:37:6c:b2:b4:63:1b:0e:30:55:e1:9d:08:1c:df:
d2:04:c8:f0:db:5e:35:55:79:b9:a9:2e:5c:b8:fa:5f:e6:e6:
6d:b4:c8:16:c2:ce:38:93:53:11:07:8c:64:ba:06:db:1f:59:
91:1e:03:8f:f4:2c:f7:6f:10:f8:20:45:ed:3d:ec:fa:6b:da:
2a:2f:e1:95:cf:11:52:e5:a1:b4:c3:d7:9b:41:5e:2e:ca:0b:
c6:2f:61:6d:5e:8a:21:22:9b:3e:6c:d5:e8:03:c2:5b:a4:82:
d4:e6:7a:f3:97:e0:aa:91:6f:d8:79:48:4f:0b:5b:05:88:bd:
dc:fc:d4:f5
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZIujkXlrwF09lGXp1ObbgF1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMjFkNzUyOGJlNzEzYTRiYTJjYjRkYjVlNThkNjRkODgy
ZWI1NTUwHhcNMjQwOTI2MTMzODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzI0ZWQ4OGE4ZDA2MDdjZTU1NWMzYmU1M2JjZTk1NTBhYjhkODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDLL9LKxPueLza/w0y9Wj0gNoz75
XFRyBk2e3UWTksT+j8OEXwqU46xDh0ywuj9nUxtVZ6reWv/0xMN1xjYVZcINbWfv
123MECTW8OjHtQVZ5Xh/pFlEAeA0qdnXv284bbKkxpZ+fIJ5pE10mFnk6Qg1qvdK
n9jjpJuco/SYLzqhZC/f9Wj1LsuUgrvd8hjpTXaXgSmdJuknu1qeOUJ7K8EtBdBo
5Q9JP00uawknfKVGfnU6Cl6tlQTKShtUvH/iAx8Yt89YOAun+B/s1I34crGxExah
IGukGjedCMNyzSPl/4CYjfbr4hjgzzFc2G+MPSCtSQ57xTclst0glm4rfQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPwk7Yio0GB85VXDvlO86VUKuNiHMB8GA1UdIwQY
MBaAFHAh11KL5xOkuiy0215Y1k2ILrVVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0NIWFVvdm5FNlM2TExUYlhsaldUWWd1dFZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8wMWIwYzAtMWI4Ny00ZDZmLTllOTAt
OTI4MWYwZDIzZGJmLzEvX0NUdGlLalFZSHpsVmNPLVU3enBWUXE0MkljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8wMWIwYzAtMWI4Ny00ZDZmLTllOTAtOTI4MWYwZDIzZGJm
LzEvY0NIWFVvdm5FNlM2TExUYlhsaldUWWd1dFZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAUP32AwQB
W5dYAwQAW5dfAwQA1Y6UAwQA1Y6XAwQA1Y6fMA0EAgACMAcDBQMqD78AMA0GCSqG
SIb3DQEBCwUAA4IBAQCA0N8IaDhnrWRx3XdVn2UuJOuj48i3U+s2bYWjcnrpSNf8
oVBpG/r4OIWA17tyK7rKIEgcXf+T5nEtXc/K9bfZorGJI9gGzptrhkcVj3puJRrQ
WJBvD/aUPSwqC4V3MZaVy4V09BsHoVH4NxAt1q2lNBZABkty313gadpYyDUnbZlr
N2yytGMbDjBV4Z0IHN/SBMjw2141VXm5qS5cuPpf5uZttMgWws44k1MRB4xkugbb
H1mRHgOP9Cz3bxD4IEXtPez6a9oqL+GVzxFS5aG0w9ebQV4uygvGL2FtXoohIps+
bNXoA8JbpILU5nrzl+CqkW/YeUhPC1sFiL3c/NT1
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:05:37 2024 by rpki-client on console-fra.rpki-client.org