Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/_pvLgB436U6Ho8_3wc1uTePp9dk.roa
File: _pvLgB436U6Ho8_3wc1uTePp9dk.roa (raw, json)
Hash identifier: jY3FMP2nBjq2jbTSWy73ChkriYnB5uu0VtiCiZKBk1A=
Subject key identifier: FE:9B:CB:80:1E:37:E9:4E:87:A3:CF:F7:C1:CD:6E:4D:E3:E9:F5:D9
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 018FE59D623D278D93352FDA10885D8FBA34
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/_pvLgB436U6Ho8_3wc1uTePp9dk.roa
Signing time: Tue 04 Jun 2024 23:37:27 +0000
ROA not before: Tue 04 Jun 2024 23:37:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39238
IP address blocks: 81.161.63.0/24 maxlen: 24
91.195.125.0/24 maxlen: 24
91.229.112.0/23 maxlen: 23
185.202.0.0/24 maxlen: 24
185.202.1.0/24 maxlen: 24
185.202.2.0/24 maxlen: 24
185.202.3.0/24 maxlen: 24
193.9.17.0/24 maxlen: 24
213.108.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e5:9d:62:3d:27:8d:93:35:2f:da:10:88:5d:8f:ba:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Jun 4 23:37:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe9bcb801e37e94e87a3cff7c1cd6e4de3e9f5d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e8:04:03:1f:a2:b9:00:70:19:72:af:ac:06:
3c:21:70:b6:21:8a:de:b1:47:f0:83:86:ff:c3:9b:
9b:8e:0d:36:b1:84:4b:55:db:f2:2d:d3:3a:0c:13:
af:e4:ae:e4:8f:7d:af:8c:bc:bb:c2:87:c1:e6:8a:
e5:cb:7d:d4:87:77:c8:bf:79:ea:f7:1e:10:38:4e:
8c:5c:e8:5b:67:2e:4f:e9:70:27:ed:63:3a:fb:bb:
b9:4d:1c:7e:70:a4:38:70:40:be:a3:46:77:91:3c:
1d:bf:db:c9:02:34:d1:7e:7e:4f:e2:55:8d:3d:c8:
7a:fd:87:70:72:35:98:f8:aa:4d:40:ac:2b:c4:a0:
f7:c4:9d:60:70:bd:86:ad:b1:36:e3:18:16:54:7b:
f3:9d:68:ee:b4:8c:8e:d2:a1:1d:30:90:6e:69:93:
cc:c5:f0:0d:2b:03:8b:13:bc:a8:48:1a:48:46:18:
fd:da:06:59:2d:ec:36:0e:fe:d8:f0:01:54:51:29:
ca:92:47:97:a6:9d:82:c7:3f:f8:4c:1f:6c:82:76:
14:88:61:13:d8:36:e4:52:a0:7c:e2:c0:a5:0b:ce:
bf:e6:2e:92:21:bf:ee:b3:cd:96:ad:03:23:82:0a:
98:5a:00:9a:ce:3f:eb:f3:d6:ff:e9:52:eb:09:d7:
f3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:9B:CB:80:1E:37:E9:4E:87:A3:CF:F7:C1:CD:6E:4D:E3:E9:F5:D9
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/_pvLgB436U6Ho8_3wc1uTePp9dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.63.0/24
91.195.125.0/24
91.229.112.0/23
185.202.0.0/22
193.9.17.0/24
213.108.133.0/24
Signature Algorithm: sha256WithRSAEncryption
94:5e:73:b4:c8:7e:14:e8:35:be:da:65:30:3b:0d:25:63:36:
e8:dc:d5:c7:85:80:d2:14:a7:a3:70:77:a5:4b:9f:5a:32:a8:
83:84:28:19:6d:cd:db:ab:69:ef:1d:49:08:3d:fb:ab:37:80:
3a:63:11:db:e5:a7:4f:39:c3:92:99:a7:a5:3a:9e:da:7d:f4:
94:b2:6c:c2:db:50:79:96:06:78:60:c8:db:b1:66:f6:4c:f3:
27:72:ae:de:8c:bb:1f:f9:d2:e2:8e:40:d5:ad:5a:20:a3:e8:
f3:fa:06:8e:16:28:2d:b6:2d:9b:d9:c0:25:7a:40:24:f5:a8:
7c:63:31:f4:0c:da:84:1d:77:69:bb:fb:6c:56:90:16:06:2a:
8c:c4:36:66:c7:ff:6e:b6:6b:15:76:2a:01:0d:82:b1:8d:11:
2e:bc:12:79:ad:15:03:f4:a7:9f:ee:c6:ea:f1:5b:2b:98:1d:
4c:83:1e:c2:cd:20:6c:c9:c8:24:da:10:92:ac:ee:bd:8e:3e:
c3:4d:1c:0c:3f:33:05:fc:85:c0:e0:90:6d:e4:72:55:da:a8:
67:4e:b1:95:83:25:94:82:d5:bd:1c:21:ad:6a:ec:94:51:68:
20:0a:48:fc:2f:09:f3:3a:f2:a9:21:e2:ae:66:aa:9a:f2:6c:
b4:dd:c3:77
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY/lnWI9J42TNS/aEIhdj7o0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjQwNjA0MjMzNzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTliY2I4MDFlMzdlOTRlODdhM2NmZjdjMWNkNmU0ZGUzZTlmNWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzugEAx+iuQBwGXKvrAY8IXC2IYre
sUfwg4b/w5ubjg02sYRLVdvyLdM6DBOv5K7kj32vjLy7wofB5orly33Uh3fIv3nq
9x4QOE6MXOhbZy5P6XAn7WM6+7u5TRx+cKQ4cEC+o0Z3kTwdv9vJAjTRfn5P4lWN
Pch6/YdwcjWY+KpNQKwrxKD3xJ1gcL2GrbE24xgWVHvznWjutIyO0qEdMJBuaZPM
xfANKwOLE7yoSBpIRhj92gZZLew2Dv7Y8AFUUSnKkkeXpp2Cxz/4TB9sgnYUiGET
2DbkUqB84sClC86/5i6SIb/us82WrQMjggqYWgCazj/r89b/6VLrCdfzbQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFP6by4AeN+lOh6PP98HNbk3j6fXZMB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvX3B2TGdCNDM2VTZIbzhfM3djMXVUZVBwOWRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUaE/AwQA
W8N9AwQBW+VwAwQCucoAAwQAwQkRAwQA1WyFMA0GCSqGSIb3DQEBCwUAA4IBAQCU
XnO0yH4U6DW+2mUwOw0lYzbo3NXHhYDSFKejcHelS59aMqiDhCgZbc3bq2nvHUkI
PfurN4A6YxHb5adPOcOSmaelOp7affSUsmzC21B5lgZ4YMjbsWb2TPMncq7ejLsf
+dLijkDVrVogo+jz+gaOFigtti2b2cAlekAk9ah8YzH0DNqEHXdpu/tsVpAWBiqM
xDZmx/9utmsVdioBDYKxjREuvBJ5rRUD9Kef7sbq8VsrmB1Mgx7CzSBsycgk2hCS
rO69jj7DTRwMPzMF/IXA4JBt5HJV2qhnTrGVgyWUgtW9HCGtauyUUWggCkj8Lwnz
OvKpIeKuZqqa8my03cN3
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:12:08 2024 by rpki-client on console-fra.rpki-client.org