Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/VzBnjogixDOt06PBJhHhhfslq6k.roa
File: VzBnjogixDOt06PBJhHhhfslq6k.roa (raw, json)
Hash identifier: 0agzLXDcVsGJ8KUhaae5q79P5G0l1GXtZ2MD1c3qLCk=
Subject key identifier: 57:30:67:8E:88:22:C4:33:AD:D3:A3:C1:26:11:E1:85:FB:25:AB:A9
Certificate issuer: /CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Certificate serial: 018F80A0B1501C2A0A6338F82AC8C44F7BA5
Authority key identifier: F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/VzBnjogixDOt06PBJhHhhfslq6k.roa
Signing time: Thu 16 May 2024 08:59:25 +0000
ROA not before: Thu 16 May 2024 08:59:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 91.123.0.0/24 maxlen: 24
91.123.1.0/24 maxlen: 24
91.123.2.0/24 maxlen: 24
91.123.3.0/24 maxlen: 24
91.123.4.0/24 maxlen: 24
91.123.5.0/24 maxlen: 24
91.123.6.0/24 maxlen: 24
91.123.7.0/24 maxlen: 24
190.106.160.0/24 maxlen: 24
190.106.161.0/24 maxlen: 24
190.106.162.0/24 maxlen: 24
190.106.163.0/24 maxlen: 24
190.106.164.0/24 maxlen: 24
190.106.165.0/24 maxlen: 24
190.106.166.0/24 maxlen: 24
190.106.167.0/24 maxlen: 24
190.106.168.0/24 maxlen: 24
190.106.169.0/24 maxlen: 24
190.106.170.0/24 maxlen: 24
190.106.171.0/24 maxlen: 24
190.106.172.0/24 maxlen: 24
190.106.173.0/24 maxlen: 24
190.106.174.0/24 maxlen: 24
190.106.175.0/24 maxlen: 24
190.106.176.0/24 maxlen: 24
190.106.185.0/24 maxlen: 24
190.106.186.0/24 maxlen: 24
190.106.187.0/24 maxlen: 24
190.106.188.0/24 maxlen: 24
190.106.189.0/24 maxlen: 24
190.106.190.0/24 maxlen: 24
190.106.191.0/24 maxlen: 24
206.195.128.0/24 maxlen: 24
206.195.129.0/24 maxlen: 24
206.195.130.0/24 maxlen: 24
206.195.131.0/24 maxlen: 24
206.195.132.0/24 maxlen: 24
206.195.133.0/24 maxlen: 24
206.195.134.0/24 maxlen: 24
206.195.135.0/24 maxlen: 24
206.195.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.mft
rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:a0:b1:50:1c:2a:0a:63:38:f8:2a:c8:c4:4f:7b:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Validity
Not Before: May 16 08:59:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5730678e8822c433add3a3c12611e185fb25aba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:cd:d2:77:2f:c2:84:8d:fb:0e:7f:06:23:cc:
81:e6:f5:f3:ef:5b:35:df:54:95:3a:87:5b:8e:97:
d1:cd:dc:b2:24:1a:a4:64:cf:f7:86:b5:88:4d:0c:
54:e7:e4:11:d7:37:da:a3:21:86:96:48:98:d3:d6:
8d:49:f5:03:78:7c:8b:44:66:d4:97:74:ca:0e:89:
13:23:49:41:ae:a8:45:02:1f:d6:4f:b6:90:1d:5f:
68:4c:74:31:64:fb:42:4f:90:db:ae:01:2e:ad:69:
7b:b6:ff:b2:f7:cb:09:a6:d3:fc:63:3b:c3:5a:dd:
35:31:78:7c:00:6c:69:6c:2a:43:fa:af:66:dd:82:
89:21:cd:9d:85:97:c1:8a:3b:b3:d2:62:91:17:c4:
a6:25:75:73:0b:68:92:a2:2d:b3:e6:bc:7c:bf:b3:
09:5c:17:13:fc:c1:75:21:fc:2c:e0:27:36:5f:db:
41:48:a5:a1:db:25:bd:e3:62:0a:c7:aa:eb:68:3d:
9b:51:88:38:99:f3:af:1e:7c:a2:1d:f7:34:8b:0f:
2a:2f:97:ce:cb:2e:80:28:20:29:5c:51:12:a3:18:
9f:3e:28:3e:ff:a2:98:0d:a9:e4:1a:e0:8a:37:e5:
2a:fd:b5:82:5a:bf:8f:94:db:87:09:d2:f7:2c:38:
67:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:30:67:8E:88:22:C4:33:AD:D3:A3:C1:26:11:E1:85:FB:25:AB:A9
X509v3 Authority Key Identifier:
keyid:F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/VzBnjogixDOt06PBJhHhhfslq6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.123.0.0/21
190.106.160.0-190.106.176.255
190.106.185.0-190.106.191.255
206.195.128.0-206.195.136.255
Signature Algorithm: sha256WithRSAEncryption
a2:be:98:6e:56:8b:12:9d:44:98:a2:63:7e:d7:62:25:d3:aa:
4f:cd:2b:c9:5e:85:32:94:05:9c:3f:7e:97:d0:51:2f:46:aa:
fc:d1:cb:83:d7:32:91:99:59:4a:ba:36:f3:4e:1e:7a:67:a2:
9f:89:b8:31:b7:61:e5:1e:4b:9e:3a:0c:ea:e2:81:3a:f5:d7:
75:45:8b:bb:13:ab:0c:e5:ef:04:3a:85:af:e4:04:8e:a4:b0:
4a:d2:fb:79:c8:a1:af:a2:0c:d9:5d:a2:86:0d:4b:9f:15:a4:
fd:db:6c:74:24:9f:66:a2:22:52:c4:99:73:85:d5:eb:50:9e:
fe:b9:4f:a7:14:94:2e:9b:3a:bf:5a:42:9a:82:4c:a4:bb:a4:
57:a5:2c:00:a8:d9:d8:12:47:64:72:16:96:11:31:4f:0c:31:
fb:5a:a2:4c:bb:61:73:4c:f9:8e:76:e0:44:4f:ab:5d:4b:e9:
af:32:cb:ae:4b:b5:d3:41:21:70:8e:df:aa:35:ac:00:c9:1d:
d2:79:44:d1:ee:21:c1:d3:eb:1d:89:9c:38:07:e8:9e:66:cd:
56:81:35:04:c0:39:86:0d:38:6f:14:1e:7a:7e:9d:b9:7a:f0:
dd:f8:68:f4:17:df:34:e0:58:b6:be:ef:a0:d7:d4:e6:10:7b:
b6:9f:35:bc
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY+AoLFQHCoKYzj4KsjET3ulMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwY2M3YTQ0NzQ4MmU1N2IwNjA0YmFiYjgyYTUyNDA5Y2Rl
M2IzNmQwHhcNMjQwNTE2MDg1OTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzMwNjc4ZTg4MjJjNDMzYWRkM2EzYzEyNjExZTE4NWZiMjVhYmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu83Sdy/ChI37Dn8GI8yB5vXz71s1
31SVOodbjpfRzdyyJBqkZM/3hrWITQxU5+QR1zfaoyGGlkiY09aNSfUDeHyLRGbU
l3TKDokTI0lBrqhFAh/WT7aQHV9oTHQxZPtCT5DbrgEurWl7tv+y98sJptP8YzvD
Wt01MXh8AGxpbCpD+q9m3YKJIc2dhZfBijuz0mKRF8SmJXVzC2iSoi2z5rx8v7MJ
XBcT/MF1Ifws4Cc2X9tBSKWh2yW942IKx6rraD2bUYg4mfOvHnyiHfc0iw8qL5fO
yy6AKCApXFESoxifPig+/6KYDankGuCKN+Uq/bWCWr+PlNuHCdL3LDhnLQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFcwZ46IIsQzrdOjwSYR4YX7JaupMB8GA1UdIwQY
MBaAFPDMekR0guV7BgS6u4KlJAnN47NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUt
ZmEzMmQyZDUyOTY4LzEvVnpCbmpvZ2l4RE90MDZQQkpoSGhoZnNscTZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUtZmEzMmQyZDUyOTY4
LzEvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDW3sAMAwD
BAW+aqADBAC+arAwDAMEAL5quQMEBr5qgDAMAwQHzsOAAwQAzsOIMA0GCSqGSIb3
DQEBCwUAA4IBAQCivphuVosSnUSYomN+12Il06pPzSvJXoUylAWcP36X0FEvRqr8
0cuD1zKRmVlKujbzTh56Z6Kfibgxt2HlHkueOgzq4oE69dd1RYu7E6sM5e8EOoWv
5ASOpLBK0vt5yKGvogzZXaKGDUufFaT922x0JJ9moiJSxJlzhdXrUJ7+uU+nFJQu
mzq/WkKagkyku6RXpSwAqNnYEkdkchaWETFPDDH7WqJMu2FzTPmOduBET6tdS+mv
MsuuS7XTQSFwjt+qNawAyR3SeUTR7iHB0+sdiZw4B+ieZs1WgTUEwDmGDThvFB56
fp25evDd+Gj0F9804Fi2vu+g19TmEHu2nzW8
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:53:07 2024 by rpki-client on console-fra.rpki-client.org