Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/12fc9e-ea3b-41c0-950e-4475a9bf250e/1/n34l3K8es0N-iFqBsK27SQ2Ee7w.roa
File: n34l3K8es0N-iFqBsK27SQ2Ee7w.roa (raw, json)
Hash identifier: 3d/OzCr+z3MJl/+4csF3Ecb991sOCe6LzzYEdFeFAVo=
Subject key identifier: 9F:7E:25:DC:AF:1E:B3:43:7E:88:5A:81:B0:AD:BB:49:0D:84:7B:BC
Certificate issuer: /CN=593b53fb9306346f272494928d77839cbaf9ddc7
Certificate serial: 018CC34937FEC05898C3AE1CACE9EF8E09ED
Authority key identifier: 59:3B:53:FB:93:06:34:6F:27:24:94:92:8D:77:83:9C:BA:F9:DD:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WTtT-5MGNG8nJJSSjXeDnLr53cc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/12fc9e-ea3b-41c0-950e-4475a9bf250e/1/n34l3K8es0N-iFqBsK27SQ2Ee7w.roa
Signing time: Mon 01 Jan 2024 04:30:04 +0000
ROA not before: Mon 01 Jan 2024 04:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12417
IP address blocks: 185.220.24.0/24 maxlen: 24
185.220.24.0/22 maxlen: 24
185.220.27.0/24 maxlen: 24
185.220.25.0/24 maxlen: 24
91.234.46.0/24 maxlen: 24
178.218.163.0/24 maxlen: 24
178.218.160.0/20 maxlen: 24
178.218.170.0/24 maxlen: 24
178.218.171.0/24 maxlen: 24
178.218.172.0/24 maxlen: 24
178.218.173.0/24 maxlen: 24
178.218.174.0/24 maxlen: 24
2a0b:ee41::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/12fc9e-ea3b-41c0-950e-4475a9bf250e/1/WTtT-5MGNG8nJJSSjXeDnLr53cc.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/12fc9e-ea3b-41c0-950e-4475a9bf250e/1/WTtT-5MGNG8nJJSSjXeDnLr53cc.mft
rsync://rpki.ripe.net/repository/DEFAULT/WTtT-5MGNG8nJJSSjXeDnLr53cc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:37:fe:c0:58:98:c3:ae:1c:ac:e9:ef:8e:09:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=593b53fb9306346f272494928d77839cbaf9ddc7
Validity
Not Before: Jan 1 04:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f7e25dcaf1eb3437e885a81b0adbb490d847bbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d1:ff:70:2a:be:c9:f7:c1:54:c8:6f:45:4d:
5f:2a:2d:f0:8f:7e:f6:11:ee:24:20:20:58:20:96:
b2:b4:5d:18:50:f5:86:28:90:0d:02:51:92:06:df:
d1:14:22:e5:0a:05:4e:f7:b9:2d:18:2b:93:88:2b:
8b:59:fe:ed:17:43:37:49:67:e3:ec:44:60:ef:1c:
f4:8a:68:1c:bf:aa:83:be:16:22:97:87:de:51:78:
62:3d:eb:97:d0:9c:05:d8:66:de:e3:93:b0:6a:61:
08:c3:b4:8b:36:38:36:3a:45:21:54:84:d8:30:4d:
83:aa:fc:bb:ff:c3:91:80:9b:cf:45:60:40:74:eb:
6c:b6:30:14:55:9f:45:da:60:ea:20:81:81:5e:5b:
c8:eb:34:79:73:48:b5:b9:8a:cf:53:f3:d3:b1:9e:
30:8c:2c:8c:be:64:48:68:24:1f:8c:ae:8e:39:00:
23:c8:16:fb:fc:5b:3b:59:20:b0:e7:1c:d7:76:ee:
28:cd:28:90:4d:ab:11:26:a2:fe:17:17:fd:a2:47:
db:0d:0b:02:79:1a:01:d0:db:23:28:a6:f4:1b:a7:
17:bb:8b:09:2f:42:37:f2:3e:67:d8:c9:40:c3:ff:
32:30:5d:7e:0e:49:9c:50:29:f1:27:46:e8:73:14:
90:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:7E:25:DC:AF:1E:B3:43:7E:88:5A:81:B0:AD:BB:49:0D:84:7B:BC
X509v3 Authority Key Identifier:
keyid:59:3B:53:FB:93:06:34:6F:27:24:94:92:8D:77:83:9C:BA:F9:DD:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WTtT-5MGNG8nJJSSjXeDnLr53cc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/12fc9e-ea3b-41c0-950e-4475a9bf250e/1/n34l3K8es0N-iFqBsK27SQ2Ee7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/12fc9e-ea3b-41c0-950e-4475a9bf250e/1/WTtT-5MGNG8nJJSSjXeDnLr53cc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.46.0/24
178.218.160.0/20
185.220.24.0/22
IPv6:
2a0b:ee41::/32
Signature Algorithm: sha256WithRSAEncryption
36:47:da:d2:c8:2c:0e:8c:49:a2:6a:30:c5:c3:2a:89:eb:61:
f0:21:3d:73:62:d7:2a:ae:04:3d:93:bf:10:32:1a:3a:d1:24:
f8:2b:a6:47:16:8a:37:31:d6:2c:9f:3c:13:56:ef:03:ca:06:
fa:ea:51:00:c9:24:88:af:b1:51:a0:cc:4b:dc:76:51:0f:91:
7c:a0:63:cc:65:58:79:d5:9b:e1:38:27:b1:2a:c0:78:ca:ae:
42:cd:86:b9:60:e0:88:05:3f:48:4a:73:d1:76:a6:25:63:fa:
34:8e:49:b8:cc:0c:82:12:fa:3a:72:ed:9b:1e:d2:a3:9a:73:
43:39:7c:8b:de:86:1d:31:6d:2a:92:3a:7a:b6:d5:07:f3:05:
77:bd:0f:ea:72:e6:ac:ed:f6:a8:59:7e:17:2a:41:ed:10:ff:
31:6c:90:ff:71:f2:b2:5b:d7:68:00:e5:69:f6:d6:44:58:c5:
bf:db:d5:35:82:65:a2:1a:51:de:1a:e3:5d:3e:9d:f6:00:5a:
0e:cc:ee:a9:45:8b:2e:48:2b:ea:52:d2:28:6f:4b:c9:9b:c8:
aa:70:8f:38:65:01:c7:b0:6f:a4:2d:20:11:63:c1:ad:98:71:
4b:df:cf:b2:e6:98:e1:78:98:fd:6d:c1:4b:ea:02:2c:ea:71:
16:62:af:2a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDSTf+wFiYw64crOnvjgntMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5M2I1M2ZiOTMwNjM0NmYyNzI0OTQ5MjhkNzc4MzljYmFm
OWRkYzcwHhcNMjQwMTAxMDQzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjdlMjVkY2FmMWViMzQzN2U4ODVhODFiMGFkYmI0OTBkODQ3YmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNH/cCq+yffBVMhvRU1fKi3wj372
Ee4kICBYIJaytF0YUPWGKJANAlGSBt/RFCLlCgVO97ktGCuTiCuLWf7tF0M3SWfj
7ERg7xz0imgcv6qDvhYil4feUXhiPeuX0JwF2Gbe45OwamEIw7SLNjg2OkUhVITY
ME2Dqvy7/8ORgJvPRWBAdOtstjAUVZ9F2mDqIIGBXlvI6zR5c0i1uYrPU/PTsZ4w
jCyMvmRIaCQfjK6OOQAjyBb7/Fs7WSCw5xzXdu4ozSiQTasRJqL+Fxf9okfbDQsC
eRoB0NsjKKb0G6cXu4sJL0I38j5n2MlAw/8yMF1+DkmcUCnxJ0bocxSQ8QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJ9+JdyvHrNDfohagbCtu0kNhHu8MB8GA1UdIwQY
MBaAFFk7U/uTBjRvJySUko13g5y6+d3HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1R0VC01TUdORzhuSkpTU2pYZURuTHI1M2NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8xMmZjOWUtZWEzYi00MWMwLTk1MGUt
NDQ3NWE5YmYyNTBlLzEvbjM0bDNLOGVzME4taUZxQnNLMjdTUTJFZTd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8xMmZjOWUtZWEzYi00MWMwLTk1MGUtNDQ3NWE5YmYyNTBl
LzEvV1R0VC01TUdORzhuSkpTU2pYZURuTHI1M2NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW+ouAwQE
stqgAwQCudwYMA0EAgACMAcDBQAqC+5BMA0GCSqGSIb3DQEBCwUAA4IBAQA2R9rS
yCwOjEmiajDFwyqJ62HwIT1zYtcqrgQ9k78QMho60ST4K6ZHFoo3MdYsnzwTVu8D
ygb66lEAySSIr7FRoMxL3HZRD5F8oGPMZVh51ZvhOCexKsB4yq5CzYa5YOCIBT9I
SnPRdqYlY/o0jkm4zAyCEvo6cu2bHtKjmnNDOXyL3oYdMW0qkjp6ttUH8wV3vQ/q
cuas7faoWX4XKkHtEP8xbJD/cfKyW9doAOVp9tZEWMW/29U1gmWiGlHeGuNdPp32
AFoOzO6pRYsuSCvqUtIob0vJm8iqcI84ZQHHsG+kLSARY8GtmHFL38+y5pjheJj9
bcFL6gIs6nEWYq8q
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:18:37 2024 by rpki-client on console-fra.rpki-client.org