Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/O_WB8liwAacA7IGVD7Hg4oIznr0.roa
File: O_WB8liwAacA7IGVD7Hg4oIznr0.roa (raw, json)
Hash identifier: p3tixNjtpSKbQSqUY/5I6m5Z2XODc5xQHDRo9yAarNc=
Subject key identifier: 3B:F5:81:F2:58:B0:01:A7:00:EC:81:95:0F:B1:E0:E2:82:33:9E:BD
Certificate issuer: /CN=5b6d178f13851306b5634df159716319f4d82478
Certificate serial: 018CC26D50EDBA7924838F39FA6D20264605
Authority key identifier: 5B:6D:17:8F:13:85:13:06:B5:63:4D:F1:59:71:63:19:F4:D8:24:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W20XjxOFEwa1Y03xWXFjGfTYJHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/O_WB8liwAacA7IGVD7Hg4oIznr0.roa
Signing time: Mon 01 Jan 2024 00:29:53 +0000
ROA not before: Mon 01 Jan 2024 00:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207459
IP address blocks: 91.217.119.0/24 maxlen: 32
2a0e:36c2::/32 maxlen: 32
2a0e:36c0::/32 maxlen: 32
2a0e:36c6::/32 maxlen: 32
2a0e:36c3::/32 maxlen: 32
2a0e:36c1::/32 maxlen: 32
2a0e:36c5::/32 maxlen: 32
2a0e:36c0::/29 maxlen: 32
2a0e:36c7::/32 maxlen: 32
2a0e:36c4::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/W20XjxOFEwa1Y03xWXFjGfTYJHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/W20XjxOFEwa1Y03xWXFjGfTYJHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/W20XjxOFEwa1Y03xWXFjGfTYJHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:50:ed:ba:79:24:83:8f:39:fa:6d:20:26:46:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b6d178f13851306b5634df159716319f4d82478
Validity
Not Before: Jan 1 00:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bf581f258b001a700ec81950fb1e0e282339ebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c9:c5:fc:3d:7a:ac:71:51:1e:29:43:4e:c2:
54:34:2c:33:14:09:95:57:73:bd:08:f0:68:99:f6:
f4:fe:99:39:75:76:ad:15:69:2a:df:5e:b1:42:c4:
00:0c:ed:7d:8f:13:53:41:69:47:28:c3:2f:27:30:
1f:46:da:82:ae:e7:da:1c:8a:93:cf:48:03:9b:74:
2c:c6:4f:5a:e6:2c:a0:ba:c4:68:55:16:d0:d3:d3:
06:8c:ad:3c:8a:26:29:73:d7:96:f7:ac:1c:fa:37:
49:c7:a3:45:6c:47:58:c0:00:44:46:b9:b0:4b:41:
7c:99:bd:f9:e6:fa:ec:17:9c:af:92:9f:74:fe:b4:
f3:14:0c:07:01:bd:9a:81:c9:e0:85:84:5f:cd:11:
68:9a:8a:08:6e:19:2d:0d:29:24:4d:0d:81:a6:50:
4b:be:1f:82:e2:1f:47:a9:e9:7c:bb:ab:26:b9:96:
67:f7:79:e9:7c:32:be:2a:44:e0:9a:92:99:42:5c:
f5:d4:0b:c3:8b:39:21:a4:1f:8c:df:1c:6b:56:f0:
ac:2b:a5:5a:93:9d:6b:98:3b:b3:f7:3f:7e:4b:d3:
8f:0d:8a:5f:ab:9e:ec:51:c3:2a:48:08:81:3d:b9:
9e:2c:14:3e:60:ca:08:2a:2f:bb:9b:34:a4:01:5c:
dd:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F5:81:F2:58:B0:01:A7:00:EC:81:95:0F:B1:E0:E2:82:33:9E:BD
X509v3 Authority Key Identifier:
keyid:5B:6D:17:8F:13:85:13:06:B5:63:4D:F1:59:71:63:19:F4:D8:24:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W20XjxOFEwa1Y03xWXFjGfTYJHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/O_WB8liwAacA7IGVD7Hg4oIznr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/W20XjxOFEwa1Y03xWXFjGfTYJHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.119.0/24
IPv6:
2a0e:36c0::/29
Signature Algorithm: sha256WithRSAEncryption
a6:c2:ff:c6:e8:c2:78:7f:e2:ea:52:d7:17:8c:26:c4:87:16:
4a:31:f2:05:10:10:77:40:fb:49:5c:30:52:b9:1e:ed:d0:57:
4a:e6:95:20:48:63:57:66:94:9b:6e:9b:1b:db:02:7b:dd:2d:
66:94:91:45:b7:4d:d6:3c:a4:d3:04:f0:53:9d:a5:f1:e4:37:
ac:14:28:7e:b5:8c:db:12:c3:86:e0:6c:e8:c8:c5:5c:29:da:
e9:ef:7d:15:8a:ca:3b:05:d4:b7:02:0f:ef:54:98:4b:32:d4:
ab:18:d9:07:af:03:48:ea:0c:3d:fa:cd:e6:79:16:0d:2a:a3:
a8:a4:45:49:1c:85:b6:b7:29:e5:55:4f:c1:ad:ae:d6:e9:27:
a7:89:b2:e1:48:e3:d1:43:30:39:c2:c4:e8:e2:11:fc:98:ff:
19:cd:cb:05:d6:ba:a5:4a:d9:ee:63:16:0a:0a:c2:11:78:96:
72:a8:95:8b:14:75:6d:61:e4:a0:3f:11:fd:d1:9d:7a:4a:da:
54:cf:bb:3a:3e:78:f9:bb:72:cc:41:58:fe:79:18:b7:db:27:
9b:73:e4:e3:05:7e:8c:fb:42:33:8d:c5:aa:d4:a1:11:f6:cf:
fd:d6:29:66:8a:a6:1e:28:08:17:cf:a9:42:0f:32:cb:e1:2a:
c1:4f:6b:f8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbVDtunkkg485+m0gJkYFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNmQxNzhmMTM4NTEzMDZiNTYzNGRmMTU5NzE2MzE5ZjRk
ODI0NzgwHhcNMjQwMTAxMDAyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmY1ODFmMjU4YjAwMWE3MDBlYzgxOTUwZmIxZTBlMjgyMzM5ZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicnF/D16rHFRHilDTsJUNCwzFAmV
V3O9CPBomfb0/pk5dXatFWkq316xQsQADO19jxNTQWlHKMMvJzAfRtqCrufaHIqT
z0gDm3Qsxk9a5iygusRoVRbQ09MGjK08iiYpc9eW96wc+jdJx6NFbEdYwABERrmw
S0F8mb355vrsF5yvkp90/rTzFAwHAb2agcnghYRfzRFomooIbhktDSkkTQ2BplBL
vh+C4h9Hqel8u6smuZZn93npfDK+KkTgmpKZQlz11AvDizkhpB+M3xxrVvCsK6Va
k51rmDuz9z9+S9OPDYpfq57sUcMqSAiBPbmeLBQ+YMoIKi+7mzSkAVzdLQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDv1gfJYsAGnAOyBlQ+x4OKCM569MB8GA1UdIwQY
MBaAFFttF48ThRMGtWNN8VlxYxn02CR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzIwWGp4T0ZFd2ExWTAzeFdYRmpHZlRZSkhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9hMWM2ZWMtYzI2MC00Y2EyLTg4N2It
NGJiOTRjYmMyZTczLzEvT19XQjhsaXdBYWNBN0lHVkQ3SGc0b0l6bnIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9hMWM2ZWMtYzI2MC00Y2EyLTg4N2ItNGJiOTRjYmMyZTcz
LzEvVzIwWGp4T0ZFd2ExWTAzeFdYRmpHZlRZSkhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9l3MA0E
AgACMAcDBQMqDjbAMA0GCSqGSIb3DQEBCwUAA4IBAQCmwv/G6MJ4f+LqUtcXjCbE
hxZKMfIFEBB3QPtJXDBSuR7t0FdK5pUgSGNXZpSbbpsb2wJ73S1mlJFFt03WPKTT
BPBTnaXx5DesFCh+tYzbEsOG4GzoyMVcKdrp730Viso7BdS3Ag/vVJhLMtSrGNkH
rwNI6gw9+s3meRYNKqOopEVJHIW2tynlVU/Bra7W6SenibLhSOPRQzA5wsTo4hH8
mP8ZzcsF1rqlStnuYxYKCsIReJZyqJWLFHVtYeSgPxH90Z16StpUz7s6Pnj5u3LM
QVj+eRi32yebc+TjBX6M+0IzjcWq1KER9s/91ilmiqYeKAgXz6lCDzLL4SrBT2v4
-----END CERTIFICATE-----
Generated at Sat May 18 11:03:49 2024 by rpki-client on console-fra.rpki-client.org