Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/02aJWT6otq36IUaTRrGIuv5j7rw.roa
File: 02aJWT6otq36IUaTRrGIuv5j7rw.roa (raw, json)
Hash identifier: VGpbiSRQoVbcLKjkOQ3iMB2PUmhAEEoXIIe0AE+569U=
Subject key identifier: D3:66:89:59:3E:A8:B6:AD:FA:21:46:93:46:B1:88:BA:FE:63:EE:BC
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 0190BA76EDD31FE6564BA8390AFE6A8B0607
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/02aJWT6otq36IUaTRrGIuv5j7rw.roa
Signing time: Tue 16 Jul 2024 07:34:34 +0000
ROA not before: Tue 16 Jul 2024 07:34:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28761
IP address blocks: 91.232.116.0/24 maxlen: 24
91.232.118.0/23 maxlen: 23
185.76.80.0/24 maxlen: 24
188.191.16.0/22 maxlen: 22
188.191.16.0/24 maxlen: 24
188.191.17.0/24 maxlen: 24
188.191.18.0/24 maxlen: 24
188.191.19.0/24 maxlen: 24
188.191.24.0/24 maxlen: 24
188.191.25.0/24 maxlen: 24
188.191.26.0/24 maxlen: 24
188.191.27.0/24 maxlen: 24
194.140.228.0/24 maxlen: 24
195.26.80.0/24 maxlen: 24
195.26.81.0/24 maxlen: 24
195.26.82.0/23 maxlen: 23
195.49.204.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ba:76:ed:d3:1f:e6:56:4b:a8:39:0a:fe:6a:8b:06:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jul 16 07:34:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d36689593ea8b6adfa21469346b188bafe63eebc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:78:62:ea:d6:6e:29:1d:e6:6b:de:37:3f:47:
45:2a:e3:aa:87:7a:6c:64:d0:bd:50:e4:fd:09:60:
e9:20:86:bf:14:5b:5f:a0:a3:b7:ae:6f:32:82:5c:
c7:d3:7d:f6:39:4c:82:5b:f6:66:79:ce:c6:34:e7:
3f:f5:ed:0c:d1:81:03:9d:2b:d1:06:cd:1b:01:32:
e9:9a:85:9a:d0:70:fd:c7:2a:1c:e7:d7:54:f9:b0:
09:5d:a6:05:a5:ca:f4:d2:04:37:25:6d:12:5f:88:
bc:55:cf:b2:ef:87:b6:71:a0:b2:21:6f:b2:1c:55:
3d:09:a6:5f:38:49:a2:cd:9d:42:4c:fc:5d:1d:79:
40:b4:e9:d0:1a:3a:7b:f3:cf:fc:d9:bc:78:c3:2c:
29:0e:33:0b:a5:9e:be:bc:8a:fe:84:e4:0c:3f:a9:
73:a1:f8:ce:47:60:0f:23:57:30:e5:e5:c1:8e:17:
c6:59:6f:c3:d2:1b:eb:ad:c4:be:c6:13:b4:a4:57:
0f:01:6d:97:03:b8:31:0a:a1:44:f3:d2:7c:72:56:
b0:26:0f:80:a8:12:69:a9:f9:33:94:20:db:12:37:
90:ad:f7:cd:b9:60:a3:8a:59:71:0e:22:f4:5d:38:
59:8e:57:e7:d6:14:88:a3:43:d6:a5:3f:65:53:18:
0d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:66:89:59:3E:A8:B6:AD:FA:21:46:93:46:B1:88:BA:FE:63:EE:BC
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/02aJWT6otq36IUaTRrGIuv5j7rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.116.0/24
91.232.118.0/23
185.76.80.0/24
188.191.16.0/22
188.191.24.0/22
194.140.228.0/24
195.26.80.0/22
195.49.204.0/23
Signature Algorithm: sha256WithRSAEncryption
b8:92:3b:a2:c2:2d:a4:92:a1:3c:9c:26:4d:d0:6e:bb:6b:ef:
06:8e:5e:1d:1f:8e:17:36:4b:29:58:b3:e8:32:59:3f:0b:5b:
a6:e5:1e:5c:33:2d:08:37:8a:10:28:94:14:70:64:20:6e:ca:
13:23:fa:f2:5a:45:2a:c9:fc:16:88:bc:3d:de:4e:50:bf:cc:
9c:3f:c6:7d:5e:b0:84:51:02:43:b8:13:d5:5a:7b:5c:46:1a:
63:85:35:38:9d:f6:fb:44:23:50:95:cd:a5:77:2b:56:e1:be:
78:04:1f:c0:8a:46:4d:d0:4b:51:ac:de:b6:4d:46:96:3b:8c:
e7:3b:7d:60:4f:da:5e:90:03:75:39:c6:c5:0c:9b:cc:e5:20:
ef:31:f8:c6:0d:89:59:55:86:99:a6:e5:3b:90:61:88:3e:07:
c6:06:de:91:17:ec:b9:12:6d:2c:6e:6b:ad:3f:f3:a1:bb:f0:
43:9c:65:c6:b3:51:c3:c3:84:1f:b4:30:c3:9f:b5:57:a8:50:
a2:18:a5:39:96:86:82:6e:37:35:31:b9:38:56:d9:9d:d5:fe:
ec:b5:20:90:01:13:0c:ce:43:53:9a:a0:50:c8:58:87:e1:68:
0c:2e:a1:7e:05:1d:8a:4e:f1:42:1f:f1:dd:9d:16:3e:b8:4f:
32:f8:96:36
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZC6du3TH+ZWS6g5Cv5qiwYHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjQwNzE2MDczNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzY2ODk1OTNlYThiNmFkZmEyMTQ2OTM0NmIxODhiYWZlNjNlZWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinhi6tZuKR3ma943P0dFKuOqh3ps
ZNC9UOT9CWDpIIa/FFtfoKO3rm8yglzH0332OUyCW/Zmec7GNOc/9e0M0YEDnSvR
Bs0bATLpmoWa0HD9xyoc59dU+bAJXaYFpcr00gQ3JW0SX4i8Vc+y74e2caCyIW+y
HFU9CaZfOEmizZ1CTPxdHXlAtOnQGjp788/82bx4wywpDjMLpZ6+vIr+hOQMP6lz
ofjOR2API1cw5eXBjhfGWW/D0hvrrcS+xhO0pFcPAW2XA7gxCqFE89J8clawJg+A
qBJpqfkzlCDbEjeQrffNuWCjillxDiL0XThZjlfn1hSIo0PWpT9lUxgN+QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNNmiVk+qLat+iFGk0axiLr+Y+68MB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvMDJhSldUNm90cTM2SVVhVFJyR0l1djVqN3J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAW+h0AwQB
W+h2AwQAuUxQAwQCvL8QAwQCvL8YAwQAwozkAwQCwxpQAwQBwzHMMA0GCSqGSIb3
DQEBCwUAA4IBAQC4kjuiwi2kkqE8nCZN0G67a+8Gjl4dH44XNkspWLPoMlk/C1um
5R5cMy0IN4oQKJQUcGQgbsoTI/ryWkUqyfwWiLw93k5Qv8ycP8Z9XrCEUQJDuBPV
WntcRhpjhTU4nfb7RCNQlc2ldytW4b54BB/AikZN0EtRrN62TUaWO4znO31gT9pe
kAN1OcbFDJvM5SDvMfjGDYlZVYaZpuU7kGGIPgfGBt6RF+y5Em0sbmutP/Ohu/BD
nGXGs1HDw4QftDDDn7VXqFCiGKU5loaCbjc1Mbk4Vtmd1f7stSCQARMMzkNTmqBQ
yFiH4WgMLqF+BR2KTvFCH/HdnRY+uE8y+JY2
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:14:59 2024 by rpki-client on console-fra.rpki-client.org