Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/6207e8-eeb5-4334-8dfe-63799c026a57/1/D-zasHhSaoUJn88qTnZwSn7LjP8.roa
File: D-zasHhSaoUJn88qTnZwSn7LjP8.roa (raw, json)
Hash identifier: vORIU6VjqwO4phNq4crounPLfpygrFToK0DdCzd0XHc=
Subject key identifier: 0F:EC:DA:B0:78:52:6A:85:09:9F:CF:2A:4E:76:70:4A:7E:CB:8C:FF
Certificate issuer: /CN=51476318d71bf658f9a845f54ab27bd899892437
Certificate serial: 019012001816604805013F3AD2C718935B81
Authority key identifier: 51:47:63:18:D7:1B:F6:58:F9:A8:45:F5:4A:B2:7B:D8:99:89:24:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UUdjGNcb9lj5qEX1SrJ72JmJJDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/6207e8-eeb5-4334-8dfe-63799c026a57/1/D-zasHhSaoUJn88qTnZwSn7LjP8.roa
Signing time: Thu 13 Jun 2024 14:28:34 +0000
ROA not before: Thu 13 Jun 2024 14:28:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197380
IP address blocks: 91.220.128.0/24 maxlen: 24
185.127.112.0/24 maxlen: 24
185.127.113.0/24 maxlen: 24
185.127.114.0/24 maxlen: 24
185.127.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/6207e8-eeb5-4334-8dfe-63799c026a57/1/UUdjGNcb9lj5qEX1SrJ72JmJJDc.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/6207e8-eeb5-4334-8dfe-63799c026a57/1/UUdjGNcb9lj5qEX1SrJ72JmJJDc.mft
rsync://rpki.ripe.net/repository/DEFAULT/UUdjGNcb9lj5qEX1SrJ72JmJJDc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 02:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:12:00:18:16:60:48:05:01:3f:3a:d2:c7:18:93:5b:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51476318d71bf658f9a845f54ab27bd899892437
Validity
Not Before: Jun 13 14:28:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fecdab078526a85099fcf2a4e76704a7ecb8cff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:61:49:48:aa:b8:d6:16:81:63:21:42:22:c1:
e6:4b:13:8f:41:ca:d2:f7:9e:77:11:63:a4:80:be:
fd:ad:6a:d1:c3:36:1e:1f:28:8f:17:7b:fd:1f:9d:
f4:d8:3f:bf:b8:45:f5:08:62:da:2b:1a:e3:9a:4e:
a0:1a:fd:51:22:5c:2d:11:b4:ed:b3:02:37:e3:1c:
eb:0c:cc:4a:84:cf:13:f9:a9:a4:4c:70:2a:56:18:
e9:de:b1:32:e1:b6:d9:93:15:45:bf:9c:24:5c:95:
b9:e4:32:43:64:e3:c5:cb:de:82:3a:33:60:38:b4:
fc:8a:b1:7d:70:40:13:57:4d:99:4b:e7:44:a0:39:
d9:ed:b1:fd:b6:6d:ad:f7:7e:46:19:de:e0:2b:3a:
eb:51:44:1d:c7:07:03:f4:5e:d7:36:0c:41:6e:fb:
63:a8:3b:05:d2:33:95:08:dd:73:08:75:48:5d:5a:
f8:b0:00:97:17:da:da:2d:95:0e:bc:c1:96:2e:38:
73:59:49:3f:5d:a1:11:4f:5b:dc:2b:4d:72:49:04:
24:4e:66:d8:80:91:91:6d:fc:23:c2:c8:85:e7:ff:
fa:0c:31:b9:64:49:08:c7:8e:d8:f4:f1:b4:84:ff:
e5:af:9e:d9:4a:6c:fc:aa:62:8c:a5:28:4b:5a:47:
74:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:EC:DA:B0:78:52:6A:85:09:9F:CF:2A:4E:76:70:4A:7E:CB:8C:FF
X509v3 Authority Key Identifier:
keyid:51:47:63:18:D7:1B:F6:58:F9:A8:45:F5:4A:B2:7B:D8:99:89:24:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UUdjGNcb9lj5qEX1SrJ72JmJJDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/6207e8-eeb5-4334-8dfe-63799c026a57/1/D-zasHhSaoUJn88qTnZwSn7LjP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/6207e8-eeb5-4334-8dfe-63799c026a57/1/UUdjGNcb9lj5qEX1SrJ72JmJJDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.128.0/24
185.127.112.0/22
Signature Algorithm: sha256WithRSAEncryption
08:7c:0e:f6:eb:87:2f:09:cd:e3:66:07:87:d8:64:e4:da:96:
f1:a3:84:a5:a8:c4:3f:6f:ba:24:8d:88:0d:09:e1:c4:c6:b9:
fb:84:78:dd:28:15:65:00:71:71:35:5d:9c:aa:0a:6b:80:46:
50:96:1e:64:b7:da:23:0e:50:7a:58:c7:0c:97:07:0f:e7:d8:
e4:d9:33:a4:12:63:0b:a8:b8:54:9b:d9:5d:3b:d6:3d:20:64:
52:4b:1a:32:9c:ce:c3:ad:3c:26:64:0e:19:a4:a3:fc:83:f0:
60:75:fb:36:6c:f5:aa:ae:19:d2:f0:94:96:fa:c6:2b:c2:f0:
0b:2c:b5:36:bb:49:ba:92:3a:d0:d1:2a:c2:ad:1c:e1:bd:af:
b8:f5:f5:41:b4:cf:d8:57:4d:c6:f4:60:a6:af:38:1e:9d:9e:
d2:04:a4:e0:95:75:1e:bf:b8:1f:8f:be:46:9b:a0:20:48:65:
18:01:b2:d7:60:72:4b:f0:23:5f:8d:26:fa:e5:a0:11:65:f6:
dc:83:74:e3:3d:24:c6:b8:98:7f:f7:22:8f:18:8c:b5:cd:87:
e7:b5:c3:2d:5f:ba:38:4c:f5:47:ca:5d:70:40:1f:f9:4b:8e:
46:48:4f:ad:13:07:79:8b:15:fa:3e:c4:8b:d6:fc:95:5a:7c:
cd:c9:5a:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZASABgWYEgFAT860scYk1uBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxNDc2MzE4ZDcxYmY2NThmOWE4NDVmNTRhYjI3YmQ4OTk4
OTI0MzcwHhcNMjQwNjEzMTQyODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmVjZGFiMDc4NTI2YTg1MDk5ZmNmMmE0ZTc2NzA0YTdlY2I4Y2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2FJSKq41haBYyFCIsHmSxOPQcrS
9553EWOkgL79rWrRwzYeHyiPF3v9H5302D+/uEX1CGLaKxrjmk6gGv1RIlwtEbTt
swI34xzrDMxKhM8T+amkTHAqVhjp3rEy4bbZkxVFv5wkXJW55DJDZOPFy96COjNg
OLT8irF9cEATV02ZS+dEoDnZ7bH9tm2t935GGd7gKzrrUUQdxwcD9F7XNgxBbvtj
qDsF0jOVCN1zCHVIXVr4sACXF9raLZUOvMGWLjhzWUk/XaERT1vcK01ySQQkTmbY
gJGRbfwjwsiF5//6DDG5ZEkIx47Y9PG0hP/lr57ZSmz8qmKMpShLWkd0LwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA/s2rB4UmqFCZ/PKk52cEp+y4z/MB8GA1UdIwQY
MBaAFFFHYxjXG/ZY+ahF9Uqye9iZiSQ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVVkakdOY2I5bGo1cUVYMVNySjcySm1KSkRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi82MjA3ZTgtZWViNS00MzM0LThkZmUt
NjM3OTljMDI2YTU3LzEvRC16YXNIaFNhb1VKbjg4cVRuWndTbjdMalA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi82MjA3ZTgtZWViNS00MzM0LThkZmUtNjM3OTljMDI2YTU3
LzEvVVVkakdOY2I5bGo1cUVYMVNySjcySm1KSkRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9yAAwQC
uX9wMA0GCSqGSIb3DQEBCwUAA4IBAQAIfA7264cvCc3jZgeH2GTk2pbxo4SlqMQ/
b7okjYgNCeHExrn7hHjdKBVlAHFxNV2cqgprgEZQlh5kt9ojDlB6WMcMlwcP59jk
2TOkEmMLqLhUm9ldO9Y9IGRSSxoynM7DrTwmZA4ZpKP8g/Bgdfs2bPWqrhnS8JSW
+sYrwvALLLU2u0m6kjrQ0SrCrRzhva+49fVBtM/YV03G9GCmrzgenZ7SBKTglXUe
v7gfj75Gm6AgSGUYAbLXYHJL8CNfjSb65aARZfbcg3TjPSTGuJh/9yKPGIy1zYfn
tcMtX7o4TPVHyl1wQB/5S45GSE+tEwd5ixX6PsSL1vyVWnzNyVpD
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:13:51 2024 by rpki-client on console-ams.rpki-client.org