Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/f1edc0-63c1-42b4-a040-3ff926085527/1/U0VbxYr2G1WW9vWUBvJgfRypbjc.roa
File: U0VbxYr2G1WW9vWUBvJgfRypbjc.roa (raw, json)
Hash identifier: 3aRxHhWQwjPr5htHlC/a4+0vHPvioO6etFsJWy8a0gY=
Subject key identifier: 53:45:5B:C5:8A:F6:1B:55:96:F6:F5:94:06:F2:60:7D:1C:A9:6E:37
Certificate issuer: /CN=35d1cdaba31559de12ab19d79f1ae2d218c379f7
Certificate serial: 018FA9C1833FB4A155A62B16518FD4A44386
Authority key identifier: 35:D1:CD:AB:A3:15:59:DE:12:AB:19:D7:9F:1A:E2:D2:18:C3:79:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NdHNq6MVWd4SqxnXnxri0hjDefc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/f1edc0-63c1-42b4-a040-3ff926085527/1/U0VbxYr2G1WW9vWUBvJgfRypbjc.roa
Signing time: Fri 24 May 2024 08:39:42 +0000
ROA not before: Fri 24 May 2024 08:39:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200553
IP address blocks: 91.198.141.0/24 maxlen: 24
91.198.147.0/24 maxlen: 24
91.198.158.0/24 maxlen: 24
91.198.167.0/24 maxlen: 24
185.100.32.0/22 maxlen: 24
185.202.128.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/f1edc0-63c1-42b4-a040-3ff926085527/1/NdHNq6MVWd4SqxnXnxri0hjDefc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/f1edc0-63c1-42b4-a040-3ff926085527/1/NdHNq6MVWd4SqxnXnxri0hjDefc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NdHNq6MVWd4SqxnXnxri0hjDefc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a9:c1:83:3f:b4:a1:55:a6:2b:16:51:8f:d4:a4:43:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35d1cdaba31559de12ab19d79f1ae2d218c379f7
Validity
Not Before: May 24 08:39:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53455bc58af61b5596f6f59406f2607d1ca96e37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:9a:bb:fe:0c:cb:dc:57:0f:c4:4e:ac:98:d0:
d5:a5:ba:de:58:94:94:db:8e:81:e6:32:d5:3e:f7:
f6:ad:1a:b3:db:e8:ea:86:62:cf:cc:eb:a4:8c:05:
3c:7d:88:fc:74:a6:fa:7a:a9:d4:39:da:61:d7:a1:
1e:9c:80:00:09:29:84:1e:82:70:67:d7:cd:13:8c:
74:d1:93:a3:44:6b:64:11:04:49:6c:68:be:dc:98:
0c:12:33:5a:8c:1c:ee:94:fa:b9:e9:26:be:77:48:
71:67:ae:cf:cd:bc:4a:e3:e6:aa:f6:e3:78:2f:b5:
31:75:a9:b1:ca:6c:fe:60:5d:94:50:6b:39:35:2c:
58:94:8f:50:60:7f:7d:1d:29:1b:5f:a1:e1:b9:d4:
f7:a7:c0:53:30:56:29:2e:73:6b:ab:c4:cc:b0:72:
3a:80:3a:6d:7c:9a:ac:5a:43:1c:fb:02:f9:cd:6f:
15:5c:a7:9b:9a:8d:cc:6d:dc:22:b3:c0:5a:94:06:
6c:47:14:09:9d:cb:48:f3:07:48:4c:ff:99:c1:90:
61:f8:71:4e:64:02:65:94:c9:18:40:68:58:06:af:
82:8a:02:ab:5e:72:5b:8c:3e:c5:5b:68:69:20:01:
0f:e0:88:bf:f0:ab:e9:37:b3:6e:f7:d9:42:c6:5f:
ba:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:45:5B:C5:8A:F6:1B:55:96:F6:F5:94:06:F2:60:7D:1C:A9:6E:37
X509v3 Authority Key Identifier:
keyid:35:D1:CD:AB:A3:15:59:DE:12:AB:19:D7:9F:1A:E2:D2:18:C3:79:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NdHNq6MVWd4SqxnXnxri0hjDefc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f1edc0-63c1-42b4-a040-3ff926085527/1/U0VbxYr2G1WW9vWUBvJgfRypbjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f1edc0-63c1-42b4-a040-3ff926085527/1/NdHNq6MVWd4SqxnXnxri0hjDefc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.141.0/24
91.198.147.0/24
91.198.158.0/24
91.198.167.0/24
185.100.32.0/22
185.202.128.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:0f:4d:ba:0a:fc:be:bd:db:d5:20:79:5f:d9:56:4a:6b:a3:
97:2d:4e:73:ac:52:f5:7a:e5:ab:cd:f0:9c:17:01:8a:5b:68:
52:c7:03:e7:d2:22:5a:fd:8a:c6:db:61:32:37:f3:17:bd:3e:
c0:fb:a8:5b:7f:ed:79:87:7f:fb:af:cb:22:51:fa:98:4f:ca:
31:1f:5c:e0:4a:d1:3b:9d:bf:83:70:af:82:94:8f:aa:e8:39:
41:68:54:61:13:d1:93:b7:f4:f0:d6:ab:4b:9e:2a:c4:ae:c7:
31:b1:33:02:12:21:dc:b2:81:d7:f8:44:c5:75:2d:d6:cc:b4:
06:ee:2f:d7:57:e2:cb:dc:72:37:9d:94:4e:df:96:95:fb:e8:
4d:98:78:67:a9:10:32:c6:01:88:f6:7c:2c:5f:e4:94:43:85:
59:00:be:04:b9:57:52:56:7f:a3:dd:73:b4:95:c7:b6:bf:22:
ed:a5:c2:4d:cb:ea:92:10:ad:43:99:3e:43:ee:92:5e:a9:cf:
67:77:57:81:09:ec:a3:59:f8:fa:45:45:2c:95:a7:50:07:30:
2b:dc:c8:80:c7:75:d3:4b:95:7d:6d:6a:d0:83:e3:d2:4e:1b:
d2:c6:26:47:ed:f2:cf:57:91:be:df:19:8c:3a:66:e3:b2:b0:
4d:5e:90:1e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY+pwYM/tKFVpisWUY/UpEOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZDFjZGFiYTMxNTU5ZGUxMmFiMTlkNzlmMWFlMmQyMThj
Mzc5ZjcwHhcNMjQwNTI0MDgzOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzQ1NWJjNThhZjYxYjU1OTZmNmY1OTQwNmYyNjA3ZDFjYTk2ZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpq7/gzL3FcPxE6smNDVpbreWJSU
246B5jLVPvf2rRqz2+jqhmLPzOukjAU8fYj8dKb6eqnUOdph16EenIAACSmEHoJw
Z9fNE4x00ZOjRGtkEQRJbGi+3JgMEjNajBzulPq56Sa+d0hxZ67PzbxK4+aq9uN4
L7Uxdamxymz+YF2UUGs5NSxYlI9QYH99HSkbX6HhudT3p8BTMFYpLnNrq8TMsHI6
gDptfJqsWkMc+wL5zW8VXKebmo3Mbdwis8BalAZsRxQJnctI8wdITP+ZwZBh+HFO
ZAJllMkYQGhYBq+CigKrXnJbjD7FW2hpIAEP4Ii/8KvpN7Nu99lCxl+6rwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFNFW8WK9htVlvb1lAbyYH0cqW43MB8GA1UdIwQY
MBaAFDXRzaujFVneEqsZ158a4tIYw3n3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmRITnE2TVZXZDRTcXhuWG54cmkwaGpEZWZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9mMWVkYzAtNjNjMS00MmI0LWEwNDAt
M2ZmOTI2MDg1NTI3LzEvVTBWYnhZcjJHMVdXOXZXVUJ2SmdmUnlwYmpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9mMWVkYzAtNjNjMS00MmI0LWEwNDAtM2ZmOTI2MDg1NTI3
LzEvTmRITnE2TVZXZDRTcXhuWG54cmkwaGpEZWZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW8aNAwQA
W8aTAwQAW8aeAwQAW8anAwQCuWQgAwQCucqAMA0GCSqGSIb3DQEBCwUAA4IBAQCm
D026Cvy+vdvVIHlf2VZKa6OXLU5zrFL1euWrzfCcFwGKW2hSxwPn0iJa/YrG22Ey
N/MXvT7A+6hbf+15h3/7r8siUfqYT8oxH1zgStE7nb+DcK+ClI+q6DlBaFRhE9GT
t/Tw1qtLnirErscxsTMCEiHcsoHX+ETFdS3WzLQG7i/XV+LL3HI3nZRO35aV++hN
mHhnqRAyxgGI9nwsX+SUQ4VZAL4EuVdSVn+j3XO0lce2vyLtpcJNy+qSEK1DmT5D
7pJeqc9nd1eBCeyjWfj6RUUsladQBzAr3MiAx3XTS5V9bWrQg+PSThvSxiZH7fLP
V5G+3xmMOmbjsrBNXpAe
-----END CERTIFICATE-----
Generated at Fri Jun 21 17:31:11 2024 by rpki-client on console-ams.rpki-client.org