Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/A3p9i2QmXqrXYjENhyasNKbQNlw.roa
File: A3p9i2QmXqrXYjENhyasNKbQNlw.roa (raw, json)
Hash identifier: yXAXPt0fgMYFpZeCdruh+CWeVy13gy9dX3OtKJf+X7E=
Subject key identifier: 03:7A:7D:8B:64:26:5E:AA:D7:62:31:0D:87:26:AC:34:A6:D0:36:5C
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 018CC7951CF1F8F6058CD2C09AD652325057
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/A3p9i2QmXqrXYjENhyasNKbQNlw.roa
Signing time: Tue 02 Jan 2024 00:31:27 +0000
ROA not before: Tue 02 Jan 2024 00:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48031
IP address blocks: 91.220.223.0/24 maxlen: 24
2.57.150.0/24 maxlen: 24
91.239.238.0/24 maxlen: 24
91.213.29.0/24 maxlen: 24
92.63.183.0/24 maxlen: 24
92.63.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 14:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:1c:f1:f8:f6:05:8c:d2:c0:9a:d6:52:32:50:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Jan 2 00:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=037a7d8b64265eaad762310d8726ac34a6d0365c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c8:08:dc:59:87:b1:21:6d:93:5f:28:c7:d6:
12:d4:22:dd:19:76:5d:8d:6d:02:e9:bd:31:0a:95:
91:aa:9a:5b:db:7f:d5:74:5c:b1:ab:97:50:f9:13:
d7:f3:5b:b3:be:d5:d5:ad:41:cf:09:d1:1e:85:f5:
fe:97:18:d0:03:88:97:f1:f0:ae:2d:8d:1b:3b:23:
44:c7:e6:ec:10:b5:f1:a8:f1:47:78:91:ed:53:ed:
50:f2:62:e2:dd:2b:e8:cb:72:f1:1e:d4:d5:3c:79:
97:41:71:fc:2f:df:1d:8b:1b:c7:d9:96:7d:2b:7b:
33:6a:46:c2:d4:2a:47:2f:ee:de:8a:ac:92:1c:41:
14:07:e1:74:a1:a4:1c:3c:15:72:1d:2b:8d:79:be:
3b:44:0b:11:4e:95:c5:3b:ae:54:a9:2b:2d:fc:aa:
6c:83:41:06:9e:18:df:a1:4b:1c:8c:4b:78:2f:04:
9b:f6:78:8d:64:9a:59:1c:ea:fa:56:2a:3a:cb:da:
3e:78:6d:fc:de:b2:b3:73:4c:29:fa:53:e8:8b:21:
0e:f1:65:fb:df:ca:d0:41:91:35:c1:cb:bd:90:fc:
0b:15:09:29:2b:94:69:51:77:1e:94:1a:69:5e:a6:
ed:cf:15:97:6b:91:87:0d:c4:f0:40:1e:b0:90:12:
e4:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:7A:7D:8B:64:26:5E:AA:D7:62:31:0D:87:26:AC:34:A6:D0:36:5C
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/A3p9i2QmXqrXYjENhyasNKbQNlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.150.0/24
91.213.29.0/24
91.220.223.0/24
91.239.238.0/24
92.63.182.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:45:2e:43:88:19:a9:53:a6:15:f4:ab:20:b1:47:d4:d6:8a:
aa:87:9d:f1:e1:a4:47:20:b9:48:f7:47:a0:a9:77:0e:74:85:
02:c9:88:36:3e:43:a6:51:45:6a:9f:ba:c5:f2:dc:31:d4:37:
15:5a:f9:51:bc:54:f5:41:7d:44:8b:52:d5:86:fe:f5:5f:34:
86:e6:55:15:e7:09:da:2f:28:d9:a2:f1:3a:6d:61:0f:ac:04:
1d:2e:17:c6:b0:4e:3c:b7:79:1f:9d:3b:19:e3:f9:c0:c7:51:
ea:7f:f0:58:e3:1e:a3:1c:3d:7d:3f:e6:53:2c:ae:35:b9:9d:
e1:52:0b:bf:69:14:ca:08:16:ab:1c:fe:2b:b8:ba:74:b9:02:
a2:90:e6:52:b0:80:d5:d5:34:dd:e0:22:99:22:87:57:4d:da:
47:ed:cc:7e:5a:cc:ee:d9:64:71:da:b1:fa:67:e8:d2:73:b2:
0c:56:ee:d7:23:e1:17:cf:35:a0:2f:c0:ba:35:d9:5c:89:5b:
c7:44:ed:d1:f5:9e:af:99:39:27:f8:fb:a5:61:31:bb:4c:3c:
12:7a:4f:36:f3:80:ed:b8:73:43:15:a8:46:9d:19:f4:bd:01:
1f:4b:cc:d3:85:4a:65:de:1c:c5:cc:cc:f9:b5:e4:21:49:85:
e9:38:ce:93
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzHlRzx+PYFjNLAmtZSMlBXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjQwMTAyMDAzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzdhN2Q4YjY0MjY1ZWFhZDc2MjMxMGQ4NzI2YWMzNGE2ZDAzNjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcgI3FmHsSFtk18ox9YS1CLdGXZd
jW0C6b0xCpWRqppb23/VdFyxq5dQ+RPX81uzvtXVrUHPCdEehfX+lxjQA4iX8fCu
LY0bOyNEx+bsELXxqPFHeJHtU+1Q8mLi3Svoy3LxHtTVPHmXQXH8L98dixvH2ZZ9
K3szakbC1CpHL+7eiqySHEEUB+F0oaQcPBVyHSuNeb47RAsRTpXFO65UqSst/Kps
g0EGnhjfoUscjEt4LwSb9niNZJpZHOr6Vio6y9o+eG383rKzc0wp+lPoiyEO8WX7
38rQQZE1wcu9kPwLFQkpK5RpUXcelBppXqbtzxWXa5GHDcTwQB6wkBLkewIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAN6fYtkJl6q12IxDYcmrDSm0DZcMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvQTNwOWkyUW1YcXJYWWpFTmh5YXNOS2JRTmx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjmWAwQA
W9UdAwQAW9zfAwQAW+/uAwQBXD+2MA0GCSqGSIb3DQEBCwUAA4IBAQCLRS5DiBmp
U6YV9KsgsUfU1oqqh53x4aRHILlI90egqXcOdIUCyYg2PkOmUUVqn7rF8twx1DcV
WvlRvFT1QX1Ei1LVhv71XzSG5lUV5wnaLyjZovE6bWEPrAQdLhfGsE48t3kfnTsZ
4/nAx1Hqf/BY4x6jHD19P+ZTLK41uZ3hUgu/aRTKCBarHP4ruLp0uQKikOZSsIDV
1TTd4CKZIodXTdpH7cx+Wszu2WRx2rH6Z+jSc7IMVu7XI+EXzzWgL8C6NdlciVvH
RO3R9Z6vmTkn+PulYTG7TDwSek8284DtuHNDFahGnRn0vQEfS8zThUpl3hzFzMz5
teQhSYXpOM6T
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:09:15 2024 by rpki-client on console-fra.rpki-client.org