Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
File: AS2914.roa (raw, json)
Hash identifier: gBQ3uhtKi/IDVrn22PSzwI2DFNNIEWGRAesRxHq9+jI=
Subject key identifier: 6D:7A:E4:F2:B8:C3:4A:00:7C:DD:97:CC:93:C7:D0:0C:B5:8B:93:87
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 67E72FE17677F59F6E6B23B6AB6AE2704C6E5607
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
Signing time: Thu 28 Mar 2024 12:19:51 +0000
ROA not before: Thu 28 Mar 2024 12:14:51 +0000
ROA not after: Thu 27 Mar 2025 12:19:51 +0000
asID: 2914
IP address blocks: 91.124.52.0/24 maxlen: 24
91.124.55.0/24 maxlen: 24
91.124.57.0/24 maxlen: 24
91.124.58.0/24 maxlen: 24
91.124.62.0/24 maxlen: 24
91.124.67.0/24 maxlen: 24
91.124.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:e7:2f:e1:76:77:f5:9f:6e:6b:23:b6:ab:6a:e2:70:4c:6e:56:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 28 12:14:51 2024 GMT
Not After : Mar 27 12:19:51 2025 GMT
Subject: CN=6D7AE4F2B8C34A007CDD97CC93C7D00CB58B9387
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:32:37:3e:b3:12:69:94:90:e8:c2:6f:91:e9:
9e:49:cc:fc:d6:9f:a5:d4:a9:f2:76:ab:bf:cd:70:
2a:01:80:81:cf:c3:b2:d5:d4:d8:06:51:e1:30:99:
1a:db:e7:bf:f0:40:f7:6d:39:ef:65:5a:07:01:97:
83:d4:a4:5b:ab:3f:c7:2e:09:81:01:b9:b6:09:9e:
95:44:f6:a7:44:b9:43:a7:2e:74:2e:39:ac:cf:1a:
e9:8a:4a:6c:d7:a7:47:c4:1e:07:fa:fb:58:e0:3d:
86:3e:1d:db:a5:94:b7:34:a0:52:42:61:1f:ba:56:
82:01:1d:be:ca:b0:7c:22:97:af:14:c0:e7:b0:45:
96:f4:26:c0:ec:c3:e0:ab:e5:4c:71:6e:64:93:7b:
31:7b:ab:68:21:d5:88:79:b6:f4:c1:ca:cb:16:51:
30:6a:d1:4b:8a:e7:42:87:2d:e4:bc:eb:d8:10:63:
7c:ca:cc:10:3b:a7:d1:bc:bb:3b:59:b2:bc:b0:b7:
f9:ec:fa:86:4f:87:42:96:9b:18:ad:47:2c:ed:87:
44:2b:3e:18:61:42:0b:91:6c:0b:a9:7a:af:d0:71:
1c:9b:80:5c:db:02:c5:8d:69:83:c2:b0:68:9f:ca:
21:b2:f0:9b:7f:c2:2e:71:00:37:71:12:bb:a9:00:
8d:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:7A:E4:F2:B8:C3:4A:00:7C:DD:97:CC:93:C7:D0:0C:B5:8B:93:87
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS2914.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.52.0/24
91.124.55.0/24
91.124.57.0-91.124.58.255
91.124.62.0/24
91.124.67.0/24
91.124.83.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:1b:7d:c9:68:f3:ec:ca:c7:21:e5:c6:98:c4:5b:8f:47:ea:
65:10:1a:96:4d:c2:87:96:ef:7d:a4:ed:91:60:5a:b8:64:07:
1c:6b:c9:ae:57:a8:70:54:48:12:ae:79:a4:1a:49:03:cb:40:
11:71:c5:08:44:5f:c2:93:1e:8d:2e:44:a7:4e:4f:3e:88:37:
ae:cc:ad:98:04:19:83:1c:43:de:d2:6c:7c:ba:e2:1e:70:96:
f6:92:4a:d2:f5:a7:90:ef:06:6f:ea:3e:2f:64:1e:af:6e:30:
a1:5a:4e:83:dd:37:9b:88:4d:6b:5b:69:dc:37:df:44:0e:fe:
db:e4:03:e5:e9:ea:d4:9b:e6:6b:31:ca:6f:0e:9a:b3:4e:8f:
94:70:6e:14:fb:81:37:03:a6:f5:f9:03:78:7c:3b:f1:f3:9c:
b3:6f:6e:b2:4d:6c:9c:3b:98:66:b5:e7:f9:96:a3:90:f9:85:
6c:7a:e3:35:65:b7:e8:93:7a:0c:96:cd:fd:f5:54:26:ed:1e:
5d:a3:a1:95:91:80:df:29:d0:9c:af:19:6d:5b:0f:d2:3f:e6:
08:65:5c:9c:67:6f:90:89:e3:41:ff:8d:c2:fe:05:7c:a9:a7:
48:39:6e:4b:4a:57:a3:71:12:fe:00:df:b7:55:cc:e6:f7:87:
ed:2f:55:b3
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUZ+cv4XZ39Z9uayO2q2ricExuVgcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAzMjgxMjE0NTFaFw0yNTAzMjcxMjE5NTFaMDMxMTAvBgNV
BAMTKDZEN0FFNEYyQjhDMzRBMDA3Q0REOTdDQzkzQzdEMDBDQjU4QjkzODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwMjc+sxJplJDowm+R6Z5JzPzW
n6XUqfJ2q7/NcCoBgIHPw7LV1NgGUeEwmRrb57/wQPdtOe9lWgcBl4PUpFurP8cu
CYEBubYJnpVE9qdEuUOnLnQuOazPGumKSmzXp0fEHgf6+1jgPYY+HdullLc0oFJC
YR+6VoIBHb7KsHwil68UwOewRZb0JsDsw+Cr5UxxbmSTezF7q2gh1Yh5tvTByssW
UTBq0UuK50KHLeS869gQY3zKzBA7p9G8uztZsrywt/ns+oZPh0KWmxitRyzth0Qr
PhhhQguRbAupeq/QcRybgFzbAsWNaYPCsGifyiGy8Jt/wi5xADdxErupAI3tAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUbXrk8rjDSgB83ZfMk8fQDLWLk4cwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjkxNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBFBggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLAMEAFt8NAME
AFt8NzAMAwQAW3w5AwQAW3w6AwQAW3w+AwQAW3xDAwQAW3xTMA0GCSqGSIb3DQEB
CwUAA4IBAQCsG33JaPPsysch5caYxFuPR+plEBqWTcKHlu99pO2RYFq4ZAcca8mu
V6hwVEgSrnmkGkkDy0ARccUIRF/Ckx6NLkSnTk8+iDeuzK2YBBmDHEPe0mx8uuIe
cJb2kkrS9aeQ7wZv6j4vZB6vbjChWk6D3TebiE1rW2ncN99EDv7b5APl6erUm+Zr
McpvDpqzTo+UcG4U+4E3A6b1+QN4fDvx85yzb26yTWycO5hmtef5lqOQ+YVseuM1
Zbfok3oMls399VQm7R5do6GVkYDfKdCcrxltWw/SP+YIZVycZ2+QieNB/43C/gV8
qadIOW5LSlejcRL+AN+3Vczm94ftL1Wz
-----END CERTIFICATE-----
Generated at Sun May 5 13:18:37 2024 by rpki-client on console-ams.rpki-client.org