Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/G97efQ-ckU_Z0Vv_HY4vwODDV4M.roa
File: G97efQ-ckU_Z0Vv_HY4vwODDV4M.roa (raw, json)
Hash identifier: kzkI4aYyBEhQioB02GRf7W2S9rIyhCHbgeSV9eEX3d8=
Subject key identifier: 1B:DE:DE:7D:0F:9C:91:4F:D9:D1:5B:FF:1D:8E:2F:C0:E0:C3:57:83
Certificate issuer: /CN=577c0cd5a4cfd83d491d627d8b0fccb670e81534
Certificate serial: 018E03FFA0B930081B4A71FF9F846B1E1241
Authority key identifier: 57:7C:0C:D5:A4:CF:D8:3D:49:1D:62:7D:8B:0F:CC:B6:70:E8:15:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3wM1aTP2D1JHWJ9iw_MtnDoFTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/G97efQ-ckU_Z0Vv_HY4vwODDV4M.roa
Signing time: Sun 03 Mar 2024 11:07:48 +0000
ROA not before: Sun 03 Mar 2024 11:07:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43775
IP address blocks: 91.147.128.0/19 maxlen: 19
91.147.128.0/24 maxlen: 24
91.147.129.0/24 maxlen: 24
91.147.132.0/24 maxlen: 24
91.147.133.0/24 maxlen: 24
91.147.134.0/24 maxlen: 24
91.147.135.0/24 maxlen: 24
91.147.152.0/24 maxlen: 24
91.147.153.0/24 maxlen: 24
91.147.154.0/24 maxlen: 24
91.147.156.0/24 maxlen: 24
91.147.157.0/24 maxlen: 24
91.147.158.0/24 maxlen: 24
91.147.159.0/24 maxlen: 24
91.147.160.0/20 maxlen: 20
91.147.160.0/24 maxlen: 24
91.147.161.0/24 maxlen: 24
91.147.162.0/24 maxlen: 24
91.147.163.0/24 maxlen: 24
91.147.164.0/24 maxlen: 24
91.147.170.0/24 maxlen: 24
91.147.171.0/24 maxlen: 24
91.147.173.0/24 maxlen: 24
91.147.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/V3wM1aTP2D1JHWJ9iw_MtnDoFTQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/V3wM1aTP2D1JHWJ9iw_MtnDoFTQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/V3wM1aTP2D1JHWJ9iw_MtnDoFTQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:03:ff:a0:b9:30:08:1b:4a:71:ff:9f:84:6b:1e:12:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577c0cd5a4cfd83d491d627d8b0fccb670e81534
Validity
Not Before: Mar 3 11:07:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bdede7d0f9c914fd9d15bff1d8e2fc0e0c35783
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d5:50:13:1b:71:10:08:8e:1c:bf:8e:46:5d:
69:c1:1f:3a:ce:1c:0d:1e:ff:c4:c5:34:a9:1b:3a:
7b:a5:d3:58:d9:eb:b1:e1:25:54:ad:f9:80:81:e1:
71:58:9e:b6:fb:59:d7:3f:31:21:67:2a:e4:5a:19:
b3:cb:2b:ff:11:b9:27:d2:40:0e:c8:dc:1b:e3:68:
af:bc:06:fe:40:40:77:4e:42:35:14:dd:4a:01:cc:
c2:fe:8c:8b:c5:5f:83:5d:db:36:8a:61:ab:d3:8e:
f8:1a:d9:e3:63:b9:bb:0e:fc:c7:f0:ac:0e:38:9c:
9e:07:3c:79:66:c3:91:a2:0f:f7:57:b3:05:3f:46:
5d:34:7c:55:61:f8:c7:4f:65:39:d8:f7:ab:12:7a:
4a:ad:8f:5e:e7:3a:cc:0b:f4:59:34:07:87:57:f2:
d9:50:55:fd:cd:c3:bd:f1:db:35:4f:89:3c:d7:f4:
c0:4d:61:3d:38:4f:9c:23:09:43:c2:d7:b4:79:f0:
e0:0f:3b:06:34:2b:1b:45:19:22:80:0f:4e:8c:50:
68:0f:87:a8:24:1f:6b:3c:ed:6a:2c:9f:59:f5:83:
9e:d0:bb:d8:ef:09:fc:30:99:06:d3:6b:b0:0a:9d:
38:e9:8c:75:2a:17:04:cb:1a:43:24:99:d5:a3:83:
29:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:DE:DE:7D:0F:9C:91:4F:D9:D1:5B:FF:1D:8E:2F:C0:E0:C3:57:83
X509v3 Authority Key Identifier:
keyid:57:7C:0C:D5:A4:CF:D8:3D:49:1D:62:7D:8B:0F:CC:B6:70:E8:15:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3wM1aTP2D1JHWJ9iw_MtnDoFTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/G97efQ-ckU_Z0Vv_HY4vwODDV4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/V3wM1aTP2D1JHWJ9iw_MtnDoFTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.128.0-91.147.175.255
Signature Algorithm: sha256WithRSAEncryption
26:3a:df:87:6a:6b:51:29:c3:e9:51:cb:d2:f7:55:3e:5d:85:
2a:2c:a1:2c:b1:5e:4b:61:42:ee:d9:1b:ac:0c:1f:53:14:f5:
20:43:01:42:53:4e:4c:29:05:d6:46:9f:1c:f7:a9:1b:44:19:
47:f7:e6:df:b0:c2:7e:2a:bf:21:31:ac:d3:90:98:bc:6f:67:
32:74:8e:4a:67:73:36:41:3f:44:2a:d5:27:66:ad:32:99:f9:
d9:d9:a4:d3:4c:0e:63:76:87:55:e8:d3:b5:c5:9f:22:f4:2f:
e6:c3:ff:86:25:a4:3c:61:ed:7b:67:38:4e:78:f4:f6:b9:fe:
75:2b:61:ef:9b:5e:2b:53:12:ca:fc:4d:84:90:f2:6e:17:1c:
08:97:03:76:de:16:e9:5e:2a:31:8f:d8:ee:9d:b2:bb:f6:9c:
0a:86:03:50:f9:32:6d:c8:d1:45:fe:58:c3:c8:99:5f:f9:af:
fa:50:1f:a8:1a:f5:75:ad:11:ee:3a:26:00:02:53:a0:90:5c:
73:a5:aa:12:dd:a9:3e:53:95:db:17:6d:dd:ee:78:01:6a:71:
84:bd:eb:46:e8:c5:75:1b:51:ad:f7:75:3a:90:4f:a2:a3:16:
b8:00:14:b5:d2:30:83:14:a8:1b:34:f4:09:7b:32:f9:ac:17:
6f:75:a4:99
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY4D/6C5MAgbSnH/n4RrHhJBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3N2MwY2Q1YTRjZmQ4M2Q0OTFkNjI3ZDhiMGZjY2I2NzBl
ODE1MzQwHhcNMjQwMzAzMTEwNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmRlZGU3ZDBmOWM5MTRmZDlkMTViZmYxZDhlMmZjMGUwYzM1NzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNVQExtxEAiOHL+ORl1pwR86zhwN
Hv/ExTSpGzp7pdNY2eux4SVUrfmAgeFxWJ62+1nXPzEhZyrkWhmzyyv/Ebkn0kAO
yNwb42ivvAb+QEB3TkI1FN1KAczC/oyLxV+DXds2imGr0474GtnjY7m7DvzH8KwO
OJyeBzx5ZsORog/3V7MFP0ZdNHxVYfjHT2U52PerEnpKrY9e5zrMC/RZNAeHV/LZ
UFX9zcO98ds1T4k81/TATWE9OE+cIwlDwte0efDgDzsGNCsbRRkigA9OjFBoD4eo
JB9rPO1qLJ9Z9YOe0LvY7wn8MJkG02uwCp046Yx1KhcEyxpDJJnVo4Mp0wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBve3n0PnJFP2dFb/x2OL8Dgw1eDMB8GA1UdIwQY
MBaAFFd8DNWkz9g9SR1ifYsPzLZw6BU0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjN3TTFhVFAyRDFKSFdKOWl3X010bkRvRlRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8wMTFiNWQtNjUyZS00NTJhLTk2Yzkt
ZDhlYzJjYmNhZDI2LzEvRzk3ZWZRLWNrVV9aMFZ2X0hZNHZ3T0REVjRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC8wMTFiNWQtNjUyZS00NTJhLTk2YzktZDhlYzJjYmNhZDI2
LzEvVjN3TTFhVFAyRDFKSFdKOWl3X010bkRvRlRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAdbk4AD
BARbk6AwDQYJKoZIhvcNAQELBQADggEBACY634dqa1Epw+lRy9L3VT5dhSosoSyx
XkthQu7ZG6wMH1MU9SBDAUJTTkwpBdZGnxz3qRtEGUf35t+wwn4qvyExrNOQmLxv
ZzJ0jkpnczZBP0Qq1SdmrTKZ+dnZpNNMDmN2h1Xo07XFnyL0L+bD/4YlpDxh7Xtn
OE549Pa5/nUrYe+bXitTEsr8TYSQ8m4XHAiXA3beFuleKjGP2O6dsrv2nAqGA1D5
Mm3I0UX+WMPImV/5r/pQH6ga9XWtEe46JgACU6CQXHOlqhLdqT5TldsXbd3ueAFq
cYS960boxXUbUa33dTqQT6KjFrgAFLXSMIMUqBs09Al7MvmsF291pJk=
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:13:48 2024 by rpki-client on console-ams.rpki-client.org