Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/Puem_96wYOSw2mFTq7LOivvDtNY.roa
File: Puem_96wYOSw2mFTq7LOivvDtNY.roa (raw, json)
Hash identifier: lmu5UepFd776I9aoYxGH4diD04ZmEyWcdqzAP8sVdaA=
Subject key identifier: 3E:E7:A6:FF:DE:B0:60:E4:B0:DA:61:53:AB:B2:CE:8A:FB:C3:B4:D6
Certificate issuer: /CN=77cc46ade957c8f066a5c6fe25310a4cf5a7e9d4
Certificate serial: 018CC6B89862ABA5B4D9A1CE360EE1082681
Authority key identifier: 77:CC:46:AD:E9:57:C8:F0:66:A5:C6:FE:25:31:0A:4C:F5:A7:E9:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d8xGrelXyPBmpcb-JTEKTPWn6dQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/Puem_96wYOSw2mFTq7LOivvDtNY.roa
Signing time: Mon 01 Jan 2024 20:30:35 +0000
ROA not before: Mon 01 Jan 2024 20:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35070
IP address blocks: 185.223.228.0/22 maxlen: 24
185.223.228.0/24 maxlen: 24
185.223.231.0/24 maxlen: 24
185.223.230.0/24 maxlen: 24
185.223.229.0/24 maxlen: 24
2a0d:4040::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/d8xGrelXyPBmpcb-JTEKTPWn6dQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/d8xGrelXyPBmpcb-JTEKTPWn6dQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/d8xGrelXyPBmpcb-JTEKTPWn6dQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:98:62:ab:a5:b4:d9:a1:ce:36:0e:e1:08:26:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77cc46ade957c8f066a5c6fe25310a4cf5a7e9d4
Validity
Not Before: Jan 1 20:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ee7a6ffdeb060e4b0da6153abb2ce8afbc3b4d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d3:3c:1e:fb:ec:d8:ca:87:66:17:66:37:b4:
e2:95:ec:b3:3b:22:af:0f:f6:db:c3:18:93:a0:f0:
47:e5:fd:2e:3a:17:e2:ab:f8:33:5f:23:b5:18:17:
7f:bf:98:d3:f7:2d:ba:4b:3d:36:5c:36:5b:8d:01:
a6:c5:e9:be:2c:c5:22:be:26:30:18:4a:27:16:c5:
d1:0c:c3:59:25:87:73:76:c2:30:c0:5a:24:4b:1d:
9d:38:5d:c4:9c:d9:ab:72:83:40:03:27:d6:48:6e:
36:d0:23:ec:1f:f7:06:86:69:25:34:e1:52:f7:9c:
41:b8:22:2e:4b:f2:e6:8e:68:fa:1b:82:77:b6:6e:
62:99:28:9f:d5:83:79:e8:92:92:19:ed:30:51:67:
a2:72:64:e6:26:0f:9d:8f:6a:e4:18:5b:9d:90:bb:
0d:34:f5:71:4e:f3:19:ee:d3:a6:c4:74:4c:3a:b7:
16:3d:3b:33:5e:d0:f0:89:c6:c7:a5:bd:de:6a:0b:
94:79:ab:7b:df:aa:67:0f:66:4c:cc:c8:56:be:86:
77:42:a4:48:a5:f8:6a:1f:cb:54:59:f7:47:7d:7f:
10:0a:9f:31:93:74:44:d8:6b:2d:ee:2f:20:d2:d3:
86:cb:37:d9:00:c3:86:b3:6b:a7:b0:4c:dd:f5:36:
68:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:E7:A6:FF:DE:B0:60:E4:B0:DA:61:53:AB:B2:CE:8A:FB:C3:B4:D6
X509v3 Authority Key Identifier:
keyid:77:CC:46:AD:E9:57:C8:F0:66:A5:C6:FE:25:31:0A:4C:F5:A7:E9:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8xGrelXyPBmpcb-JTEKTPWn6dQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/Puem_96wYOSw2mFTq7LOivvDtNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/d8xGrelXyPBmpcb-JTEKTPWn6dQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.228.0/22
IPv6:
2a0d:4040::/29
Signature Algorithm: sha256WithRSAEncryption
a7:53:65:05:e5:a9:fe:c3:0f:7b:b4:38:c6:d8:6d:ec:70:49:
12:7f:64:d6:85:0a:20:14:6d:6c:aa:4a:8d:a0:11:05:84:aa:
ec:c8:5e:5c:7c:f9:4d:dd:61:1f:29:94:6c:6e:57:e3:54:33:
97:41:a1:c2:cf:1b:57:6d:7a:3a:0d:77:af:cb:98:c0:61:8a:
fb:98:3e:68:bb:ae:f7:dc:eb:67:52:aa:99:d3:0d:dc:d9:17:
93:72:88:ea:55:82:21:b2:02:65:e7:71:7e:03:22:79:33:ba:
a0:27:a1:76:12:2a:7c:f6:6c:63:47:50:a4:6c:85:33:c9:53:
c2:7c:34:5e:a3:99:61:ab:8c:7b:fc:d4:ae:00:e1:3d:49:4e:
63:f6:2c:25:02:a2:f3:45:4d:d2:bc:9f:3a:92:d7:fc:1b:f2:
16:de:b4:4b:73:7f:11:bd:e7:4a:0a:41:02:ac:49:62:05:ab:
87:9c:67:be:8c:0b:8f:3e:74:cb:87:67:f7:29:a4:13:df:0b:
52:3b:e8:5f:2f:35:2d:4d:09:c8:65:84:a4:3c:cc:25:16:1f:
74:7a:ed:d7:5c:bf:ea:e8:f1:76:14:cf:13:61:b1:06:55:bb:
fc:62:e9:61:4f:8e:83:e6:8f:9b:6e:26:5d:ad:bc:60:71:b9:
43:ea:18:35
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuJhiq6W02aHONg7hCCaBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3Y2M0NmFkZTk1N2M4ZjA2NmE1YzZmZTI1MzEwYTRjZjVh
N2U5ZDQwHhcNMjQwMTAxMjAzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWU3YTZmZmRlYjA2MGU0YjBkYTYxNTNhYmIyY2U4YWZiYzNiNGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9M8Hvvs2MqHZhdmN7TileyzOyKv
D/bbwxiToPBH5f0uOhfiq/gzXyO1GBd/v5jT9y26Sz02XDZbjQGmxem+LMUiviYw
GEonFsXRDMNZJYdzdsIwwFokSx2dOF3EnNmrcoNAAyfWSG420CPsH/cGhmklNOFS
95xBuCIuS/Lmjmj6G4J3tm5imSif1YN56JKSGe0wUWeicmTmJg+dj2rkGFudkLsN
NPVxTvMZ7tOmxHRMOrcWPTszXtDwicbHpb3eaguUeat736pnD2ZMzMhWvoZ3QqRI
pfhqH8tUWfdHfX8QCp8xk3RE2Gst7i8g0tOGyzfZAMOGs2unsEzd9TZojQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD7npv/esGDksNphU6uyzor7w7TWMB8GA1UdIwQY
MBaAFHfMRq3pV8jwZqXG/iUxCkz1p+nUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDh4R3JlbFh5UEJtcGNiLUpURUtUUFduNmRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9kNjFiNTQtZWU5Zi00ZTAwLWIxZTMt
ZjdkMDI3NTYwMDU4LzEvUHVlbV85NndZT1N3Mm1GVHE3TE9pdnZEdE5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9kNjFiNTQtZWU5Zi00ZTAwLWIxZTMtZjdkMDI3NTYwMDU4
LzEvZDh4R3JlbFh5UEJtcGNiLUpURUtUUFduNmRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCud/kMA0E
AgACMAcDBQMqDUBAMA0GCSqGSIb3DQEBCwUAA4IBAQCnU2UF5an+ww97tDjG2G3s
cEkSf2TWhQogFG1sqkqNoBEFhKrsyF5cfPlN3WEfKZRsblfjVDOXQaHCzxtXbXo6
DXevy5jAYYr7mD5ou6733OtnUqqZ0w3c2ReTcojqVYIhsgJl53F+AyJ5M7qgJ6F2
Eip89mxjR1CkbIUzyVPCfDReo5lhq4x7/NSuAOE9SU5j9iwlAqLzRU3SvJ86ktf8
G/IW3rRLc38RvedKCkECrEliBauHnGe+jAuPPnTLh2f3KaQT3wtSO+hfLzUtTQnI
ZYSkPMwlFh90eu3XXL/q6PF2FM8TYbEGVbv8YulhT46D5o+bbiZdrbxgcblD6hg1
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:20:56 2024 by rpki-client on console-ams.rpki-client.org