Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3qxS5nRtrjSQfoeJ71tfuSovBT8.roa
File: 3qxS5nRtrjSQfoeJ71tfuSovBT8.roa (raw, json)
Hash identifier: tmN2W/9PeT7+LqkFVLkbd8V7lVfN11m1NXbg3slnTjY=
Subject key identifier: DE:AC:52:E6:74:6D:AE:34:90:7E:87:89:EF:5B:5F:B9:2A:2F:05:3F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0190EF2C6EC08C8B2FE624C181DD9BF6AFC8
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3qxS5nRtrjSQfoeJ71tfuSovBT8.roa
Signing time: Fri 26 Jul 2024 13:13:04 +0000
ROA not before: Fri 26 Jul 2024 13:13:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215787
IP address blocks: 91.200.192.0/22 maxlen: 24
94.154.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ef:2c:6e:c0:8c:8b:2f:e6:24:c1:81:dd:9b:f6:af:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 26 13:13:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=deac52e6746dae34907e8789ef5b5fb92a2f053f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:8e:f3:df:df:75:51:39:12:00:7a:ff:b1:30:
84:90:8c:f4:a0:41:bd:5f:01:06:52:e9:df:0f:14:
37:73:e7:47:a6:26:cd:51:4d:a5:e8:c7:86:6e:64:
0e:ff:93:01:ed:41:77:9e:c2:ea:a8:84:9f:94:b1:
78:75:ca:c9:80:67:03:52:84:41:12:63:cf:9b:41:
1e:e1:d5:66:8d:af:26:c8:a7:5c:c0:a7:52:2e:82:
45:4f:f6:3a:08:6c:39:bf:d6:85:ad:48:42:57:bc:
50:90:ad:ad:5e:e6:20:23:9b:c1:44:9e:82:66:a6:
ab:51:6b:cc:77:f8:d8:51:ae:a5:45:f3:0d:21:86:
61:a3:60:d3:4e:50:26:bb:d3:00:06:b2:af:dd:36:
18:ff:b0:25:1d:f6:39:6e:ba:9c:b1:1e:c9:cb:b7:
12:d0:be:50:0d:22:cb:16:43:1c:74:10:e8:90:cb:
ff:ee:8e:31:a0:4f:8f:60:29:ff:fd:5a:5a:59:f1:
36:f9:6b:79:f7:66:f9:85:b7:61:0b:ea:3e:03:ae:
2f:92:c3:b5:67:1b:f9:07:84:0d:f3:f5:3c:b4:41:
e4:c1:3b:2f:22:1e:28:bb:82:93:4e:b3:89:a3:bb:
20:aa:fc:d6:91:dd:c0:2a:63:49:32:d5:c5:3c:8c:
a8:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:AC:52:E6:74:6D:AE:34:90:7E:87:89:EF:5B:5F:B9:2A:2F:05:3F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3qxS5nRtrjSQfoeJ71tfuSovBT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.192.0/22
94.154.163.0/24
Signature Algorithm: sha256WithRSAEncryption
99:13:ac:ad:0e:db:f2:7b:bc:03:66:0e:fe:9d:6d:b6:3b:bb:
b7:79:62:10:23:1f:c4:ff:f1:1e:57:0c:52:38:af:c9:9e:f5:
66:b7:b0:b9:ee:b9:53:d0:d4:4c:11:1e:9f:60:0a:20:0c:71:
3f:e8:f2:23:8a:8d:95:18:47:de:0e:df:3b:98:cd:70:c7:8d:
6a:0f:d5:fe:32:1e:07:8e:84:20:25:e6:37:dc:14:d2:49:9e:
71:bc:3e:7e:07:8a:81:d5:0c:c2:04:e9:e0:d4:5e:e5:14:00:
8f:76:34:12:05:36:96:81:f6:bb:e8:ba:bc:91:36:f3:7c:76:
98:d0:7d:af:3c:83:f8:4a:d8:7e:6b:5f:3a:55:1b:69:0d:d4:
1a:fe:ef:4e:54:08:3a:70:c5:c1:2a:d2:d8:f2:bb:68:b2:78:
97:d0:a2:2e:12:57:f8:5f:a5:29:96:56:cf:cd:0e:11:f7:66:
29:4b:c0:0a:db:a4:9e:21:77:8f:e0:f2:6b:f4:9f:ff:b2:f0:
c3:8f:c7:d8:c6:8b:dc:e0:53:a1:8d:e4:11:2c:61:4e:9c:f1:
4d:72:a1:f1:af:ae:9d:a2:0c:df:d9:a0:de:02:93:da:e3:83:
35:33:a4:c8:d4:83:02:e2:61:98:d8:dd:19:09:ec:7f:12:af:
4e:ca:7b:88
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZDvLG7AjIsv5iTBgd2b9q/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzI2MTMxMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWFjNTJlNjc0NmRhZTM0OTA3ZTg3ODllZjViNWZiOTJhMmYwNTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj47z3991UTkSAHr/sTCEkIz0oEG9
XwEGUunfDxQ3c+dHpibNUU2l6MeGbmQO/5MB7UF3nsLqqISflLF4dcrJgGcDUoRB
EmPPm0Ee4dVmja8myKdcwKdSLoJFT/Y6CGw5v9aFrUhCV7xQkK2tXuYgI5vBRJ6C
ZqarUWvMd/jYUa6lRfMNIYZho2DTTlAmu9MABrKv3TYY/7AlHfY5brqcsR7Jy7cS
0L5QDSLLFkMcdBDokMv/7o4xoE+PYCn//VpaWfE2+Wt592b5hbdhC+o+A64vksO1
Zxv5B4QN8/U8tEHkwTsvIh4ou4KTTrOJo7sgqvzWkd3AKmNJMtXFPIyoUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN6sUuZ0ba40kH6Hie9bX7kqLwU/MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvM3F4UzVuUnRyalNRZm9lSjcxdGZ1U292QlQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8jAAwQA
XpqjMA0GCSqGSIb3DQEBCwUAA4IBAQCZE6ytDtvye7wDZg7+nW22O7u3eWIQIx/E
//EeVwxSOK/JnvVmt7C57rlT0NRMER6fYAogDHE/6PIjio2VGEfeDt87mM1wx41q
D9X+Mh4HjoQgJeY33BTSSZ5xvD5+B4qB1QzCBOng1F7lFACPdjQSBTaWgfa76Lq8
kTbzfHaY0H2vPIP4Sth+a186VRtpDdQa/u9OVAg6cMXBKtLY8rtosniX0KIuElf4
X6UpllbPzQ4R92YpS8AK26SeIXeP4PJr9J//svDDj8fYxovc4FOhjeQRLGFOnPFN
cqHxr66dogzf2aDeApPa44M1M6TI1IMC4mGY2N0ZCex/Eq9OynuI
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:21:12 2024 by rpki-client on console-ams.rpki-client.org