Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/SroUN1XwdSQsx9oMLMmPcyBIM4U.roa
File: SroUN1XwdSQsx9oMLMmPcyBIM4U.roa (raw, json)
Hash identifier: XY6FDshfQn3+Pmo/BrGe6UX+u0HxIU9KCD1JWHDl5Pw=
Subject key identifier: 4A:BA:14:37:55:F0:75:24:2C:C7:DA:0C:2C:C9:8F:73:20:48:33:85
Certificate issuer: /CN=301a648725ee26a460cb9b1cbcd9c9c832c449af
Certificate serial: 018CC8DE548A99C0F673532586D7B11B7364
Authority key identifier: 30:1A:64:87:25:EE:26:A4:60:CB:9B:1C:BC:D9:C9:C8:32:C4:49:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MBpkhyXuJqRgy5scvNnJyDLESa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/SroUN1XwdSQsx9oMLMmPcyBIM4U.roa
Signing time: Tue 02 Jan 2024 06:31:02 +0000
ROA not before: Tue 02 Jan 2024 06:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212148
IP address blocks: 91.212.156.0/24 maxlen: 24
2a07:b280::/29 maxlen: 29
2a07:b280:200::/40 maxlen: 40
2a07:b280:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/MBpkhyXuJqRgy5scvNnJyDLESa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/MBpkhyXuJqRgy5scvNnJyDLESa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/MBpkhyXuJqRgy5scvNnJyDLESa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:54:8a:99:c0:f6:73:53:25:86:d7:b1:1b:73:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=301a648725ee26a460cb9b1cbcd9c9c832c449af
Validity
Not Before: Jan 2 06:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4aba143755f075242cc7da0c2cc98f7320483385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:74:dc:3e:24:87:bc:1e:09:cb:ad:3a:9d:a7:
a7:07:72:e6:75:75:55:ef:1d:43:1c:d2:c0:eb:e0:
02:5d:f1:80:e2:f0:a9:31:3a:d8:77:ae:97:37:15:
16:3a:49:af:90:6c:19:7e:94:52:2f:73:39:52:71:
3d:7a:17:31:fb:76:b9:0d:61:04:c2:d0:22:62:b2:
aa:f5:f8:8a:90:bc:af:46:6e:71:d8:39:6f:7f:46:
98:3b:ca:15:fe:ca:2c:a2:54:ce:c9:56:dd:e3:75:
f3:bd:0e:a4:10:d9:4e:37:c8:ed:1b:e5:90:4e:dc:
2a:c5:13:f1:54:b2:4e:6e:84:c2:5a:32:22:57:6e:
32:4a:0c:36:33:db:b4:d5:28:37:f4:89:0e:d8:ac:
8c:00:76:d0:62:cf:c4:8d:04:34:4d:17:ea:84:34:
23:fa:6e:66:6d:a4:b4:cc:9a:d2:23:2d:75:c0:70:
a0:ef:f8:3f:f8:e3:be:d8:ae:75:d6:53:fb:7f:c8:
c5:ad:31:f7:40:98:cc:8c:58:06:ad:0d:db:9b:15:
6b:cd:ac:a4:8a:4d:76:af:6a:8f:93:b4:99:8b:43:
84:a7:04:01:0e:e7:4e:fb:37:d5:51:f6:5f:fc:a2:
c9:03:7b:87:91:30:67:2c:7a:ee:55:6d:db:2b:9e:
2b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:BA:14:37:55:F0:75:24:2C:C7:DA:0C:2C:C9:8F:73:20:48:33:85
X509v3 Authority Key Identifier:
keyid:30:1A:64:87:25:EE:26:A4:60:CB:9B:1C:BC:D9:C9:C8:32:C4:49:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBpkhyXuJqRgy5scvNnJyDLESa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/SroUN1XwdSQsx9oMLMmPcyBIM4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/MBpkhyXuJqRgy5scvNnJyDLESa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.156.0/24
IPv6:
2a07:b280::/29
Signature Algorithm: sha256WithRSAEncryption
4a:e8:77:04:db:4a:09:99:ee:ea:db:7f:e8:a3:a3:52:47:88:
33:49:3d:e2:ca:4c:a2:1e:dc:f3:d3:04:fe:df:f5:9a:32:49:
d8:e4:b1:e1:74:70:08:d8:16:a2:d7:22:25:0e:3e:a4:2f:0c:
82:1a:1f:2d:e4:e4:13:5f:90:fa:aa:1b:50:ca:23:89:a6:35:
7b:06:4d:98:93:94:d0:10:9d:07:f6:bf:4c:52:b2:38:ca:25:
26:47:2e:ea:ab:28:2a:35:e6:c8:63:65:44:91:5c:8c:5a:fa:
eb:65:81:e3:75:ec:98:ef:fe:f8:a2:8d:58:ca:93:85:66:34:
22:53:c6:85:91:9b:c6:2a:e2:b4:7a:b2:36:28:74:e3:41:2f:
50:48:37:30:ec:74:13:e4:5e:27:56:1e:e6:03:cb:94:9d:43:
f6:e9:eb:56:d6:f2:25:28:8b:1b:29:98:37:0d:1b:ee:8c:6b:
79:a3:0d:23:c2:bd:6a:1e:3d:29:45:d7:c3:5a:ba:3c:45:dc:
f3:e8:71:79:b7:1f:ef:fc:0d:51:46:b1:3f:8e:ed:d3:8f:80:
99:33:36:9d:f3:2a:25:df:36:7c:92:b1:ba:f8:88:e9:d2:b4:
cb:9f:a0:fd:c1:db:04:1e:61:6f:6a:a0:be:82:f5:6b:4d:26:
81:76:eb:8f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3lSKmcD2c1MlhtexG3NkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMWE2NDg3MjVlZTI2YTQ2MGNiOWIxY2JjZDljOWM4MzJj
NDQ5YWYwHhcNMjQwMTAyMDYzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWJhMTQzNzU1ZjA3NTI0MmNjN2RhMGMyY2M5OGY3MzIwNDgzMzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3TcPiSHvB4Jy606naenB3LmdXVV
7x1DHNLA6+ACXfGA4vCpMTrYd66XNxUWOkmvkGwZfpRSL3M5UnE9ehcx+3a5DWEE
wtAiYrKq9fiKkLyvRm5x2Dlvf0aYO8oV/sosolTOyVbd43XzvQ6kENlON8jtG+WQ
TtwqxRPxVLJOboTCWjIiV24ySgw2M9u01Sg39IkO2KyMAHbQYs/EjQQ0TRfqhDQj
+m5mbaS0zJrSIy11wHCg7/g/+OO+2K511lP7f8jFrTH3QJjMjFgGrQ3bmxVrzayk
ik12r2qPk7SZi0OEpwQBDudO+zfVUfZf/KLJA3uHkTBnLHruVW3bK54rbwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEq6FDdV8HUkLMfaDCzJj3MgSDOFMB8GA1UdIwQY
MBaAFDAaZIcl7iakYMubHLzZycgyxEmvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUJwa2h5WHVKcVJneTVzY3ZObkp5RExFU2E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8wMjRmMGYtMjBjNS00ODI4LWIzMzIt
YTViMmQwOWUwNWNmLzEvU3JvVU4xWHdkU1FzeDlvTUxNbVBjeUJJTTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8wMjRmMGYtMjBjNS00ODI4LWIzMzItYTViMmQwOWUwNWNm
LzEvTUJwa2h5WHVKcVJneTVzY3ZObkp5RExFU2E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9ScMA0E
AgACMAcDBQMqB7KAMA0GCSqGSIb3DQEBCwUAA4IBAQBK6HcE20oJme7q23/oo6NS
R4gzST3iykyiHtzz0wT+3/WaMknY5LHhdHAI2Bai1yIlDj6kLwyCGh8t5OQTX5D6
qhtQyiOJpjV7Bk2Yk5TQEJ0H9r9MUrI4yiUmRy7qqygqNebIY2VEkVyMWvrrZYHj
deyY7/74oo1YypOFZjQiU8aFkZvGKuK0erI2KHTjQS9QSDcw7HQT5F4nVh7mA8uU
nUP26etW1vIlKIsbKZg3DRvujGt5ow0jwr1qHj0pRdfDWro8Rdzz6HF5tx/v/A1R
RrE/ju3Tj4CZMzad8yol3zZ8krG6+Ijp0rTLn6D9wdsEHmFvaqC+gvVrTSaBduuP
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:27:09 2024 by rpki-client on console-ams.rpki-client.org