Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/3UUDC2XcgnCKNGPQWP1ahAyjA7A.roa
File: 3UUDC2XcgnCKNGPQWP1ahAyjA7A.roa (raw, json)
Hash identifier: ktTjereJrfrdgoJNCxQzj7s9OR/KtA6rtAWoT7opzWM=
Subject key identifier: DD:45:03:0B:65:DC:82:70:8A:34:63:D0:58:FD:5A:84:0C:A3:03:B0
Certificate issuer: /CN=f58acd43c0033b13b88bb397415583aa51d9303a
Certificate serial: 018CC26D76ACE49C06C37CFF2CC6DA4A6F85
Authority key identifier: F5:8A:CD:43:C0:03:3B:13:B8:8B:B3:97:41:55:83:AA:51:D9:30:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/3UUDC2XcgnCKNGPQWP1ahAyjA7A.roa
Signing time: Mon 01 Jan 2024 00:30:02 +0000
ROA not before: Mon 01 Jan 2024 00:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204672
IP address blocks: 91.137.80.0/22 maxlen: 22
91.137.86.0/23 maxlen: 23
91.137.118.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.mft
rsync://rpki.ripe.net/repository/DEFAULT/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 10:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:76:ac:e4:9c:06:c3:7c:ff:2c:c6:da:4a:6f:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f58acd43c0033b13b88bb397415583aa51d9303a
Validity
Not Before: Jan 1 00:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd45030b65dc82708a3463d058fd5a840ca303b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0c:16:86:7a:52:37:48:d2:3a:d9:47:4b:82:
8a:33:33:88:7b:59:d4:a3:5b:ed:60:4e:e8:ea:01:
48:66:3c:a6:79:6a:aa:29:72:b0:aa:a7:b4:b8:01:
a2:00:91:e0:54:fa:84:58:ec:a2:86:0c:89:6e:6c:
d3:5e:8a:da:40:a3:53:7a:8e:9b:04:92:43:75:92:
07:da:b6:15:87:fb:a7:be:af:ef:50:06:21:9b:03:
1a:c6:4f:18:36:7c:09:22:f7:8f:0d:a5:0a:ed:d7:
2e:4d:f5:65:3b:47:b4:20:af:cb:8e:d9:e3:47:41:
7a:9d:7f:d3:a6:7e:4c:b4:14:6c:ac:bf:b6:0a:86:
d2:4a:5c:7e:e5:07:b8:ec:27:bd:02:62:15:37:2f:
24:c6:ca:74:fe:a5:25:58:96:eb:e9:c6:56:bf:14:
3d:f0:38:47:71:c5:c8:cd:68:df:57:de:f0:74:ee:
19:6d:4c:53:e8:2d:01:d9:2a:05:f1:f6:b1:fd:59:
f2:39:21:d2:56:0e:96:d8:ec:5f:09:5a:e6:d8:ba:
8c:5d:55:cf:66:27:42:bb:e0:5b:1c:e3:f2:6b:e8:
e6:d5:81:a8:61:a8:93:75:97:19:3d:8f:af:46:3c:
df:ea:2d:0c:61:bd:60:94:b2:a9:2b:af:1e:cd:45:
37:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:45:03:0B:65:DC:82:70:8A:34:63:D0:58:FD:5A:84:0C:A3:03:B0
X509v3 Authority Key Identifier:
keyid:F5:8A:CD:43:C0:03:3B:13:B8:8B:B3:97:41:55:83:AA:51:D9:30:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/3UUDC2XcgnCKNGPQWP1ahAyjA7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.137.80.0/22
91.137.86.0/23
91.137.118.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:b6:23:d5:62:66:ac:c7:64:74:b8:ac:fd:d4:e2:f1:b7:f8:
e8:b7:ce:83:f4:36:91:df:11:bc:19:5c:60:97:af:b7:df:5a:
e9:c9:2e:7a:55:5c:62:85:d9:60:b8:6c:df:77:6b:ba:85:12:
b8:45:7b:b2:ce:f5:34:c4:4b:d6:90:e4:9c:2f:cb:4e:a0:27:
8e:cd:2d:13:ae:fc:25:7d:d6:28:48:e5:71:1f:3f:a5:05:bd:
d6:98:27:a1:d0:91:8b:05:57:55:a5:02:88:de:11:d0:3a:73:
e2:73:cc:40:4d:a4:49:d7:7b:c0:7d:a2:ab:b1:8d:c5:a2:b6:
f1:ac:cc:92:11:48:4a:e2:66:5a:80:c0:34:2e:0c:e6:2f:3f:
70:dc:ea:1e:58:3d:f7:92:87:84:c3:59:e9:b5:7f:ed:37:fe:
ce:ce:be:1f:56:98:84:df:da:0b:b3:43:20:dd:64:57:75:a3:
77:35:c3:55:46:ff:56:93:3e:82:67:87:17:41:d6:41:f0:04:
d9:18:2e:3e:83:79:1f:1a:0b:c1:d9:63:fa:0f:a0:83:a7:63:
b4:97:cf:ec:02:a0:24:90:42:ea:28:c4:ce:23:84:3f:92:5c:
b4:dd:f5:3b:6e:4a:de:45:99:53:6c:3d:73:52:dd:16:ea:c8:
15:1f:fa:8f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzCbXas5JwGw3z/LMbaSm+FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1OGFjZDQzYzAwMzNiMTNiODhiYjM5NzQxNTU4M2FhNTFk
OTMwM2EwHhcNMjQwMTAxMDAzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDQ1MDMwYjY1ZGM4MjcwOGEzNDYzZDA1OGZkNWE4NDBjYTMwM2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgwWhnpSN0jSOtlHS4KKMzOIe1nU
o1vtYE7o6gFIZjymeWqqKXKwqqe0uAGiAJHgVPqEWOyihgyJbmzTXoraQKNTeo6b
BJJDdZIH2rYVh/unvq/vUAYhmwMaxk8YNnwJIvePDaUK7dcuTfVlO0e0IK/Ljtnj
R0F6nX/Tpn5MtBRsrL+2CobSSlx+5Qe47Ce9AmIVNy8kxsp0/qUlWJbr6cZWvxQ9
8DhHccXIzWjfV97wdO4ZbUxT6C0B2SoF8fax/VnyOSHSVg6W2OxfCVrm2LqMXVXP
ZidCu+BbHOPya+jm1YGoYaiTdZcZPY+vRjzf6i0MYb1glLKpK68ezUU3vwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN1FAwtl3IJwijRj0Fj9WoQMowOwMB8GA1UdIwQY
MBaAFPWKzUPAAzsTuIuzl0FVg6pR2TA6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVlyTlE4QURPeE80aTdPWFFWV0RxbEhaTURvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8wZTY2ZTktY2YyZC00MGRmLWFhYWUt
Y2YyZDU4ZDBlMGVlLzEvM1VVREMyWGNnbkNLTkdQUVdQMWFoQXlqQTdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8wZTY2ZTktY2YyZC00MGRmLWFhYWUtY2YyZDU4ZDBlMGVl
LzEvOVlyTlE4QURPeE80aTdPWFFWV0RxbEhaTURvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW4lQAwQB
W4lWAwQBW4l2MA0GCSqGSIb3DQEBCwUAA4IBAQButiPVYmasx2R0uKz91OLxt/jo
t86D9DaR3xG8GVxgl6+331rpyS56VVxihdlguGzfd2u6hRK4RXuyzvU0xEvWkOSc
L8tOoCeOzS0TrvwlfdYoSOVxHz+lBb3WmCeh0JGLBVdVpQKI3hHQOnPic8xATaRJ
13vAfaKrsY3ForbxrMySEUhK4mZagMA0LgzmLz9w3OoeWD33koeEw1nptX/tN/7O
zr4fVpiE39oLs0Mg3WRXdaN3NcNVRv9Wkz6CZ4cXQdZB8ATZGC4+g3kfGgvB2WP6
D6CDp2O0l8/sAqAkkELqKMTOI4Q/kly03fU7bkreRZlTbD1zUt0W6sgVH/qP
-----END CERTIFICATE-----
Generated at Wed May 15 19:30:15 2024 by rpki-client on console-ams.rpki-client.org