Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/577b09-8d12-42c7-9af3-a164886ffc20/1/tH-_iaIPhbYxvzDsF-ByM1_LlRM.roa
File: tH-_iaIPhbYxvzDsF-ByM1_LlRM.roa (raw, json)
Hash identifier: DLaIgnFKLeNcGn6eBjuGSuhucB0qNFCC9tnRsJCkNtg=
Subject key identifier: B4:7F:BF:89:A2:0F:85:B6:31:BF:30:EC:17:E0:72:33:5F:CB:95:13
Certificate issuer: /CN=552986484ecd015857ebf61dc4b361302c7916c6
Certificate serial: 0190302253C5FC2E773D41591C5643D19EB8
Authority key identifier: 55:29:86:48:4E:CD:01:58:57:EB:F6:1D:C4:B3:61:30:2C:79:16:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VSmGSE7NAVhX6_YdxLNhMCx5FsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/577b09-8d12-42c7-9af3-a164886ffc20/1/tH-_iaIPhbYxvzDsF-ByM1_LlRM.roa
Signing time: Wed 19 Jun 2024 10:54:34 +0000
ROA not before: Wed 19 Jun 2024 10:54:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60534
IP address blocks: 91.225.8.0/22 maxlen: 32
185.54.102.0/24 maxlen: 32
185.135.120.0/22 maxlen: 32
185.244.239.0/24 maxlen: 32
2a06:f3c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/577b09-8d12-42c7-9af3-a164886ffc20/1/VSmGSE7NAVhX6_YdxLNhMCx5FsY.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/577b09-8d12-42c7-9af3-a164886ffc20/1/VSmGSE7NAVhX6_YdxLNhMCx5FsY.mft
rsync://rpki.ripe.net/repository/DEFAULT/VSmGSE7NAVhX6_YdxLNhMCx5FsY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 20:19:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:30:22:53:c5:fc:2e:77:3d:41:59:1c:56:43:d1:9e:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=552986484ecd015857ebf61dc4b361302c7916c6
Validity
Not Before: Jun 19 10:54:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b47fbf89a20f85b631bf30ec17e072335fcb9513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:bf:0b:fe:8a:a3:ae:50:f1:ab:2c:33:29:20:
f1:15:e0:c6:90:ee:45:8c:3b:a1:c3:33:63:b4:70:
95:0d:24:9e:e5:e8:51:35:41:5c:42:d8:7d:cb:4f:
23:c5:11:e2:4b:10:a4:dc:25:35:41:0e:98:0d:80:
f4:ac:50:f6:bd:07:0e:3b:ff:37:52:6c:52:8e:aa:
93:f0:b0:35:1f:87:1d:37:4a:60:2a:b9:22:6e:af:
0b:e3:94:37:3f:8b:bb:a8:61:d9:58:1f:ed:dd:80:
0d:05:ec:70:7b:7d:92:df:d4:2b:bf:1e:1c:ad:cc:
21:f5:97:fe:50:b2:aa:f7:45:20:32:6b:a8:09:4b:
a1:4d:bb:30:95:c9:a3:62:72:24:46:4c:25:8b:dc:
ac:3e:33:69:b2:7a:be:72:d9:82:72:13:34:09:ed:
c7:e0:43:0c:a3:80:bd:22:84:da:b8:bc:ff:39:b9:
a4:31:8d:88:e9:c2:c7:54:2e:55:bc:2f:df:d6:05:
ef:af:bb:91:9e:c6:43:41:80:a1:c5:ee:73:f5:cc:
79:0c:6a:c6:25:f9:2a:21:b6:79:0e:49:0c:1e:0b:
ae:5a:a0:1b:69:f6:aa:8c:e2:11:a7:c8:3e:37:75:
72:7b:6e:11:fb:f7:a7:03:1d:a5:36:27:f4:06:99:
c5:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:7F:BF:89:A2:0F:85:B6:31:BF:30:EC:17:E0:72:33:5F:CB:95:13
X509v3 Authority Key Identifier:
keyid:55:29:86:48:4E:CD:01:58:57:EB:F6:1D:C4:B3:61:30:2C:79:16:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VSmGSE7NAVhX6_YdxLNhMCx5FsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/577b09-8d12-42c7-9af3-a164886ffc20/1/tH-_iaIPhbYxvzDsF-ByM1_LlRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/577b09-8d12-42c7-9af3-a164886ffc20/1/VSmGSE7NAVhX6_YdxLNhMCx5FsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.8.0/22
185.54.102.0/24
185.135.120.0/22
185.244.239.0/24
IPv6:
2a06:f3c0::/29
Signature Algorithm: sha256WithRSAEncryption
9b:9c:d2:f8:1d:6f:21:f5:47:37:2d:08:5d:a7:ff:d3:68:f4:
a8:fd:cd:0c:02:b4:9e:f5:f3:39:16:fc:68:8e:e6:d0:aa:ad:
6c:0e:31:24:1d:3b:74:94:be:8c:61:c5:61:78:8a:05:d3:40:
23:b3:28:a5:30:4d:a7:10:51:2d:4a:46:20:19:a5:58:b2:fd:
7c:82:40:fb:55:5a:0d:7e:95:2a:2b:bb:02:7c:d7:cb:67:8f:
6f:1b:79:bf:42:01:23:1c:c7:4c:2c:47:4f:63:bf:5b:4a:e6:
f1:5d:2a:69:63:8e:a3:e4:45:25:15:2f:79:a7:9c:49:cb:35:
a4:0e:d1:18:fc:54:0f:34:dc:f3:0a:c9:d1:85:e1:8d:0c:1b:
30:c5:a7:ca:5f:80:07:20:a8:8e:80:42:18:55:ab:14:49:c8:
f0:c8:44:89:4b:56:2b:15:79:b4:c7:e0:63:06:da:f4:bb:b3:
45:d2:83:6d:2f:92:dc:d4:6a:2b:48:71:35:7b:00:a3:87:99:
de:71:1a:fc:25:7d:fe:0a:61:5c:7a:d7:ac:bc:8c:b9:37:4f:
04:a4:81:5d:07:68:09:c8:70:17:b2:49:de:72:cb:9a:97:5a:
af:b4:f4:d3:59:9c:a6:f5:c2:f3:68:ab:11:c0:4b:d0:f0:0f:
f6:97:6a:87
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZAwIlPF/C53PUFZHFZD0Z64MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1Mjk4NjQ4NGVjZDAxNTg1N2ViZjYxZGM0YjM2MTMwMmM3
OTE2YzYwHhcNMjQwNjE5MTA1NDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDdmYmY4OWEyMGY4NWI2MzFiZjMwZWMxN2UwNzIzMzVmY2I5NTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwb8L/oqjrlDxqywzKSDxFeDGkO5F
jDuhwzNjtHCVDSSe5ehRNUFcQth9y08jxRHiSxCk3CU1QQ6YDYD0rFD2vQcOO/83
UmxSjqqT8LA1H4cdN0pgKrkibq8L45Q3P4u7qGHZWB/t3YANBexwe32S39Qrvx4c
rcwh9Zf+ULKq90UgMmuoCUuhTbswlcmjYnIkRkwli9ysPjNpsnq+ctmCchM0Ce3H
4EMMo4C9IoTauLz/ObmkMY2I6cLHVC5VvC/f1gXvr7uRnsZDQYChxe5z9cx5DGrG
JfkqIbZ5DkkMHguuWqAbafaqjOIRp8g+N3Vye24R+/enAx2lNif0BpnFTQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLR/v4miD4W2Mb8w7BfgcjNfy5UTMB8GA1UdIwQY
MBaAFFUphkhOzQFYV+v2HcSzYTAseRbGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlNtR1NFN05BVmhYNl9ZZHhMTmhNQ3g1RnNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS81NzdiMDktOGQxMi00MmM3LTlhZjMt
YTE2NDg4NmZmYzIwLzEvdEgtX2lhSVBoYll4dnpEc0YtQnlNMV9MbFJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS81NzdiMDktOGQxMi00MmM3LTlhZjMtYTE2NDg4NmZmYzIw
LzEvVlNtR1NFN05BVmhYNl9ZZHhMTmhNQ3g1RnNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCW+EIAwQA
uTZmAwQCuYd4AwQAufTvMA0EAgACMAcDBQMqBvPAMA0GCSqGSIb3DQEBCwUAA4IB
AQCbnNL4HW8h9Uc3LQhdp//TaPSo/c0MArSe9fM5FvxojubQqq1sDjEkHTt0lL6M
YcVheIoF00AjsyilME2nEFEtSkYgGaVYsv18gkD7VVoNfpUqK7sCfNfLZ49vG3m/
QgEjHMdMLEdPY79bSubxXSppY46j5EUlFS95p5xJyzWkDtEY/FQPNNzzCsnRheGN
DBswxafKX4AHIKiOgEIYVasUScjwyESJS1YrFXm0x+BjBtr0u7NF0oNtL5Lc1Gor
SHE1ewCjh5necRr8JX3+CmFcetesvIy5N08EpIFdB2gJyHAXsknecsual1qvtPTT
WZym9cLzaKsRwEvQ8A/2l2qH
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:17:51 2024 by rpki-client on console-ams.rpki-client.org