Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/my8ay8P26UL2j3cwe9NB2nPzeAw.roa
File: my8ay8P26UL2j3cwe9NB2nPzeAw.roa (raw, json)
Hash identifier: Xg5trxt8cKH+cSpH1hs9MZiJkbPRHoqod2MrzIcoKBk=
Subject key identifier: 9B:2F:1A:CB:C3:F6:E9:42:F6:8F:77:30:7B:D3:41:DA:73:F3:78:0C
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 018CC42457B3D059810CA7C7B355DB636D78
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/my8ay8P26UL2j3cwe9NB2nPzeAw.roa
Signing time: Mon 01 Jan 2024 08:29:25 +0000
ROA not before: Mon 01 Jan 2024 08:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62041
IP address blocks: 91.108.4.0/22 maxlen: 22
91.108.8.0/22 maxlen: 22
95.161.64.0/20 maxlen: 20
91.108.56.0/22 maxlen: 22
149.154.162.0/23 maxlen: 23
149.154.164.0/22 maxlen: 22
149.154.164.0/23 maxlen: 23
149.154.160.0/24 maxlen: 24
149.154.160.0/23 maxlen: 23
149.154.160.0/22 maxlen: 22
149.154.166.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:57:b3:d0:59:81:0c:a7:c7:b3:55:db:63:6d:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Jan 1 08:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b2f1acbc3f6e942f68f77307bd341da73f3780c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c9:18:66:3f:20:c0:98:e8:5d:2f:63:3a:1f:
b5:ec:38:84:7c:1f:b1:fa:01:95:fc:9a:c7:85:05:
d7:fe:c4:ea:13:19:76:13:8e:9d:2c:2e:11:ed:3c:
c5:93:a3:06:28:26:f5:bd:3f:77:32:df:4e:85:9b:
e4:5a:b7:ad:45:40:c4:a7:58:e7:d0:b6:25:0e:dd:
3d:a4:5c:10:65:7d:df:67:bd:d3:1d:59:07:99:e8:
15:16:c9:a9:ec:cf:35:a3:9b:ce:8f:dc:97:00:d5:
f7:e7:13:ad:93:f7:d7:0a:a9:4a:03:57:26:fe:14:
d2:2d:e3:e8:f5:c0:eb:bc:1d:53:5e:81:a9:7e:68:
04:5e:47:82:f4:63:bd:32:a8:f9:8a:36:7b:c1:3c:
0f:c9:45:75:ab:37:5c:b4:9b:3a:e4:25:4c:10:aa:
ba:85:62:41:55:00:2a:e3:3b:36:46:7b:64:77:2b:
55:26:49:d6:a0:b5:38:cc:99:1f:f4:45:9a:53:8b:
4e:67:c4:1f:8d:da:cd:3a:fb:fe:8a:da:c7:11:3d:
b3:37:99:b2:c9:a6:1d:93:c8:82:b4:4a:73:52:a5:
69:a8:6f:7e:f5:85:60:44:b8:cc:a8:b2:ae:7c:92:
4e:ee:8d:0c:a0:45:45:be:13:de:33:7b:5d:15:b9:
4b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:2F:1A:CB:C3:F6:E9:42:F6:8F:77:30:7B:D3:41:DA:73:F3:78:0C
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/my8ay8P26UL2j3cwe9NB2nPzeAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.4.0-91.108.11.255
91.108.56.0/22
95.161.64.0/20
149.154.160.0/21
Signature Algorithm: sha256WithRSAEncryption
6d:59:72:ca:b5:38:fa:fa:20:c5:65:04:05:58:90:16:48:04:
c6:8f:d3:c6:60:cb:85:8a:fb:ec:98:b5:d2:2b:4f:82:e1:21:
de:f9:93:39:a3:b8:c6:eb:0a:66:1c:98:5f:92:03:12:26:b3:
83:e4:59:fb:6b:b5:95:dd:23:35:f4:1e:b2:81:7d:7b:62:4a:
1a:10:6c:e7:13:0f:cc:05:4d:f3:9b:90:d6:35:f8:04:3d:69:
0b:ec:ec:35:d9:06:77:28:8f:25:c5:f5:5a:7a:11:0e:dd:56:
c2:ca:c7:69:80:c8:ef:82:cb:b5:91:0e:ee:a8:0d:73:59:6f:
95:61:24:c5:c2:01:b2:e5:b4:ff:d7:30:69:2b:78:82:e7:72:
61:8e:82:95:59:df:1f:2d:dd:b1:00:37:2b:b3:f5:47:89:c3:
05:c2:49:18:b8:02:21:90:33:75:4e:aa:98:40:0a:41:57:6e:
49:04:57:45:f6:1b:5f:ff:89:29:3f:f3:e7:ef:79:69:3e:b0:
7e:55:60:70:54:b5:dd:1f:b8:4d:1d:4c:f9:3d:91:af:7d:66:
ee:dd:4b:14:0c:5a:5f:de:0d:b3:34:5a:d6:1b:9e:17:44:c2:
c8:41:5d:64:51:29:0f:b1:e7:4d:b0:42:2f:c5:9a:12:77:6e:
35:fe:4f:98
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzEJFez0FmBDKfHs1XbY214MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjQwMTAxMDgyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjJmMWFjYmMzZjZlOTQyZjY4Zjc3MzA3YmQzNDFkYTczZjM3ODBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38kYZj8gwJjoXS9jOh+17DiEfB+x
+gGV/JrHhQXX/sTqExl2E46dLC4R7TzFk6MGKCb1vT93Mt9OhZvkWretRUDEp1jn
0LYlDt09pFwQZX3fZ73THVkHmegVFsmp7M81o5vOj9yXANX35xOtk/fXCqlKA1cm
/hTSLePo9cDrvB1TXoGpfmgEXkeC9GO9Mqj5ijZ7wTwPyUV1qzdctJs65CVMEKq6
hWJBVQAq4zs2RntkdytVJknWoLU4zJkf9EWaU4tOZ8QfjdrNOvv+itrHET2zN5my
yaYdk8iCtEpzUqVpqG9+9YVgRLjMqLKufJJO7o0MoEVFvhPeM3tdFblLDQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJsvGsvD9ulC9o93MHvTQdpz83gMMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvbXk4YXk4UDI2VUwyajNjd2U5TkIyblB6ZUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAJbbAQD
BAJbbAgDBAJbbDgDBARfoUADBAOVmqAwDQYJKoZIhvcNAQELBQADggEBAG1Zcsq1
OPr6IMVlBAVYkBZIBMaP08Zgy4WK++yYtdIrT4LhId75kzmjuMbrCmYcmF+SAxIm
s4PkWftrtZXdIzX0HrKBfXtiShoQbOcTD8wFTfObkNY1+AQ9aQvs7DXZBncojyXF
9Vp6EQ7dVsLKx2mAyO+Cy7WRDu6oDXNZb5VhJMXCAbLltP/XMGkreILncmGOgpVZ
3x8t3bEANyuz9UeJwwXCSRi4AiGQM3VOqphACkFXbkkEV0X2G1//iSk/8+fveWk+
sH5VYHBUtd0fuE0dTPk9ka99Zu7dSxQMWl/eDbM0WtYbnhdEwshBXWRRKQ+x502w
Qi/FmhJ3bjX+T5g=
-----END CERTIFICATE-----
Generated at Sat Sep 28 17:10:40 2024 by rpki-client on console-ams.rpki-client.org