Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/0j6hRzNc2E3rc4b8yhcRpvyfaiE.roa
File: 0j6hRzNc2E3rc4b8yhcRpvyfaiE.roa (raw, json)
Hash identifier: Z0+BBwf8ewemhBtZkIm8Ap7i5P02ldE++0qKWfkTdzA=
Subject key identifier: D2:3E:A1:47:33:5C:D8:4D:EB:73:86:FC:CA:17:11:A6:FC:9F:6A:21
Certificate issuer: /CN=d44de659759b0274124a7b481d0976840b7ade06
Certificate serial: 018CC9BC503665AFA9A4D5D9A55E706F1CB7
Authority key identifier: D4:4D:E6:59:75:9B:02:74:12:4A:7B:48:1D:09:76:84:0B:7A:DE:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1E3mWXWbAnQSSntIHQl2hAt63gY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/0j6hRzNc2E3rc4b8yhcRpvyfaiE.roa
Signing time: Tue 02 Jan 2024 10:33:30 +0000
ROA not before: Tue 02 Jan 2024 10:33:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52023
IP address blocks: 91.212.148.0/24 maxlen: 24
37.143.165.0/24 maxlen: 24
37.143.166.0/24 maxlen: 24
37.143.162.0/24 maxlen: 24
37.143.164.0/24 maxlen: 24
37.143.163.0/24 maxlen: 24
37.143.167.0/24 maxlen: 24
37.143.171.0/24 maxlen: 24
37.143.170.0/24 maxlen: 24
37.143.172.0/24 maxlen: 24
193.32.141.0/24 maxlen: 24
193.32.142.0/23 maxlen: 23
2a03:8f84::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/1E3mWXWbAnQSSntIHQl2hAt63gY.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/1E3mWXWbAnQSSntIHQl2hAt63gY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1E3mWXWbAnQSSntIHQl2hAt63gY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 01:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:50:36:65:af:a9:a4:d5:d9:a5:5e:70:6f:1c:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d44de659759b0274124a7b481d0976840b7ade06
Validity
Not Before: Jan 2 10:33:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d23ea147335cd84deb7386fcca1711a6fc9f6a21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:44:b6:d7:b6:fa:1b:7a:db:78:f2:16:75:b8:
24:91:0d:9e:f0:f1:84:c7:d3:77:b0:18:78:58:f0:
ce:44:da:c4:51:16:e0:ae:c4:92:6c:84:73:6d:25:
02:15:f6:82:b8:ea:8b:d5:81:b4:86:5a:2b:b2:20:
c5:8b:6b:69:7c:06:ac:e2:a6:e7:5e:8b:d8:f8:b2:
bf:da:2b:53:07:32:40:06:4c:40:1f:c9:59:59:4c:
fd:09:1f:c1:c5:84:16:3e:10:50:b9:75:f1:46:20:
30:cc:f0:9a:e8:b4:74:df:a1:8e:a9:44:04:16:f7:
bb:fb:d5:f9:71:29:5b:ca:78:d3:b9:f8:9e:60:2e:
af:d6:3e:34:2b:8f:eb:a3:5a:6e:ef:52:fe:ea:55:
b9:31:76:6b:37:b1:45:90:21:32:e5:cd:b0:bf:0d:
62:1b:38:b0:44:29:62:a7:ef:8f:ac:9a:eb:b5:16:
5a:4e:c1:6b:4c:5b:da:09:e5:2c:78:8b:2e:29:f4:
72:67:ca:a4:b2:a2:96:a5:89:f4:c0:da:51:4e:4f:
56:8a:68:1a:0c:2a:64:16:c9:c1:5a:ff:c5:81:0e:
c0:c2:b1:7a:d3:25:67:e8:df:d8:6c:af:78:af:d5:
8a:51:ac:aa:67:85:44:4f:23:0b:7d:ee:91:ef:e3:
90:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:3E:A1:47:33:5C:D8:4D:EB:73:86:FC:CA:17:11:A6:FC:9F:6A:21
X509v3 Authority Key Identifier:
keyid:D4:4D:E6:59:75:9B:02:74:12:4A:7B:48:1D:09:76:84:0B:7A:DE:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1E3mWXWbAnQSSntIHQl2hAt63gY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/0j6hRzNc2E3rc4b8yhcRpvyfaiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/1E3mWXWbAnQSSntIHQl2hAt63gY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.162.0-37.143.167.255
37.143.170.0-37.143.172.255
91.212.148.0/24
193.32.141.0-193.32.143.255
IPv6:
2a03:8f84::/32
Signature Algorithm: sha256WithRSAEncryption
2b:97:36:bf:df:79:29:88:2c:d3:49:24:fd:83:b1:37:6f:af:
8d:a5:cf:ff:e2:86:ac:e5:0e:be:59:6c:bf:74:d4:ce:03:99:
22:70:ec:0e:f9:04:3d:ea:59:b3:a0:33:d5:7a:81:02:ec:8b:
b1:53:26:3f:12:25:a4:ba:00:e8:05:52:0b:b1:56:ee:8c:8e:
6d:5a:a3:36:3a:9e:fa:d0:43:51:51:30:03:a0:9c:59:47:d2:
42:f5:11:84:a7:14:e9:f8:eb:53:be:63:ca:b3:cc:ea:02:7f:
08:13:b1:30:3d:90:43:58:a1:cf:04:1a:6f:b8:d2:02:80:63:
93:f6:d3:37:23:52:e2:0b:8e:03:af:78:14:29:8e:8a:5c:ed:
cd:85:ac:d9:c0:8b:b0:39:13:8d:85:74:07:66:29:f3:25:d8:
64:16:60:0a:bf:65:19:69:ef:e9:63:63:5f:04:36:32:00:8c:
ed:ce:25:60:21:92:ed:fb:7a:6a:dc:83:fd:b1:b5:0f:4b:61:
3a:af:52:fc:17:c0:c4:1a:4b:d0:76:c9:17:60:c0:2e:8a:b7:
89:aa:ea:71:58:e8:92:c1:fb:db:ee:1e:10:95:3a:91:22:31:
63:cd:1c:49:19:a3:2d:84:24:56:3c:84:7e:b1:d8:39:34:b3:
96:d9:8a:c3
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzJvFA2Za+ppNXZpV5wbxy3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NGRlNjU5NzU5YjAyNzQxMjRhN2I0ODFkMDk3Njg0MGI3
YWRlMDYwHhcNMjQwMTAyMTAzMzMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjNlYTE0NzMzNWNkODRkZWI3Mzg2ZmNjYTE3MTFhNmZjOWY2YTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUS217b6G3rbePIWdbgkkQ2e8PGE
x9N3sBh4WPDORNrEURbgrsSSbIRzbSUCFfaCuOqL1YG0hlorsiDFi2tpfAas4qbn
XovY+LK/2itTBzJABkxAH8lZWUz9CR/BxYQWPhBQuXXxRiAwzPCa6LR036GOqUQE
Fve7+9X5cSlbynjTufieYC6v1j40K4/ro1pu71L+6lW5MXZrN7FFkCEy5c2wvw1i
GziwRClip++PrJrrtRZaTsFrTFvaCeUseIsuKfRyZ8qksqKWpYn0wNpRTk9Wimga
DCpkFsnBWv/FgQ7AwrF60yVn6N/YbK94r9WKUayqZ4VETyMLfe6R7+OQlQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFNI+oUczXNhN63OG/MoXEab8n2ohMB8GA1UdIwQY
MBaAFNRN5ll1mwJ0Ekp7SB0JdoQLet4GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUUzbVdYV2JBblFTU250SUhRbDJoQXQ2M2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy83NTIxNmQtNjg0Yi00N2NjLWE5NWUt
ZGI0ZDM5ZGM0ZWM3LzEvMGo2aFJ6TmMyRTNyYzRiOHloY1JwdnlmYWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy83NTIxNmQtNjg0Yi00N2NjLWE5NWUtZGI0ZDM5ZGM0ZWM3
LzEvMUUzbVdYV2JBblFTU250SUhRbDJoQXQ2M2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwMAwDBAElj6ID
BAMlj6AwDAMEASWPqgMEACWPrAMEAFvUlDAMAwQAwSCNAwQEwSCAMA0EAgACMAcD
BQAqA4+EMA0GCSqGSIb3DQEBCwUAA4IBAQArlza/33kpiCzTSST9g7E3b6+Npc//
4oas5Q6+WWy/dNTOA5kicOwO+QQ96lmzoDPVeoEC7IuxUyY/EiWkugDoBVILsVbu
jI5tWqM2Op760ENRUTADoJxZR9JC9RGEpxTp+OtTvmPKs8zqAn8IE7EwPZBDWKHP
BBpvuNICgGOT9tM3I1LiC44Dr3gUKY6KXO3NhazZwIuwORONhXQHZinzJdhkFmAK
v2UZae/pY2NfBDYyAIztziVgIZLt+3pq3IP9sbUPS2E6r1L8F8DEGkvQdskXYMAu
ireJqupxWOiSwfvb7h4QlTqRIjFjzRxJGaMthCRWPIR+sdg5NLOW2YrD
-----END CERTIFICATE-----
Generated at Sun May 19 05:53:56 2024 by rpki-client on console-fra.rpki-client.org