Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/90ysUNU5j1C6k3OPk9-2KxsKK7I.roa
File: 90ysUNU5j1C6k3OPk9-2KxsKK7I.roa (raw, json)
Hash identifier: h/5QFPRJGQDnrxXm5pPyoBJUUxqxQHbnvFljAelGlls=
Subject key identifier: F7:4C:AC:50:D5:39:8F:50:BA:93:73:8F:93:DF:B6:2B:1B:0A:2B:B2
Certificate issuer: /CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Certificate serial: 018CC72722AE9FBD4B1FCB25CCB83B017ED8
Authority key identifier: 9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/90ysUNU5j1C6k3OPk9-2KxsKK7I.roa
Signing time: Mon 01 Jan 2024 22:31:19 +0000
ROA not before: Mon 01 Jan 2024 22:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34984
IP address blocks: 5.182.244.0/24 maxlen: 24
185.233.245.0/24 maxlen: 24
89.200.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.mft
rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:22:ae:9f:bd:4b:1f:cb:25:cc:b8:3b:01:7e:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Validity
Not Before: Jan 1 22:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f74cac50d5398f50ba93738f93dfb62b1b0a2bb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:47:06:6c:1a:ee:0a:93:c2:93:e5:6f:33:a7:
1c:de:d9:04:94:9b:52:2d:d0:5c:b0:fc:39:64:27:
95:b3:d3:38:0c:c4:56:e9:e5:d2:71:81:11:f8:1f:
83:c8:85:87:a5:7c:3f:2e:1a:d9:ae:66:d2:b4:52:
42:bc:9e:f3:e1:96:91:01:63:6b:ed:7d:b2:7b:a6:
e0:93:37:63:5e:2d:8f:03:1a:87:9d:a0:03:bf:6b:
1c:ad:ce:09:c4:4a:e1:4d:17:f7:95:3d:62:df:a5:
f7:21:25:ab:ce:43:22:0b:da:49:99:7b:96:47:b7:
de:50:0e:90:67:e3:23:79:5a:58:a5:e1:7e:20:2c:
93:ed:22:ca:9b:17:5b:6b:fd:07:32:af:4a:b0:50:
71:a3:99:8f:a1:ad:29:25:92:6e:20:ad:66:60:32:
c4:d4:60:fa:8e:12:6e:13:73:f9:37:6f:04:a9:44:
ea:6b:5a:c8:8a:32:c1:04:d4:68:dc:0a:15:57:9b:
a7:78:3c:3e:20:da:a4:e7:68:57:83:fb:51:67:0c:
f6:51:9c:b6:a5:c5:b8:18:fe:31:ad:06:de:78:08:
b7:51:23:be:84:37:b8:a7:6e:b4:00:b8:3b:47:46:
2a:71:c5:93:99:58:4b:89:79:83:fd:2a:0d:8e:3f:
39:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:4C:AC:50:D5:39:8F:50:BA:93:73:8F:93:DF:B6:2B:1B:0A:2B:B2
X509v3 Authority Key Identifier:
keyid:9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/90ysUNU5j1C6k3OPk9-2KxsKK7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.244.0/24
89.200.219.0/24
185.233.245.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:f7:98:22:65:14:d1:09:c3:73:d2:13:3b:ab:39:2a:f6:71:
94:99:dd:62:8e:a8:b7:cc:96:69:92:08:fb:00:ac:46:ce:08:
ef:6d:c4:66:5d:5e:3d:1b:a5:e1:5c:8e:9d:56:62:ab:4b:34:
28:52:17:16:85:69:77:e0:0d:94:6d:70:08:00:aa:ff:b7:99:
dc:99:ec:5d:e8:5d:9c:51:18:a3:a0:1a:9d:b9:77:a3:61:6a:
c6:4e:19:e5:0f:3a:8c:9a:0e:5c:47:3e:4d:fb:bf:d5:e1:e9:
34:42:6e:ad:08:31:77:7e:08:42:02:8f:b1:12:15:3e:3d:b9:
d4:5b:5e:5c:3b:1a:7b:76:ac:da:b9:33:e6:dd:46:1f:fd:8b:
24:ee:39:0c:4c:60:6d:23:51:d3:5b:e3:2c:45:cd:c7:fb:03:
34:89:91:d5:f4:fd:fb:8c:18:13:69:92:66:b7:80:fd:96:0e:
d9:9d:83:77:eb:37:89:04:5a:9a:39:7c:a8:55:a2:18:f4:83:
68:a4:5c:22:9e:ec:65:67:73:69:2c:4b:41:df:21:30:cf:18:
6e:8b:c8:2b:14:39:7b:9c:27:82:95:cb:4c:0d:ea:f1:07:63:
45:38:25:cb:6a:26:17:82:16:84:0f:94:b7:49:61:df:40:5f:
55:6a:b4:19
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJyKun71LH8slzLg7AX7YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTUzMjAwNzc2OTY5NDRiMTYxM2MyZThjOWM2MDZhMWUw
NmViNzkwHhcNMjQwMTAxMjIzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzRjYWM1MGQ1Mzk4ZjUwYmE5MzczOGY5M2RmYjYyYjFiMGEyYmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUcGbBruCpPCk+VvM6cc3tkElJtS
LdBcsPw5ZCeVs9M4DMRW6eXScYER+B+DyIWHpXw/LhrZrmbStFJCvJ7z4ZaRAWNr
7X2ye6bgkzdjXi2PAxqHnaADv2scrc4JxErhTRf3lT1i36X3ISWrzkMiC9pJmXuW
R7feUA6QZ+MjeVpYpeF+ICyT7SLKmxdba/0HMq9KsFBxo5mPoa0pJZJuIK1mYDLE
1GD6jhJuE3P5N28EqUTqa1rIijLBBNRo3AoVV5uneDw+INqk52hXg/tRZwz2UZy2
pcW4GP4xrQbeeAi3USO+hDe4p260ALg7R0YqccWTmVhLiXmD/SoNjj85pQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPdMrFDVOY9QupNzj5PftisbCiuyMB8GA1UdIwQY
MBaAFJ5VMgB3aWlEsWE8LoycYGoeBut5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxVeUFIZHBhVVN4WVR3dWpKeGdhaDRHNjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8yNjBiNjEtYTM0OC00ZDQ3LTkyZjYt
MWUwZThiOTA5ZTM0LzEvOTB5c1VOVTVqMUM2azNPUGs5LTJLeHNLSzdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8yNjBiNjEtYTM0OC00ZDQ3LTkyZjYtMWUwZThiOTA5ZTM0
LzEvbmxVeUFIZHBhVVN4WVR3dWpKeGdhaDRHNjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABbb0AwQA
WcjbAwQAuen1MA0GCSqGSIb3DQEBCwUAA4IBAQBs95giZRTRCcNz0hM7qzkq9nGU
md1ijqi3zJZpkgj7AKxGzgjvbcRmXV49G6XhXI6dVmKrSzQoUhcWhWl34A2UbXAI
AKr/t5ncmexd6F2cURijoBqduXejYWrGThnlDzqMmg5cRz5N+7/V4ek0Qm6tCDF3
fghCAo+xEhU+PbnUW15cOxp7dqzauTPm3UYf/Ysk7jkMTGBtI1HTW+MsRc3H+wM0
iZHV9P37jBgTaZJmt4D9lg7ZnYN36zeJBFqaOXyoVaIY9INopFwinuxlZ3NpLEtB
3yEwzxhui8grFDl7nCeClctMDerxB2NFOCXLaiYXghaED5S3SWHfQF9VarQZ
-----END CERTIFICATE-----