Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/Y2yQKQzP-2Bw7S-KQr1hR6P19u8.roa
File: Y2yQKQzP-2Bw7S-KQr1hR6P19u8.roa (raw, json)
Hash identifier: A5D57xTsteA+GwSmJFT2m0Jxl9taD4y2MtByVWfPhw8=
Subject key identifier: 63:6C:90:29:0C:CF:FB:60:70:ED:2F:8A:42:BD:61:47:A3:F5:F6:EF
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018CC56DFAF2D26D4C7805E404B1351A5A06
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/Y2yQKQzP-2Bw7S-KQr1hR6P19u8.roa
Signing time: Mon 01 Jan 2024 14:29:28 +0000
ROA not before: Mon 01 Jan 2024 14:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5433
IP address blocks: 91.151.176.0/20 maxlen: 20
91.151.186.0/24 maxlen: 24
91.151.190.0/24 maxlen: 24
91.151.189.0/24 maxlen: 24
2a01:8380::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:fa:f2:d2:6d:4c:78:05:e4:04:b1:35:1a:5a:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 1 14:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=636c90290ccffb6070ed2f8a42bd6147a3f5f6ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:3a:68:f4:09:36:1e:ea:50:34:7e:9b:8d:b0:
9e:11:2f:e2:99:16:34:a5:b0:c4:3b:62:e8:9d:3e:
8e:74:75:71:1a:84:8a:34:ae:14:af:93:71:6e:9e:
7a:49:ef:24:11:bb:0e:a6:24:83:74:f0:91:07:39:
3a:0d:f9:60:92:09:f4:72:39:54:33:60:15:36:75:
cb:b7:3a:97:6d:e5:da:f7:8b:9f:2e:3f:e7:1e:3e:
12:12:75:26:bb:43:11:14:7e:4a:22:04:ea:c1:bc:
c3:e1:9c:26:d2:a1:e1:68:be:f3:16:26:0d:cc:05:
20:50:d8:18:eb:8c:3d:75:b3:3f:0a:24:1c:e0:f5:
0e:30:3a:cf:05:a6:0a:17:78:66:04:97:7a:20:0e:
f1:d7:06:b6:32:bd:2a:8b:95:63:6a:55:ec:aa:48:
e1:60:a7:3e:91:fe:54:62:80:00:c0:98:82:3f:64:
ad:32:b7:fc:49:7a:35:aa:ed:27:a0:c7:65:e6:b2:
59:bf:98:a1:fe:82:7b:e6:81:98:ce:c6:74:ef:4f:
4c:71:21:2f:de:44:c7:de:50:4a:13:44:15:8c:2c:
90:25:91:9d:f9:33:b9:ab:ce:58:22:b8:c1:05:42:
d1:94:83:f0:20:76:ed:5c:33:57:e4:22:da:7c:a2:
22:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:6C:90:29:0C:CF:FB:60:70:ED:2F:8A:42:BD:61:47:A3:F5:F6:EF
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/Y2yQKQzP-2Bw7S-KQr1hR6P19u8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.176.0/20
IPv6:
2a01:8380::/32
Signature Algorithm: sha256WithRSAEncryption
40:79:a4:34:92:ea:33:b5:93:f6:3e:6e:a7:af:ea:93:65:06:
b8:58:45:6a:80:22:b6:0d:b3:c7:f2:cf:23:93:15:91:74:68:
91:41:f9:ab:0c:2b:3e:ca:c4:74:ea:f8:b8:1b:59:41:41:7c:
5e:cf:70:87:47:68:d8:2f:e4:e0:8b:65:9b:47:5f:0e:6d:4d:
b3:fa:3a:91:80:fa:50:cf:60:9a:6e:60:f5:38:9d:5f:1c:98:
85:72:a3:43:31:49:80:ab:27:6b:d9:9b:2f:fb:d0:3f:f4:e2:
ff:f7:92:2f:c7:b5:81:05:3d:46:6b:7e:e2:de:01:bc:32:7a:
ff:80:3e:2b:a1:07:3a:a8:46:a2:6e:10:32:d9:13:c8:ac:2f:
13:6b:dc:56:1b:65:6a:dc:82:cd:cd:5b:0a:9a:ca:17:5b:62:
1f:cd:7e:70:83:d5:90:f2:36:ed:5f:2f:8f:3d:4c:28:9a:20:
77:90:e5:2c:2b:8b:50:33:49:40:07:d6:64:4b:6f:16:ae:1e:
de:b3:ce:d8:4a:5b:69:d2:fd:1d:65:10:65:88:17:3b:db:8e:
74:bb:f1:b4:fe:ec:24:2a:22:67:e0:78:02:45:0a:14:d1:a8:
8f:e1:9f:fc:17:f4:2b:38:1a:b4:b5:8d:62:5b:36:ea:57:6a:
b3:08:71:90
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbfry0m1MeAXkBLE1GloGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQwMTAxMTQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzZjOTAyOTBjY2ZmYjYwNzBlZDJmOGE0MmJkNjE0N2EzZjVmNmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzpo9Ak2HupQNH6bjbCeES/imRY0
pbDEO2LonT6OdHVxGoSKNK4Ur5Nxbp56Se8kEbsOpiSDdPCRBzk6Dflgkgn0cjlU
M2AVNnXLtzqXbeXa94ufLj/nHj4SEnUmu0MRFH5KIgTqwbzD4Zwm0qHhaL7zFiYN
zAUgUNgY64w9dbM/CiQc4PUOMDrPBaYKF3hmBJd6IA7x1wa2Mr0qi5VjalXsqkjh
YKc+kf5UYoAAwJiCP2StMrf8SXo1qu0noMdl5rJZv5ih/oJ75oGYzsZ0709McSEv
3kTH3lBKE0QVjCyQJZGd+TO5q85YIrjBBULRlIPwIHbtXDNX5CLafKIi7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGNskCkMz/tgcO0vikK9YUej9fbvMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvWTJ5UUtRelAtMkJ3N1MtS1FyMWhSNlAxOXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEW5ewMA0E
AgACMAcDBQAqAYOAMA0GCSqGSIb3DQEBCwUAA4IBAQBAeaQ0kuoztZP2Pm6nr+qT
ZQa4WEVqgCK2DbPH8s8jkxWRdGiRQfmrDCs+ysR06vi4G1lBQXxez3CHR2jYL+Tg
i2WbR18ObU2z+jqRgPpQz2CabmD1OJ1fHJiFcqNDMUmAqydr2Zsv+9A/9OL/95Iv
x7WBBT1Ga37i3gG8Mnr/gD4roQc6qEaibhAy2RPIrC8Ta9xWG2Vq3ILNzVsKmsoX
W2IfzX5wg9WQ8jbtXy+PPUwomiB3kOUsK4tQM0lAB9ZkS28Wrh7es87YSltp0v0d
ZRBliBc72450u/G0/uwkKiJn4HgCRQoU0aiP4Z/8F/QrOBq0tY1iWzbqV2qzCHGQ
-----END CERTIFICATE-----
Generated at Mon May 13 05:22:35 2024 by rpki-client on console-ams.rpki-client.org