Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/u5GRLHL0XwtKF6iOSWlVJ4Yruqg.roa
File: u5GRLHL0XwtKF6iOSWlVJ4Yruqg.roa (raw, json)
Hash identifier: CmsrIphWJrUNpXPyXBJxAe2R+jANJH+zDwnCicPDEy4=
Subject key identifier: BB:91:91:2C:72:F4:5F:0B:4A:17:A8:8E:49:69:55:27:86:2B:BA:A8
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018CC56E074C3752FFBA6FE04AF6526BEF75
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/u5GRLHL0XwtKF6iOSWlVJ4Yruqg.roa
Signing time: Mon 01 Jan 2024 14:29:31 +0000
ROA not before: Mon 01 Jan 2024 14:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 46844
IP address blocks: 37.9.44.0/22 maxlen: 22
91.243.89.0/24 maxlen: 24
91.243.92.0/24 maxlen: 24
91.243.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:07:4c:37:52:ff:ba:6f:e0:4a:f6:52:6b:ef:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 1 14:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb91912c72f45f0b4a17a88e49695527862bbaa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:39:45:d1:66:2f:04:56:4c:13:ad:83:16:6a:
d3:6a:88:c7:ab:7c:91:2b:74:bc:96:7e:5f:d9:5a:
1e:4e:a9:39:2a:2c:ab:b9:e0:17:10:3f:53:2f:23:
c5:19:09:7d:f8:3d:4e:32:e1:61:c8:f8:82:32:2b:
a2:31:7c:f8:84:8e:14:5e:09:95:30:08:bf:b7:06:
c8:26:44:ee:6f:8a:d4:de:b8:ff:6f:bf:ed:ed:02:
dd:30:c4:30:38:4e:48:4a:48:2c:2a:63:bb:46:6f:
24:06:38:93:05:16:50:a0:5e:1c:cf:8d:f8:df:3b:
6a:26:f1:6f:2e:8d:81:bb:db:fa:bc:30:6a:e6:fe:
c3:0e:a3:e7:22:14:80:46:5c:23:ea:7a:53:a3:4f:
03:19:2c:e0:12:62:12:1e:26:f6:da:9d:52:e6:b5:
7c:5c:78:97:d4:b2:1a:a5:e8:cd:b6:16:85:75:6e:
08:ce:19:65:a5:93:68:03:6f:2f:b6:9a:d7:39:1a:
7f:28:0a:57:36:3e:36:82:09:ba:bd:7d:31:95:30:
80:37:d7:26:54:ca:9b:30:41:dc:e8:4e:0e:6b:f8:
e9:9e:82:21:9e:b1:b8:9b:d0:d1:c8:ff:fb:3b:73:
cb:6c:a1:04:79:77:10:60:5d:e2:ab:85:94:35:21:
61:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:91:91:2C:72:F4:5F:0B:4A:17:A8:8E:49:69:55:27:86:2B:BA:A8
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/u5GRLHL0XwtKF6iOSWlVJ4Yruqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.9.44.0/22
91.243.89.0/24
91.243.92.0/24
91.243.94.0/24
Signature Algorithm: sha256WithRSAEncryption
85:62:03:30:61:66:96:60:c5:e7:0c:70:5f:b2:48:d5:b5:4a:
f5:3f:98:60:3d:46:a9:b2:a7:6a:66:bf:84:b6:f1:63:f0:ee:
08:02:eb:1f:dd:e4:b9:36:65:cb:01:4e:b2:d7:1b:39:b9:5d:
b7:53:22:84:38:f7:30:34:4c:22:8b:f0:5b:42:7f:35:89:98:
8e:b6:dc:c6:9e:2d:a7:f4:3b:9b:30:10:94:23:2f:34:55:ec:
bd:d4:48:b3:71:1a:b0:16:0b:90:12:3c:14:e1:13:97:ba:49:
8f:35:24:a1:cb:f4:b2:3e:19:b7:2a:48:54:46:33:cd:a9:01:
a6:45:65:04:41:43:e1:f8:cc:70:6c:f5:f4:67:6b:c7:c6:05:
5a:0a:f9:17:e9:76:95:fe:ce:31:41:63:c3:0c:00:d9:e8:1d:
d1:df:21:87:5a:b7:93:27:b0:4c:79:f4:b7:0c:b6:41:40:f2:
63:28:dc:fb:26:a1:00:fe:92:d4:1f:2b:87:b6:06:dd:79:f3:
d0:82:e7:c6:06:f6:00:55:bf:de:14:9b:0d:e8:e5:35:8c:23:
8c:3d:f2:d7:cb:1c:14:aa:ab:06:a1:61:3d:cb:5b:df:55:ba:
46:d9:7a:03:15:c3:14:d8:8f:30:6a:d6:21:f3:18:08:4c:88:
e4:5e:8e:2a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFbgdMN1L/um/gSvZSa+91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQwMTAxMTQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjkxOTEyYzcyZjQ1ZjBiNGExN2E4OGU0OTY5NTUyNzg2MmJiYWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojlF0WYvBFZME62DFmrTaojHq3yR
K3S8ln5f2VoeTqk5KiyrueAXED9TLyPFGQl9+D1OMuFhyPiCMiuiMXz4hI4UXgmV
MAi/twbIJkTub4rU3rj/b7/t7QLdMMQwOE5ISkgsKmO7Rm8kBjiTBRZQoF4cz434
3ztqJvFvLo2Bu9v6vDBq5v7DDqPnIhSARlwj6npTo08DGSzgEmISHib22p1S5rV8
XHiX1LIapejNthaFdW4IzhllpZNoA28vtprXORp/KApXNj42ggm6vX0xlTCAN9cm
VMqbMEHc6E4Oa/jpnoIhnrG4m9DRyP/7O3PLbKEEeXcQYF3iq4WUNSFhpQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLuRkSxy9F8LSheojklpVSeGK7qoMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvdTVHUkxITDBYd3RLRjZpT1NXbFZKNFlydXFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCJQksAwQA
W/NZAwQAW/NcAwQAW/NeMA0GCSqGSIb3DQEBCwUAA4IBAQCFYgMwYWaWYMXnDHBf
skjVtUr1P5hgPUapsqdqZr+EtvFj8O4IAusf3eS5NmXLAU6y1xs5uV23UyKEOPcw
NEwii/BbQn81iZiOttzGni2n9DubMBCUIy80Vey91EizcRqwFguQEjwU4ROXukmP
NSShy/SyPhm3KkhURjPNqQGmRWUEQUPh+MxwbPX0Z2vHxgVaCvkX6XaV/s4xQWPD
DADZ6B3R3yGHWreTJ7BMefS3DLZBQPJjKNz7JqEA/pLUHyuHtgbdefPQgufGBvYA
Vb/eFJsN6OU1jCOMPfLXyxwUqqsGoWE9y1vfVbpG2XoDFcMU2I8watYh8xgITIjk
Xo4q
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:38:49 2024 by rpki-client on console-ams.rpki-client.org