Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/caa2da-5ebc-45cb-b8fe-08f3e8907c42/1/puqtH_nIz5m-dfYh64RHVrAJa4I.roa
File: puqtH_nIz5m-dfYh64RHVrAJa4I.roa (raw, json)
Hash identifier: qthd391APBVfrZ9cPKPJj2Gb+BzfDOxhZudu/4SdKkE=
Subject key identifier: A6:EA:AD:1F:F9:C8:CF:99:BE:75:F6:21:EB:84:47:56:B0:09:6B:82
Certificate issuer: /CN=0e3c9ee1be3308fd6bd4a7c7ac2b9d910089b779
Certificate serial: 018CC87108E7DF99BF9719FDF1774C1441C7
Authority key identifier: 0E:3C:9E:E1:BE:33:08:FD:6B:D4:A7:C7:AC:2B:9D:91:00:89:B7:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Djye4b4zCP1r1KfHrCudkQCJt3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/caa2da-5ebc-45cb-b8fe-08f3e8907c42/1/puqtH_nIz5m-dfYh64RHVrAJa4I.roa
Signing time: Tue 02 Jan 2024 04:31:40 +0000
ROA not before: Tue 02 Jan 2024 04:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61311
IP address blocks: 91.202.176.0/24 maxlen: 24
91.202.176.0/22 maxlen: 24
91.202.179.0/24 maxlen: 24
91.202.178.0/24 maxlen: 24
91.202.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/caa2da-5ebc-45cb-b8fe-08f3e8907c42/1/Djye4b4zCP1r1KfHrCudkQCJt3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/caa2da-5ebc-45cb-b8fe-08f3e8907c42/1/Djye4b4zCP1r1KfHrCudkQCJt3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/Djye4b4zCP1r1KfHrCudkQCJt3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:08:e7:df:99:bf:97:19:fd:f1:77:4c:14:41:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e3c9ee1be3308fd6bd4a7c7ac2b9d910089b779
Validity
Not Before: Jan 2 04:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6eaad1ff9c8cf99be75f621eb844756b0096b82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:94:41:09:9c:ff:98:69:9e:3b:de:6d:1c:f3:
23:3f:08:fb:3b:d5:02:b0:d4:a0:2c:9e:0b:28:d4:
f1:ee:ac:f2:1e:f6:c6:8c:6d:a9:a6:00:f8:bb:35:
fc:1a:7e:16:75:94:83:bf:c1:85:92:f4:21:e8:47:
a8:3a:04:f7:83:ef:4a:4c:8c:70:ca:d4:67:14:61:
03:08:0d:8d:5a:11:2e:bd:cd:11:11:34:95:8a:ec:
66:bd:2f:81:9d:ab:d8:5c:ef:6c:76:06:b1:46:02:
6b:04:c1:ce:4d:0e:07:84:9b:d7:5c:4d:a5:1d:3b:
aa:b8:d6:dd:10:82:fa:11:24:f4:4d:32:06:ff:a6:
98:4d:a6:14:d5:15:c4:4a:8f:68:87:78:f6:d7:82:
05:54:11:17:22:e8:86:1f:4f:06:9a:ef:10:03:a6:
d8:3d:96:cc:4e:2e:22:a6:b1:4f:c1:36:37:24:cc:
78:c1:a4:25:3f:72:f3:1a:f6:f6:d9:c9:11:80:1a:
3c:cd:33:60:05:ef:6f:ec:b5:f1:1a:45:a0:ae:97:
e4:e8:0b:1a:fa:eb:5a:21:9e:91:1a:26:1a:f2:b9:
fc:2e:6c:7b:93:38:4c:42:3e:58:50:a7:de:e6:20:
d5:71:26:52:57:cd:79:b8:1c:8a:f7:35:32:53:2a:
0d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:EA:AD:1F:F9:C8:CF:99:BE:75:F6:21:EB:84:47:56:B0:09:6B:82
X509v3 Authority Key Identifier:
keyid:0E:3C:9E:E1:BE:33:08:FD:6B:D4:A7:C7:AC:2B:9D:91:00:89:B7:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Djye4b4zCP1r1KfHrCudkQCJt3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/caa2da-5ebc-45cb-b8fe-08f3e8907c42/1/puqtH_nIz5m-dfYh64RHVrAJa4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/caa2da-5ebc-45cb-b8fe-08f3e8907c42/1/Djye4b4zCP1r1KfHrCudkQCJt3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.176.0/22
Signature Algorithm: sha256WithRSAEncryption
04:78:54:49:35:83:11:3e:54:b9:8e:8e:6a:f4:f3:e0:00:eb:
fe:c6:27:73:8a:f9:2a:51:c0:8a:db:bf:8c:4b:46:77:31:ba:
be:d8:1b:fb:ff:eb:64:3b:a9:71:8a:d2:9c:98:d4:5a:8a:ec:
c3:c8:73:aa:7b:c4:98:04:d3:dd:a6:ac:80:d5:92:28:da:1b:
e9:28:2d:3d:fc:1d:cb:af:25:6f:78:e1:59:fc:e6:6e:0a:43:
29:01:3b:e5:7f:a1:72:f9:4f:1a:f9:6a:b9:49:06:d5:8b:ee:
8f:e3:68:58:63:11:75:a7:06:a7:1e:3d:38:53:f9:c5:a0:65:
ab:37:e1:45:c7:ed:52:d7:3a:01:17:41:25:ac:93:01:ef:41:
57:7e:e6:bf:4b:64:8a:46:56:dd:cd:44:fe:45:0c:f5:84:f8:
c8:92:16:43:03:3b:a3:a1:d3:5d:7d:be:bd:e8:61:ab:e1:d0:
29:1f:d0:0a:dd:d2:ef:97:e0:a3:a5:ac:7b:71:32:9b:93:26:
89:6d:72:bd:11:f3:00:12:9a:df:55:62:3b:32:8a:17:04:83:
d7:99:75:b4:74:1b:66:74:08:ec:c5:c7:35:ea:2c:76:d2:bf:
dc:49:f2:be:4a:b6:80:d8:57:2f:a8:87:2f:2d:c4:45:b1:bf:
52:8b:33:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcQjn35m/lxn98XdMFEHHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlM2M5ZWUxYmUzMzA4ZmQ2YmQ0YTdjN2FjMmI5ZDkxMDA4
OWI3NzkwHhcNMjQwMTAyMDQzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmVhYWQxZmY5YzhjZjk5YmU3NWY2MjFlYjg0NDc1NmIwMDk2YjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpRBCZz/mGmeO95tHPMjPwj7O9UC
sNSgLJ4LKNTx7qzyHvbGjG2ppgD4uzX8Gn4WdZSDv8GFkvQh6EeoOgT3g+9KTIxw
ytRnFGEDCA2NWhEuvc0RETSViuxmvS+BnavYXO9sdgaxRgJrBMHOTQ4HhJvXXE2l
HTuquNbdEIL6EST0TTIG/6aYTaYU1RXESo9oh3j214IFVBEXIuiGH08Gmu8QA6bY
PZbMTi4iprFPwTY3JMx4waQlP3LzGvb22ckRgBo8zTNgBe9v7LXxGkWgrpfk6Asa
+utaIZ6RGiYa8rn8Lmx7kzhMQj5YUKfe5iDVcSZSV815uByK9zUyUyoN0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKbqrR/5yM+ZvnX2IeuER1awCWuCMB8GA1UdIwQY
MBaAFA48nuG+Mwj9a9Snx6wrnZEAibd5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGp5ZTRiNHpDUDFyMUtmSHJDdWRrUUNKdDNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9jYWEyZGEtNWViYy00NWNiLWI4ZmUt
MDhmM2U4OTA3YzQyLzEvcHVxdEhfbkl6NW0tZGZZaDY0UkhWckFKYTRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9jYWEyZGEtNWViYy00NWNiLWI4ZmUtMDhmM2U4OTA3YzQy
LzEvRGp5ZTRiNHpDUDFyMUtmSHJDdWRrUUNKdDNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8qwMA0G
CSqGSIb3DQEBCwUAA4IBAQAEeFRJNYMRPlS5jo5q9PPgAOv+xidzivkqUcCK27+M
S0Z3Mbq+2Bv7/+tkO6lxitKcmNRaiuzDyHOqe8SYBNPdpqyA1ZIo2hvpKC09/B3L
ryVveOFZ/OZuCkMpATvlf6Fy+U8a+Wq5SQbVi+6P42hYYxF1pwanHj04U/nFoGWr
N+FFx+1S1zoBF0ElrJMB70FXfua/S2SKRlbdzUT+RQz1hPjIkhZDAzujodNdfb69
6GGr4dApH9AK3dLvl+Cjpax7cTKbkyaJbXK9EfMAEprfVWI7MooXBIPXmXW0dBtm
dAjsxcc16ix20r/cSfK+SraA2FcvqIcvLcRFsb9SizNN
-----END CERTIFICATE-----
Generated at Wed May 8 21:17:52 2024 by rpki-client on console-fra.rpki-client.org