Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/pM7mzti4P5DEIAQtxmUuQ3HiPrk.roa
File: pM7mzti4P5DEIAQtxmUuQ3HiPrk.roa (raw, json)
Hash identifier: AUrHczkEhGiv+gyedaWFfBYMew2F2tuo7oWpe76wdPc=
Subject key identifier: A4:CE:E6:CE:D8:B8:3F:90:C4:20:04:2D:C6:65:2E:43:71:E2:3E:B9
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018F822662A3C9F9CBE7895DE3D4B6540D1A
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/pM7mzti4P5DEIAQtxmUuQ3HiPrk.roa
Signing time: Thu 16 May 2024 16:05:04 +0000
ROA not before: Thu 16 May 2024 16:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60581
IP address blocks: 91.242.118.0/24 maxlen: 24
91.242.119.0/24 maxlen: 24
185.173.245.0/24 maxlen: 24
185.173.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:82:26:62:a3:c9:f9:cb:e7:89:5d:e3:d4:b6:54:0d:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: May 16 16:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4cee6ced8b83f90c420042dc6652e4371e23eb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d1:e1:bc:88:b3:ed:4b:c2:75:9a:bf:f6:f3:
3c:64:f1:0e:a6:d8:93:22:6b:20:18:9b:b6:6a:da:
b9:e7:0b:77:f5:2c:f0:e3:84:65:92:fc:58:d1:74:
15:43:81:2a:7e:a8:1e:b8:78:ff:e0:aa:3a:0a:5b:
a0:ef:b3:2d:79:e6:d5:ac:99:77:82:05:e3:25:96:
01:53:1f:a1:02:fd:e8:26:48:76:ed:b9:50:4c:a0:
22:36:8d:f2:b6:33:5f:a5:97:e3:0f:82:8f:ae:75:
ba:98:d1:24:4c:eb:8f:4b:10:f0:1f:c4:12:ad:8a:
4a:90:a9:8b:94:8e:a0:87:90:cc:5b:50:28:c1:17:
e4:70:40:f4:62:ef:4e:ee:16:cc:fa:21:25:52:62:
f1:68:d6:0b:17:f9:c2:59:68:31:32:c9:15:cf:b3:
b1:b1:d4:f9:b5:45:b7:e6:02:13:6b:a4:3a:ed:d9:
bb:32:0b:8f:cb:89:b9:5e:49:e6:ec:e0:f7:e4:07:
fb:9c:4a:bb:04:d3:b2:6c:a7:5d:69:31:55:ca:8f:
c3:88:30:4c:ac:27:0d:45:51:19:84:5d:46:11:52:
72:a2:60:5f:f3:58:5d:43:e6:fb:34:cf:56:85:0e:
53:06:02:7f:1f:cf:ac:e7:ac:c1:89:b1:e8:9a:90:
71:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:CE:E6:CE:D8:B8:3F:90:C4:20:04:2D:C6:65:2E:43:71:E2:3E:B9
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/pM7mzti4P5DEIAQtxmUuQ3HiPrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.118.0/23
185.173.245.0-185.173.246.255
Signature Algorithm: sha256WithRSAEncryption
7d:2b:1f:73:c7:53:fe:48:77:d2:0e:c2:73:0c:40:4c:ef:bf:
29:b0:40:c8:b7:66:ac:71:b0:bf:7b:11:97:66:f0:aa:a4:85:
a5:fc:2b:8a:70:19:a1:ca:18:f2:8a:97:2b:e1:4f:90:d2:92:
3b:a2:a0:73:4a:d4:f5:f5:27:38:ed:02:ec:cc:77:e5:6c:f4:
1c:d2:d4:9d:ae:0c:9f:42:ee:ec:c6:b9:fb:1e:4a:38:05:7a:
63:29:dc:3f:4a:57:6e:fe:92:90:c9:5f:2f:fb:b2:66:98:db:
0f:65:a2:d2:7a:53:18:75:f1:6f:ca:1d:cb:09:ba:cc:2b:30:
a3:0e:9a:9a:19:31:b7:5f:98:9f:23:83:41:e7:9c:17:5b:b4:
1d:af:2f:82:a7:00:40:25:1c:f3:ad:c7:14:5c:fe:5b:f8:d4:
70:06:2c:e8:98:9d:59:bc:08:e5:74:d6:70:71:9f:be:2f:f2:
01:0c:77:f1:5e:45:29:63:68:50:2e:e9:28:ea:08:56:dd:3b:
ba:17:dc:a5:92:41:9a:d9:43:8c:91:2c:5a:58:ba:7a:f2:24:
be:2a:c6:88:18:b4:0f:3b:77:5c:ef:2b:19:a1:17:35:91:06:
b9:14:14:ec:78:a3:b3:d4:2c:ec:e8:b3:d3:20:0e:ca:40:19:
3b:ff:87:d0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY+CJmKjyfnL54ld49S2VA0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNTE2MTYwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGNlZTZjZWQ4YjgzZjkwYzQyMDA0MmRjNjY1MmU0MzcxZTIzZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdHhvIiz7UvCdZq/9vM8ZPEOptiT
ImsgGJu2atq55wt39Szw44RlkvxY0XQVQ4EqfqgeuHj/4Ko6Clug77MteebVrJl3
ggXjJZYBUx+hAv3oJkh27blQTKAiNo3ytjNfpZfjD4KPrnW6mNEkTOuPSxDwH8QS
rYpKkKmLlI6gh5DMW1AowRfkcED0Yu9O7hbM+iElUmLxaNYLF/nCWWgxMskVz7Ox
sdT5tUW35gITa6Q67dm7MguPy4m5Xknm7OD35Af7nEq7BNOybKddaTFVyo/DiDBM
rCcNRVEZhF1GEVJyomBf81hdQ+b7NM9WhQ5TBgJ/H8+s56zBibHompBxxwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKTO5s7YuD+QxCAELcZlLkNx4j65MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvcE03bXp0aTRQNURFSUFRdHhtVXVRM0hpUHJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBW/J2MAwD
BAC5rfUDBAC5rfYwDQYJKoZIhvcNAQELBQADggEBAH0rH3PHU/5Id9IOwnMMQEzv
vymwQMi3ZqxxsL97EZdm8KqkhaX8K4pwGaHKGPKKlyvhT5DSkjuioHNK1PX1Jzjt
AuzMd+Vs9BzS1J2uDJ9C7uzGufseSjgFemMp3D9KV27+kpDJXy/7smaY2w9lotJ6
Uxh18W/KHcsJuswrMKMOmpoZMbdfmJ8jg0HnnBdbtB2vL4KnAEAlHPOtxxRc/lv4
1HAGLOiYnVm8COV01nBxn74v8gEMd/FeRSljaFAu6SjqCFbdO7oX3KWSQZrZQ4yR
LFpYunryJL4qxogYtA87d1zvKxmhFzWRBrkUFOx4o7PULOzos9MgDspAGTv/h9A=
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:46:52 2024 by rpki-client on console-ams.rpki-client.org