Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/3xFRxttKxRuLl6IfslBlg6006Uc.roa
File: 3xFRxttKxRuLl6IfslBlg6006Uc.roa (raw, json)
Hash identifier: 0I+6Xy9XklWtA2MT75Ay6oGPjjOSVPyKh4wU+/ZpspE=
Subject key identifier: DF:11:51:C6:DB:4A:C5:1B:8B:97:A2:1F:B2:50:65:83:AD:34:E9:47
Certificate issuer: /CN=55b296d6b534fe3a32cc1c3a4e81358f216c93c7
Certificate serial: 018CC4932277FB291887FE644ED5ECA0137B
Authority key identifier: 55:B2:96:D6:B5:34:FE:3A:32:CC:1C:3A:4E:81:35:8F:21:6C:93:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/3xFRxttKxRuLl6IfslBlg6006Uc.roa
Signing time: Mon 01 Jan 2024 10:30:25 +0000
ROA not before: Mon 01 Jan 2024 10:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8763
IP address blocks: 81.91.160.0/20 maxlen: 20
81.91.172.0/24 maxlen: 24
81.91.170.0/24 maxlen: 24
81.91.173.0/24 maxlen: 24
185.151.140.0/24 maxlen: 24
2a02:568::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/VbKW1rU0_joyzBw6ToE1jyFsk8c.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/VbKW1rU0_joyzBw6ToE1jyFsk8c.mft
rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 22:03:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:22:77:fb:29:18:87:fe:64:4e:d5:ec:a0:13:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55b296d6b534fe3a32cc1c3a4e81358f216c93c7
Validity
Not Before: Jan 1 10:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df1151c6db4ac51b8b97a21fb2506583ad34e947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:17:9f:ee:67:24:17:0a:88:aa:e8:0a:20:c8:
75:33:fa:fb:8b:77:f1:47:24:fb:be:63:9c:95:e8:
a9:53:9c:f2:1e:40:9b:49:d4:50:3a:03:a5:5d:14:
8b:4d:3e:5c:5e:6d:86:fe:55:82:f3:9c:83:7a:1e:
c3:3b:8e:46:8b:28:24:e3:a9:25:b2:20:22:b3:09:
71:94:50:ce:45:c5:f0:22:ab:3c:32:bf:15:01:48:
47:94:20:71:eb:6a:0f:fd:9d:97:1c:b8:67:26:63:
6e:25:8e:f3:50:aa:b6:3a:34:06:0a:b8:6a:43:61:
e3:c5:af:3d:99:65:f7:2a:69:db:8e:af:44:32:5c:
37:f3:25:6a:65:45:65:6f:84:f9:12:99:70:a1:62:
46:2e:46:3d:b3:44:5b:01:b5:4f:5a:05:a0:4e:87:
68:c5:27:63:e3:26:ed:67:7d:0e:c0:33:bc:85:f5:
98:58:c6:be:74:cc:6c:72:8c:74:fd:b8:e5:4a:ac:
8e:43:18:38:b7:b9:3f:01:18:8e:5d:0d:01:fd:b3:
6a:91:60:e0:32:05:85:cf:4c:3c:88:76:9e:a1:e8:
5f:8e:ac:2e:41:47:cf:0f:d7:2e:56:3e:55:9b:ef:
86:16:a2:e0:50:71:75:a0:21:0c:e6:23:97:b3:ee:
e3:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:11:51:C6:DB:4A:C5:1B:8B:97:A2:1F:B2:50:65:83:AD:34:E9:47
X509v3 Authority Key Identifier:
keyid:55:B2:96:D6:B5:34:FE:3A:32:CC:1C:3A:4E:81:35:8F:21:6C:93:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/3xFRxttKxRuLl6IfslBlg6006Uc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/VbKW1rU0_joyzBw6ToE1jyFsk8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.160.0/20
185.151.140.0/24
IPv6:
2a02:568::/32
Signature Algorithm: sha256WithRSAEncryption
a8:04:50:43:d2:ad:69:31:22:0a:c5:1a:e0:88:f1:53:47:96:
4d:87:d8:c3:d4:c8:18:18:00:96:32:77:48:3a:82:68:d0:9d:
c9:98:d1:9c:7f:0f:0d:e9:8d:65:18:af:0b:e6:58:dd:6a:a0:
c9:37:d4:65:8d:cd:be:f2:47:bd:27:15:9c:0b:73:ee:6e:ce:
17:d5:36:0a:23:9c:84:f3:10:48:b9:fb:80:c3:85:cc:5e:33:
31:a2:21:3d:58:58:83:35:5e:c3:e1:bb:61:6b:e1:f8:6a:d1:
d8:bc:8d:db:a3:3e:d6:81:5c:e8:d2:ef:cc:44:20:dc:c6:5c:
1f:20:ca:4d:05:e7:0e:8a:45:45:42:e1:8e:ce:23:b8:15:10:
39:02:3b:d0:a7:51:3d:40:ae:fd:8a:6b:72:51:7c:dd:85:e0:
33:c7:4e:78:f0:62:dd:39:b6:8d:b4:4d:18:ae:83:9f:48:76:
b3:44:d8:b7:2f:0d:b0:c1:48:2f:52:f6:98:37:c3:7b:06:1a:
21:4b:04:7b:1b:d2:83:10:fe:78:54:49:72:13:7f:7c:3b:7d:
3f:22:77:43:a8:99:77:72:56:cf:1e:bd:c7:80:a9:92:71:f2:
92:a5:e0:11:7e:43:01:39:12:91:47:70:f6:1d:9b:09:94:66:
09:f0:17:bf
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEkyJ3+ykYh/5kTtXsoBN7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1YjI5NmQ2YjUzNGZlM2EzMmNjMWMzYTRlODEzNThmMjE2
YzkzYzcwHhcNMjQwMTAxMTAzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjExNTFjNmRiNGFjNTFiOGI5N2EyMWZiMjUwNjU4M2FkMzRlOTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRef7mckFwqIqugKIMh1M/r7i3fx
RyT7vmOcleipU5zyHkCbSdRQOgOlXRSLTT5cXm2G/lWC85yDeh7DO45Giygk46kl
siAiswlxlFDORcXwIqs8Mr8VAUhHlCBx62oP/Z2XHLhnJmNuJY7zUKq2OjQGCrhq
Q2Hjxa89mWX3Kmnbjq9EMlw38yVqZUVlb4T5EplwoWJGLkY9s0RbAbVPWgWgTodo
xSdj4ybtZ30OwDO8hfWYWMa+dMxscox0/bjlSqyOQxg4t7k/ARiOXQ0B/bNqkWDg
MgWFz0w8iHaeoehfjqwuQUfPD9cuVj5Vm++GFqLgUHF1oCEM5iOXs+7jPwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFN8RUcbbSsUbi5eiH7JQZYOtNOlHMB8GA1UdIwQY
MBaAFFWylta1NP46MswcOk6BNY8hbJPHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmJLVzFyVTBfam95ekJ3NlRvRTFqeUZzazhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9kN2FiMGMtM2MyMi00YzYxLWEyMDEt
ZGQ2Y2M5N2M5YmRkLzEvM3hGUnh0dEt4UnVMbDZJZnNsQmxnNjAwNlVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9kN2FiMGMtM2MyMi00YzYxLWEyMDEtZGQ2Y2M5N2M5YmRk
LzEvVmJLVzFyVTBfam95ekJ3NlRvRTFqeUZzazhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUVugAwQA
uZeMMA0EAgACMAcDBQAqAgVoMA0GCSqGSIb3DQEBCwUAA4IBAQCoBFBD0q1pMSIK
xRrgiPFTR5ZNh9jD1MgYGACWMndIOoJo0J3JmNGcfw8N6Y1lGK8L5ljdaqDJN9Rl
jc2+8ke9JxWcC3Pubs4X1TYKI5yE8xBIufuAw4XMXjMxoiE9WFiDNV7D4btha+H4
atHYvI3boz7WgVzo0u/MRCDcxlwfIMpNBecOikVFQuGOziO4FRA5AjvQp1E9QK79
imtyUXzdheAzx0548GLdObaNtE0YroOfSHazRNi3Lw2wwUgvUvaYN8N7BhohSwR7
G9KDEP54VElyE398O30/IndDqJl3clbPHr3HgKmScfKSpeARfkMBORKRR3D2HZsJ
lGYJ8Be/
-----END CERTIFICATE-----
Generated at Mon May 20 05:04:40 2024 by rpki-client on console-ams.rpki-client.org