Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/rEGAFT3OpdWBL3TBi5_bwSsEAZI.roa
File: rEGAFT3OpdWBL3TBi5_bwSsEAZI.roa (raw, json)
Hash identifier: xR3ntukO7ookxQgJKm0FUzcJBsmHHiPviX1tGh7pUaM=
Subject key identifier: AC:41:80:15:3D:CE:A5:D5:81:2F:74:C1:8B:9F:DB:C1:2B:04:01:92
Certificate issuer: /CN=da8a978b9ce5d26ebcaad0ccb67918a9df318f86
Certificate serial: 019123C343249BB5913F43F2273586E13D7A
Authority key identifier: DA:8A:97:8B:9C:E5:D2:6E:BC:AA:D0:CC:B6:79:18:A9:DF:31:8F:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2oqXi5zl0m68qtDMtnkYqd8xj4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/rEGAFT3OpdWBL3TBi5_bwSsEAZI.roa
Signing time: Mon 05 Aug 2024 18:18:04 +0000
ROA not before: Mon 05 Aug 2024 18:18:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 91.107.72.0/21 maxlen: 21
91.107.88.0/21 maxlen: 21
159.253.124.0/22 maxlen: 22
185.91.132.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/2oqXi5zl0m68qtDMtnkYqd8xj4Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/2oqXi5zl0m68qtDMtnkYqd8xj4Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/2oqXi5zl0m68qtDMtnkYqd8xj4Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 14:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:23:c3:43:24:9b:b5:91:3f:43:f2:27:35:86:e1:3d:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8a978b9ce5d26ebcaad0ccb67918a9df318f86
Validity
Not Before: Aug 5 18:18:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac4180153dcea5d5812f74c18b9fdbc12b040192
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5e:93:c1:80:72:49:7b:98:27:56:5a:81:e7:
84:18:95:8d:d3:3e:04:98:dc:5c:c4:ad:7d:33:55:
14:61:4d:e9:b1:e2:0c:a9:87:d1:3d:f2:6e:83:1a:
77:e7:bf:31:4e:34:7f:63:f1:76:e2:dd:0c:f8:03:
fa:fa:f8:76:33:ed:09:bd:fb:6f:a5:1b:25:ab:65:
18:60:08:a5:62:f3:cc:d0:04:87:f7:fc:09:62:93:
fe:88:eb:dd:b7:fe:c0:a4:8b:e2:51:2b:60:8a:d8:
ae:52:5c:7b:87:74:a7:7d:09:c9:a6:f7:39:7c:09:
55:c5:ac:fb:d2:1f:76:c4:7c:64:04:e8:bc:b9:78:
6c:ed:5d:16:3f:fe:67:4d:4b:51:2f:84:d2:65:0b:
29:26:c2:8d:b7:92:b3:b3:ea:b1:33:83:f8:7a:f0:
2e:6e:50:7a:85:1e:c2:a4:d6:02:7c:56:8c:cd:e7:
90:11:e3:03:aa:70:41:d2:17:98:c6:28:02:f4:3a:
ff:58:b7:8b:11:c5:b0:f1:9b:11:20:4a:00:04:cd:
6e:f3:03:24:7a:1f:c1:c6:31:ee:e5:9e:a4:d9:a3:
67:e3:2c:79:50:7e:d9:5a:03:f0:f5:d3:65:29:fb:
3c:1c:02:60:f7:d9:41:3a:c2:4a:26:02:e3:df:6e:
27:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:41:80:15:3D:CE:A5:D5:81:2F:74:C1:8B:9F:DB:C1:2B:04:01:92
X509v3 Authority Key Identifier:
keyid:DA:8A:97:8B:9C:E5:D2:6E:BC:AA:D0:CC:B6:79:18:A9:DF:31:8F:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2oqXi5zl0m68qtDMtnkYqd8xj4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/rEGAFT3OpdWBL3TBi5_bwSsEAZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/2oqXi5zl0m68qtDMtnkYqd8xj4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.107.72.0/21
91.107.88.0/21
159.253.124.0/22
185.91.132.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:ff:90:75:af:37:a8:3b:0c:a3:12:1e:68:19:e1:01:b2:7e:
e2:13:e7:40:62:20:da:dc:9b:f8:30:59:c2:05:f2:1f:cd:b3:
ec:d1:c3:9c:6a:db:cb:d6:24:bf:f9:dc:94:24:3d:f6:23:ed:
00:ed:38:16:22:f0:ee:cd:31:61:7a:61:df:40:2e:14:42:77:
27:15:25:f7:76:a0:06:9e:bf:ad:16:55:34:a6:5e:a3:cf:4a:
7c:20:5c:91:18:53:86:ec:77:67:9a:8b:ba:a3:40:eb:88:26:
cc:2b:94:6e:8a:25:b5:a6:bb:03:ad:e6:36:87:f5:89:62:1c:
6a:2a:05:9e:6b:65:0d:4c:3e:44:d5:e4:44:87:cc:5d:95:8b:
02:e4:e3:88:bb:90:00:d8:95:ab:71:90:c1:92:f6:87:92:ff:
1c:bc:fb:c5:86:ae:cc:83:c3:06:95:ad:2b:8e:ba:cc:6a:28:
af:01:ca:dc:3d:e8:5e:ca:36:cb:76:8c:3d:25:99:a2:dc:b1:
d3:ed:ec:8c:11:5e:76:dd:bc:f0:50:54:de:cb:f5:10:ff:c3:
c0:3f:16:e2:11:22:c7:10:36:26:cb:83:af:0b:1b:8f:6b:db:
af:5b:08:8f:89:aa:ac:a5:62:5f:da:46:59:71:a3:23:42:13:
ac:cc:06:ca
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZEjw0Mkm7WRP0PyJzWG4T16MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGE5NzhiOWNlNWQyNmViY2FhZDBjY2I2NzkxOGE5ZGYz
MThmODYwHhcNMjQwODA1MTgxODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzQxODAxNTNkY2VhNWQ1ODEyZjc0YzE4YjlmZGJjMTJiMDQwMTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAul6TwYBySXuYJ1ZageeEGJWN0z4E
mNxcxK19M1UUYU3pseIMqYfRPfJugxp3578xTjR/Y/F24t0M+AP6+vh2M+0Jvftv
pRslq2UYYAilYvPM0ASH9/wJYpP+iOvdt/7ApIviUStgitiuUlx7h3SnfQnJpvc5
fAlVxaz70h92xHxkBOi8uXhs7V0WP/5nTUtRL4TSZQspJsKNt5Kzs+qxM4P4evAu
blB6hR7CpNYCfFaMzeeQEeMDqnBB0heYxigC9Dr/WLeLEcWw8ZsRIEoABM1u8wMk
eh/BxjHu5Z6k2aNn4yx5UH7ZWgPw9dNlKfs8HAJg99lBOsJKJgLj324nwwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKxBgBU9zqXVgS90wYuf28ErBAGSMB8GA1UdIwQY
MBaAFNqKl4uc5dJuvKrQzLZ5GKnfMY+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm9xWGk1emwwbTY4cXRETXRua1lxZDh4ajRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8xOGU0OGYtNTk3Mi00ZDNmLWJiNmEt
Yjc4ZGFjMzdlYWM4LzEvckVHQUZUM09wZFdCTDNUQmk1X2J3U3NFQVpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8xOGU0OGYtNTk3Mi00ZDNmLWJiNmEtYjc4ZGFjMzdlYWM4
LzEvMm9xWGk1emwwbTY4cXRETXRua1lxZDh4ajRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDW2tIAwQD
W2tYAwQCn/18AwQCuVuEMA0GCSqGSIb3DQEBCwUAA4IBAQBM/5B1rzeoOwyjEh5o
GeEBsn7iE+dAYiDa3Jv4MFnCBfIfzbPs0cOcatvL1iS/+dyUJD32I+0A7TgWIvDu
zTFhemHfQC4UQncnFSX3dqAGnr+tFlU0pl6jz0p8IFyRGFOG7Hdnmou6o0DriCbM
K5RuiiW1prsDreY2h/WJYhxqKgWea2UNTD5E1eREh8xdlYsC5OOIu5AA2JWrcZDB
kvaHkv8cvPvFhq7Mg8MGla0rjrrMaiivAcrcPeheyjbLdow9JZmi3LHT7eyMEV52
3bzwUFTey/UQ/8PAPxbiESLHEDYmy4OvCxuPa9uvWwiPiaqspWJf2kZZcaMjQhOs
zAbK
-----END CERTIFICATE-----
Generated at Tue Oct 22 21:24:25 2024 by rpki-client on console-ams.rpki-client.org