Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/16661c-e77b-41c3-80e4-14ee32fc5d06/1/dew4SZIqJ6gsdMdWPqcIRaIROXQ.roa
File: dew4SZIqJ6gsdMdWPqcIRaIROXQ.roa (raw, json)
Hash identifier: +dy9DubGFCEktN4UFEcme5jX/EMsuoeggiYV4Q56hpA=
Subject key identifier: 75:EC:38:49:92:2A:27:A8:2C:74:C7:56:3E:A7:08:45:A2:11:39:74
Certificate issuer: /CN=9f0338b7db5440029410397515c930eb452d75b0
Certificate serial: 018CC2DB49D457DD8510CB9F83EE61D9007E
Authority key identifier: 9F:03:38:B7:DB:54:40:02:94:10:39:75:15:C9:30:EB:45:2D:75:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwM4t9tUQAKUEDl1Fckw60UtdbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/16661c-e77b-41c3-80e4-14ee32fc5d06/1/dew4SZIqJ6gsdMdWPqcIRaIROXQ.roa
Signing time: Mon 01 Jan 2024 02:30:00 +0000
ROA not before: Mon 01 Jan 2024 02:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199753
IP address blocks: 185.89.56.0/22 maxlen: 22
91.223.151.0/24 maxlen: 24
194.117.254.0/23 maxlen: 23
2a05:d580::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/16661c-e77b-41c3-80e4-14ee32fc5d06/1/nwM4t9tUQAKUEDl1Fckw60UtdbA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/16661c-e77b-41c3-80e4-14ee32fc5d06/1/nwM4t9tUQAKUEDl1Fckw60UtdbA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nwM4t9tUQAKUEDl1Fckw60UtdbA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:49:d4:57:dd:85:10:cb:9f:83:ee:61:d9:00:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0338b7db5440029410397515c930eb452d75b0
Validity
Not Before: Jan 1 02:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75ec3849922a27a82c74c7563ea70845a2113974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:db:89:b3:1c:5a:89:50:d4:fd:a5:87:9e:60:
d8:fc:82:a6:7b:75:3d:e2:9f:b5:46:1f:91:88:36:
a9:a8:92:d4:a4:2f:11:bf:b7:c6:97:b9:68:30:15:
5d:50:bb:73:85:f8:df:55:0d:33:cd:7d:39:0d:c8:
f9:b2:0a:b7:cd:b6:c4:5c:9c:f3:f0:b7:aa:cf:02:
17:c8:1e:32:31:e4:ed:4b:e9:bc:d7:72:70:dc:cd:
94:d1:5e:d8:5d:6e:5a:43:0f:5a:4d:61:0c:5f:da:
1d:9c:24:be:95:e8:d4:f4:0f:60:de:47:ec:d7:e3:
82:90:a4:df:f2:10:fd:aa:37:16:91:da:44:37:03:
7c:8f:9f:03:27:85:d2:25:a5:42:d3:68:ca:4b:7b:
cd:9d:59:d7:6d:05:03:2f:2c:12:01:55:fc:e7:4a:
c9:46:c8:f4:d6:49:28:d6:fb:bb:b5:cc:ce:4e:90:
4e:1c:34:0b:da:ce:28:fa:28:cd:33:cc:be:c0:18:
55:8e:aa:60:da:af:51:9b:bf:d8:7a:19:fa:53:8f:
f6:cd:3b:df:07:73:da:ea:87:65:9d:cd:88:4a:a5:
a6:8e:52:63:6b:2f:b4:d5:16:57:b1:75:7d:24:b3:
55:c7:09:2b:72:c7:2d:19:66:48:44:24:d4:30:e5:
b4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:EC:38:49:92:2A:27:A8:2C:74:C7:56:3E:A7:08:45:A2:11:39:74
X509v3 Authority Key Identifier:
keyid:9F:03:38:B7:DB:54:40:02:94:10:39:75:15:C9:30:EB:45:2D:75:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwM4t9tUQAKUEDl1Fckw60UtdbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/16661c-e77b-41c3-80e4-14ee32fc5d06/1/dew4SZIqJ6gsdMdWPqcIRaIROXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/16661c-e77b-41c3-80e4-14ee32fc5d06/1/nwM4t9tUQAKUEDl1Fckw60UtdbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.151.0/24
185.89.56.0/22
194.117.254.0/23
IPv6:
2a05:d580::/32
Signature Algorithm: sha256WithRSAEncryption
81:72:c6:8e:b7:34:71:ae:62:5e:62:5a:0f:58:d0:f4:3a:6a:
bb:5c:a7:17:d3:7f:f0:a6:d1:90:37:6a:1a:e6:6e:3e:2b:f3:
fb:c4:be:87:fd:e8:3f:68:77:14:76:8b:03:35:26:b3:6b:b0:
9f:be:dc:4e:7a:27:38:db:35:cc:ee:78:ec:9d:dc:10:53:9c:
04:b8:ce:62:84:41:b9:f6:f1:30:d5:75:a4:62:1d:fc:4e:da:
74:ad:39:dd:41:11:92:04:ef:e8:1c:11:79:85:87:f0:db:08:
0c:8e:39:d5:ab:30:78:71:4b:5e:b4:50:61:f4:d7:b2:39:98:
2f:ea:8b:89:fe:b4:ee:1f:57:d0:8b:a7:c6:49:2c:67:d0:6f:
5f:f5:a8:5d:95:68:02:e1:f8:5f:06:61:18:ba:95:83:7a:0e:
a1:2f:19:ee:9b:30:3e:43:c5:fd:17:ce:a7:bf:ca:51:81:4c:
2d:c4:15:77:e5:e6:b3:e9:2b:64:80:fc:64:55:0e:c2:65:8f:
f5:4f:0e:98:7f:47:59:70:eb:4a:c1:86:61:76:57:4e:66:bf:
fd:1d:cc:69:74:d8:fb:6b:2c:97:39:17:a0:6c:31:45:76:17:
63:a2:85:80:94:3f:b5:33:cb:db:97:1e:dd:5a:fb:8f:1a:78:
95:e7:e6:74
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzC20nUV92FEMufg+5h2QB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDMzOGI3ZGI1NDQwMDI5NDEwMzk3NTE1YzkzMGViNDUy
ZDc1YjAwHhcNMjQwMTAxMDIzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWVjMzg0OTkyMmEyN2E4MmM3NGM3NTYzZWE3MDg0NWEyMTEzOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApduJsxxaiVDU/aWHnmDY/IKme3U9
4p+1Rh+RiDapqJLUpC8Rv7fGl7loMBVdULtzhfjfVQ0zzX05Dcj5sgq3zbbEXJzz
8LeqzwIXyB4yMeTtS+m813Jw3M2U0V7YXW5aQw9aTWEMX9odnCS+lejU9A9g3kfs
1+OCkKTf8hD9qjcWkdpENwN8j58DJ4XSJaVC02jKS3vNnVnXbQUDLywSAVX850rJ
Rsj01kko1vu7tczOTpBOHDQL2s4o+ijNM8y+wBhVjqpg2q9Rm7/Yehn6U4/2zTvf
B3Pa6odlnc2ISqWmjlJjay+01RZXsXV9JLNVxwkrcsctGWZIRCTUMOW0BQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHXsOEmSKieoLHTHVj6nCEWiETl0MB8GA1UdIwQY
MBaAFJ8DOLfbVEAClBA5dRXJMOtFLXWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndNNHQ5dFVRQUtVRURsMUZja3c2MFV0ZGJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8xNjY2MWMtZTc3Yi00MWMzLTgwZTQt
MTRlZTMyZmM1ZDA2LzEvZGV3NFNaSXFKNmdzZE1kV1BxY0lSYUlST1hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8xNjY2MWMtZTc3Yi00MWMzLTgwZTQtMTRlZTMyZmM1ZDA2
LzEvbndNNHQ5dFVRQUtVRURsMUZja3c2MFV0ZGJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW9+XAwQC
uVk4AwQBwnX+MA0EAgACMAcDBQAqBdWAMA0GCSqGSIb3DQEBCwUAA4IBAQCBcsaO
tzRxrmJeYloPWND0Omq7XKcX03/wptGQN2oa5m4+K/P7xL6H/eg/aHcUdosDNSaz
a7CfvtxOeic42zXM7njsndwQU5wEuM5ihEG59vEw1XWkYh38Ttp0rTndQRGSBO/o
HBF5hYfw2wgMjjnVqzB4cUtetFBh9NeyOZgv6ouJ/rTuH1fQi6fGSSxn0G9f9ahd
lWgC4fhfBmEYupWDeg6hLxnumzA+Q8X9F86nv8pRgUwtxBV35eaz6StkgPxkVQ7C
ZY/1Tw6Yf0dZcOtKwYZhdldOZr/9HcxpdNj7ayyXORegbDFFdhdjooWAlD+1M8vb
lx7dWvuPGniV5+Z0
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:49:20 2024 by rpki-client on console-fra.rpki-client.org