Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/45ebda-c2c7-4c27-95d4-00b96d74d8b0/1/jIwpC8qaeLBzg8m-1H_PZuxnLfA.roa
File: jIwpC8qaeLBzg8m-1H_PZuxnLfA.roa (raw, json)
Hash identifier: cd83qClTMelLOTFZ9SBRQNhu9qO/TU056soXz0a+1Dw=
Subject key identifier: 8C:8C:29:0B:CA:9A:78:B0:73:83:C9:BE:D4:7F:CF:66:EC:67:2D:F0
Certificate issuer: /CN=86c4112efc9bed84761d3678b87c483948d2a72f
Certificate serial: 018CC5DBE5BA421B4C6CACDBF6E9975A08F5
Authority key identifier: 86:C4:11:2E:FC:9B:ED:84:76:1D:36:78:B8:7C:48:39:48:D2:A7:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hsQRLvyb7YR2HTZ4uHxIOUjSpy8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/45ebda-c2c7-4c27-95d4-00b96d74d8b0/1/jIwpC8qaeLBzg8m-1H_PZuxnLfA.roa
Signing time: Mon 01 Jan 2024 16:29:31 +0000
ROA not before: Mon 01 Jan 2024 16:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43773
IP address blocks: 91.225.137.0/24 maxlen: 24
91.225.136.0/24 maxlen: 24
91.225.139.0/24 maxlen: 24
91.225.138.0/24 maxlen: 24
91.200.42.0/24 maxlen: 24
91.200.41.0/24 maxlen: 24
91.200.40.0/24 maxlen: 24
91.200.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/45ebda-c2c7-4c27-95d4-00b96d74d8b0/1/hsQRLvyb7YR2HTZ4uHxIOUjSpy8.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/45ebda-c2c7-4c27-95d4-00b96d74d8b0/1/hsQRLvyb7YR2HTZ4uHxIOUjSpy8.mft
rsync://rpki.ripe.net/repository/DEFAULT/hsQRLvyb7YR2HTZ4uHxIOUjSpy8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:e5:ba:42:1b:4c:6c:ac:db:f6:e9:97:5a:08:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86c4112efc9bed84761d3678b87c483948d2a72f
Validity
Not Before: Jan 1 16:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c8c290bca9a78b07383c9bed47fcf66ec672df0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5c:66:55:89:56:d6:0e:f2:ae:67:dd:6e:35:
0d:e4:3c:ba:29:e7:ba:61:2c:f0:f0:7e:ec:d0:f6:
6a:9b:f6:b0:49:2e:fb:ac:82:c8:79:b7:a8:86:00:
bf:02:ac:9c:a9:6b:f5:6e:09:52:49:00:0e:e0:f9:
d5:17:b9:ed:61:7e:c1:10:f2:0e:3b:a0:31:04:c0:
79:7f:f3:49:98:b6:03:d9:6e:7a:d1:04:8b:6f:a2:
13:be:33:ea:e0:25:8c:f3:96:b1:29:69:64:40:6d:
15:59:61:5c:86:e3:f9:24:49:0b:7f:47:8d:8c:7f:
1e:cc:4c:ad:b3:be:00:e5:f4:d6:12:74:0b:5b:5d:
24:34:d2:a3:3b:0c:30:42:79:d7:03:a6:6e:86:50:
44:4b:e9:4a:39:cf:3b:4b:60:30:35:7a:e2:12:c6:
76:d5:83:a7:c8:05:c9:72:04:7b:16:4c:59:d3:45:
51:84:48:39:48:2a:5e:cc:17:95:68:35:c2:43:04:
4e:f0:9c:5f:b7:2a:3b:ce:d7:2e:99:da:66:5d:e1:
c5:db:78:a3:10:1f:cc:cb:23:7a:e9:91:c0:dc:09:
b1:de:6b:af:84:9c:ea:c5:b5:db:34:23:fa:35:c9:
c7:01:4e:69:4d:71:09:58:82:92:6a:73:f6:4e:39:
dd:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:8C:29:0B:CA:9A:78:B0:73:83:C9:BE:D4:7F:CF:66:EC:67:2D:F0
X509v3 Authority Key Identifier:
keyid:86:C4:11:2E:FC:9B:ED:84:76:1D:36:78:B8:7C:48:39:48:D2:A7:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hsQRLvyb7YR2HTZ4uHxIOUjSpy8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/45ebda-c2c7-4c27-95d4-00b96d74d8b0/1/jIwpC8qaeLBzg8m-1H_PZuxnLfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/45ebda-c2c7-4c27-95d4-00b96d74d8b0/1/hsQRLvyb7YR2HTZ4uHxIOUjSpy8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.40.0/22
91.225.136.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:0a:66:2a:55:02:56:7b:46:14:09:39:53:c5:28:c1:52:6a:
fe:fb:31:8b:27:15:4f:87:40:f2:64:95:d0:78:42:53:41:0e:
94:49:77:a8:e8:b6:13:c2:f9:a4:b7:ec:65:d8:d0:84:e7:01:
e7:9e:7e:c0:ee:16:dc:91:8d:10:26:3d:ea:d8:42:5f:8f:83:
d4:c9:71:5f:6f:85:76:0c:f5:64:c8:15:63:10:7c:83:47:be:
27:fc:df:53:56:3d:61:6e:03:54:e2:81:04:b8:38:0c:f5:ba:
39:b7:97:20:df:44:c9:76:ee:4e:bd:ad:b4:64:0d:29:a0:93:
db:29:2e:70:f5:9d:24:6a:4b:b9:d0:87:a9:e0:14:50:06:bf:
f2:b3:3e:87:cb:03:39:36:11:c5:05:d8:52:8d:3d:31:44:db:
45:03:f1:c5:0f:db:9f:06:06:1a:0b:98:0a:1b:87:2d:e0:b8:
2b:a9:27:86:53:3b:5b:c6:74:4e:49:32:6a:59:2a:45:62:72:
6e:3b:d6:87:4e:c9:ac:c0:c2:5c:99:81:c5:60:23:9d:2d:32:
da:56:c5:91:8b:36:ff:67:16:31:a1:43:db:1a:89:40:19:d0:
5c:1a:1a:38:13:27:11:ab:84:ff:ec:a0:1a:df:5e:ab:39:b1:
f6:c8:46:61
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF2+W6QhtMbKzb9umXWgj1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YzQxMTJlZmM5YmVkODQ3NjFkMzY3OGI4N2M0ODM5NDhk
MmE3MmYwHhcNMjQwMTAxMTYyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzhjMjkwYmNhOWE3OGIwNzM4M2M5YmVkNDdmY2Y2NmVjNjcyZGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1xmVYlW1g7yrmfdbjUN5Dy6Kee6
YSzw8H7s0PZqm/awSS77rILIebeohgC/AqycqWv1bglSSQAO4PnVF7ntYX7BEPIO
O6AxBMB5f/NJmLYD2W560QSLb6ITvjPq4CWM85axKWlkQG0VWWFchuP5JEkLf0eN
jH8ezEyts74A5fTWEnQLW10kNNKjOwwwQnnXA6ZuhlBES+lKOc87S2AwNXriEsZ2
1YOnyAXJcgR7FkxZ00VRhEg5SCpezBeVaDXCQwRO8Jxftyo7ztcumdpmXeHF23ij
EB/MyyN66ZHA3Amx3muvhJzqxbXbNCP6NcnHAU5pTXEJWIKSanP2TjndbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIyMKQvKmniwc4PJvtR/z2bsZy3wMB8GA1UdIwQY
MBaAFIbEES78m+2Edh02eLh8SDlI0qcvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHNRUkx2eWI3WVIySFRaNHVIeElPVWpTcHk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC80NWViZGEtYzJjNy00YzI3LTk1ZDQt
MDBiOTZkNzRkOGIwLzEvakl3cEM4cWFlTEJ6ZzhtLTFIX1BadXhuTGZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC80NWViZGEtYzJjNy00YzI3LTk1ZDQtMDBiOTZkNzRkOGIw
LzEvaHNRUkx2eWI3WVIySFRaNHVIeElPVWpTcHk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8goAwQC
W+GIMA0GCSqGSIb3DQEBCwUAA4IBAQBLCmYqVQJWe0YUCTlTxSjBUmr++zGLJxVP
h0DyZJXQeEJTQQ6USXeo6LYTwvmkt+xl2NCE5wHnnn7A7hbckY0QJj3q2EJfj4PU
yXFfb4V2DPVkyBVjEHyDR74n/N9TVj1hbgNU4oEEuDgM9bo5t5cg30TJdu5Ova20
ZA0poJPbKS5w9Z0kaku50Iep4BRQBr/ysz6HywM5NhHFBdhSjT0xRNtFA/HFD9uf
BgYaC5gKG4ct4LgrqSeGUztbxnROSTJqWSpFYnJuO9aHTsmswMJcmYHFYCOdLTLa
VsWRizb/ZxYxoUPbGolAGdBcGho4EycRq4T/7KAa316rObH2yEZh
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:56:15 2024 by rpki-client on console-fra.rpki-client.org