Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/9iNNjitmnxEMLr2K1yCbvuQUs-I.roa
File: 9iNNjitmnxEMLr2K1yCbvuQUs-I.roa (raw, json)
Hash identifier: DOiyHp8slWnZ34606YAeFptixA22bjrRB1dI4k7fo3k=
Subject key identifier: F6:23:4D:8E:2B:66:9F:11:0C:2E:BD:8A:D7:20:9B:BE:E4:14:B3:E2
Certificate issuer: /CN=6665dd97665a23b1b183e223822b66b5ae536a2f
Certificate serial: 018F5398D801E042F6C869E0FB6F240E0CFE
Authority key identifier: 66:65:DD:97:66:5A:23:B1:B1:83:E2:23:82:2B:66:B5:AE:53:6A:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/9iNNjitmnxEMLr2K1yCbvuQUs-I.roa
Signing time: Tue 07 May 2024 15:07:56 +0000
ROA not before: Tue 07 May 2024 15:07:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3170
IP address blocks: 5.198.137.0/24 maxlen: 24
5.198.138.0/24 maxlen: 24
5.198.139.0/24 maxlen: 24
5.198.141.0/24 maxlen: 24
83.137.211.0/24 maxlen: 24
83.137.212.0/24 maxlen: 24
188.92.138.0/24 maxlen: 24
188.92.139.0/24 maxlen: 24
2001:67c:128::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:53:98:d8:01:e0:42:f6:c8:69:e0:fb:6f:24:0e:0c:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6665dd97665a23b1b183e223822b66b5ae536a2f
Validity
Not Before: May 7 15:07:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6234d8e2b669f110c2ebd8ad7209bbee414b3e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:bc:5f:7c:9a:ac:1f:b4:b6:6b:a7:cd:52:99:
2e:ee:c9:4a:c8:53:d9:43:34:56:06:3e:cf:ab:e7:
0d:08:3f:0d:80:d8:e7:58:e5:fb:f7:e2:47:47:0e:
4d:4c:fc:11:d1:6c:7d:0b:39:98:4c:dc:e7:05:93:
5e:ba:cd:33:39:2e:d8:19:c3:48:5f:2e:01:df:f1:
fc:e0:83:d3:7c:c9:fc:5b:e4:73:5c:f8:29:f0:2e:
08:43:5a:67:3b:29:b2:d7:fe:e4:4d:53:af:97:e1:
76:9d:e0:8e:2c:5a:e6:21:97:f0:09:d2:1b:5b:fb:
96:95:ed:1a:e6:39:58:70:cd:14:4b:6a:b9:1a:ac:
22:32:eb:07:dd:b0:fa:25:01:5a:50:1c:9f:5b:86:
2c:21:14:a1:9e:1a:cf:00:f5:41:f3:d9:0f:6a:dd:
a4:50:2d:ad:e4:0c:f2:76:94:27:21:80:aa:87:27:
f2:3b:dd:e1:8d:41:d4:a9:f8:35:85:c4:02:24:f4:
08:9f:60:79:32:1f:37:c5:cc:4f:c4:61:6f:20:a2:
db:f4:a4:c5:ac:01:0b:cf:08:db:08:ae:69:67:e7:
81:b0:fd:4f:05:de:fa:89:a1:a7:e7:2c:38:a9:c2:
56:ae:ab:86:3f:e3:b0:14:41:79:98:6d:17:86:51:
87:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:23:4D:8E:2B:66:9F:11:0C:2E:BD:8A:D7:20:9B:BE:E4:14:B3:E2
X509v3 Authority Key Identifier:
keyid:66:65:DD:97:66:5A:23:B1:B1:83:E2:23:82:2B:66:B5:AE:53:6A:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/9iNNjitmnxEMLr2K1yCbvuQUs-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.198.137.0-5.198.139.255
5.198.141.0/24
83.137.211.0-83.137.212.255
188.92.138.0/23
IPv6:
2001:67c:128::/48
Signature Algorithm: sha256WithRSAEncryption
a9:23:ce:fb:83:ff:82:2e:4f:11:e4:4c:c5:e5:ab:86:13:08:
9b:82:d9:0f:23:bd:73:63:00:81:77:57:d0:d5:2f:c7:12:12:
7e:fa:6e:d4:51:f0:41:16:7b:fc:50:6e:97:eb:44:20:fe:1a:
71:14:46:0e:0f:9f:c9:f7:2c:3f:33:29:b5:40:af:5d:d4:31:
e8:2a:30:89:19:f6:f3:bd:26:36:46:02:12:9b:5d:4a:35:c1:
ad:5e:36:80:7a:d8:d7:c1:0a:40:fb:ff:c3:da:ed:23:83:31:
56:55:86:1c:21:d2:8b:e4:2d:60:c9:75:5d:ae:1f:61:93:69:
9a:01:47:0a:42:7f:83:7a:dc:87:3a:bf:e2:69:84:80:08:ca:
f0:a7:8a:59:41:48:67:1f:13:9a:52:9d:c8:56:d6:94:1b:40:
26:13:4b:66:d4:20:7e:76:af:01:57:ca:34:b9:7e:94:60:df:
66:c3:6d:08:d9:c1:22:4a:9c:e9:67:e1:42:47:5a:8e:14:9e:
1d:60:6a:65:ab:d5:8e:1e:8d:f5:07:c1:62:55:77:af:3c:cf:
82:5e:4e:a2:2d:72:f3:05:7c:62:25:ae:a4:43:03:52:73:a4:
fe:88:c9:aa:ea:7e:4e:0e:b5:37:9c:78:e8:b9:e8:b6:27:b8:
60:1c:e2:aa
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAY9TmNgB4EL2yGng+28kDgz+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NjVkZDk3NjY1YTIzYjFiMTgzZTIyMzgyMmI2NmI1YWU1
MzZhMmYwHhcNMjQwNTA3MTUwNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjIzNGQ4ZTJiNjY5ZjExMGMyZWJkOGFkNzIwOWJiZWU0MTRiM2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7xffJqsH7S2a6fNUpku7slKyFPZ
QzRWBj7Pq+cNCD8NgNjnWOX79+JHRw5NTPwR0Wx9CzmYTNznBZNeus0zOS7YGcNI
Xy4B3/H84IPTfMn8W+RzXPgp8C4IQ1pnOymy1/7kTVOvl+F2neCOLFrmIZfwCdIb
W/uWle0a5jlYcM0US2q5GqwiMusH3bD6JQFaUByfW4YsIRShnhrPAPVB89kPat2k
UC2t5AzydpQnIYCqhyfyO93hjUHUqfg1hcQCJPQIn2B5Mh83xcxPxGFvIKLb9KTF
rAELzwjbCK5pZ+eBsP1PBd76iaGn5yw4qcJWrquGP+OwFEF5mG0XhlGH9QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFPYjTY4rZp8RDC69itcgm77kFLPiMB8GA1UdIwQY
MBaAFGZl3ZdmWiOxsYPiI4IrZrWuU2ovMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm1YZGwyWmFJN0d4Zy1JamdpdG10YTVUYWk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8zMTI1MjktNzNmNi00ODA5LWFmOWIt
ZThkNzA3MTdmZjhhLzEvOWlOTmppdG1ueEVNTHIySzF5Q2J2dVFVcy1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8zMTI1MjktNzNmNi00ODA5LWFmOWItZThkNzA3MTdmZjhh
LzEvWm1YZGwyWmFJN0d4Zy1JamdpdG10YTVUYWk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAuBAIAATAoMAwDBAAFxokD
BAIFxogDBAAFxo0wDAMEAFOJ0wMEAFOJ1AMEAbxcijAPBAIAAjAJAwcAIAEGfAEo
MA0GCSqGSIb3DQEBCwUAA4IBAQCpI877g/+CLk8R5EzF5auGEwibgtkPI71zYwCB
d1fQ1S/HEhJ++m7UUfBBFnv8UG6X60Qg/hpxFEYOD5/J9yw/Mym1QK9d1DHoKjCJ
GfbzvSY2RgISm11KNcGtXjaAetjXwQpA+//D2u0jgzFWVYYcIdKL5C1gyXVdrh9h
k2maAUcKQn+DetyHOr/iaYSACMrwp4pZQUhnHxOaUp3IVtaUG0AmE0tm1CB+dq8B
V8o0uX6UYN9mw20I2cEiSpzpZ+FCR1qOFJ4dYGplq9WOHo31B8FiVXevPM+CXk6i
LXLzBXxiJa6kQwNSc6T+iMmq6n5ODrU3nHjouei2J7hgHOKq
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:38:56 2024 by rpki-client on console-ams.rpki-client.org