Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/SJw9gv91K8NgMkdjIC_fQj8uIvc.roa
File: SJw9gv91K8NgMkdjIC_fQj8uIvc.roa (raw, json)
Hash identifier: uffK9n8U9oXFE42pZj1JpBLiC9Z7woUSmQ6v+Ta7OHM=
Subject key identifier: 48:9C:3D:82:FF:75:2B:C3:60:32:47:63:20:2F:DF:42:3F:2E:22:F7
Certificate issuer: /CN=68383ffa9f20bf021c090262994212d71667ed02
Certificate serial: 018CC7934B018312A9D92BD8F448771CC25C
Authority key identifier: 68:38:3F:FA:9F:20:BF:02:1C:09:02:62:99:42:12:D7:16:67:ED:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDg_-p8gvwIcCQJimUIS1xZn7QI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/SJw9gv91K8NgMkdjIC_fQj8uIvc.roa
Signing time: Tue 02 Jan 2024 00:29:28 +0000
ROA not before: Tue 02 Jan 2024 00:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 81.90.143.0/24 maxlen: 24
2a00:e27:143::/48 maxlen: 48
2a00:e20:150::/44 maxlen: 48
2a00:e20:143::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/aDg_-p8gvwIcCQJimUIS1xZn7QI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/aDg_-p8gvwIcCQJimUIS1xZn7QI.mft
rsync://rpki.ripe.net/repository/DEFAULT/aDg_-p8gvwIcCQJimUIS1xZn7QI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 03:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:4b:01:83:12:a9:d9:2b:d8:f4:48:77:1c:c2:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68383ffa9f20bf021c090262994212d71667ed02
Validity
Not Before: Jan 2 00:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=489c3d82ff752bc360324763202fdf423f2e22f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:26:10:23:5e:f0:fb:d8:f6:87:d7:c7:19:78:
52:77:83:0e:8a:e9:c1:4c:06:87:31:2f:14:e7:3e:
8d:df:9a:5b:88:34:e2:8a:a2:ab:c2:80:34:80:68:
ed:e1:4f:43:ee:1e:b9:6b:0c:3c:26:3a:9e:5d:a6:
f3:27:08:d8:a9:69:8e:14:43:d4:b4:ad:f8:92:5f:
06:bc:0d:1f:bf:06:e8:f1:08:91:ed:3c:b4:2f:55:
42:dc:d8:c7:f6:9b:f4:2c:ee:75:59:88:ac:c5:41:
8e:71:f7:9e:c9:13:e6:68:17:0b:74:b4:8f:5a:43:
34:ad:ef:b2:bd:9e:b3:a5:86:ef:ad:91:4d:07:c7:
1a:82:9d:b0:0c:3a:8b:a9:f5:e6:32:41:5a:56:c8:
38:46:3c:32:42:7f:45:bf:a8:09:91:b4:97:ac:f2:
cc:21:81:83:61:f1:c6:96:6d:74:80:d7:d1:72:d3:
03:f4:94:a4:f6:fd:b3:18:9f:e4:48:af:f0:c5:a8:
f9:1b:7f:61:65:9b:6f:0d:f1:eb:ca:f7:b3:1d:05:
78:56:be:b0:98:0e:81:c2:43:45:da:62:65:99:74:
35:cd:d0:14:d7:b7:4a:69:01:93:6b:6e:04:39:b5:
22:bd:91:a1:97:58:7b:fc:43:24:a2:14:11:5f:c7:
4c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:9C:3D:82:FF:75:2B:C3:60:32:47:63:20:2F:DF:42:3F:2E:22:F7
X509v3 Authority Key Identifier:
keyid:68:38:3F:FA:9F:20:BF:02:1C:09:02:62:99:42:12:D7:16:67:ED:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDg_-p8gvwIcCQJimUIS1xZn7QI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/SJw9gv91K8NgMkdjIC_fQj8uIvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/aDg_-p8gvwIcCQJimUIS1xZn7QI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.90.143.0/24
IPv6:
2a00:e20:143::/48
2a00:e20:150::/44
2a00:e27:143::/48
Signature Algorithm: sha256WithRSAEncryption
49:85:57:20:e1:5f:b3:ca:4e:7a:66:41:f4:4e:7d:58:4d:04:
cf:37:f3:6b:bf:d2:fe:95:f6:22:47:8d:a6:71:cf:b4:c0:5d:
36:14:3a:4f:d8:ed:2f:87:a9:3a:0f:af:ac:85:98:a6:5c:4a:
b9:c5:e9:69:fe:6e:6c:50:18:92:c2:ef:45:7b:69:de:f3:b2:
12:bf:71:7e:41:ee:59:19:e4:33:66:49:a0:f4:e1:9b:ab:d8:
59:b0:a0:f3:c5:d1:5f:63:e7:6d:ac:eb:86:36:f1:5e:bd:d9:
ae:fc:4b:e7:56:ac:48:5c:d8:7b:b5:f5:a1:36:7a:ce:cf:18:
26:96:ac:aa:18:3d:46:eb:ff:17:8c:93:84:cf:7d:7d:db:76:
90:bf:1c:57:ff:c7:f2:2e:8b:3c:a8:f8:9c:e8:15:c6:97:60:
61:54:b5:d8:97:10:45:e6:37:6b:3b:5b:1c:c5:55:2b:78:1e:
9c:be:be:fb:28:45:86:68:dc:bc:24:82:b6:2b:77:6b:3e:8a:
b1:4e:92:f9:40:75:0d:70:c8:69:8f:4e:ca:09:b3:cf:f0:60:
6d:5d:3f:31:8c:d6:84:6e:8a:1e:09:99:cb:88:f7:6f:e7:e5:
eb:98:fe:7b:0a:fe:1a:fd:f5:de:0d:c7:a0:52:94:ac:c3:07:
1a:93:aa:62
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzHk0sBgxKp2SvY9Eh3HMJcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzgzZmZhOWYyMGJmMDIxYzA5MDI2Mjk5NDIxMmQ3MTY2
N2VkMDIwHhcNMjQwMTAyMDAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODljM2Q4MmZmNzUyYmMzNjAzMjQ3NjMyMDJmZGY0MjNmMmUyMmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCYQI17w+9j2h9fHGXhSd4MOiunB
TAaHMS8U5z6N35pbiDTiiqKrwoA0gGjt4U9D7h65aww8JjqeXabzJwjYqWmOFEPU
tK34kl8GvA0fvwbo8QiR7Ty0L1VC3NjH9pv0LO51WYisxUGOcfeeyRPmaBcLdLSP
WkM0re+yvZ6zpYbvrZFNB8cagp2wDDqLqfXmMkFaVsg4RjwyQn9Fv6gJkbSXrPLM
IYGDYfHGlm10gNfRctMD9JSk9v2zGJ/kSK/wxaj5G39hZZtvDfHryvezHQV4Vr6w
mA6BwkNF2mJlmXQ1zdAU17dKaQGTa24EObUivZGhl1h7/EMkohQRX8dMQQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFEicPYL/dSvDYDJHYyAv30I/LiL3MB8GA1UdIwQY
MBaAFGg4P/qfIL8CHAkCYplCEtcWZ+0CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURnXy1wOGd2d0ljQ1FKaW1VSVMxeFpuN1FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iOGU5NDAtMjIwMS00MDZlLThhYWYt
NDA2MGU5ZWVlYjllLzEvU0p3OWd2OTFLOE5nTWtkaklDX2ZRajh1SXZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iOGU5NDAtMjIwMS00MDZlLThhYWYtNDA2MGU5ZWVlYjll
LzEvYURnXy1wOGd2d0ljQ1FKaW1VSVMxeFpuN1FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQAUVqPMCEE
AgACMBsDBwAqAA4gAUMDBwQqAA4gAVADBwAqAA4nAUMwDQYJKoZIhvcNAQELBQAD
ggEBAEmFVyDhX7PKTnpmQfROfVhNBM8382u/0v6V9iJHjaZxz7TAXTYUOk/Y7S+H
qToPr6yFmKZcSrnF6Wn+bmxQGJLC70V7ad7zshK/cX5B7lkZ5DNmSaD04Zur2Fmw
oPPF0V9j522s64Y28V692a78S+dWrEhc2Hu19aE2es7PGCaWrKoYPUbr/xeMk4TP
fX3bdpC/HFf/x/Iuizyo+JzoFcaXYGFUtdiXEEXmN2s7WxzFVSt4Hpy+vvsoRYZo
3LwkgrYrd2s+irFOkvlAdQ1wyGmPTsoJs8/wYG1dPzGM1oRuih4JmcuI92/n5euY
/nsK/hr99d4Nx6BSlKzDBxqTqmI=
-----END CERTIFICATE-----
Generated at Thu May 2 12:18:37 2024 by rpki-client on console-fra.rpki-client.org