Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/a68387-861a-4b93-a3fc-adadd6295822/1/AF86ctvxfEoXhtJ2G77F8mRIZ9M.roa
File: AF86ctvxfEoXhtJ2G77F8mRIZ9M.roa (raw, json)
Hash identifier: uGbOVc2coLS6yXqtRsOkPmkA1VvnrFkhJeb3EuZ7Wac=
Subject key identifier: 00:5F:3A:72:DB:F1:7C:4A:17:86:D2:76:1B:BE:C5:F2:64:48:67:D3
Certificate issuer: /CN=adb365acf6f918499707dda13f033e2cd6110308
Certificate serial: 018CC26D83AA287D6E58088FD54A51E20C60
Authority key identifier: AD:B3:65:AC:F6:F9:18:49:97:07:DD:A1:3F:03:3E:2C:D6:11:03:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rbNlrPb5GEmXB92hPwM-LNYRAwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/a68387-861a-4b93-a3fc-adadd6295822/1/AF86ctvxfEoXhtJ2G77F8mRIZ9M.roa
Signing time: Mon 01 Jan 2024 00:30:06 +0000
ROA not before: Mon 01 Jan 2024 00:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15600
IP address blocks: 91.138.0.0/18 maxlen: 24
185.90.108.0/22 maxlen: 22
2a05:dcc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/a68387-861a-4b93-a3fc-adadd6295822/1/rbNlrPb5GEmXB92hPwM-LNYRAwg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/a68387-861a-4b93-a3fc-adadd6295822/1/rbNlrPb5GEmXB92hPwM-LNYRAwg.mft
rsync://rpki.ripe.net/repository/DEFAULT/rbNlrPb5GEmXB92hPwM-LNYRAwg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:83:aa:28:7d:6e:58:08:8f:d5:4a:51:e2:0c:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adb365acf6f918499707dda13f033e2cd6110308
Validity
Not Before: Jan 1 00:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=005f3a72dbf17c4a1786d2761bbec5f2644867d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3f:6e:5d:93:93:77:57:74:de:9b:90:82:c3:
d9:b3:1a:8f:3a:e9:06:76:48:aa:ef:61:6c:66:0a:
d0:6c:a2:e0:62:13:47:3e:ea:37:f9:52:bc:8a:41:
de:c4:3a:ca:1c:99:7a:f7:4f:2d:68:8d:3e:ec:c9:
7c:53:e0:f6:95:ff:49:63:1d:61:a7:c9:7f:4b:58:
ac:3d:18:a3:a2:b7:62:6f:cd:64:a3:09:58:6d:65:
06:3a:80:98:33:a5:d9:0b:78:bf:d5:5f:21:db:13:
8c:87:91:b8:9c:3e:99:79:fc:d7:54:25:c1:eb:84:
f4:bf:94:0f:cf:6c:8e:4e:84:08:4e:4a:b6:d0:9d:
80:f8:b6:8d:4d:7f:9f:d5:74:a0:0d:a6:bf:98:ec:
46:41:5c:07:65:50:50:ce:b3:9f:37:b5:02:ca:31:
7f:8b:f8:7d:68:33:fe:1e:12:72:51:6d:4b:45:5f:
26:c7:b6:8a:bb:b7:74:00:6f:2c:94:7f:a3:88:c2:
26:d6:27:84:c9:99:f5:8b:cc:e2:e3:f4:17:9f:a6:
75:45:e9:bb:fc:d9:ac:65:ee:d5:45:5e:72:0a:b5:
f3:39:6d:04:c8:df:a7:2f:74:0c:02:09:82:e7:90:
90:37:e6:63:30:3e:c4:ae:47:09:d2:d9:49:90:f1:
68:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:5F:3A:72:DB:F1:7C:4A:17:86:D2:76:1B:BE:C5:F2:64:48:67:D3
X509v3 Authority Key Identifier:
keyid:AD:B3:65:AC:F6:F9:18:49:97:07:DD:A1:3F:03:3E:2C:D6:11:03:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rbNlrPb5GEmXB92hPwM-LNYRAwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a68387-861a-4b93-a3fc-adadd6295822/1/AF86ctvxfEoXhtJ2G77F8mRIZ9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a68387-861a-4b93-a3fc-adadd6295822/1/rbNlrPb5GEmXB92hPwM-LNYRAwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.138.0.0/18
185.90.108.0/22
IPv6:
2a05:dcc0::/29
Signature Algorithm: sha256WithRSAEncryption
3b:f4:55:ae:e6:ff:f6:4d:7c:ec:2d:f8:f0:6e:96:05:c4:9b:
99:4e:9f:22:60:bb:aa:71:c6:76:ee:19:e7:b5:c7:84:81:4f:
22:9b:bd:59:6d:0e:1e:1d:80:37:74:80:ab:72:da:bc:71:4c:
0c:08:c8:92:7e:f7:32:5b:76:bc:32:58:e8:8b:e2:bd:e9:d4:
c1:af:79:69:86:98:90:77:4b:a0:ea:cc:d3:3a:39:fb:c2:a8:
7a:c2:f0:28:53:b6:5b:cf:85:54:74:ff:e0:e9:51:a4:23:c3:
12:5c:76:12:71:79:73:ff:da:3c:0a:b2:7b:a1:f9:ba:ec:b0:
52:b0:3f:91:7f:eb:b6:fa:a2:21:00:6b:76:a3:64:08:f8:7c:
a2:52:ee:e3:3f:85:57:46:68:9d:48:c6:fe:08:58:6d:a4:d2:
e3:b1:69:13:07:f1:46:61:8b:f8:58:9a:5a:12:35:94:93:18:
4a:3a:ed:fb:4c:a3:13:38:81:c5:cf:cd:9f:55:b3:d8:f4:b0:
52:07:29:d7:39:a0:b1:f8:cc:57:b3:50:52:81:ad:9c:b2:6e:
44:4b:9b:8c:15:b8:11:cf:61:29:e7:ec:02:57:03:e7:74:8b:
38:47:2b:9b:58:2a:28:16:3c:2d:d1:4f:17:e6:d6:e9:a0:61:
fc:8b:27:a9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzCbYOqKH1uWAiP1UpR4gxgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYjM2NWFjZjZmOTE4NDk5NzA3ZGRhMTNmMDMzZTJjZDYx
MTAzMDgwHhcNMjQwMTAxMDAzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDVmM2E3MmRiZjE3YzRhMTc4NmQyNzYxYmJlYzVmMjY0NDg2N2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApD9uXZOTd1d03puQgsPZsxqPOukG
dkiq72FsZgrQbKLgYhNHPuo3+VK8ikHexDrKHJl6908taI0+7Ml8U+D2lf9JYx1h
p8l/S1isPRijordib81kowlYbWUGOoCYM6XZC3i/1V8h2xOMh5G4nD6ZefzXVCXB
64T0v5QPz2yOToQITkq20J2A+LaNTX+f1XSgDaa/mOxGQVwHZVBQzrOfN7UCyjF/
i/h9aDP+HhJyUW1LRV8mx7aKu7d0AG8slH+jiMIm1ieEyZn1i8zi4/QXn6Z1Rem7
/NmsZe7VRV5yCrXzOW0EyN+nL3QMAgmC55CQN+ZjMD7ErkcJ0tlJkPFo/wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFABfOnLb8XxKF4bSdhu+xfJkSGfTMB8GA1UdIwQY
MBaAFK2zZaz2+RhJlwfdoT8DPizWEQMIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmJObHJQYjVHRW1YQjkyaFB3TS1MTllSQXdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9hNjgzODctODYxYS00YjkzLWEzZmMt
YWRhZGQ2Mjk1ODIyLzEvQUY4NmN0dnhmRW9YaHRKMkc3N0Y4bVJJWjlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9hNjgzODctODYxYS00YjkzLWEzZmMtYWRhZGQ2Mjk1ODIy
LzEvcmJObHJQYjVHRW1YQjkyaFB3TS1MTllSQXdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGW4oAAwQC
uVpsMA0EAgACMAcDBQMqBdzAMA0GCSqGSIb3DQEBCwUAA4IBAQA79FWu5v/2TXzs
LfjwbpYFxJuZTp8iYLuqccZ27hnntceEgU8im71ZbQ4eHYA3dICrctq8cUwMCMiS
fvcyW3a8Mljoi+K96dTBr3lphpiQd0ug6szTOjn7wqh6wvAoU7Zbz4VUdP/g6VGk
I8MSXHYScXlz/9o8CrJ7ofm67LBSsD+Rf+u2+qIhAGt2o2QI+HyiUu7jP4VXRmid
SMb+CFhtpNLjsWkTB/FGYYv4WJpaEjWUkxhKOu37TKMTOIHFz82fVbPY9LBSBynX
OaCx+MxXs1BSga2csm5ES5uMFbgRz2Ep5+wCVwPndIs4RyubWCooFjwt0U8X5tbp
oGH8iyep
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:34:27 2024 by rpki-client on console-ams.rpki-client.org