Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/N55sy6v_9W2s9TQP9WPCjO9slbo.roa
File: N55sy6v_9W2s9TQP9WPCjO9slbo.roa (raw, json)
Hash identifier: UpskQoINGA88EjJGIVkrMvpMtXX4M3J0WJoIXz5Ixwc=
Subject key identifier: 37:9E:6C:CB:AB:FF:F5:6D:AC:F5:34:0F:F5:63:C2:8C:EF:6C:95:BA
Certificate issuer: /CN=fb723706d0e83758ba52138e9db4207b5a5c189c
Certificate serial: 018CC3492799EA481D1AA1A2EF472B364D31
Authority key identifier: FB:72:37:06:D0:E8:37:58:BA:52:13:8E:9D:B4:20:7B:5A:5C:18:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3I3BtDoN1i6UhOOnbQge1pcGJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/N55sy6v_9W2s9TQP9WPCjO9slbo.roa
Signing time: Mon 01 Jan 2024 04:30:00 +0000
ROA not before: Mon 01 Jan 2024 04:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48345
IP address blocks: 185.168.169.0/24 maxlen: 24
91.223.220.0/24 maxlen: 24
91.234.215.0/24 maxlen: 24
94.232.112.0/21 maxlen: 21
2001:67c:174::/48 maxlen: 48
2001:67c:15b8::/48 maxlen: 48
2001:67c:28d8::/48 maxlen: 48
2a0e:d340::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/1-3I3BtDoN1i6UhOOnbQge1pcGJw.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/1-3I3BtDoN1i6UhOOnbQge1pcGJw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-3I3BtDoN1i6UhOOnbQge1pcGJw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:27:99:ea:48:1d:1a:a1:a2:ef:47:2b:36:4d:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb723706d0e83758ba52138e9db4207b5a5c189c
Validity
Not Before: Jan 1 04:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=379e6ccbabfff56dacf5340ff563c28cef6c95ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ad:04:c9:e1:9e:b6:52:26:ab:f8:8c:d6:68:
62:4e:12:f6:4a:fd:61:fb:f5:b3:e6:fc:be:11:78:
6d:ba:d7:b0:cc:60:bd:f5:c6:ac:20:0c:b3:01:08:
23:76:98:f1:85:70:f0:c1:3c:5f:4b:76:85:25:d0:
8d:f1:0c:e1:53:d3:46:19:b5:72:c5:1e:a7:59:bc:
00:61:44:3e:f6:89:be:bb:36:1f:e4:7a:6b:d0:87:
24:13:65:57:77:d7:79:cd:b9:da:61:f5:17:ab:fa:
b8:5c:10:0d:0b:83:58:76:e4:c3:b3:8b:13:87:af:
1f:37:75:bb:06:d4:ab:48:f4:0d:3d:6e:2e:a2:84:
91:b1:64:ba:54:e6:e3:6b:4e:73:97:02:86:83:22:
b0:cc:6b:8f:1b:86:95:c4:d8:22:db:ce:48:aa:4a:
0a:96:df:e1:46:f4:4e:9e:47:d7:c3:ac:61:3b:bc:
71:66:1a:37:e6:70:62:98:c4:c6:7e:a6:14:43:61:
92:32:de:07:b6:e8:d4:20:17:22:b1:f2:22:37:61:
0b:f0:8e:48:ca:09:4f:b5:54:54:49:66:a6:90:37:
7b:cc:09:03:b5:81:ee:56:9c:c2:85:1d:3b:a8:21:
44:58:1c:ef:92:67:5f:98:8f:e8:43:ac:3e:2f:2c:
26:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:9E:6C:CB:AB:FF:F5:6D:AC:F5:34:0F:F5:63:C2:8C:EF:6C:95:BA
X509v3 Authority Key Identifier:
keyid:FB:72:37:06:D0:E8:37:58:BA:52:13:8E:9D:B4:20:7B:5A:5C:18:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3I3BtDoN1i6UhOOnbQge1pcGJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/N55sy6v_9W2s9TQP9WPCjO9slbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/1-3I3BtDoN1i6UhOOnbQge1pcGJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.220.0/24
91.234.215.0/24
94.232.112.0/21
185.168.169.0/24
IPv6:
2001:67c:174::/48
2001:67c:15b8::/48
2001:67c:28d8::/48
2a0e:d340::/48
Signature Algorithm: sha256WithRSAEncryption
26:21:16:0a:94:86:62:ca:23:71:93:b4:1c:2a:f1:3e:e4:02:
ae:ef:5f:b6:77:46:cf:ee:b3:a2:df:92:b0:95:9b:1b:94:23:
63:46:5f:31:e0:4e:b0:d0:f7:62:66:ca:45:97:b4:c9:ea:2d:
73:8c:3f:b1:21:29:b1:03:69:2a:dc:b2:26:69:f9:4a:ba:7f:
85:f5:ba:14:e9:7b:b7:44:11:6e:5e:88:ce:ec:ba:3a:5e:60:
b7:cb:95:95:8b:d8:c0:3e:cc:f7:e4:37:5c:0a:aa:19:5d:66:
e6:29:fc:e2:78:d0:a9:8c:8c:39:e4:ac:58:90:c9:74:3a:a4:
23:7f:7b:62:16:43:16:99:16:f0:1d:b9:70:9c:d7:6b:49:9d:
30:d8:61:46:ec:84:b0:6c:b4:50:36:83:73:fa:a2:63:09:58:
23:6e:b6:e7:c2:ce:63:90:65:b3:39:39:74:84:74:85:c6:41:
e7:5e:c5:97:03:83:ba:3a:a5:3e:fe:5b:3e:a8:c4:97:88:79:
41:5d:54:ce:e5:1c:b4:d7:c2:02:77:43:7a:a7:93:99:a1:10:
4d:d2:c2:4a:5d:c2:87:2d:cf:f6:2d:35:bb:98:f2:b9:a0:90:
67:ae:56:90:9c:b5:92:69:27:eb:f4:bc:3d:30:64:3b:b0:83:
58:fd:8b:af
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYzDSSeZ6kgdGqGi70crNk0xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNzIzNzA2ZDBlODM3NThiYTUyMTM4ZTlkYjQyMDdiNWE1
YzE4OWMwHhcNMjQwMTAxMDQzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzllNmNjYmFiZmZmNTZkYWNmNTM0MGZmNTYzYzI4Y2VmNmM5NWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtq0EyeGetlImq/iM1mhiThL2Sv1h
+/Wz5vy+EXhtutewzGC99casIAyzAQgjdpjxhXDwwTxfS3aFJdCN8QzhU9NGGbVy
xR6nWbwAYUQ+9om+uzYf5Hpr0IckE2VXd9d5zbnaYfUXq/q4XBANC4NYduTDs4sT
h68fN3W7BtSrSPQNPW4uooSRsWS6VObja05zlwKGgyKwzGuPG4aVxNgi285IqkoK
lt/hRvROnkfXw6xhO7xxZho35nBimMTGfqYUQ2GSMt4HtujUIBcisfIiN2EL8I5I
yglPtVRUSWamkDd7zAkDtYHuVpzChR07qCFEWBzvkmdfmI/oQ6w+LywmkwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFDeebMur//VtrPU0D/VjwozvbJW6MB8GA1UdIwQY
MBaAFPtyNwbQ6DdYulITjp20IHtaXBicMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0zSTNCdERvTjFpNlVoT09uYlFnZTFwY0dKdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkvY2ZhYzMxLTgzNTYtNDMyZC1hMzRk
LWI2MTQzNjExOTZmZC8xL041NXN5NnZfOVcyczlUUVA5V1BDak85c2xiby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTkvY2ZhYzMxLTgzNTYtNDMyZC1hMzRkLWI2MTQzNjExOTZm
ZC8xLzEtM0kzQnREb04xaTZVaE9PbmJRZ2UxcGNHSncuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwXQYIKwYBBQUHAQcBAf8ETjBMMB4EAgABMBgDBABb39wD
BABb6tcDBANe6HADBAC5qKkwKgQCAAIwJAMHACABBnwBdAMHACABBnwVuAMHACAB
Bnwo2AMHACoO00AAADANBgkqhkiG9w0BAQsFAAOCAQEAJiEWCpSGYsojcZO0HCrx
PuQCru9ftndGz+6zot+SsJWbG5QjY0ZfMeBOsND3YmbKRZe0yeotc4w/sSEpsQNp
KtyyJmn5Srp/hfW6FOl7t0QRbl6Izuy6Ol5gt8uVlYvYwD7M9+Q3XAqqGV1m5in8
4njQqYyMOeSsWJDJdDqkI397YhZDFpkW8B25cJzXa0mdMNhhRuyEsGy0UDaDc/qi
YwlYI26258LOY5Blszk5dIR0hcZB517FlwODujqlPv5bPqjEl4h5QV1UzuUctNfC
AndDeqeTmaEQTdLCSl3Chy3P9i01u5jyuaCQZ65WkJy1kmkn6/S8PTBkO7CDWP2L
rw==
-----END CERTIFICATE-----
Generated at Tue May 21 10:43:49 2024 by rpki-client on console-ams.rpki-client.org