Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/gy0Xm-l3Iw4QXzePtA5UYOhuNs0.roa
File: gy0Xm-l3Iw4QXzePtA5UYOhuNs0.roa (raw, json)
Hash identifier: tR7enQ+XKuz2jjpRd7BSnIOahQ3TLNsIDzSEKG4uzAk=
Subject key identifier: 83:2D:17:9B:E9:77:23:0E:10:5F:37:8F:B4:0E:54:60:E8:6E:36:CD
Certificate issuer: /CN=b0ef19bcb23a2f04c586ac1311a91bc7ca2a9765
Certificate serial: 018CC5DC088E2D939592BA1DFBD732C77295
Authority key identifier: B0:EF:19:BC:B2:3A:2F:04:C5:86:AC:13:11:A9:1B:C7:CA:2A:97:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sO8ZvLI6LwTFhqwTEakbx8oql2U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/gy0Xm-l3Iw4QXzePtA5UYOhuNs0.roa
Signing time: Mon 01 Jan 2024 16:29:40 +0000
ROA not before: Mon 01 Jan 2024 16:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6730
IP address blocks: 91.214.170.0/24 maxlen: 24
91.214.171.0/24 maxlen: 24
91.214.168.0/24 maxlen: 24
91.214.168.0/22 maxlen: 22
91.214.169.0/24 maxlen: 24
91.213.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/sO8ZvLI6LwTFhqwTEakbx8oql2U.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/sO8ZvLI6LwTFhqwTEakbx8oql2U.mft
rsync://rpki.ripe.net/repository/DEFAULT/sO8ZvLI6LwTFhqwTEakbx8oql2U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:08:8e:2d:93:95:92:ba:1d:fb:d7:32:c7:72:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0ef19bcb23a2f04c586ac1311a91bc7ca2a9765
Validity
Not Before: Jan 1 16:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=832d179be977230e105f378fb40e5460e86e36cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:6e:af:1c:5a:0f:69:ba:ab:50:88:15:cd:ba:
e5:84:b0:a6:af:d6:32:47:fe:bd:bb:ba:1d:35:1f:
c9:ee:d5:61:9e:8c:b0:86:63:44:32:f7:2f:ab:b5:
98:1d:e5:59:eb:f7:c2:e9:cb:49:52:a7:91:4b:5a:
90:b7:00:0e:e7:9e:7b:b3:5e:9a:8f:7d:ab:c2:34:
bc:f6:00:91:e6:cd:21:2b:49:a4:38:91:d0:66:74:
81:e8:23:2b:f2:9d:79:b8:0f:a4:3b:ec:b4:8c:d3:
72:73:cc:1f:af:e7:c3:77:54:48:8d:a6:96:90:20:
56:79:b4:e4:f4:5e:3c:75:d0:9d:04:a8:c3:da:8c:
c9:b1:f5:15:b7:19:75:02:ca:64:ab:7a:c4:e6:f9:
ce:8f:07:85:5d:bd:a3:94:8a:41:67:ac:96:c8:f8:
31:c8:8a:ee:db:92:87:97:36:67:4b:a2:ae:42:c4:
6e:7f:94:41:0e:f8:9f:28:a5:f6:1d:e3:20:22:3e:
47:2f:f6:d5:2f:6b:e3:b4:b5:70:f5:e1:32:9b:95:
27:c5:2d:ae:74:16:db:19:0b:76:a0:c2:cf:ff:92:
89:4a:fe:fa:95:9c:19:70:14:85:24:b2:d8:e4:14:
f3:28:41:47:be:c8:7d:af:43:3c:8e:f3:98:47:e3:
4d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:2D:17:9B:E9:77:23:0E:10:5F:37:8F:B4:0E:54:60:E8:6E:36:CD
X509v3 Authority Key Identifier:
keyid:B0:EF:19:BC:B2:3A:2F:04:C5:86:AC:13:11:A9:1B:C7:CA:2A:97:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sO8ZvLI6LwTFhqwTEakbx8oql2U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/gy0Xm-l3Iw4QXzePtA5UYOhuNs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/sO8ZvLI6LwTFhqwTEakbx8oql2U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.4.0/24
91.214.168.0/22
Signature Algorithm: sha256WithRSAEncryption
82:a5:89:81:55:96:f2:41:d3:f9:d6:31:fc:8d:e3:5b:69:f5:
aa:29:14:d1:2c:f5:49:f8:46:64:0a:87:4d:5c:ce:8d:41:a0:
b4:cd:61:d9:0d:de:9d:be:1a:f3:9c:31:d3:11:d8:a7:94:a1:
27:60:78:87:37:cc:3b:f2:28:97:80:85:03:32:0a:1f:f4:2f:
c7:64:68:d4:73:45:e8:ca:d9:63:1b:d8:6d:ae:1d:b1:4f:2a:
af:88:a5:27:a9:ea:fb:32:1b:0b:d4:16:b3:e0:5f:5c:b3:04:
f9:e1:33:84:6e:32:74:11:9b:c6:57:1b:c7:4a:8f:1b:c9:23:
91:80:d5:53:13:93:ba:bc:ea:a7:45:ac:86:50:77:70:f8:73:
d0:b5:8f:07:4d:4d:5d:bc:02:36:cd:04:aa:a7:9c:0b:38:50:
60:5f:d9:e1:15:1f:0b:e5:d7:c0:04:79:1c:44:de:0a:26:4f:
e7:13:11:72:94:52:33:fc:3d:6c:c1:9a:a9:2b:d8:96:ff:87:
7a:f7:6d:14:06:7d:53:95:36:da:78:6a:32:5d:77:bc:5f:56:
dd:4e:32:a2:f1:18:0c:88:9d:c4:81:19:f5:e8:26:b3:c5:da:
89:2f:1e:59:82:68:7d:5a:df:ad:07:03:0c:fe:bb:7d:6d:3f:
42:3e:63:6c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3AiOLZOVkrod+9cyx3KVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZWYxOWJjYjIzYTJmMDRjNTg2YWMxMzExYTkxYmM3Y2Ey
YTk3NjUwHhcNMjQwMTAxMTYyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzJkMTc5YmU5NzcyMzBlMTA1ZjM3OGZiNDBlNTQ2MGU4NmUzNmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjW6vHFoPabqrUIgVzbrlhLCmr9Yy
R/69u7odNR/J7tVhnoywhmNEMvcvq7WYHeVZ6/fC6ctJUqeRS1qQtwAO5557s16a
j32rwjS89gCR5s0hK0mkOJHQZnSB6CMr8p15uA+kO+y0jNNyc8wfr+fDd1RIjaaW
kCBWebTk9F48ddCdBKjD2ozJsfUVtxl1Aspkq3rE5vnOjweFXb2jlIpBZ6yWyPgx
yIru25KHlzZnS6KuQsRuf5RBDvifKKX2HeMgIj5HL/bVL2vjtLVw9eEym5UnxS2u
dBbbGQt2oMLP/5KJSv76lZwZcBSFJLLY5BTzKEFHvsh9r0M8jvOYR+NN6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIMtF5vpdyMOEF83j7QOVGDobjbNMB8GA1UdIwQY
MBaAFLDvGbyyOi8ExYasExGpG8fKKpdlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc084WnZMSTZMd1RGaHF3VEVha2J4OG9xbDJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZjNlNTEtNzlkNi00MDc4LWE1Njkt
ZDAwMDNhNmI1MjI0LzEvZ3kwWG0tbDNJdzRRWHplUHRBNVVZT2h1TnMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZjNlNTEtNzlkNi00MDc4LWE1NjktZDAwMDNhNmI1MjI0
LzEvc084WnZMSTZMd1RGaHF3VEVha2J4OG9xbDJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9UEAwQC
W9aoMA0GCSqGSIb3DQEBCwUAA4IBAQCCpYmBVZbyQdP51jH8jeNbafWqKRTRLPVJ
+EZkCodNXM6NQaC0zWHZDd6dvhrznDHTEdinlKEnYHiHN8w78iiXgIUDMgof9C/H
ZGjUc0XoytljG9htrh2xTyqviKUnqer7MhsL1Baz4F9cswT54TOEbjJ0EZvGVxvH
So8bySORgNVTE5O6vOqnRayGUHdw+HPQtY8HTU1dvAI2zQSqp5wLOFBgX9nhFR8L
5dfABHkcRN4KJk/nExFylFIz/D1swZqpK9iW/4d6920UBn1TlTbaeGoyXXe8X1bd
TjKi8RgMiJ3EgRn16CazxdqJLx5Zgmh9Wt+tBwMM/rt9bT9CPmNs
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:42:29 2024 by rpki-client on console-ams.rpki-client.org