Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/gIY91EakNPhFKtiITSnkop1p7_I.roa
File: gIY91EakNPhFKtiITSnkop1p7_I.roa (raw, json)
Hash identifier: mqcK5TZqqcx9/hIyjg+kN9725J9r1rkFrZMpTp6Y6R8=
Subject key identifier: 80:86:3D:D4:46:A4:34:F8:45:2A:D8:88:4D:29:E4:A2:9D:69:EF:F2
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 0191B8FBEA18FFA23F993A2AF5577BDDB30D
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/gIY91EakNPhFKtiITSnkop1p7_I.roa
Signing time: Tue 03 Sep 2024 17:43:22 +0000
ROA not before: Tue 03 Sep 2024 17:43:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43278
IP address blocks: 85.8.186.0/24 maxlen: 24
91.220.80.0/24 maxlen: 24
194.147.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b8:fb:ea:18:ff:a2:3f:99:3a:2a:f5:57:7b:dd:b3:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Sep 3 17:43:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80863dd446a434f8452ad8884d29e4a29d69eff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:56:fd:37:a2:35:e0:65:10:03:d9:15:58:c7:
02:af:6e:ab:0b:63:4b:6e:65:a2:d1:23:74:ee:18:
a5:30:df:86:91:52:03:34:26:77:70:e9:65:6b:b1:
d0:8e:5a:8d:9c:be:96:86:03:2d:6a:97:fb:b8:04:
ae:25:96:67:11:e6:9a:53:24:f3:4a:6d:d9:49:1d:
fd:42:40:0c:0c:e2:60:a7:1a:2d:51:55:73:00:e7:
a7:81:b3:4b:37:c9:d4:d6:9f:42:1a:fb:aa:47:5d:
8e:4b:9b:61:1d:93:34:34:1a:fe:f5:d9:14:58:cc:
0f:20:dd:1c:4a:7e:76:da:06:36:bf:48:2d:b2:43:
ba:8f:01:64:6b:a5:a4:34:bf:e3:36:7e:b0:fc:f3:
62:2c:49:b0:0e:2d:16:21:c3:18:85:ff:05:78:07:
a3:71:4b:9f:5a:1a:10:6e:75:49:84:7d:c6:9c:dc:
d5:b5:66:14:60:1a:19:e9:8e:73:75:2b:31:32:03:
c8:42:9c:0a:31:1f:3f:89:79:6f:04:04:b1:38:27:
63:59:02:79:71:5c:e7:2b:c5:c2:be:53:51:52:12:
c7:d7:38:30:25:46:79:10:1b:21:14:88:b2:08:12:
aa:cb:20:ff:c5:57:61:ee:52:20:2d:63:09:7e:4b:
7c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:86:3D:D4:46:A4:34:F8:45:2A:D8:88:4D:29:E4:A2:9D:69:EF:F2
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/gIY91EakNPhFKtiITSnkop1p7_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.186.0/24
91.220.80.0/24
194.147.90.0/24
Signature Algorithm: sha256WithRSAEncryption
56:08:ff:df:52:aa:00:19:67:e2:30:8d:e3:70:25:63:1b:7e:
e2:38:e6:68:c6:74:8d:81:df:d2:be:fc:f7:91:55:d8:03:b9:
90:a1:4e:50:5d:72:d3:2e:42:46:d6:0a:c2:d3:cc:ee:eb:be:
3f:02:93:b0:a1:dd:f7:42:56:98:bb:9f:57:06:d7:2c:bb:82:
fe:19:08:f5:7a:b3:4e:f6:5d:1b:b0:23:18:ce:d2:a0:dd:e0:
76:c4:a5:a8:0a:17:c6:86:f4:2f:d5:e4:a3:01:2e:30:e1:43:
52:25:32:55:50:68:b9:43:fa:08:7d:0b:23:43:2a:ec:97:9e:
a6:ef:63:63:71:4d:e6:2a:19:e2:36:2b:05:96:41:76:09:cb:
79:ef:2f:91:7a:44:ca:f0:5b:45:fb:dd:f8:f4:4f:c5:e5:68:
1d:27:1e:e0:c8:9b:71:2b:19:a4:59:1f:ee:f8:3e:13:50:7f:
0b:b4:13:94:5e:5e:43:86:aa:c2:a1:d5:69:db:e0:31:70:a6:
98:c1:89:7b:2d:03:cd:06:3e:14:96:a3:a7:94:05:43:95:a2:
ef:b6:b0:ca:d7:26:1e:56:9d:c0:2c:20:00:98:21:99:a2:28:
78:90:77:61:ea:06:86:ed:fc:8a:94:b7:c0:99:88:16:a6:2e:
b2:1a:d7:8a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZG4++oY/6I/mToq9Vd73bMNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwOTAzMTc0MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDg2M2RkNDQ2YTQzNGY4NDUyYWQ4ODg0ZDI5ZTRhMjlkNjllZmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlb9N6I14GUQA9kVWMcCr26rC2NL
bmWi0SN07hilMN+GkVIDNCZ3cOlla7HQjlqNnL6WhgMtapf7uASuJZZnEeaaUyTz
Sm3ZSR39QkAMDOJgpxotUVVzAOengbNLN8nU1p9CGvuqR12OS5thHZM0NBr+9dkU
WMwPIN0cSn522gY2v0gtskO6jwFka6WkNL/jNn6w/PNiLEmwDi0WIcMYhf8FeAej
cUufWhoQbnVJhH3GnNzVtWYUYBoZ6Y5zdSsxMgPIQpwKMR8/iXlvBASxOCdjWQJ5
cVznK8XCvlNRUhLH1zgwJUZ5EBshFIiyCBKqyyD/xVdh7lIgLWMJfkt8EwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFICGPdRGpDT4RSrYiE0p5KKdae/yMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvZ0lZOTFFYWtOUGhGS3RpSVRTbmtvcDFwN19JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVQi6AwQA
W9xQAwQAwpNaMA0GCSqGSIb3DQEBCwUAA4IBAQBWCP/fUqoAGWfiMI3jcCVjG37i
OOZoxnSNgd/Svvz3kVXYA7mQoU5QXXLTLkJG1grC08zu674/ApOwod33QlaYu59X
Btcsu4L+GQj1erNO9l0bsCMYztKg3eB2xKWoChfGhvQv1eSjAS4w4UNSJTJVUGi5
Q/oIfQsjQyrsl56m72NjcU3mKhniNisFlkF2Cct57y+RekTK8FtF+9349E/F5Wgd
Jx7gyJtxKxmkWR/u+D4TUH8LtBOUXl5DhqrCodVp2+AxcKaYwYl7LQPNBj4UlqOn
lAVDlaLvtrDK1yYeVp3ALCAAmCGZoih4kHdh6gaG7fyKlLfAmYgWpi6yGteK
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:41:54 2024 by rpki-client on console-ams.rpki-client.org