Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5b5f0c-3c3d-4e20-b035-056c7bf6d7d8/1/53AMaBb7TuqSxSEfG9TYVYoZ70c.roa
File: 53AMaBb7TuqSxSEfG9TYVYoZ70c.roa (raw, json)
Hash identifier: jgedzHU3UUCsUh5Px5g4n3fZwa2eVob32ac6Os7K1K8=
Subject key identifier: E7:70:0C:68:16:FB:4E:EA:92:C5:21:1F:1B:D4:D8:55:8A:19:EF:47
Certificate issuer: /CN=cdea4adee80b06519ce40dd3d13f28ba9f575957
Certificate serial: 018D692B054BF3669CD751C3F84C08203D81
Authority key identifier: CD:EA:4A:DE:E8:0B:06:51:9C:E4:0D:D3:D1:3F:28:BA:9F:57:59:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zepK3ugLBlGc5A3T0T8oup9XWVc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5b5f0c-3c3d-4e20-b035-056c7bf6d7d8/1/53AMaBb7TuqSxSEfG9TYVYoZ70c.roa
Signing time: Fri 02 Feb 2024 09:34:03 +0000
ROA not before: Fri 02 Feb 2024 09:34:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 91.227.208.0/24 maxlen: 24
185.64.73.0/24 maxlen: 24
185.64.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/5b5f0c-3c3d-4e20-b035-056c7bf6d7d8/1/zepK3ugLBlGc5A3T0T8oup9XWVc.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/5b5f0c-3c3d-4e20-b035-056c7bf6d7d8/1/zepK3ugLBlGc5A3T0T8oup9XWVc.mft
rsync://rpki.ripe.net/repository/DEFAULT/zepK3ugLBlGc5A3T0T8oup9XWVc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:69:2b:05:4b:f3:66:9c:d7:51:c3:f8:4c:08:20:3d:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdea4adee80b06519ce40dd3d13f28ba9f575957
Validity
Not Before: Feb 2 09:34:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7700c6816fb4eea92c5211f1bd4d8558a19ef47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:0f:0d:79:82:22:21:2c:96:6d:42:b6:e4:f1:
dc:dd:b6:fb:76:b2:0e:f1:24:2a:72:e0:80:7f:07:
0f:b7:f0:83:47:cb:ca:03:c4:52:c9:46:67:22:30:
be:f1:e7:c3:d7:cc:76:8f:1e:35:57:44:65:f5:c5:
1f:d0:5b:81:63:47:2d:28:bc:cd:fd:4f:28:d9:ae:
bd:21:2e:4f:ee:bb:83:97:94:28:80:eb:92:c6:63:
ec:82:b6:97:7b:37:a6:b9:f5:5a:1c:ca:d8:dc:c9:
98:f9:c4:3c:c9:c4:41:f7:7c:99:ca:56:f9:72:18:
6b:ea:46:4a:f3:4f:f3:e6:41:f2:db:0e:00:e6:e2:
c0:18:34:2f:b0:c8:38:a4:68:c2:45:1d:a0:62:f4:
03:ce:a1:f0:a4:d8:63:f4:92:ce:6c:70:90:38:85:
08:4e:57:49:5f:dd:36:c3:76:68:7e:69:fc:b2:da:
6d:66:81:25:dc:e3:ae:c2:c4:fa:45:27:cd:16:52:
00:65:8e:12:2a:b4:7a:6a:09:bf:88:6a:37:be:90:
71:8e:30:e3:ef:5b:11:bf:21:7a:fe:d0:7b:b9:de:
eb:65:c6:e1:ae:0b:73:72:83:8c:b0:0e:90:fe:46:
91:03:a1:2f:73:f0:43:d2:af:34:a0:b2:12:88:1c:
80:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:70:0C:68:16:FB:4E:EA:92:C5:21:1F:1B:D4:D8:55:8A:19:EF:47
X509v3 Authority Key Identifier:
keyid:CD:EA:4A:DE:E8:0B:06:51:9C:E4:0D:D3:D1:3F:28:BA:9F:57:59:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zepK3ugLBlGc5A3T0T8oup9XWVc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5b5f0c-3c3d-4e20-b035-056c7bf6d7d8/1/53AMaBb7TuqSxSEfG9TYVYoZ70c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5b5f0c-3c3d-4e20-b035-056c7bf6d7d8/1/zepK3ugLBlGc5A3T0T8oup9XWVc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.208.0/24
185.64.73.0-185.64.74.255
Signature Algorithm: sha256WithRSAEncryption
4e:80:0c:04:95:85:81:06:3d:07:d4:58:8c:6a:08:f7:3d:a2:
67:3c:fa:e1:82:1b:21:41:c5:a9:26:b6:40:ca:f8:e8:78:90:
2b:88:35:f4:52:6f:02:92:47:34:2c:48:ba:70:bb:f3:db:76:
31:fd:a9:ec:7b:52:15:ca:01:45:65:5e:f0:84:61:b7:c8:81:
a5:df:1c:40:81:8e:e2:39:c8:7c:15:b1:1d:29:67:98:6e:0d:
62:48:17:6a:ec:9a:47:68:97:6b:46:ab:3a:30:92:66:85:b2:
b5:8c:98:00:ed:4d:49:44:64:73:38:2e:30:5b:46:10:46:4a:
83:e0:25:2d:c8:4f:38:25:63:44:bd:ec:c0:0a:d3:34:c0:d8:
7c:43:5b:1b:8d:63:d6:c0:9a:f0:39:00:7c:76:95:8f:77:3e:
67:40:3a:ef:9c:74:48:f2:e4:1b:f9:e3:bf:8d:4f:68:8e:84:
fa:8a:30:93:ca:17:6c:7a:fb:1d:c8:2e:e9:9b:bc:08:37:48:
7c:1c:4c:9a:f3:74:41:70:86:c4:2e:dc:14:65:63:11:4a:cd:
04:ff:90:68:5d:c9:91:c1:d3:b1:2f:04:2c:14:63:84:9c:04:
4a:09:87:6c:86:be:86:4a:61:e5:34:14:76:b4:95:e4:57:16:
02:7c:a6:44
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY1pKwVL82ac11HD+EwIID2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZWE0YWRlZTgwYjA2NTE5Y2U0MGRkM2QxM2YyOGJhOWY1
NzU5NTcwHhcNMjQwMjAyMDkzNDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzcwMGM2ODE2ZmI0ZWVhOTJjNTIxMWYxYmQ0ZDg1NThhMTllZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAng8NeYIiISyWbUK25PHc3bb7drIO
8SQqcuCAfwcPt/CDR8vKA8RSyUZnIjC+8efD18x2jx41V0Rl9cUf0FuBY0ctKLzN
/U8o2a69IS5P7ruDl5QogOuSxmPsgraXezemufVaHMrY3MmY+cQ8ycRB93yZylb5
chhr6kZK80/z5kHy2w4A5uLAGDQvsMg4pGjCRR2gYvQDzqHwpNhj9JLObHCQOIUI
TldJX902w3Zofmn8stptZoEl3OOuwsT6RSfNFlIAZY4SKrR6agm/iGo3vpBxjjDj
71sRvyF6/tB7ud7rZcbhrgtzcoOMsA6Q/kaRA6Evc/BD0q80oLISiByAUQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOdwDGgW+07qksUhHxvU2FWKGe9HMB8GA1UdIwQY
MBaAFM3qSt7oCwZRnOQN09E/KLqfV1lXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemVwSzN1Z0xCbEdjNUEzVDBUOG91cDlYV1ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81YjVmMGMtM2MzZC00ZTIwLWIwMzUt
MDU2YzdiZjZkN2Q4LzEvNTNBTWFCYjdUdXFTeFNFZkc5VFlWWW9aNzBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81YjVmMGMtM2MzZC00ZTIwLWIwMzUtMDU2YzdiZjZkN2Q4
LzEvemVwSzN1Z0xCbEdjNUEzVDBUOG91cDlYV1ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAW+PQMAwD
BAC5QEkDBAC5QEowDQYJKoZIhvcNAQELBQADggEBAE6ADASVhYEGPQfUWIxqCPc9
omc8+uGCGyFBxakmtkDK+Oh4kCuINfRSbwKSRzQsSLpwu/PbdjH9qex7UhXKAUVl
XvCEYbfIgaXfHECBjuI5yHwVsR0pZ5huDWJIF2rsmkdol2tGqzowkmaFsrWMmADt
TUlEZHM4LjBbRhBGSoPgJS3ITzglY0S97MAK0zTA2HxDWxuNY9bAmvA5AHx2lY93
PmdAOu+cdEjy5Bv547+NT2iOhPqKMJPKF2x6+x3ILumbvAg3SHwcTJrzdEFwhsQu
3BRlYxFKzQT/kGhdyZHB07EvBCwUY4ScBEoJh2yGvoZKYeU0FHa0leRXFgJ8pkQ=
-----END CERTIFICATE-----
Generated at Thu May 2 06:45:36 2024 by rpki-client on console-fra.rpki-client.org