Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/591jALtH1xecOJfGoqGBhiLo1-A.roa
File: 591jALtH1xecOJfGoqGBhiLo1-A.roa (raw, json)
Hash identifier: rDpMrpxpetKrGmlFYsXipXl2KZhQTUdmel02LMg363I=
Subject key identifier: E7:DD:63:00:BB:47:D7:17:9C:38:97:C6:A2:A1:81:86:22:E8:D7:E0
Certificate issuer: /CN=8636a4e14a71ddd510164b8631ad99bbfc75953a
Certificate serial: 018E7EFABBC75A54B08F83114AA633E83495
Authority key identifier: 86:36:A4:E1:4A:71:DD:D5:10:16:4B:86:31:AD:99:BB:FC:75:95:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hjak4Upx3dUQFkuGMa2Zu_x1lTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/591jALtH1xecOJfGoqGBhiLo1-A.roa
Signing time: Wed 27 Mar 2024 08:15:45 +0000
ROA not before: Wed 27 Mar 2024 08:15:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12577
IP address blocks: 185.148.92.0/22 maxlen: 22
199.255.112.0/22 maxlen: 22
206.225.20.0/22 maxlen: 22
212.24.116.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/hjak4Upx3dUQFkuGMa2Zu_x1lTo.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/hjak4Upx3dUQFkuGMa2Zu_x1lTo.mft
rsync://rpki.ripe.net/repository/DEFAULT/hjak4Upx3dUQFkuGMa2Zu_x1lTo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7e:fa:bb:c7:5a:54:b0:8f:83:11:4a:a6:33:e8:34:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8636a4e14a71ddd510164b8631ad99bbfc75953a
Validity
Not Before: Mar 27 08:15:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7dd6300bb47d7179c3897c6a2a1818622e8d7e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e2:79:6b:2c:ea:da:6a:2d:ff:73:18:dd:d8:
b4:49:22:55:47:f9:ed:4b:95:1c:6f:2f:3b:bd:8b:
7e:27:f2:02:5f:25:35:96:3a:b4:21:55:f3:66:8f:
95:0c:10:42:d6:25:bf:9a:43:c6:0d:bb:72:34:9c:
2a:5a:d9:85:ec:1a:1e:1d:f4:18:c7:4c:d1:de:b7:
81:7b:a1:97:0c:6e:d5:d2:4a:4d:26:df:e1:81:85:
ad:b3:63:c9:79:d3:6c:b2:1b:3c:c9:9e:45:e1:c0:
29:a1:09:c4:aa:02:5e:a2:82:48:c7:97:34:17:ba:
59:88:99:a8:04:60:55:e7:44:40:9f:69:87:8e:a3:
f4:3e:f1:7f:73:67:5f:8d:89:84:06:99:36:0d:cd:
f3:73:85:19:6e:95:f0:53:b3:56:58:77:ec:1e:65:
67:f9:31:c5:f7:cf:a8:60:77:37:57:e7:78:ba:bf:
dc:55:e6:ba:27:dc:5a:50:f3:d0:d3:f4:aa:69:b2:
73:ef:48:b4:bf:bc:40:d7:58:ed:dc:21:56:72:c3:
24:ab:71:79:aa:51:d8:fd:0a:55:0c:86:57:95:4f:
6d:7a:fa:e1:a9:87:9e:f5:23:4a:86:0f:1c:73:09:
8d:b6:41:b2:de:95:7f:77:04:e6:77:cf:eb:ba:27:
47:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:DD:63:00:BB:47:D7:17:9C:38:97:C6:A2:A1:81:86:22:E8:D7:E0
X509v3 Authority Key Identifier:
keyid:86:36:A4:E1:4A:71:DD:D5:10:16:4B:86:31:AD:99:BB:FC:75:95:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hjak4Upx3dUQFkuGMa2Zu_x1lTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/591jALtH1xecOJfGoqGBhiLo1-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/hjak4Upx3dUQFkuGMa2Zu_x1lTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.92.0/22
199.255.112.0/22
206.225.20.0/22
212.24.116.0/22
Signature Algorithm: sha256WithRSAEncryption
74:b0:8d:28:46:42:c6:96:78:27:90:ef:60:96:74:b8:4c:c4:
8a:a0:80:9a:b8:c2:60:7c:35:c5:3d:98:37:40:bf:e5:0d:89:
38:9e:b3:1e:40:f0:e5:c1:54:99:e3:e6:cb:ee:d5:92:eb:cb:
b2:8a:2d:d5:15:a5:ba:8f:e3:34:e2:d1:fb:50:e6:53:08:8a:
22:6b:6a:fe:46:13:e9:6b:56:fd:58:84:77:a4:b5:9a:c8:43:
3c:eb:b7:53:2b:2c:52:1c:1f:d3:b6:05:ce:33:dc:3b:29:7f:
27:e3:a3:73:02:c6:a9:d9:e5:fd:81:5b:87:ea:ea:19:09:cf:
9f:a5:bf:c1:84:7a:5a:09:e1:82:04:51:2a:86:d0:40:02:6c:
c8:ee:86:df:62:cb:05:ea:fe:44:1f:6c:28:c7:ab:44:aa:83:
a1:1c:7c:23:8f:81:57:85:d9:c8:a2:2d:59:90:62:27:67:66:
63:31:a1:61:96:bc:1f:be:db:30:17:9d:07:3b:4b:1c:f0:f9:
4d:b4:21:66:9c:52:a0:6e:a4:36:db:ab:03:54:2d:e4:da:9c:
8e:73:98:20:ca:3f:0a:ba:ea:da:1c:d4:d7:6a:10:c8:6f:59:
90:dd:50:e4:e8:1f:4d:3d:24:e2:59:f0:25:cb:b1:ad:4a:6c:
84:7f:f8:7c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY5++rvHWlSwj4MRSqYz6DSVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MzZhNGUxNGE3MWRkZDUxMDE2NGI4NjMxYWQ5OWJiZmM3
NTk1M2EwHhcNMjQwMzI3MDgxNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2RkNjMwMGJiNDdkNzE3OWMzODk3YzZhMmExODE4NjIyZThkN2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+J5ayzq2mot/3MY3di0SSJVR/nt
S5Ucby87vYt+J/ICXyU1ljq0IVXzZo+VDBBC1iW/mkPGDbtyNJwqWtmF7BoeHfQY
x0zR3reBe6GXDG7V0kpNJt/hgYWts2PJedNsshs8yZ5F4cApoQnEqgJeooJIx5c0
F7pZiJmoBGBV50RAn2mHjqP0PvF/c2dfjYmEBpk2Dc3zc4UZbpXwU7NWWHfsHmVn
+THF98+oYHc3V+d4ur/cVea6J9xaUPPQ0/SqabJz70i0v7xA11jt3CFWcsMkq3F5
qlHY/QpVDIZXlU9tevrhqYee9SNKhg8ccwmNtkGy3pV/dwTmd8/ruidHJwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOfdYwC7R9cXnDiXxqKhgYYi6NfgMB8GA1UdIwQY
MBaAFIY2pOFKcd3VEBZLhjGtmbv8dZU6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGphazRVcHgzZFVRRmt1R01hMlp1X3gxbFRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jZGVjYTMtNGVmMS00NWFkLTg5MjIt
MmY3Y2Y4NDQ2YTMxLzEvNTkxakFMdEgxeGVjT0pmR29xR0JoaUxvMS1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jZGVjYTMtNGVmMS00NWFkLTg5MjItMmY3Y2Y4NDQ2YTMx
LzEvaGphazRVcHgzZFVRRmt1R01hMlp1X3gxbFRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuZRcAwQC
x/9wAwQCzuEUAwQC1Bh0MA0GCSqGSIb3DQEBCwUAA4IBAQB0sI0oRkLGlngnkO9g
lnS4TMSKoICauMJgfDXFPZg3QL/lDYk4nrMeQPDlwVSZ4+bL7tWS68uyii3VFaW6
j+M04tH7UOZTCIoia2r+RhPpa1b9WIR3pLWayEM867dTKyxSHB/TtgXOM9w7KX8n
46NzAsap2eX9gVuH6uoZCc+fpb/BhHpaCeGCBFEqhtBAAmzI7obfYssF6v5EH2wo
x6tEqoOhHHwjj4FXhdnIoi1ZkGInZ2ZjMaFhlrwfvtswF50HO0sc8PlNtCFmnFKg
bqQ226sDVC3k2pyOc5ggyj8KuuraHNTXahDIb1mQ3VDk6B9NPSTiWfAly7GtSmyE
f/h8
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:53:01 2024 by rpki-client on console-ams.rpki-client.org