Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/b897ad-5d41-40a2-90c3-e29ee3d91395/1/4Jo91k0Wf4KG5UqL4eI7iinWrLg.roa
File: 4Jo91k0Wf4KG5UqL4eI7iinWrLg.roa (raw, json)
Hash identifier: ClqMRuYCbruqmgad7CYiZk1I6wffjCiR5odxvh+olsQ=
Subject key identifier: E0:9A:3D:D6:4D:16:7F:82:86:E5:4A:8B:E1:E2:3B:8A:29:D6:AC:B8
Certificate issuer: /CN=db418bcf3194317b9c2881193196feb598fd9eee
Certificate serial: 018CC425636EFC803A87AB6E954688E9E7F2
Authority key identifier: DB:41:8B:CF:31:94:31:7B:9C:28:81:19:31:96:FE:B5:98:FD:9E:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20GLzzGUMXucKIEZMZb-tZj9nu4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/b897ad-5d41-40a2-90c3-e29ee3d91395/1/4Jo91k0Wf4KG5UqL4eI7iinWrLg.roa
Signing time: Mon 01 Jan 2024 08:30:33 +0000
ROA not before: Mon 01 Jan 2024 08:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48571
IP address blocks: 91.216.80.0/24 maxlen: 24
194.55.152.0/22 maxlen: 24
91.209.189.0/24 maxlen: 24
2a0c:cb40::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/b897ad-5d41-40a2-90c3-e29ee3d91395/1/20GLzzGUMXucKIEZMZb-tZj9nu4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/b897ad-5d41-40a2-90c3-e29ee3d91395/1/20GLzzGUMXucKIEZMZb-tZj9nu4.mft
rsync://rpki.ripe.net/repository/DEFAULT/20GLzzGUMXucKIEZMZb-tZj9nu4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:63:6e:fc:80:3a:87:ab:6e:95:46:88:e9:e7:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db418bcf3194317b9c2881193196feb598fd9eee
Validity
Not Before: Jan 1 08:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e09a3dd64d167f8286e54a8be1e23b8a29d6acb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:11:04:28:f8:f6:a1:a7:7f:5e:62:86:2a:cb:
34:ab:79:40:16:66:c0:ff:7f:69:a9:70:72:c4:2b:
43:8b:2e:26:2f:6f:ca:c0:13:42:17:49:04:33:7a:
82:1a:b6:fb:56:52:77:91:8c:57:5f:b7:98:79:99:
39:59:82:3a:9d:2b:b2:78:6e:27:f6:1f:8f:5b:52:
c5:bd:2a:43:e3:d0:c7:bb:c4:3b:91:df:2f:5e:c3:
a2:13:bf:1a:3b:3e:aa:c4:8c:c6:31:29:79:34:6e:
5c:07:f8:7b:c6:02:37:41:86:37:7d:28:7a:f7:bb:
0f:85:8c:e1:1a:7e:25:8c:b3:89:05:30:39:26:f8:
a1:9e:58:c9:f5:d0:b4:d9:18:ac:6f:ae:84:35:40:
23:20:d9:9e:9c:b7:e5:ad:74:e2:2b:92:c7:39:64:
5d:63:07:74:b7:30:14:81:f0:15:4e:b4:8b:ea:cb:
2a:84:d3:64:36:20:b2:99:e9:aa:1b:18:62:6b:ff:
7d:e3:05:27:19:6a:a5:2c:29:ab:19:dc:59:c0:07:
02:d4:3f:1f:a8:91:04:41:6d:7d:38:5f:cf:06:3d:
94:d1:9f:cd:e7:50:63:70:01:da:58:3e:ac:1d:c0:
18:ee:96:ba:f5:9a:09:6c:c8:14:c2:d4:8f:51:23:
d9:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:9A:3D:D6:4D:16:7F:82:86:E5:4A:8B:E1:E2:3B:8A:29:D6:AC:B8
X509v3 Authority Key Identifier:
keyid:DB:41:8B:CF:31:94:31:7B:9C:28:81:19:31:96:FE:B5:98:FD:9E:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20GLzzGUMXucKIEZMZb-tZj9nu4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b897ad-5d41-40a2-90c3-e29ee3d91395/1/4Jo91k0Wf4KG5UqL4eI7iinWrLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b897ad-5d41-40a2-90c3-e29ee3d91395/1/20GLzzGUMXucKIEZMZb-tZj9nu4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.189.0/24
91.216.80.0/24
194.55.152.0/22
IPv6:
2a0c:cb40::/29
Signature Algorithm: sha256WithRSAEncryption
3b:07:d8:bb:72:27:42:ce:cb:6c:d0:4c:f8:31:ef:0e:b7:cc:
1e:55:5a:22:89:e0:42:30:7e:23:91:e7:00:59:db:46:73:92:
df:79:ed:8b:cb:dc:63:6d:7b:4d:4c:ba:5d:93:78:2a:77:98:
47:5a:f4:36:30:64:30:35:e3:b4:c6:e3:60:b8:ae:3a:ee:bc:
87:89:f1:a6:55:94:07:ba:1e:93:c5:f9:af:18:21:42:c8:3f:
e2:34:ff:a1:72:01:96:11:a6:45:c9:d4:89:0b:fd:2c:fd:aa:
9f:06:96:ec:41:e8:97:53:6e:ba:3b:97:89:6e:27:02:6a:ae:
86:75:af:43:c6:77:50:a0:ae:a9:2a:73:f5:2d:d8:3f:7e:6f:
ac:dd:1a:9d:f1:b9:24:43:82:8a:9e:4c:82:b9:cf:3a:c4:81:
9f:b4:b1:a5:45:14:3f:c4:2f:ec:c5:f3:2f:2a:d7:47:f7:c9:
a7:9b:f2:cb:a3:67:55:a1:e6:a6:9b:91:14:d1:4a:9a:2c:53:
62:ff:61:21:aa:3a:1f:ec:a9:47:1d:61:4d:a8:71:43:24:c4:
7b:4f:cf:68:52:7e:59:51:d4:2e:96:0d:5b:b3:68:90:dc:04:
f2:a8:3d:c1:ec:4e:08:05:8b:32:ba:d6:9b:d5:8e:10:1c:ff:
e1:32:ed:78
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEJWNu/IA6h6tulUaI6efyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDE4YmNmMzE5NDMxN2I5YzI4ODExOTMxOTZmZWI1OThm
ZDllZWUwHhcNMjQwMTAxMDgzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDlhM2RkNjRkMTY3ZjgyODZlNTRhOGJlMWUyM2I4YTI5ZDZhY2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhREEKPj2oad/XmKGKss0q3lAFmbA
/39pqXByxCtDiy4mL2/KwBNCF0kEM3qCGrb7VlJ3kYxXX7eYeZk5WYI6nSuyeG4n
9h+PW1LFvSpD49DHu8Q7kd8vXsOiE78aOz6qxIzGMSl5NG5cB/h7xgI3QYY3fSh6
97sPhYzhGn4ljLOJBTA5JvihnljJ9dC02Risb66ENUAjINmenLflrXTiK5LHOWRd
Ywd0tzAUgfAVTrSL6ssqhNNkNiCymemqGxhia/994wUnGWqlLCmrGdxZwAcC1D8f
qJEEQW19OF/PBj2U0Z/N51BjcAHaWD6sHcAY7pa69ZoJbMgUwtSPUSPZYwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOCaPdZNFn+ChuVKi+HiO4op1qy4MB8GA1UdIwQY
MBaAFNtBi88xlDF7nCiBGTGW/rWY/Z7uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBHTHp6R1VNWHVjS0lFWk1aYi10Wmo5bnU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9iODk3YWQtNWQ0MS00MGEyLTkwYzMt
ZTI5ZWUzZDkxMzk1LzEvNEpvOTFrMFdmNEtHNVVxTDRlSTdpaW5XckxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9iODk3YWQtNWQ0MS00MGEyLTkwYzMtZTI5ZWUzZDkxMzk1
LzEvMjBHTHp6R1VNWHVjS0lFWk1aYi10Wmo5bnU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW9G9AwQA
W9hQAwQCwjeYMA0EAgACMAcDBQMqDMtAMA0GCSqGSIb3DQEBCwUAA4IBAQA7B9i7
cidCzsts0Ez4Me8Ot8weVVoiieBCMH4jkecAWdtGc5Lfee2Ly9xjbXtNTLpdk3gq
d5hHWvQ2MGQwNeO0xuNguK467ryHifGmVZQHuh6TxfmvGCFCyD/iNP+hcgGWEaZF
ydSJC/0s/aqfBpbsQeiXU266O5eJbicCaq6Gda9DxndQoK6pKnP1Ldg/fm+s3Rqd
8bkkQ4KKnkyCuc86xIGftLGlRRQ/xC/sxfMvKtdH98mnm/LLo2dVoeamm5EU0Uqa
LFNi/2Ehqjof7KlHHWFNqHFDJMR7T89oUn5ZUdQulg1bs2iQ3ATyqD3B7E4IBYsy
utab1Y4QHP/hMu14
-----END CERTIFICATE-----
Generated at Sun May 19 22:59:40 2024 by rpki-client on console-fra.rpki-client.org