Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/94622d-c26d-4376-b059-bd405419b00d/1/Y3_pIPJxPQy2GoNd-v4OkOV77tY.roa
File: Y3_pIPJxPQy2GoNd-v4OkOV77tY.roa (raw, json)
Hash identifier: SPVgZ67EbHTdoTiVHzmjdI/3YDNq7ANATRhxjrf218U=
Subject key identifier: 63:7F:E9:20:F2:71:3D:0C:B6:1A:83:5D:FA:FE:0E:90:E5:7B:EE:D6
Certificate issuer: /CN=d38579e4c7da01df0465186236e9af27eb7312ed
Certificate serial: 01924D7CAB0E7E3D10AC5AAB7EE1DA410ADA
Authority key identifier: D3:85:79:E4:C7:DA:01:DF:04:65:18:62:36:E9:AF:27:EB:73:12:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/04V55MfaAd8EZRhiNumvJ-tzEu0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/94622d-c26d-4376-b059-bd405419b00d/1/Y3_pIPJxPQy2GoNd-v4OkOV77tY.roa
Signing time: Wed 02 Oct 2024 13:47:48 +0000
ROA not before: Wed 02 Oct 2024 13:47:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28773
IP address blocks: 91.236.138.0/23 maxlen: 23
188.190.160.0/19 maxlen: 19
195.78.38.0/23 maxlen: 23
2001:67c:2ee4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/94622d-c26d-4376-b059-bd405419b00d/1/04V55MfaAd8EZRhiNumvJ-tzEu0.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/94622d-c26d-4376-b059-bd405419b00d/1/04V55MfaAd8EZRhiNumvJ-tzEu0.mft
rsync://rpki.ripe.net/repository/DEFAULT/04V55MfaAd8EZRhiNumvJ-tzEu0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4d:7c:ab:0e:7e:3d:10:ac:5a:ab:7e:e1:da:41:0a:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d38579e4c7da01df0465186236e9af27eb7312ed
Validity
Not Before: Oct 2 13:47:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=637fe920f2713d0cb61a835dfafe0e90e57beed6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:04:9b:0f:6a:c2:9c:93:e9:a7:bb:24:ac:bd:
3e:a6:25:76:02:4b:28:02:90:38:b4:23:1e:b2:e6:
85:8e:69:3f:5c:ec:53:10:6b:09:cb:4f:e3:8f:9e:
69:c4:fd:92:59:6a:e3:aa:b3:75:68:1e:bf:30:05:
d8:c2:4a:8f:d0:d7:d8:e1:ea:61:a2:d9:e6:52:d7:
08:8f:d3:5d:8a:6a:90:6c:ad:3d:27:be:eb:30:50:
03:a2:e4:61:01:7c:2d:16:d5:55:08:6a:74:7a:4c:
a6:9e:0a:f8:a4:66:2b:7a:09:24:8c:c0:07:b5:64:
66:6f:56:5f:87:d9:61:f2:f7:6f:b3:42:8e:96:0c:
28:95:1c:83:79:70:40:d5:65:f0:3f:30:8c:99:01:
92:cc:24:c4:d1:30:be:b1:fa:6a:f3:7a:06:0b:5c:
60:e9:4d:69:c6:67:07:0e:fe:04:bc:60:e9:fe:c4:
e5:f1:05:02:b9:bf:85:26:6d:12:f4:09:6b:2b:b9:
ed:a7:b8:3b:98:7b:76:d5:9f:ba:57:d8:81:aa:0b:
13:71:81:ef:36:47:4a:37:b9:7b:fc:2d:58:5b:d3:
de:7a:c1:da:c5:8b:b9:31:53:8d:20:86:8f:69:d1:
3f:c6:bf:47:53:9b:f1:fb:2c:24:6e:75:04:20:ba:
f1:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:7F:E9:20:F2:71:3D:0C:B6:1A:83:5D:FA:FE:0E:90:E5:7B:EE:D6
X509v3 Authority Key Identifier:
keyid:D3:85:79:E4:C7:DA:01:DF:04:65:18:62:36:E9:AF:27:EB:73:12:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04V55MfaAd8EZRhiNumvJ-tzEu0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/94622d-c26d-4376-b059-bd405419b00d/1/Y3_pIPJxPQy2GoNd-v4OkOV77tY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/94622d-c26d-4376-b059-bd405419b00d/1/04V55MfaAd8EZRhiNumvJ-tzEu0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.138.0/23
188.190.160.0/19
195.78.38.0/23
IPv6:
2001:67c:2ee4::/48
Signature Algorithm: sha256WithRSAEncryption
57:bf:71:87:77:9a:28:90:35:8e:b3:b1:f5:0b:e3:b6:fb:db:
8f:e3:55:4b:b4:e0:86:a1:51:d4:83:0e:30:29:96:5b:f4:f0:
ef:9e:bf:c4:b3:6d:8d:bf:4f:c6:42:3d:f9:02:8b:b4:c5:fe:
d6:e5:fd:e6:51:aa:0b:f5:9b:ff:bc:54:dd:64:49:a7:98:54:
b2:20:0f:9e:19:06:1f:ca:d2:75:65:cb:1f:59:4f:aa:d5:a7:
6c:df:c5:3c:64:b3:56:dd:42:bf:12:e4:37:e5:de:54:ba:e3:
19:ad:2e:5d:15:20:90:e9:f3:1c:99:7e:66:04:b1:8d:14:e6:
4a:50:52:c6:f8:08:87:ca:ba:e8:91:a9:95:1b:5a:30:43:35:
9c:0d:48:4b:37:be:62:0b:a3:cd:06:a2:da:39:3a:09:d0:4a:
69:c2:4b:1d:f7:a3:37:f9:77:29:b3:56:97:19:2d:93:4a:d8:
b2:bf:cd:e7:16:c1:95:cd:03:0e:88:98:e7:62:2f:6e:6c:fc:
d5:e9:3b:e5:a9:ec:f8:b3:95:37:0d:6c:d0:f7:c7:6f:ed:78:
e9:b5:22:1d:eb:da:2f:f4:20:70:8f:06:53:15:d0:4e:4b:b7:
40:e6:ab:3c:42:ad:b5:d2:24:27:6f:0d:24:e1:4c:08:b2:87:
6c:c6:38:69
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZJNfKsOfj0QrFqrfuHaQQraMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzODU3OWU0YzdkYTAxZGYwNDY1MTg2MjM2ZTlhZjI3ZWI3
MzEyZWQwHhcNMjQxMDAyMTM0NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzdmZTkyMGYyNzEzZDBjYjYxYTgzNWRmYWZlMGU5MGU1N2JlZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwSbD2rCnJPpp7skrL0+piV2Akso
ApA4tCMesuaFjmk/XOxTEGsJy0/jj55pxP2SWWrjqrN1aB6/MAXYwkqP0NfY4eph
otnmUtcIj9NdimqQbK09J77rMFADouRhAXwtFtVVCGp0ekymngr4pGYregkkjMAH
tWRmb1Zfh9lh8vdvs0KOlgwolRyDeXBA1WXwPzCMmQGSzCTE0TC+sfpq83oGC1xg
6U1pxmcHDv4EvGDp/sTl8QUCub+FJm0S9AlrK7ntp7g7mHt21Z+6V9iBqgsTcYHv
NkdKN7l7/C1YW9PeesHaxYu5MVONIIaPadE/xr9HU5vx+ywkbnUEILrxkQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGN/6SDycT0MthqDXfr+DpDle+7WMB8GA1UdIwQY
MBaAFNOFeeTH2gHfBGUYYjbpryfrcxLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDRWNTVNZmFBZDhFWlJoaU51bXZKLXR6RXUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC85NDYyMmQtYzI2ZC00Mzc2LWIwNTkt
YmQ0MDU0MTliMDBkLzEvWTNfcElQSnhQUXkyR29OZC12NE9rT1Y3N3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC85NDYyMmQtYzI2ZC00Mzc2LWIwNTktYmQ0MDU0MTliMDBk
LzEvMDRWNTVNZmFBZDhFWlJoaU51bXZKLXR6RXUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQBW+yKAwQF
vL6gAwQBw04mMA8EAgACMAkDBwAgAQZ8LuQwDQYJKoZIhvcNAQELBQADggEBAFe/
cYd3miiQNY6zsfUL47b724/jVUu04IahUdSDDjApllv08O+ev8SzbY2/T8ZCPfkC
i7TF/tbl/eZRqgv1m/+8VN1kSaeYVLIgD54ZBh/K0nVlyx9ZT6rVp2zfxTxks1bd
Qr8S5Dfl3lS64xmtLl0VIJDp8xyZfmYEsY0U5kpQUsb4CIfKuuiRqZUbWjBDNZwN
SEs3vmILo80Goto5OgnQSmnCSx33ozf5dymzVpcZLZNK2LK/zecWwZXNAw6ImOdi
L25s/NXpO+Wp7PizlTcNbND3x2/teOm1Ih3r2i/0IHCPBlMV0E5Lt0DmqzxCrbXS
JCdvDSThTAiyh2zGOGk=
-----END CERTIFICATE-----
Generated at Tue Nov 26 07:58:16 2024 by rpki-client on console-fra.rpki-client.org