Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/d1c937-e767-4ab1-8c5c-0952589b8b59/1/dJEMlwcyCgOEfG8jOHB1h2EiykU.roa
File: dJEMlwcyCgOEfG8jOHB1h2EiykU.roa (raw, json)
Hash identifier: et3VPssKBeLxMXw0/1H9lyFC9Yk8wJ3TW9fTdgtQkcQ=
Subject key identifier: 74:91:0C:97:07:32:0A:03:84:7C:6F:23:38:70:75:87:61:22:CA:45
Certificate issuer: /CN=3054bb6e9f78011b8cc5d3f23b70b66cf6979aa7
Certificate serial: 018CC64AFCC039C6A5BD8A3602683A9A768B
Authority key identifier: 30:54:BB:6E:9F:78:01:1B:8C:C5:D3:F2:3B:70:B6:6C:F6:97:9A:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MFS7bp94ARuMxdPyO3C2bPaXmqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/d1c937-e767-4ab1-8c5c-0952589b8b59/1/dJEMlwcyCgOEfG8jOHB1h2EiykU.roa
Signing time: Mon 01 Jan 2024 18:30:52 +0000
ROA not before: Mon 01 Jan 2024 18:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34814
IP address blocks: 193.151.104.0/22 maxlen: 24
46.149.80.0/20 maxlen: 24
195.60.174.0/23 maxlen: 24
91.203.12.0/22 maxlen: 24
193.37.156.0/24 maxlen: 24
193.16.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/d1c937-e767-4ab1-8c5c-0952589b8b59/1/MFS7bp94ARuMxdPyO3C2bPaXmqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/d1c937-e767-4ab1-8c5c-0952589b8b59/1/MFS7bp94ARuMxdPyO3C2bPaXmqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/MFS7bp94ARuMxdPyO3C2bPaXmqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 07 Jun 2024 20:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:fc:c0:39:c6:a5:bd:8a:36:02:68:3a:9a:76:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3054bb6e9f78011b8cc5d3f23b70b66cf6979aa7
Validity
Not Before: Jan 1 18:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74910c9707320a03847c6f23387075876122ca45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9f:71:79:df:53:75:71:aa:9a:38:da:f7:98:
f0:bb:a4:a3:fc:67:1c:b4:3e:b8:87:1a:71:ea:94:
eb:38:fb:1c:41:f8:1e:15:25:41:1c:80:6a:36:d2:
b9:3e:ad:fa:16:14:c3:da:79:39:7d:f9:41:0d:85:
12:f1:d1:9c:4c:99:81:7a:cb:e8:b1:3e:4c:ea:08:
6c:02:d0:06:1b:3a:e8:06:d3:f2:6f:1a:3a:0e:f1:
9e:6c:7d:57:d9:1a:bc:a7:b8:ea:6d:5f:aa:0a:cf:
23:dc:4b:ae:ac:b4:85:0a:96:01:a1:dc:ff:fb:6c:
5a:a3:94:b4:c7:6e:9b:4c:53:f9:5f:b5:bf:87:62:
70:23:26:f2:82:c3:01:de:6d:d8:7f:e8:5c:b8:12:
fc:e6:47:6a:4e:3e:f5:83:d3:fe:b8:1d:12:2b:ce:
40:22:6e:b0:fd:fd:26:59:57:e8:a3:01:f1:f9:31:
f7:25:b3:d0:7d:ce:4a:40:99:2d:31:ab:a0:fc:f7:
4d:d3:fe:42:b2:a5:8d:d1:35:91:94:12:3a:b0:fd:
dc:65:b1:87:81:c7:e2:9c:c4:1b:2d:d0:04:4d:61:
f8:b4:6a:d8:e8:a7:a7:7d:77:4e:7b:ce:c2:dc:e8:
2b:ed:16:6d:e0:80:c4:41:f4:5a:72:2b:fd:cb:ad:
5a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:91:0C:97:07:32:0A:03:84:7C:6F:23:38:70:75:87:61:22:CA:45
X509v3 Authority Key Identifier:
keyid:30:54:BB:6E:9F:78:01:1B:8C:C5:D3:F2:3B:70:B6:6C:F6:97:9A:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MFS7bp94ARuMxdPyO3C2bPaXmqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/d1c937-e767-4ab1-8c5c-0952589b8b59/1/dJEMlwcyCgOEfG8jOHB1h2EiykU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/d1c937-e767-4ab1-8c5c-0952589b8b59/1/MFS7bp94ARuMxdPyO3C2bPaXmqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.80.0/20
91.203.12.0/22
193.16.45.0/24
193.37.156.0/24
193.151.104.0/22
195.60.174.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:31:0f:a8:29:c0:5a:75:5d:ef:0b:fa:d6:22:41:60:b2:9f:
c9:6c:5b:93:d0:ca:7e:70:d3:7b:8b:0f:0c:4f:08:e7:70:bb:
53:8a:52:da:ed:2f:06:ee:6a:21:ab:ef:a8:00:17:89:95:f6:
5d:8a:a8:9c:f6:90:41:15:82:3d:80:0b:b9:1d:3a:94:2b:af:
35:3a:55:80:52:1a:b3:25:2c:8c:95:70:fc:1a:cf:f6:17:f1:
e8:60:18:41:89:e8:e9:01:cc:c2:7e:fe:55:ef:97:4c:e2:32:
b3:60:c1:37:d3:5b:c8:58:72:38:c4:39:43:61:6a:c8:a3:55:
e3:5c:4e:d8:d2:d3:f6:10:59:6e:39:2b:4e:5a:06:f2:08:a8:
63:7a:4e:b9:e6:23:73:d4:9a:46:b2:4c:8a:db:4e:05:fa:ce:
fb:49:de:72:a8:e5:08:67:55:5d:19:bf:e7:36:db:ed:1f:f1:
7e:53:3c:b3:81:3e:69:8c:5d:90:2b:6b:b5:20:43:d2:32:f7:
a1:fb:75:00:9f:34:ff:6b:ae:ea:01:a4:86:05:39:4f:24:c3:
64:63:fd:c4:d3:cb:91:10:ae:ab:bf:ab:9f:fd:71:60:aa:7a:
00:3e:a0:4b:89:ea:92:23:96:04:78:e3:28:40:cf:9c:14:76:
9b:a4:5a:44
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzGSvzAOcalvYo2Amg6mnaLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNTRiYjZlOWY3ODAxMWI4Y2M1ZDNmMjNiNzBiNjZjZjY5
NzlhYTcwHhcNMjQwMTAxMTgzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDkxMGM5NzA3MzIwYTAzODQ3YzZmMjMzODcwNzU4NzYxMjJjYTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJ9xed9TdXGqmjja95jwu6Sj/Gcc
tD64hxpx6pTrOPscQfgeFSVBHIBqNtK5Pq36FhTD2nk5fflBDYUS8dGcTJmBesvo
sT5M6ghsAtAGGzroBtPybxo6DvGebH1X2Rq8p7jqbV+qCs8j3EuurLSFCpYBodz/
+2xao5S0x26bTFP5X7W/h2JwIybygsMB3m3Yf+hcuBL85kdqTj71g9P+uB0SK85A
Im6w/f0mWVfoowHx+TH3JbPQfc5KQJktMaug/PdN0/5CsqWN0TWRlBI6sP3cZbGH
gcfinMQbLdAETWH4tGrY6KenfXdOe87C3Ogr7RZt4IDEQfRaciv9y61ajwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHSRDJcHMgoDhHxvIzhwdYdhIspFMB8GA1UdIwQY
MBaAFDBUu26feAEbjMXT8jtwtmz2l5qnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUZTN2JwOTRBUnVNeGRQeU8zQzJiUGFYbXFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9kMWM5MzctZTc2Ny00YWIxLThjNWMt
MDk1MjU4OWI4YjU5LzEvZEpFTWx3Y3lDZ09FZkc4ak9IQjFoMkVpeWtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9kMWM5MzctZTc2Ny00YWIxLThjNWMtMDk1MjU4OWI4YjU5
LzEvTUZTN2JwOTRBUnVNeGRQeU8zQzJiUGFYbXFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQELpVQAwQC
W8sMAwQAwRAtAwQAwSWcAwQCwZdoAwQBwzyuMA0GCSqGSIb3DQEBCwUAA4IBAQCn
MQ+oKcBadV3vC/rWIkFgsp/JbFuT0Mp+cNN7iw8MTwjncLtTilLa7S8G7mohq++o
ABeJlfZdiqic9pBBFYI9gAu5HTqUK681OlWAUhqzJSyMlXD8Gs/2F/HoYBhBiejp
AczCfv5V75dM4jKzYME301vIWHI4xDlDYWrIo1XjXE7Y0tP2EFluOStOWgbyCKhj
ek655iNz1JpGskyK204F+s77Sd5yqOUIZ1VdGb/nNtvtH/F+UzyzgT5pjF2QK2u1
IEPSMveh+3UAnzT/a67qAaSGBTlPJMNkY/3E08uREK6rv6uf/XFgqnoAPqBLieqS
I5YEeOMoQM+cFHabpFpE
-----END CERTIFICATE-----
Generated at Fri Jun 7 00:41:35 2024 by rpki-client on console-fra.rpki-client.org