Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/f7fe9b-69ae-4206-8d66-f660a57e2dd5/1/5URjvdjsP-F4HhuUnl-SBFt9JAs.roa
File: 5URjvdjsP-F4HhuUnl-SBFt9JAs.roa (raw, json)
Hash identifier: e3XKCTU33fY5kbETVbV7/a5zfaDTPa+ty64eh0GP1iE=
Subject key identifier: E5:44:63:BD:D8:EC:3F:E1:78:1E:1B:94:9E:5F:92:04:5B:7D:24:0B
Certificate issuer: /CN=3ca1fabe9f0b3e977f8e0829c0bf5f0878384668
Certificate serial: 018CC2DB52557C2A38C24016FA5C50257B23
Authority key identifier: 3C:A1:FA:BE:9F:0B:3E:97:7F:8E:08:29:C0:BF:5F:08:78:38:46:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PKH6vp8LPpd_jggpwL9fCHg4Rmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/f7fe9b-69ae-4206-8d66-f660a57e2dd5/1/5URjvdjsP-F4HhuUnl-SBFt9JAs.roa
Signing time: Mon 01 Jan 2024 02:30:02 +0000
ROA not before: Mon 01 Jan 2024 02:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201160
IP address blocks: 91.235.64.0/24 maxlen: 24
185.11.213.0/24 maxlen: 24
185.11.212.0/24 maxlen: 24
185.11.215.0/24 maxlen: 24
185.11.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/f7fe9b-69ae-4206-8d66-f660a57e2dd5/1/PKH6vp8LPpd_jggpwL9fCHg4Rmg.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/f7fe9b-69ae-4206-8d66-f660a57e2dd5/1/PKH6vp8LPpd_jggpwL9fCHg4Rmg.mft
rsync://rpki.ripe.net/repository/DEFAULT/PKH6vp8LPpd_jggpwL9fCHg4Rmg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:52:55:7c:2a:38:c2:40:16:fa:5c:50:25:7b:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ca1fabe9f0b3e977f8e0829c0bf5f0878384668
Validity
Not Before: Jan 1 02:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e54463bdd8ec3fe1781e1b949e5f92045b7d240b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:28:ef:11:d2:07:c5:25:0c:8e:8e:fb:a0:d3:
9e:65:57:5b:33:b6:1f:b2:55:54:a1:c9:78:8d:29:
75:41:71:1a:18:45:e7:a7:64:53:91:12:45:6e:6e:
18:26:32:3f:d2:3e:78:68:4b:61:a5:3f:89:18:ba:
fa:f1:74:02:f1:41:53:cf:ef:21:ae:e2:85:a0:38:
47:6f:35:6c:3f:35:ef:62:d9:c0:c5:38:f8:84:56:
16:a1:a9:aa:21:e8:ae:82:20:d2:b4:7e:9f:cc:0a:
fb:73:87:ab:60:2a:a2:1b:52:1f:0d:04:f3:58:27:
5a:fe:72:70:41:72:e6:61:63:19:9d:2a:98:89:d9:
16:45:8a:41:8d:a3:b8:8f:f5:69:9f:2f:a7:e8:7d:
2c:5c:b9:dc:60:94:7a:93:14:da:26:bb:97:7c:1d:
dc:d9:cc:e5:85:0c:99:fa:04:c6:98:28:c2:99:90:
bd:3e:93:7a:4e:f5:2e:c5:a9:f6:56:0a:f6:cf:25:
68:85:2b:13:b4:eb:aa:a4:e5:f7:a1:59:05:98:d4:
51:fa:6b:80:1c:c5:78:ab:e1:db:b6:8b:3f:06:eb:
1a:23:95:e9:15:82:4e:01:8a:ed:f4:c1:80:7a:3c:
8b:47:e6:5b:35:82:40:81:95:60:99:01:c6:67:9e:
2c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:44:63:BD:D8:EC:3F:E1:78:1E:1B:94:9E:5F:92:04:5B:7D:24:0B
X509v3 Authority Key Identifier:
keyid:3C:A1:FA:BE:9F:0B:3E:97:7F:8E:08:29:C0:BF:5F:08:78:38:46:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PKH6vp8LPpd_jggpwL9fCHg4Rmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/f7fe9b-69ae-4206-8d66-f660a57e2dd5/1/5URjvdjsP-F4HhuUnl-SBFt9JAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/f7fe9b-69ae-4206-8d66-f660a57e2dd5/1/PKH6vp8LPpd_jggpwL9fCHg4Rmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.64.0/24
185.11.212.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:b3:34:b8:76:1c:dc:04:c2:dd:2e:91:c8:83:26:c6:38:41:
4a:6f:f9:ff:dd:b9:f5:95:01:d0:74:95:41:19:3a:df:6a:c0:
79:42:50:e2:9e:eb:2a:87:07:64:47:82:21:0e:6c:82:a6:80:
0a:10:00:fd:c1:68:22:22:b8:ff:ad:7e:97:a7:f9:17:4b:13:
58:82:52:7a:df:cf:53:62:ca:c2:c7:a5:bb:3b:a9:08:46:e8:
95:ab:55:16:72:82:01:7b:65:7c:fd:a5:c6:e4:9e:d2:53:a8:
af:76:9e:b1:6c:e0:27:e1:62:38:3c:26:07:f0:37:f1:7d:20:
db:63:19:bc:d9:b1:67:0f:be:5d:95:4d:5e:e9:41:19:c0:63:
74:b9:53:8c:9a:c9:75:ab:65:1c:10:fe:53:6e:ae:c6:42:14:
68:c4:17:40:2f:ab:12:3b:93:ab:4b:14:63:f2:f3:ab:6b:75:
d1:0c:5a:60:76:42:89:62:68:52:6e:12:f2:26:5f:5a:2a:af:
04:4a:7e:5c:ed:ac:fb:19:d2:1b:b6:35:54:bc:2a:75:52:7c:
a1:a3:0b:6f:cc:29:de:48:d9:88:e6:df:04:4b:28:c7:1e:41:
54:90:31:e4:95:4a:0f:3b:9b:5a:a9:f4:14:d3:7c:e4:bc:63:
1f:35:6f:61
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC21JVfCo4wkAW+lxQJXsjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjYTFmYWJlOWYwYjNlOTc3ZjhlMDgyOWMwYmY1ZjA4Nzgz
ODQ2NjgwHhcNMjQwMTAxMDIzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTQ0NjNiZGQ4ZWMzZmUxNzgxZTFiOTQ5ZTVmOTIwNDViN2QyNDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwijvEdIHxSUMjo77oNOeZVdbM7Yf
slVUocl4jSl1QXEaGEXnp2RTkRJFbm4YJjI/0j54aEthpT+JGLr68XQC8UFTz+8h
ruKFoDhHbzVsPzXvYtnAxTj4hFYWoamqIeiugiDStH6fzAr7c4erYCqiG1IfDQTz
WCda/nJwQXLmYWMZnSqYidkWRYpBjaO4j/Vpny+n6H0sXLncYJR6kxTaJruXfB3c
2czlhQyZ+gTGmCjCmZC9PpN6TvUuxan2Vgr2zyVohSsTtOuqpOX3oVkFmNRR+muA
HMV4q+Hbtos/BusaI5XpFYJOAYrt9MGAejyLR+ZbNYJAgZVgmQHGZ54stQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOVEY73Y7D/heB4blJ5fkgRbfSQLMB8GA1UdIwQY
MBaAFDyh+r6fCz6Xf44IKcC/Xwh4OEZoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEtINnZwOExQcGRfamdncHdMOWZDSGc0Um1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9mN2ZlOWItNjlhZS00MjA2LThkNjYt
ZjY2MGE1N2UyZGQ1LzEvNVVSanZkanNQLUY0SGh1VW5sLVNCRnQ5SkFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9mN2ZlOWItNjlhZS00MjA2LThkNjYtZjY2MGE1N2UyZGQ1
LzEvUEtINnZwOExQcGRfamdncHdMOWZDSGc0Um1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+tAAwQC
uQvUMA0GCSqGSIb3DQEBCwUAA4IBAQCcszS4dhzcBMLdLpHIgybGOEFKb/n/3bn1
lQHQdJVBGTrfasB5QlDinusqhwdkR4IhDmyCpoAKEAD9wWgiIrj/rX6Xp/kXSxNY
glJ6389TYsrCx6W7O6kIRuiVq1UWcoIBe2V8/aXG5J7SU6ivdp6xbOAn4WI4PCYH
8DfxfSDbYxm82bFnD75dlU1e6UEZwGN0uVOMmsl1q2UcEP5Tbq7GQhRoxBdAL6sS
O5OrSxRj8vOra3XRDFpgdkKJYmhSbhLyJl9aKq8ESn5c7az7GdIbtjVUvCp1Unyh
owtvzCneSNmI5t8ESyjHHkFUkDHklUoPO5taqfQU03zkvGMfNW9h
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:03:11 2024 by rpki-client on console-fra.rpki-client.org