Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/11cbb5-3e2e-44d6-9d1b-aae1a0bda02c/1/y9Sjgrnh9zk-qIbMaEbu3p2dUz8.roa
File: y9Sjgrnh9zk-qIbMaEbu3p2dUz8.roa (raw, json)
Hash identifier: o3Q7B9iSjM293Le2gJInHG6ZtzlzxrX+WGfMOPOTgQk=
Subject key identifier: CB:D4:A3:82:B9:E1:F7:39:3E:A8:86:CC:68:46:EE:DE:9D:9D:53:3F
Certificate issuer: /CN=837a739fd50864ccc246843ed6801959ba1ba6a5
Certificate serial: 018DDA4D7E85D21115394A29D72AE437B1B5
Authority key identifier: 83:7A:73:9F:D5:08:64:CC:C2:46:84:3E:D6:80:19:59:BA:1B:A6:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g3pzn9UIZMzCRoQ-1oAZWbobpqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/11cbb5-3e2e-44d6-9d1b-aae1a0bda02c/1/y9Sjgrnh9zk-qIbMaEbu3p2dUz8.roa
Signing time: Sat 24 Feb 2024 08:48:48 +0000
ROA not before: Sat 24 Feb 2024 08:48:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44318
IP address blocks: 46.173.96.0/19 maxlen: 24
91.201.144.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/11cbb5-3e2e-44d6-9d1b-aae1a0bda02c/1/g3pzn9UIZMzCRoQ-1oAZWbobpqU.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/11cbb5-3e2e-44d6-9d1b-aae1a0bda02c/1/g3pzn9UIZMzCRoQ-1oAZWbobpqU.mft
rsync://rpki.ripe.net/repository/DEFAULT/g3pzn9UIZMzCRoQ-1oAZWbobpqU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:da:4d:7e:85:d2:11:15:39:4a:29:d7:2a:e4:37:b1:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=837a739fd50864ccc246843ed6801959ba1ba6a5
Validity
Not Before: Feb 24 08:48:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbd4a382b9e1f7393ea886cc6846eede9d9d533f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8f:de:ee:21:a1:fd:04:f5:f0:32:26:9b:5a:
9c:43:a6:fc:9a:72:91:10:9e:fd:db:c9:af:31:72:
ff:5d:ff:28:e8:3a:ad:3d:88:e8:e9:8f:77:7a:dd:
38:58:75:6f:d9:e8:4c:18:ad:1f:e8:ea:6b:09:9f:
aa:19:5f:43:7e:4f:67:64:5d:93:a1:6b:72:82:9e:
ac:4b:79:51:46:2c:50:d9:90:a8:bb:29:d0:4d:ee:
c2:b7:59:fb:ef:b1:4a:d6:22:68:1b:86:ee:b5:9b:
c0:83:cd:7c:07:b9:df:27:79:e9:65:44:3d:84:aa:
6e:8b:fb:08:06:40:a1:c2:ba:d0:37:86:d7:46:8f:
04:e6:a6:33:4e:28:f9:75:d9:ec:4c:98:f6:02:63:
8e:02:e7:43:eb:19:a6:f7:00:2a:57:a2:0b:ef:16:
72:98:a7:e7:0f:c5:05:91:0c:b5:fc:8a:01:9b:01:
e4:2d:da:00:e7:ab:43:a1:e3:74:5a:05:5a:a8:26:
c9:f7:a4:2c:e3:11:fa:05:e1:7d:80:a2:a3:17:c8:
91:c0:4d:24:0b:54:51:a6:ab:a3:69:5c:15:5b:14:
b3:57:99:b7:21:37:e1:81:a3:80:af:06:d6:34:d2:
d5:16:16:82:0d:88:36:d1:f5:36:df:57:e8:f4:52:
de:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:D4:A3:82:B9:E1:F7:39:3E:A8:86:CC:68:46:EE:DE:9D:9D:53:3F
X509v3 Authority Key Identifier:
keyid:83:7A:73:9F:D5:08:64:CC:C2:46:84:3E:D6:80:19:59:BA:1B:A6:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g3pzn9UIZMzCRoQ-1oAZWbobpqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/11cbb5-3e2e-44d6-9d1b-aae1a0bda02c/1/y9Sjgrnh9zk-qIbMaEbu3p2dUz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/11cbb5-3e2e-44d6-9d1b-aae1a0bda02c/1/g3pzn9UIZMzCRoQ-1oAZWbobpqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.173.96.0/19
91.201.144.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:69:89:7b:d1:81:76:4c:e1:2a:d8:1b:e2:cc:c4:f0:8c:cf:
d5:ac:a7:96:15:f9:2c:2e:05:5c:89:45:b0:98:3a:83:a5:0e:
73:40:69:be:76:e5:d2:72:48:cf:dd:7d:c8:7c:ab:1f:7d:ca:
38:6a:e2:35:cd:e9:93:e0:57:8f:59:d3:4f:80:4b:41:e6:d6:
3e:d3:52:90:b5:f9:c3:3f:04:51:6e:3f:a1:6e:3d:20:26:96:
e2:9a:1b:48:1f:ce:3b:80:de:9b:20:4f:0d:c3:2d:99:9f:21:
70:6a:3f:d6:3e:5b:43:14:d2:de:f9:ed:c0:57:f3:6c:09:d0:
f3:fe:e8:ee:42:5a:9b:33:0b:21:3b:a6:86:49:eb:82:19:9b:
e5:ed:96:7a:51:6f:ef:fe:9c:73:3a:e6:16:d4:be:a0:70:7b:
20:b7:da:06:9f:a2:7f:13:48:3b:e4:dc:1b:86:aa:b3:cf:19:
0b:bf:20:34:68:8a:a1:0f:cd:a3:1a:6c:d8:e5:35:1c:da:5c:
5f:d1:fb:cc:b3:e9:fb:b5:78:1e:a2:2c:65:b7:79:8a:21:39:
2d:5d:25:64:b4:70:70:bb:5c:08:7d:23:bd:52:89:e5:0c:0e:
1c:79:52:c0:9c:19:5e:07:de:6e:ba:fb:a9:0a:91:e3:a5:8f:
c1:92:55:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3aTX6F0hEVOUop1yrkN7G1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzN2E3MzlmZDUwODY0Y2NjMjQ2ODQzZWQ2ODAxOTU5YmEx
YmE2YTUwHhcNMjQwMjI0MDg0ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmQ0YTM4MmI5ZTFmNzM5M2VhODg2Y2M2ODQ2ZWVkZTlkOWQ1MzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiY/e7iGh/QT18DImm1qcQ6b8mnKR
EJ7928mvMXL/Xf8o6DqtPYjo6Y93et04WHVv2ehMGK0f6OprCZ+qGV9Dfk9nZF2T
oWtygp6sS3lRRixQ2ZCouynQTe7Ct1n777FK1iJoG4butZvAg818B7nfJ3npZUQ9
hKpui/sIBkChwrrQN4bXRo8E5qYzTij5ddnsTJj2AmOOAudD6xmm9wAqV6IL7xZy
mKfnD8UFkQy1/IoBmwHkLdoA56tDoeN0WgVaqCbJ96Qs4xH6BeF9gKKjF8iRwE0k
C1RRpqujaVwVWxSzV5m3ITfhgaOArwbWNNLVFhaCDYg20fU231fo9FLeDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMvUo4K54fc5PqiGzGhG7t6dnVM/MB8GA1UdIwQY
MBaAFIN6c5/VCGTMwkaEPtaAGVm6G6alMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzNwem45VUlaTXpDUm9RLTFvQVpXYm9icHFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xMWNiYjUtM2UyZS00NGQ2LTlkMWIt
YWFlMWEwYmRhMDJjLzEveTlTamdybmg5emstcUliTWFFYnUzcDJkVXo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xMWNiYjUtM2UyZS00NGQ2LTlkMWItYWFlMWEwYmRhMDJj
LzEvZzNwem45VUlaTXpDUm9RLTFvQVpXYm9icHFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFLq1gAwQC
W8mQMA0GCSqGSIb3DQEBCwUAA4IBAQAMaYl70YF2TOEq2BvizMTwjM/VrKeWFfks
LgVciUWwmDqDpQ5zQGm+duXSckjP3X3IfKsffco4auI1zemT4FePWdNPgEtB5tY+
01KQtfnDPwRRbj+hbj0gJpbimhtIH847gN6bIE8Nwy2ZnyFwaj/WPltDFNLe+e3A
V/NsCdDz/ujuQlqbMwshO6aGSeuCGZvl7ZZ6UW/v/pxzOuYW1L6gcHsgt9oGn6J/
E0g75NwbhqqzzxkLvyA0aIqhD82jGmzY5TUc2lxf0fvMs+n7tXgeoixlt3mKITkt
XSVktHBwu1wIfSO9UonlDA4ceVLAnBleB95uuvupCpHjpY/BklWz
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:33:56 2024 by rpki-client on console-ams.rpki-client.org