Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/x5ayqJqWTL5Wto6xLHgxlJnEeK0.roa
File: x5ayqJqWTL5Wto6xLHgxlJnEeK0.roa (raw, json)
Hash identifier: GH/WME/nVZ647nJCQsDXvnEMrcM371etXOIP41W2y4w=
Subject key identifier: C7:96:B2:A8:9A:96:4C:BE:56:B6:8E:B1:2C:78:31:94:99:C4:78:AD
Certificate issuer: /CN=acf910f36291c3c224ddb596d956543197f163de
Certificate serial: 018CC72721FB968102AAA681CF448BED5E67
Authority key identifier: AC:F9:10:F3:62:91:C3:C2:24:DD:B5:96:D9:56:54:31:97:F1:63:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPkQ82KRw8Ik3bWW2VZUMZfxY94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/x5ayqJqWTL5Wto6xLHgxlJnEeK0.roa
Signing time: Mon 01 Jan 2024 22:31:19 +0000
ROA not before: Mon 01 Jan 2024 22:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19551
IP address blocks: 91.109.251.0/24 maxlen: 24
91.109.250.0/24 maxlen: 24
91.109.249.0/24 maxlen: 24
91.109.248.0/24 maxlen: 24
91.109.253.0/24 maxlen: 24
91.109.252.0/24 maxlen: 24
91.109.254.0/24 maxlen: 24
217.147.125.0/24 maxlen: 24
217.147.124.0/24 maxlen: 24
217.147.124.0/22 maxlen: 22
217.147.127.0/24 maxlen: 24
217.147.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/rPkQ82KRw8Ik3bWW2VZUMZfxY94.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/rPkQ82KRw8Ik3bWW2VZUMZfxY94.mft
rsync://rpki.ripe.net/repository/DEFAULT/rPkQ82KRw8Ik3bWW2VZUMZfxY94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:21:fb:96:81:02:aa:a6:81:cf:44:8b:ed:5e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acf910f36291c3c224ddb596d956543197f163de
Validity
Not Before: Jan 1 22:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c796b2a89a964cbe56b68eb12c78319499c478ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e8:9e:33:fb:a0:e1:90:fa:a8:70:d0:67:44:
80:d4:82:d3:71:1c:82:03:29:a8:a2:fc:0a:a7:e9:
81:9a:5a:43:b9:26:ba:3b:13:06:88:12:43:b5:96:
31:f5:7d:f0:e4:9f:79:40:3c:ca:99:0e:47:c1:34:
58:e2:6c:ae:79:c3:2d:55:1e:ce:f6:0b:93:ac:ad:
83:ec:16:ee:fd:6c:06:c2:85:42:e3:5a:1c:6d:f0:
49:f4:8f:e8:25:2f:11:2c:72:a9:66:fe:a4:0e:4e:
b6:75:99:72:0d:8d:dc:6c:76:23:ce:07:36:6b:e3:
a7:df:5d:77:f8:3e:ec:fb:96:7b:b0:74:c3:fb:3e:
ca:74:fd:2b:04:d5:b7:b4:ea:63:1d:42:71:68:db:
fd:ca:aa:17:33:ad:42:39:49:3d:a2:e9:5e:46:2e:
21:81:5a:03:f4:ba:34:6a:a6:60:5c:2e:99:cb:53:
a8:d8:f7:55:c4:cb:de:2a:38:b8:ea:5a:3a:2f:ed:
20:82:3d:16:20:22:b8:4f:0e:f9:89:ab:86:93:55:
db:df:79:5f:c6:d1:94:99:72:bf:60:21:cf:d6:e7:
f0:17:42:31:46:5c:66:ff:e3:5b:3a:fd:0b:51:22:
4f:67:80:8a:52:19:12:5a:f7:06:1e:53:1d:2d:b6:
f2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:96:B2:A8:9A:96:4C:BE:56:B6:8E:B1:2C:78:31:94:99:C4:78:AD
X509v3 Authority Key Identifier:
keyid:AC:F9:10:F3:62:91:C3:C2:24:DD:B5:96:D9:56:54:31:97:F1:63:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPkQ82KRw8Ik3bWW2VZUMZfxY94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/x5ayqJqWTL5Wto6xLHgxlJnEeK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/rPkQ82KRw8Ik3bWW2VZUMZfxY94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.109.248.0-91.109.254.255
217.147.124.0/22
Signature Algorithm: sha256WithRSAEncryption
01:f0:0d:10:35:53:e3:f5:9e:15:e5:f4:eb:b8:31:48:2b:78:
51:3a:0f:3d:3e:66:4b:14:44:c1:a7:fe:61:43:ce:fb:9e:85:
18:6b:ae:2a:10:b9:06:b8:96:61:d0:76:5f:5a:b3:8f:c1:5e:
d2:64:95:43:4d:6d:5f:d7:fe:24:5d:ff:0b:d1:4c:d5:2f:01:
70:47:05:84:04:b5:3d:ac:22:53:17:d5:5d:af:df:95:33:41:
16:a3:04:5d:71:c1:e9:18:32:05:ad:c4:cd:a4:1c:16:26:31:
ee:4f:bb:49:21:df:a3:c7:41:bf:06:d6:e5:ae:91:c2:81:9d:
4d:bf:59:58:d2:37:ab:e4:1b:6e:65:c1:9e:3e:d3:b2:01:bf:
7c:87:ea:75:f4:ab:1d:cb:e2:b8:d2:7d:67:17:5c:d2:02:ab:
fe:97:b7:49:79:fe:2c:8e:08:b7:ce:a5:5d:c1:37:ee:56:00:
97:21:e3:54:99:00:ee:17:67:67:7d:fc:b4:34:2b:1b:4a:56:
fa:80:c1:a5:33:f6:b0:da:d3:d7:38:c4:4a:ba:d3:b3:ac:ef:
aa:2b:af:f0:42:b2:0d:25:9c:b5:49:30:15:88:b7:b2:4f:1a:
f5:34:41:2d:70:0c:4e:eb:72:49:f7:d9:73:cd:61:c2:4d:f1:
1a:68:e3:b7
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzHJyH7loECqqaBz0SL7V5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZjkxMGYzNjI5MWMzYzIyNGRkYjU5NmQ5NTY1NDMxOTdm
MTYzZGUwHhcNMjQwMTAxMjIzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzk2YjJhODlhOTY0Y2JlNTZiNjhlYjEyYzc4MzE5NDk5YzQ3OGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveieM/ug4ZD6qHDQZ0SA1ILTcRyC
AymoovwKp+mBmlpDuSa6OxMGiBJDtZYx9X3w5J95QDzKmQ5HwTRY4myuecMtVR7O
9guTrK2D7Bbu/WwGwoVC41ocbfBJ9I/oJS8RLHKpZv6kDk62dZlyDY3cbHYjzgc2
a+On3113+D7s+5Z7sHTD+z7KdP0rBNW3tOpjHUJxaNv9yqoXM61COUk9ouleRi4h
gVoD9Lo0aqZgXC6Zy1Oo2PdVxMveKji46lo6L+0ggj0WICK4Tw75iauGk1Xb33lf
xtGUmXK/YCHP1ufwF0IxRlxm/+NbOv0LUSJPZ4CKUhkSWvcGHlMdLbbyJwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMeWsqialky+VraOsSx4MZSZxHitMB8GA1UdIwQY
MBaAFKz5EPNikcPCJN21ltlWVDGX8WPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclBrUTgyS1J3OElrM2JXVzJWWlVNWmZ4WTk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xZjVlMDctMzJiNi00MTE0LThiMGQt
ZDNiNThmNjk4MTQ4LzEveDVheXFKcVdUTDVXdG82eExIZ3hsSm5FZUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xZjVlMDctMzJiNi00MTE0LThiMGQtZDNiNThmNjk4MTQ4
LzEvclBrUTgyS1J3OElrM2JXVzJWWlVNWmZ4WTk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBANbbfgD
BABbbf4DBALZk3wwDQYJKoZIhvcNAQELBQADggEBAAHwDRA1U+P1nhXl9Ou4MUgr
eFE6Dz0+ZksURMGn/mFDzvuehRhrrioQuQa4lmHQdl9as4/BXtJklUNNbV/X/iRd
/wvRTNUvAXBHBYQEtT2sIlMX1V2v35UzQRajBF1xwekYMgWtxM2kHBYmMe5Pu0kh
36PHQb8G1uWukcKBnU2/WVjSN6vkG25lwZ4+07IBv3yH6nX0qx3L4rjSfWcXXNIC
q/6Xt0l5/iyOCLfOpV3BN+5WAJch41SZAO4XZ2d9/LQ0KxtKVvqAwaUz9rDa09c4
xEq607Os76orr/BCsg0lnLVJMBWIt7JPGvU0QS1wDE7rckn32XPNYcJN8Rpo47c=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:05:41 2024 by rpki-client on console-fra.rpki-client.org