Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/ealKkR7Mw-vJ80aLSqdld1ovt1s.roa
File: ealKkR7Mw-vJ80aLSqdld1ovt1s.roa (raw, json)
Hash identifier: fwo91UOcnTx7QOiWDgoihI0Ic9cpx0z8Mwy+0tYGHHo=
Subject key identifier: 79:A9:4A:91:1E:CC:C3:EB:C9:F3:46:8B:4A:A7:65:77:5A:2F:B7:5B
Certificate issuer: /CN=570a181aa090cb970605a25a7a57d653547f2324
Certificate serial: 018CC9BBF9D7E3262FEC2E0B8C221B54106E
Authority key identifier: 57:0A:18:1A:A0:90:CB:97:06:05:A2:5A:7A:57:D6:53:54:7F:23:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VwoYGqCQy5cGBaJaelfWU1R_IyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/ealKkR7Mw-vJ80aLSqdld1ovt1s.roa
Signing time: Tue 02 Jan 2024 10:33:08 +0000
ROA not before: Tue 02 Jan 2024 10:33:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42976
IP address blocks: 91.220.9.0/24 maxlen: 24
91.194.4.0/23 maxlen: 23
194.165.42.0/24 maxlen: 24
91.216.31.0/24 maxlen: 24
194.5.56.0/22 maxlen: 22
193.104.44.0/24 maxlen: 24
2a0c:c340::/29 maxlen: 29
2a0c:c340::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/VwoYGqCQy5cGBaJaelfWU1R_IyQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/VwoYGqCQy5cGBaJaelfWU1R_IyQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/VwoYGqCQy5cGBaJaelfWU1R_IyQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 13:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:f9:d7:e3:26:2f:ec:2e:0b:8c:22:1b:54:10:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=570a181aa090cb970605a25a7a57d653547f2324
Validity
Not Before: Jan 2 10:33:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79a94a911eccc3ebc9f3468b4aa765775a2fb75b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:93:78:be:38:e6:ea:4b:6d:26:c8:27:a8:96:
17:c7:c3:86:46:8c:2b:34:2e:87:9b:12:b2:58:bf:
08:2d:04:3d:33:4d:4f:68:aa:bc:df:58:37:7a:90:
48:19:c1:33:2a:f0:1d:26:3c:ae:fa:2b:01:0a:03:
91:a2:31:52:78:cc:b1:97:f2:77:eb:5c:9e:b8:57:
bb:60:2a:36:ca:b0:5a:b7:69:80:b9:8c:54:09:7a:
9e:f4:ba:98:b2:df:b7:1b:20:95:e7:2e:d7:f9:7c:
7f:c8:d3:5d:3e:e5:f5:37:79:6a:e1:71:7e:fc:a0:
b8:9a:06:9f:2e:40:43:f3:cb:ec:25:67:18:35:d8:
24:e8:57:99:ce:61:a0:c0:48:c4:ee:0c:d9:8b:3b:
de:11:d9:94:02:60:f1:35:7c:bd:c2:da:ca:f4:96:
cd:5b:df:4d:57:58:87:90:af:d7:ef:29:e1:ae:7a:
1e:39:38:63:53:15:e5:31:10:e8:a4:23:8a:ae:95:
10:18:c7:5a:b7:a8:3a:5f:41:d9:34:82:5c:61:2b:
98:68:69:d3:f1:21:69:d5:00:3a:d3:58:6a:11:75:
32:0c:89:3a:84:ba:58:5b:0e:43:66:ed:f2:31:7e:
fe:50:36:13:0d:36:72:18:87:be:ad:40:fc:cd:6b:
7f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:A9:4A:91:1E:CC:C3:EB:C9:F3:46:8B:4A:A7:65:77:5A:2F:B7:5B
X509v3 Authority Key Identifier:
keyid:57:0A:18:1A:A0:90:CB:97:06:05:A2:5A:7A:57:D6:53:54:7F:23:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VwoYGqCQy5cGBaJaelfWU1R_IyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/ealKkR7Mw-vJ80aLSqdld1ovt1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/VwoYGqCQy5cGBaJaelfWU1R_IyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.4.0/23
91.216.31.0/24
91.220.9.0/24
193.104.44.0/24
194.5.56.0/22
194.165.42.0/24
IPv6:
2a0c:c340::/29
Signature Algorithm: sha256WithRSAEncryption
32:33:08:d2:56:46:25:67:52:11:79:34:1f:79:a9:b4:33:d7:
7e:20:34:2b:4a:7b:8b:f8:71:1d:f0:2c:55:bd:d4:8d:1e:e0:
28:15:c0:68:0a:56:66:51:de:d0:6a:2c:44:2d:7f:83:56:95:
55:ff:48:b6:f1:f5:3a:8a:b2:e7:e0:98:8f:24:2c:3b:63:9e:
2f:fe:de:ea:fc:e1:35:28:44:dc:85:89:26:83:6e:37:65:57:
14:e5:09:ba:6a:ef:c5:59:80:30:2c:0c:f7:12:c6:05:e7:26:
30:c2:ba:73:bf:4d:32:d9:cc:2c:b5:91:60:61:25:34:4f:27:
26:db:75:79:bc:15:af:71:82:31:b3:2f:e2:fa:5c:91:39:5b:
98:34:bb:7f:4b:c0:e5:de:e6:75:a9:e2:b9:f2:d0:fe:ae:93:
00:a7:45:a1:c6:fb:33:a4:ea:5f:d1:16:22:b1:8f:cd:90:6e:
2b:55:79:8b:b6:55:8a:99:d9:47:b3:10:9b:3d:13:3f:cf:5f:
18:e9:30:eb:b5:2c:29:b9:8d:85:55:e1:dc:8d:9a:80:9e:82:
91:1d:b5:26:c9:c0:80:b5:53:7f:e7:96:4a:00:55:c0:8c:ac:
d4:93:14:3d:a8:d5:67:ec:1a:a6:30:52:da:d6:8b:d7:54:d7:
b6:20:8c:56
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzJu/nX4yYv7C4LjCIbVBBuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MGExODFhYTA5MGNiOTcwNjA1YTI1YTdhNTdkNjUzNTQ3
ZjIzMjQwHhcNMjQwMTAyMTAzMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWE5NGE5MTFlY2NjM2ViYzlmMzQ2OGI0YWE3NjU3NzVhMmZiNzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZN4vjjm6kttJsgnqJYXx8OGRowr
NC6HmxKyWL8ILQQ9M01PaKq831g3epBIGcEzKvAdJjyu+isBCgORojFSeMyxl/J3
61yeuFe7YCo2yrBat2mAuYxUCXqe9LqYst+3GyCV5y7X+Xx/yNNdPuX1N3lq4XF+
/KC4mgafLkBD88vsJWcYNdgk6FeZzmGgwEjE7gzZizveEdmUAmDxNXy9wtrK9JbN
W99NV1iHkK/X7ynhrnoeOThjUxXlMRDopCOKrpUQGMdat6g6X0HZNIJcYSuYaGnT
8SFp1QA601hqEXUyDIk6hLpYWw5DZu3yMX7+UDYTDTZyGIe+rUD8zWt/+QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFHmpSpEezMPryfNGi0qnZXdaL7dbMB8GA1UdIwQY
MBaAFFcKGBqgkMuXBgWiWnpX1lNUfyMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVndvWUdxQ1F5NWNHQmFKYWVsZldVMVJfSXlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8wYzhiMGYtNTM4NC00NTgwLTg5YzIt
YTYzNzY1MGM3NGFlLzEvZWFsS2tSN013LXZKODBhTFNxZGxkMW92dDFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8wYzhiMGYtNTM4NC00NTgwLTg5YzItYTYzNzY1MGM3NGFl
LzEvVndvWUdxQ1F5NWNHQmFKYWVsZldVMVJfSXlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQBW8IEAwQA
W9gfAwQAW9wJAwQAwWgsAwQCwgU4AwQAwqUqMA0EAgACMAcDBQMqDMNAMA0GCSqG
SIb3DQEBCwUAA4IBAQAyMwjSVkYlZ1IReTQfeam0M9d+IDQrSnuL+HEd8CxVvdSN
HuAoFcBoClZmUd7QaixELX+DVpVV/0i28fU6irLn4JiPJCw7Y54v/t7q/OE1KETc
hYkmg243ZVcU5Qm6au/FWYAwLAz3EsYF5yYwwrpzv00y2cwstZFgYSU0Tycm23V5
vBWvcYIxsy/i+lyROVuYNLt/S8Dl3uZ1qeK58tD+rpMAp0WhxvszpOpf0RYisY/N
kG4rVXmLtlWKmdlHsxCbPRM/z18Y6TDrtSwpuY2FVeHcjZqAnoKRHbUmycCAtVN/
55ZKAFXAjKzUkxQ9qNVn7BqmMFLa1ovXVNe2IIxW
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:44:30 2024 by rpki-client on console-ams.rpki-client.org