Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/X_Jv6H-ddIjSeniarnbvIw2P0Kg.roa
File: X_Jv6H-ddIjSeniarnbvIw2P0Kg.roa (raw, json)
Hash identifier: ojuMsitym1eY+df58vyQwxUcQzvDRCtkLXpc6j3X3LM=
Subject key identifier: 5F:F2:6F:E8:7F:9D:74:88:D2:7A:78:9A:AE:76:EF:23:0D:8F:D0:A8
Certificate issuer: /CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Certificate serial: 018CC3493ED0AE39CE355A0C3F22C847298C
Authority key identifier: A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/X_Jv6H-ddIjSeniarnbvIw2P0Kg.roa
Signing time: Mon 01 Jan 2024 04:30:06 +0000
ROA not before: Mon 01 Jan 2024 04:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 149.238.32.0/19 maxlen: 24
149.238.160.0/19 maxlen: 24
149.238.64.0/19 maxlen: 24
193.33.52.0/23 maxlen: 24
192.112.208.0/24 maxlen: 24
192.77.114.0/23 maxlen: 24
149.238.192.0/19 maxlen: 24
149.238.96.0/19 maxlen: 24
149.238.0.0/19 maxlen: 24
149.238.224.0/19 maxlen: 24
149.238.128.0/19 maxlen: 24
2a13:cb40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:3e:d0:ae:39:ce:35:5a:0c:3f:22:c8:47:29:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Validity
Not Before: Jan 1 04:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ff26fe87f9d7488d27a789aae76ef230d8fd0a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:87:71:46:fd:d5:30:fc:64:8f:10:61:98:da:
5f:f2:af:3e:8f:00:42:58:7e:4f:26:01:7d:12:c6:
6b:ce:02:28:26:b1:93:8a:a9:ed:1f:04:94:2c:37:
5f:7f:76:05:7e:c4:8b:9d:62:c0:ea:0f:12:5b:7c:
53:26:53:94:4b:e4:9e:32:f5:4a:49:b7:8a:94:1c:
72:4b:94:02:9b:c3:1f:86:94:fd:21:54:b4:02:59:
18:ad:58:99:1c:2f:15:7a:78:f6:3f:b1:48:34:7e:
00:fa:be:6b:02:c5:77:56:88:b5:e5:17:9e:c6:6a:
8d:fd:8c:0b:4f:3d:68:d6:4b:f2:45:90:60:4d:fe:
29:0b:b1:6d:5c:1a:c9:5d:4c:58:f8:00:cc:2d:5a:
2a:63:b7:d1:5a:52:cf:93:c2:92:61:1b:4c:35:cc:
66:73:1f:51:a9:8d:f7:a1:fd:46:1a:fe:2b:68:cf:
16:c2:33:ad:ef:1d:0d:e0:19:81:23:87:25:ba:7c:
f7:ec:80:82:aa:f9:1d:5d:b2:50:1a:6c:3b:6c:19:
82:97:7e:e4:54:65:e0:5f:5e:51:b7:11:d1:27:ea:
16:a4:d5:5c:87:7c:ef:1e:03:58:c1:40:11:aa:3b:
6a:54:b4:e4:13:d7:b6:af:fd:8b:74:dc:d4:92:18:
2e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F2:6F:E8:7F:9D:74:88:D2:7A:78:9A:AE:76:EF:23:0D:8F:D0:A8
X509v3 Authority Key Identifier:
keyid:A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/X_Jv6H-ddIjSeniarnbvIw2P0Kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.238.0.0/16
192.77.114.0/23
192.112.208.0/24
193.33.52.0/23
IPv6:
2a13:cb40::/29
Signature Algorithm: sha256WithRSAEncryption
1a:58:fe:bf:69:28:30:ea:cd:1e:ca:9f:fc:1a:6a:c2:eb:2f:
5c:a1:1c:ad:e3:05:69:85:3b:40:19:3a:9d:88:c7:52:63:aa:
d1:11:74:c8:e1:6c:90:ae:23:62:6c:fd:50:96:17:1f:8e:0b:
b8:7e:c4:75:7e:4c:30:3e:5f:87:ee:3c:23:cb:84:4b:d0:1f:
d4:d5:45:ac:04:da:ad:cb:e7:6f:81:46:77:12:90:a4:ce:42:
68:0f:64:5f:c5:ae:2c:c5:6e:0b:2e:35:96:0d:87:dd:e9:6d:
17:17:dd:80:6d:49:3b:df:74:c7:fb:8c:5b:b7:09:ac:13:80:
0f:da:e0:6c:3c:04:57:f6:9a:c0:86:81:e9:02:6d:f2:c3:f8:
55:d1:9d:41:57:b6:85:e9:dd:e9:17:d9:5d:14:c0:62:2f:6c:
a1:05:e2:70:b1:00:94:4e:da:8a:f7:af:26:d6:46:77:d6:07:
d2:c7:94:df:f4:95:2e:5d:8d:dd:ef:b6:e7:f2:53:55:e2:a9:
60:8c:28:88:b3:59:17:32:4c:64:3e:4f:28:00:81:ce:8d:22:
ec:92:6a:61:c8:d0:42:f3:f6:d8:0e:dc:fd:82:f4:40:aa:4b:
64:eb:25:6e:9c:a4:06:d0:f3:07:d5:54:65:7e:95:54:00:f8:
c8:82:cb:88
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzDST7QrjnONVoMPyLIRymMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MzI3YzU2ZTk0MTE3MWVhM2JlYmEyNmViYjllMjNmNGRm
NWJjZjMwHhcNMjQwMTAxMDQzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmYyNmZlODdmOWQ3NDg4ZDI3YTc4OWFhZTc2ZWYyMzBkOGZkMGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIdxRv3VMPxkjxBhmNpf8q8+jwBC
WH5PJgF9EsZrzgIoJrGTiqntHwSULDdff3YFfsSLnWLA6g8SW3xTJlOUS+SeMvVK
SbeKlBxyS5QCm8MfhpT9IVS0AlkYrViZHC8Venj2P7FINH4A+r5rAsV3Voi15Ree
xmqN/YwLTz1o1kvyRZBgTf4pC7FtXBrJXUxY+ADMLVoqY7fRWlLPk8KSYRtMNcxm
cx9RqY33of1GGv4raM8WwjOt7x0N4BmBI4clunz37ICCqvkdXbJQGmw7bBmCl37k
VGXgX15RtxHRJ+oWpNVch3zvHgNYwUARqjtqVLTkE9e2r/2LdNzUkhguxwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFF/yb+h/nXSI0np4mq527yMNj9CoMB8GA1UdIwQY
MBaAFKQyfFbpQRceo766Juu54j9N9bzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWIt
MjhjMzQzY2U5ZDVkLzEvWF9KdjZILWRkSWpTZW5pYXJuYnZJdzJQMEtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWItMjhjMzQzY2U5ZDVk
LzEvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMAle4DBAHA
TXIDBADAcNADBAHBITQwDQQCAAIwBwMFAyoTy0AwDQYJKoZIhvcNAQELBQADggEB
ABpY/r9pKDDqzR7Kn/waasLrL1yhHK3jBWmFO0AZOp2Ix1JjqtERdMjhbJCuI2Js
/VCWFx+OC7h+xHV+TDA+X4fuPCPLhEvQH9TVRawE2q3L52+BRncSkKTOQmgPZF/F
rizFbgsuNZYNh93pbRcX3YBtSTvfdMf7jFu3CawTgA/a4Gw8BFf2msCGgekCbfLD
+FXRnUFXtoXp3ekX2V0UwGIvbKEF4nCxAJRO2or3rybWRnfWB9LHlN/0lS5djd3v
tufyU1XiqWCMKIizWRcyTGQ+TygAgc6NIuySamHI0ELz9tgO3P2C9ECqS2TrJW6c
pAbQ8wfVVGV+lVQA+MiCy4g=
-----END CERTIFICATE-----
Generated at Mon May 6 04:18:25 2024 by rpki-client on console-ams.rpki-client.org