Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/aVCsauyo4mlb1Kjj82AHm7Q9d_Q.roa
File: aVCsauyo4mlb1Kjj82AHm7Q9d_Q.roa (raw, json)
Hash identifier: namnQuN4iNkkBdjKAPi9Hw8ECpLbS7KfoxAEN6LDBSM=
Subject key identifier: 69:50:AC:6A:EC:A8:E2:69:5B:D4:A8:E3:F3:60:07:9B:B4:3D:77:F4
Certificate issuer: /CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Certificate serial: 018F77AD20BD77435EF9186EDA1EFD42DBAD
Authority key identifier: A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/aVCsauyo4mlb1Kjj82AHm7Q9d_Q.roa
Signing time: Tue 14 May 2024 15:16:25 +0000
ROA not before: Tue 14 May 2024 15:16:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 149.238.0.0/19 maxlen: 24
149.238.32.0/19 maxlen: 24
149.238.64.0/19 maxlen: 24
149.238.96.0/19 maxlen: 24
149.238.128.0/19 maxlen: 24
149.238.160.0/19 maxlen: 24
149.238.192.0/19 maxlen: 24
149.238.224.0/19 maxlen: 24
192.77.114.0/23 maxlen: 24
192.112.208.0/24 maxlen: 24
193.33.52.0/23 maxlen: 24
2a13:cb40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:77:ad:20:bd:77:43:5e:f9:18:6e:da:1e:fd:42:db:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Validity
Not Before: May 14 15:16:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6950ac6aeca8e2695bd4a8e3f360079bb43d77f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c9:2b:a5:9e:64:2d:a2:3d:e7:e6:08:62:bb:
04:0e:26:ad:04:ba:43:b3:a8:cd:25:af:22:ae:82:
b6:de:99:0e:63:5c:27:16:ce:3b:23:d0:a3:c5:fc:
7f:47:61:5c:be:91:a6:2b:a7:fe:c0:86:33:cc:5f:
6f:9b:05:cd:6e:35:5b:1f:27:38:a8:3d:29:2a:65:
5e:68:38:cc:89:aa:8b:52:73:85:9c:1a:92:1b:41:
a3:f0:9b:6c:10:db:7c:b0:d6:d5:f6:00:ac:36:e8:
d0:aa:16:d0:13:15:72:1d:63:7a:3e:50:e2:84:cb:
4c:88:ae:23:70:f5:55:59:86:68:ed:cf:aa:f5:4f:
a0:27:09:82:ce:d0:cd:66:8f:9b:6a:76:0f:ca:0e:
0e:4e:24:ae:d7:f8:0c:be:c0:09:9d:74:de:22:da:
1e:05:2c:0c:62:8a:2e:81:46:72:79:33:78:3e:a5:
5f:ef:80:c4:ed:0b:73:10:97:15:9d:5d:93:c1:ef:
71:e2:6b:f8:fa:23:26:cb:a6:d1:60:14:c5:5d:d8:
e5:ec:b9:eb:54:b1:a0:0e:8b:fd:6d:18:1e:f1:55:
36:76:15:ac:fc:30:f8:40:4b:6d:bb:c4:89:ec:63:
14:92:ec:79:2f:74:2f:68:82:26:b9:7f:cd:1f:d8:
f5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:50:AC:6A:EC:A8:E2:69:5B:D4:A8:E3:F3:60:07:9B:B4:3D:77:F4
X509v3 Authority Key Identifier:
keyid:A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/aVCsauyo4mlb1Kjj82AHm7Q9d_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.238.0.0/16
192.77.114.0/23
192.112.208.0/24
193.33.52.0/23
IPv6:
2a13:cb40::/29
Signature Algorithm: sha256WithRSAEncryption
38:de:46:37:db:f3:27:41:01:da:f9:4e:1e:cd:49:76:dd:7e:
f0:fe:7b:63:05:c4:24:ea:db:2f:0a:b9:45:89:b6:88:fe:a1:
e5:8f:02:20:03:a2:52:93:db:ae:80:ac:e6:4b:e1:c9:0c:c0:
53:cb:c5:68:10:eb:2b:27:3e:e0:78:ca:6a:82:27:b4:d0:3d:
69:1d:40:d8:22:45:de:77:d6:1c:d3:3a:4b:61:26:b0:20:74:
3b:01:58:e3:b1:e2:eb:37:2e:20:4d:79:f0:e4:8d:01:09:78:
b2:4f:2a:10:7f:4f:dd:82:c4:00:ff:9a:c6:5b:01:66:bb:9a:
60:da:e6:ab:ba:95:aa:c9:95:c6:18:47:db:bd:c8:96:b9:73:
12:1e:f7:fa:a5:bf:9d:fd:27:32:58:df:38:2b:b8:b8:17:ba:
bc:f3:ec:45:57:2e:02:64:ff:1e:b1:0f:40:ca:a4:4e:91:8d:
a8:a2:1b:25:94:5e:e1:fe:f0:d4:82:8d:2f:aa:ab:f8:f9:a4:
bb:fe:71:b6:6d:77:b9:e1:7e:d4:33:b7:9f:52:ef:8e:ed:05:
e3:cd:51:ad:6d:d7:86:eb:e3:50:1b:71:66:1b:a9:25:c3:39:
b5:e1:2d:f8:93:b0:94:6f:0f:b6:0f:e9:5c:1a:26:df:67:e6:
65:4f:ef:e4
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY93rSC9d0Ne+Rhu2h79QtutMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MzI3YzU2ZTk0MTE3MWVhM2JlYmEyNmViYjllMjNmNGRm
NWJjZjMwHhcNMjQwNTE0MTUxNjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTUwYWM2YWVjYThlMjY5NWJkNGE4ZTNmMzYwMDc5YmI0M2Q3N2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwskrpZ5kLaI95+YIYrsEDiatBLpD
s6jNJa8iroK23pkOY1wnFs47I9Cjxfx/R2FcvpGmK6f+wIYzzF9vmwXNbjVbHyc4
qD0pKmVeaDjMiaqLUnOFnBqSG0Gj8JtsENt8sNbV9gCsNujQqhbQExVyHWN6PlDi
hMtMiK4jcPVVWYZo7c+q9U+gJwmCztDNZo+banYPyg4OTiSu1/gMvsAJnXTeItoe
BSwMYoougUZyeTN4PqVf74DE7QtzEJcVnV2Twe9x4mv4+iMmy6bRYBTFXdjl7Lnr
VLGgDov9bRge8VU2dhWs/DD4QEttu8SJ7GMUkux5L3QvaIImuX/NH9j1IwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGlQrGrsqOJpW9So4/NgB5u0PXf0MB8GA1UdIwQY
MBaAFKQyfFbpQRceo766Juu54j9N9bzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWIt
MjhjMzQzY2U5ZDVkLzEvYVZDc2F1eW80bWxiMUtqajgyQUhtN1E5ZF9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWItMjhjMzQzY2U5ZDVk
LzEvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMAle4DBAHA
TXIDBADAcNADBAHBITQwDQQCAAIwBwMFAyoTy0AwDQYJKoZIhvcNAQELBQADggEB
ADjeRjfb8ydBAdr5Th7NSXbdfvD+e2MFxCTq2y8KuUWJtoj+oeWPAiADolKT266A
rOZL4ckMwFPLxWgQ6ysnPuB4ymqCJ7TQPWkdQNgiRd531hzTOkthJrAgdDsBWOOx
4us3LiBNefDkjQEJeLJPKhB/T92CxAD/msZbAWa7mmDa5qu6larJlcYYR9u9yJa5
cxIe9/qlv539JzJY3zgruLgXurzz7EVXLgJk/x6xD0DKpE6RjaiiGyWUXuH+8NSC
jS+qq/j5pLv+cbZtd7nhftQzt59S747tBePNUa1t14br41AbcWYbqSXDObXhLfiT
sJRvD7YP6VwaJt9n5mVP7+Q=
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:15:08 2024 by rpki-client on console-fra.rpki-client.org