Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/cGj4ygMcRyWK7U5PtW67h12uirI.roa
File: cGj4ygMcRyWK7U5PtW67h12uirI.roa (raw, json)
Hash identifier: eqUqJ2xFOHKtPwvzIgpFuVaqWO7s+lnfxGdis2NAupE=
Subject key identifier: 70:68:F8:CA:03:1C:47:25:8A:ED:4E:4F:B5:6E:BB:87:5D:AE:8A:B2
Certificate issuer: /CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Certificate serial: 019174B5948BA55407F0BE27C69F570878AB
Authority key identifier: A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/cGj4ygMcRyWK7U5PtW67h12uirI.roa
Signing time: Wed 21 Aug 2024 11:32:22 +0000
ROA not before: Wed 21 Aug 2024 11:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216134
IP address blocks: 149.223.0.0/16 maxlen: 24
149.238.0.0/16 maxlen: 24
149.238.0.0/19 maxlen: 24
149.238.32.0/19 maxlen: 24
149.238.64.0/19 maxlen: 24
149.238.96.0/19 maxlen: 24
149.238.128.0/19 maxlen: 24
149.238.159.0/24 maxlen: 24
149.238.160.0/19 maxlen: 24
149.238.192.0/19 maxlen: 24
149.238.224.0/19 maxlen: 24
170.205.192.0/18 maxlen: 24
192.77.114.0/23 maxlen: 24
192.112.208.0/24 maxlen: 24
193.33.52.0/23 maxlen: 24
2a13:cb40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:74:b5:94:8b:a5:54:07:f0:be:27:c6:9f:57:08:78:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Validity
Not Before: Aug 21 11:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7068f8ca031c47258aed4e4fb56ebb875dae8ab2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:cf:c6:d3:80:eb:02:be:8c:f1:94:d3:7e:c7:
6b:d8:61:3c:42:8e:81:08:60:5f:e6:b0:a2:23:38:
ec:7b:0e:d4:4a:9e:20:35:c1:50:48:cd:e4:19:4e:
b7:31:3d:26:63:54:7d:63:e1:9c:ac:81:64:0b:ea:
8d:bf:ba:26:a2:7e:af:20:50:59:2e:69:32:2b:2d:
ce:a9:57:08:5e:65:e0:33:bf:da:5c:e9:7d:20:55:
44:5d:a9:bd:29:c4:db:1b:0f:b2:29:90:c6:23:7c:
13:58:61:e3:01:29:0a:f9:4b:f3:e1:24:d0:74:ab:
ec:e7:26:05:86:99:e5:5d:2d:88:62:27:12:ed:37:
a1:fc:cb:00:67:bb:7f:4a:41:d4:27:38:a6:bf:04:
c1:e9:f2:8f:09:00:54:e3:e4:3b:49:bf:d0:84:5b:
32:42:a6:35:67:dc:d7:5d:09:d3:23:6d:49:8f:f8:
b6:62:e6:d6:97:f5:b8:94:e1:c2:f0:bb:04:cb:6f:
e5:3f:3e:49:6c:98:91:aa:26:96:f5:7a:f9:bd:2e:
cb:c7:54:77:7b:1e:19:d5:cb:a6:b5:1c:67:18:aa:
8e:fd:3e:eb:63:21:06:29:2d:36:c7:c7:24:46:26:
eb:d8:2c:df:a4:9a:92:4f:21:a0:c6:6a:be:21:2e:
52:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:68:F8:CA:03:1C:47:25:8A:ED:4E:4F:B5:6E:BB:87:5D:AE:8A:B2
X509v3 Authority Key Identifier:
keyid:A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/cGj4ygMcRyWK7U5PtW67h12uirI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.223.0.0/16
149.238.0.0/16
170.205.192.0/18
192.77.114.0/23
192.112.208.0/24
193.33.52.0/23
IPv6:
2a13:cb40::/29
Signature Algorithm: sha256WithRSAEncryption
32:e7:ad:b8:f2:56:e2:9a:e0:53:7f:3a:0c:ac:d5:9d:fd:b8:
04:7f:c0:85:d4:0c:b4:2a:8f:fa:c1:a3:d9:3f:c6:28:0d:11:
b1:cd:7e:1b:49:f7:37:ab:56:8f:ae:7f:b9:a0:33:e6:f0:13:
09:09:7c:5a:ca:ba:57:d4:aa:dc:1e:54:80:a7:dc:41:87:ca:
8d:62:9c:49:fc:22:f4:44:b6:45:51:20:d8:62:cb:03:89:27:
36:36:2c:06:29:9f:a0:b7:fe:b7:9f:15:ae:da:ea:74:a8:72:
06:06:e2:da:af:98:cb:7d:c9:55:9a:1a:03:df:43:fb:a2:39:
79:5c:8c:af:88:4f:a7:b9:a7:ac:78:ef:67:ee:e5:a9:95:3d:
b8:93:9a:f6:62:f2:25:0e:b9:f6:68:51:4c:3f:b3:0c:40:31:
be:c1:08:92:a4:83:75:42:77:67:d0:4d:14:cc:19:58:c7:06:
9b:59:7c:82:d0:fe:cd:e8:d3:0a:7d:17:79:67:03:72:09:64:
39:91:29:b0:87:8f:43:b4:d0:00:0f:bc:5c:7e:a4:a7:b9:9d:
b9:84:dd:95:3d:8a:b0:fe:4b:6a:b1:9f:4b:d4:49:f3:07:c2:
2e:33:0c:3b:f9:d1:5b:3b:a3:83:d5:85:d4:c6:0b:39:58:d0:
02:c8:0c:72
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZF0tZSLpVQH8L4nxp9XCHirMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MzI3YzU2ZTk0MTE3MWVhM2JlYmEyNmViYjllMjNmNGRm
NWJjZjMwHhcNMjQwODIxMTEzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDY4ZjhjYTAzMWM0NzI1OGFlZDRlNGZiNTZlYmI4NzVkYWU4YWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8/G04DrAr6M8ZTTfsdr2GE8Qo6B
CGBf5rCiIzjsew7USp4gNcFQSM3kGU63MT0mY1R9Y+GcrIFkC+qNv7omon6vIFBZ
LmkyKy3OqVcIXmXgM7/aXOl9IFVEXam9KcTbGw+yKZDGI3wTWGHjASkK+Uvz4STQ
dKvs5yYFhpnlXS2IYicS7Teh/MsAZ7t/SkHUJzimvwTB6fKPCQBU4+Q7Sb/QhFsy
QqY1Z9zXXQnTI21Jj/i2YubWl/W4lOHC8LsEy2/lPz5JbJiRqiaW9Xr5vS7Lx1R3
ex4Z1cumtRxnGKqO/T7rYyEGKS02x8ckRibr2CzfpJqSTyGgxmq+IS5SVQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFHBo+MoDHEcliu1OT7Vuu4ddroqyMB8GA1UdIwQY
MBaAFKQyfFbpQRceo766Juu54j9N9bzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWIt
MjhjMzQzY2U5ZDVkLzEvY0dqNHlnTWNSeVdLN1U1UHRXNjdoMTJ1aXJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWItMjhjMzQzY2U5ZDVk
LzEvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAoBAIAATAiAwMAld8DAwCV
7gMEBqrNwAMEAcBNcgMEAMBw0AMEAcEhNDANBAIAAjAHAwUDKhPLQDANBgkqhkiG
9w0BAQsFAAOCAQEAMuetuPJW4prgU386DKzVnf24BH/AhdQMtCqP+sGj2T/GKA0R
sc1+G0n3N6tWj65/uaAz5vATCQl8Wsq6V9Sq3B5UgKfcQYfKjWKcSfwi9ES2RVEg
2GLLA4knNjYsBimfoLf+t58VrtrqdKhyBgbi2q+Yy33JVZoaA99D+6I5eVyMr4hP
p7mnrHjvZ+7lqZU9uJOa9mLyJQ659mhRTD+zDEAxvsEIkqSDdUJ3Z9BNFMwZWMcG
m1l8gtD+zejTCn0XeWcDcglkOZEpsIePQ7TQAA+8XH6kp7mduYTdlT2KsP5LarGf
S9RJ8wfCLjMMO/nRWzujg9WF1MYLOVjQAsgMcg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:46:25 2024 by rpki-client on console-ams.rpki-client.org