Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/33s_uv21fbn3KgymRpmVK5zSyyE.roa
File: 33s_uv21fbn3KgymRpmVK5zSyyE.roa (raw, json)
Hash identifier: r3bx7BEmNfJ6uRTqwMdUUBuljm4MXnYGp22ssEsndmc=
Subject key identifier: DF:7B:3F:BA:FD:B5:7D:B9:F7:2A:0C:A6:46:99:95:2B:9C:D2:CB:21
Certificate issuer: /CN=4074a1c0383ad5eb0f0588e4c3394ba34010a621
Certificate serial: 018CC349642692EA550CAF7DB3A371099F98
Authority key identifier: 40:74:A1:C0:38:3A:D5:EB:0F:05:88:E4:C3:39:4B:A3:40:10:A6:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHShwDg61esPBYjkwzlLo0AQpiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/33s_uv21fbn3KgymRpmVK5zSyyE.roa
Signing time: Mon 01 Jan 2024 04:30:16 +0000
ROA not before: Mon 01 Jan 2024 04:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57513
IP address blocks: 91.197.47.0/24 maxlen: 24
91.197.46.0/24 maxlen: 24
91.197.46.0/23 maxlen: 23
185.81.141.0/24 maxlen: 24
185.81.142.0/24 maxlen: 24
185.81.140.0/24 maxlen: 24
185.81.143.0/24 maxlen: 24
91.232.100.0/24 maxlen: 24
91.232.101.0/24 maxlen: 24
2a05:8800::/29 maxlen: 29
2a05:8803::/32 maxlen: 32
2a05:8800::/32 maxlen: 32
2a05:8800:1::/48 maxlen: 48
2a05:8801::/32 maxlen: 32
2a05:8804::/32 maxlen: 32
2a05:8802::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/QHShwDg61esPBYjkwzlLo0AQpiE.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/QHShwDg61esPBYjkwzlLo0AQpiE.mft
rsync://rpki.ripe.net/repository/DEFAULT/QHShwDg61esPBYjkwzlLo0AQpiE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:64:26:92:ea:55:0c:af:7d:b3:a3:71:09:9f:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4074a1c0383ad5eb0f0588e4c3394ba34010a621
Validity
Not Before: Jan 1 04:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df7b3fbafdb57db9f72a0ca64699952b9cd2cb21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d3:bd:04:39:3d:c8:15:f3:cf:97:fe:e5:80:
e3:5e:dc:70:3b:32:ec:f5:0a:04:14:93:88:bc:ba:
4d:53:b1:99:ee:6b:63:6c:c3:98:f3:75:af:83:57:
69:24:a3:69:5e:20:11:01:0c:01:86:4b:9d:2b:9d:
90:ba:63:87:24:b1:fe:8d:49:94:2f:27:b4:3b:10:
60:0e:05:f0:d3:5c:e2:94:db:1e:d9:97:04:d8:83:
f5:39:f7:03:8a:04:dd:bb:56:47:7a:ea:da:57:29:
0b:32:d1:8d:01:3a:9c:5b:81:0f:e4:92:8a:cd:7b:
32:f0:2e:ff:60:82:bb:2e:3c:41:07:27:54:de:4f:
15:91:6e:17:e7:da:ad:86:a3:de:4d:a2:68:b7:a2:
de:65:42:24:7b:ba:36:ed:1e:3c:92:f9:db:58:37:
35:00:11:1b:56:c3:5e:60:90:b7:69:e8:22:e7:f5:
43:9c:eb:5f:16:86:34:27:3a:75:38:c6:f5:84:6b:
65:5f:54:3a:db:e8:57:d4:18:77:8c:47:f3:49:3d:
a1:50:17:c9:2e:8d:08:99:08:c1:19:46:21:71:8d:
c3:0c:2b:74:3c:70:3a:e7:21:97:19:6c:88:29:e9:
fd:56:a8:0a:95:78:d2:04:4f:dc:70:20:52:dc:ac:
ff:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:7B:3F:BA:FD:B5:7D:B9:F7:2A:0C:A6:46:99:95:2B:9C:D2:CB:21
X509v3 Authority Key Identifier:
keyid:40:74:A1:C0:38:3A:D5:EB:0F:05:88:E4:C3:39:4B:A3:40:10:A6:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHShwDg61esPBYjkwzlLo0AQpiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/33s_uv21fbn3KgymRpmVK5zSyyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/QHShwDg61esPBYjkwzlLo0AQpiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.46.0/23
91.232.100.0/23
185.81.140.0/22
IPv6:
2a05:8800::/29
Signature Algorithm: sha256WithRSAEncryption
c7:c2:86:8f:8f:0e:f2:d5:44:0e:4e:17:e4:87:07:b9:02:d9:
9b:54:8b:07:bd:65:b5:64:a4:a1:3c:70:f2:ea:3f:a1:89:98:
8a:93:bf:93:e7:b6:f7:e6:95:1e:c3:cc:c1:97:df:b8:f1:8d:
26:57:4b:35:48:50:84:d2:8c:54:7c:26:78:d9:48:3e:57:4d:
e8:e5:5e:de:1e:ea:c1:1d:5f:6c:08:73:fd:67:6f:a0:cf:81:
32:36:2e:7e:ff:b5:c3:ac:84:d9:86:1c:f1:06:96:08:f4:76:
f9:a9:a3:90:6b:b6:74:a1:08:c0:0a:a9:eb:a7:b9:88:fc:ef:
1f:e3:0e:85:b4:dc:28:4b:bc:75:3a:8b:bf:78:95:37:7e:f9:
11:a9:48:ed:58:eb:af:51:64:d9:03:2a:f6:51:ae:c6:4d:78:
9e:4b:53:4a:41:66:ea:bb:65:b2:2f:a3:fe:a4:10:12:4c:2e:
94:e3:fb:ec:9c:da:70:94:e2:e6:90:75:da:c2:bd:b9:e6:2c:
bb:2c:d7:75:ef:eb:ba:c3:af:ff:99:36:67:87:0f:ad:d1:13:
3c:29:f6:7c:6e:11:b1:2e:1f:35:fd:48:74:f5:ab:a8:65:e8:
71:ce:74:a1:b5:69:f2:53:6c:6c:c3:35:50:c5:11:27:b6:0d:
cc:46:7b:8c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDSWQmkupVDK99s6NxCZ+YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNzRhMWMwMzgzYWQ1ZWIwZjA1ODhlNGMzMzk0YmEzNDAx
MGE2MjEwHhcNMjQwMTAxMDQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjdiM2ZiYWZkYjU3ZGI5ZjcyYTBjYTY0Njk5OTUyYjljZDJjYjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdO9BDk9yBXzz5f+5YDjXtxwOzLs
9QoEFJOIvLpNU7GZ7mtjbMOY83Wvg1dpJKNpXiARAQwBhkudK52QumOHJLH+jUmU
Lye0OxBgDgXw01zilNse2ZcE2IP1OfcDigTdu1ZHeuraVykLMtGNATqcW4EP5JKK
zXsy8C7/YIK7LjxBBydU3k8VkW4X59qthqPeTaJot6LeZUIke7o27R48kvnbWDc1
ABEbVsNeYJC3aegi5/VDnOtfFoY0Jzp1OMb1hGtlX1Q62+hX1Bh3jEfzST2hUBfJ
Lo0ImQjBGUYhcY3DDCt0PHA65yGXGWyIKen9VqgKlXjSBE/ccCBS3Kz/jwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFN97P7r9tX259yoMpkaZlSuc0sshMB8GA1UdIwQY
MBaAFEB0ocA4OtXrDwWI5MM5S6NAEKYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUhTaHdEZzYxZXNQQllqa3d6bExvMEFRcGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8zMDRhYWEtNGNlNS00MDY1LWIwNzMt
MjZjMzM2NTE1M2FmLzEvMzNzX3V2MjFmYm4zS2d5bVJwbVZLNXpTeXlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8zMDRhYWEtNGNlNS00MDY1LWIwNzMtMjZjMzM2NTE1M2Fm
LzEvUUhTaHdEZzYxZXNQQllqa3d6bExvMEFRcGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBW8UuAwQB
W+hkAwQCuVGMMA0EAgACMAcDBQMqBYgAMA0GCSqGSIb3DQEBCwUAA4IBAQDHwoaP
jw7y1UQOThfkhwe5AtmbVIsHvWW1ZKShPHDy6j+hiZiKk7+T57b35pUew8zBl9+4
8Y0mV0s1SFCE0oxUfCZ42Ug+V03o5V7eHurBHV9sCHP9Z2+gz4EyNi5+/7XDrITZ
hhzxBpYI9Hb5qaOQa7Z0oQjACqnrp7mI/O8f4w6FtNwoS7x1Oou/eJU3fvkRqUjt
WOuvUWTZAyr2Ua7GTXieS1NKQWbqu2WyL6P+pBASTC6U4/vsnNpwlOLmkHXawr25
5iy7LNd17+u6w6//mTZnhw+t0RM8KfZ8bhGxLh81/Uh09auoZehxznShtWnyU2xs
wzVQxREntg3MRnuM
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:15:15 2024 by rpki-client on console-fra.rpki-client.org