Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/UrGfyvGxzsWdBVvABaZO8t0XrKc.roa
File: UrGfyvGxzsWdBVvABaZO8t0XrKc.roa (raw, json)
Hash identifier: IHM48LMc66Za6rJgEwxPnv3ej1ByJ3ESd2yw2c7oJrA=
Subject key identifier: 52:B1:9F:CA:F1:B1:CE:C5:9D:05:5B:C0:05:A6:4E:F2:DD:17:AC:A7
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 018CC26D7C1AF527CAC05C7683DBC7E6D076
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/UrGfyvGxzsWdBVvABaZO8t0XrKc.roa
Signing time: Mon 01 Jan 2024 00:30:04 +0000
ROA not before: Mon 01 Jan 2024 00:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26383
IP address blocks: 91.149.232.0/23 maxlen: 23
91.149.240.0/24 maxlen: 24
91.149.239.0/24 maxlen: 24
91.149.238.0/24 maxlen: 24
91.149.236.0/23 maxlen: 23
91.149.243.0/24 maxlen: 24
91.149.242.0/24 maxlen: 24
91.149.241.0/24 maxlen: 24
91.149.253.0/24 maxlen: 24
91.149.255.0/24 maxlen: 24
91.149.254.0/24 maxlen: 24
91.149.202.0/23 maxlen: 23
91.149.218.0/24 maxlen: 24
91.149.219.0/24 maxlen: 24
91.149.222.0/23 maxlen: 23
91.149.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:7c:1a:f5:27:ca:c0:5c:76:83:db:c7:e6:d0:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Jan 1 00:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52b19fcaf1b1cec59d055bc005a64ef2dd17aca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:45:8c:25:21:13:87:78:95:75:a7:ac:c7:e4:
e5:af:05:c3:19:88:fe:a1:a6:2e:98:95:f6:67:3e:
18:22:fe:ba:19:37:9d:dc:69:f8:58:5f:fa:fc:8e:
34:bf:71:10:0c:e9:c8:36:6b:c0:8b:ba:43:2c:49:
4c:aa:4a:fa:d5:0b:39:29:19:d3:66:4f:e2:0e:49:
6f:c9:f5:3f:23:ef:a1:8a:b7:0b:65:d6:9f:11:af:
81:88:b7:a7:bb:b0:f4:14:03:1f:a0:ef:f5:30:da:
0e:30:e0:1a:37:61:32:19:c4:8d:12:25:2a:32:1b:
13:2c:cd:3a:c6:d9:af:d2:0e:56:84:91:30:3a:1c:
50:84:11:f7:53:f1:74:72:ef:51:49:ad:11:a0:33:
61:9a:64:2d:8c:3e:c7:ab:fe:f1:11:c2:75:ab:df:
55:9a:9f:08:33:67:c0:9e:d5:ba:0f:f3:fe:9a:6b:
fe:53:5c:26:32:be:46:38:8a:23:06:e4:44:b3:26:
84:c7:92:c2:03:ed:0d:d7:78:7b:d0:34:6a:f3:b6:
32:72:47:ed:14:7e:38:f4:48:01:d0:55:f9:3c:0d:
a0:11:36:ae:60:f1:69:4b:af:30:4b:76:6f:38:b1:
f9:93:0d:38:f8:ba:a7:57:a4:dc:57:41:ff:ec:39:
6e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B1:9F:CA:F1:B1:CE:C5:9D:05:5B:C0:05:A6:4E:F2:DD:17:AC:A7
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/UrGfyvGxzsWdBVvABaZO8t0XrKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.202.0/23
91.149.218.0/23
91.149.221.0-91.149.223.255
91.149.232.0/23
91.149.236.0-91.149.243.255
91.149.253.0-91.149.255.255
Signature Algorithm: sha256WithRSAEncryption
78:ee:57:6e:de:ba:4d:05:a2:95:ac:19:67:dd:7e:36:d0:9f:
00:df:d2:1e:67:21:c7:f4:66:17:ad:1a:79:38:ba:46:bf:90:
c9:9e:4c:8b:3d:a0:12:56:e0:cc:8e:55:3c:74:ba:4f:b6:a9:
11:e9:e0:5f:d7:9c:5e:dc:e9:60:c4:18:a5:b3:b5:09:3d:84:
04:ac:6c:0d:34:da:3a:53:0d:ff:88:11:e0:0b:9e:c7:98:fc:
52:ed:6f:d1:4a:73:3d:a5:ef:e4:00:a7:8d:b2:1f:09:e8:c7:
c1:9c:a8:c1:f5:0e:14:b7:94:0f:ba:35:52:d9:8b:e8:6b:39:
8b:74:cb:1a:70:f8:da:a7:45:85:65:df:bd:a8:24:e1:71:0c:
a3:d9:1e:e3:9c:3e:95:1f:e0:e8:64:e6:ba:61:0b:66:b6:ec:
d6:1c:08:6c:10:2f:d7:6a:b9:04:e4:27:80:c1:15:e8:9a:68:
c4:ab:f0:f6:53:7c:75:43:32:09:62:11:2c:9f:38:cf:b7:1c:
a0:6d:1f:29:ff:e1:80:7b:29:b8:fa:3f:a4:2a:ec:5f:cd:71:
fc:3a:85:95:02:c0:c5:1e:39:e6:76:6e:a1:76:c6:a4:b9:74:
18:41:c3:ac:7e:d4:04:ab:8d:ff:e6:b0:ab:79:a8:79:54:fe:
4e:ea:24:e0
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYzCbXwa9SfKwFx2g9vH5tB2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjQwMTAxMDAzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmIxOWZjYWYxYjFjZWM1OWQwNTViYzAwNWE2NGVmMmRkMTdhY2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0WMJSETh3iVdaesx+TlrwXDGYj+
oaYumJX2Zz4YIv66GTed3Gn4WF/6/I40v3EQDOnINmvAi7pDLElMqkr61Qs5KRnT
Zk/iDklvyfU/I++hircLZdafEa+BiLenu7D0FAMfoO/1MNoOMOAaN2EyGcSNEiUq
MhsTLM06xtmv0g5WhJEwOhxQhBH3U/F0cu9RSa0RoDNhmmQtjD7Hq/7xEcJ1q99V
mp8IM2fAntW6D/P+mmv+U1wmMr5GOIojBuREsyaEx5LCA+0N13h70DRq87Yyckft
FH449EgB0FX5PA2gETauYPFpS68wS3ZvOLH5kw04+LqnV6TcV0H/7DlusQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFFKxn8rxsc7FnQVbwAWmTvLdF6ynMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvVXJHZnl2R3h6c1dkQlZ2QUJhWk84dDBYcktjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzBBBAIAATA7AwQBW5XKAwQB
W5XaMAwDBABbld0DBAVblcADBAFblegwDAMEAluV7AMEAluV8DALAwQAW5X9AwMB
W5QwDQYJKoZIhvcNAQELBQADggEBAHjuV27euk0FopWsGWfdfjbQnwDf0h5nIcf0
ZhetGnk4uka/kMmeTIs9oBJW4MyOVTx0uk+2qRHp4F/XnF7c6WDEGKWztQk9hASs
bA002jpTDf+IEeALnseY/FLtb9FKcz2l7+QAp42yHwnox8GcqMH1DhS3lA+6NVLZ
i+hrOYt0yxpw+NqnRYVl372oJOFxDKPZHuOcPpUf4Ohk5rphC2a27NYcCGwQL9dq
uQTkJ4DBFeiaaMSr8PZTfHVDMgliESyfOM+3HKBtHyn/4YB7Kbj6P6Qq7F/Ncfw6
hZUCwMUeOeZ2bqF2xqS5dBhBw6x+1ASrjf/msKt5qHlU/k7qJOA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:58:24 2024 by rpki-client on console-fra.rpki-client.org