Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/PsgYUBK101HJIlARrE2pnssy6IU.roa
File: PsgYUBK101HJIlARrE2pnssy6IU.roa (raw, json)
Hash identifier: QaEu3rtSqwigs6Cqdn/r0YiMRz7XQiOP8FKoqJV4jo4=
Subject key identifier: 3E:C8:18:50:12:B5:D3:51:C9:22:50:11:AC:4D:A9:9E:CB:32:E8:85
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 0191FAA7392D4AF4FEFE4074E30F935E1CAC
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/PsgYUBK101HJIlARrE2pnssy6IU.roa
Signing time: Mon 16 Sep 2024 11:45:48 +0000
ROA not before: Mon 16 Sep 2024 11:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 46.227.72.0/21 maxlen: 21
78.40.40.0/21 maxlen: 21
81.21.208.0/20 maxlen: 20
81.27.0.0/20 maxlen: 20
93.94.168.0/21 maxlen: 21
185.53.212.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 14:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:fa:a7:39:2d:4a:f4:fe:fe:40:74:e3:0f:93:5e:1c:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Sep 16 11:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ec8185012b5d351c9225011ac4da99ecb32e885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:77:a6:59:03:7e:a7:68:01:ea:34:fd:00:21:
b0:2f:20:2f:c8:00:8b:c8:2e:e7:ae:e0:cd:da:a4:
5f:64:71:4a:83:c0:2c:27:06:66:2c:88:35:55:5b:
60:52:89:06:da:78:18:63:0c:10:40:fd:24:be:c5:
4a:2c:ba:e3:72:93:46:a1:20:25:e2:92:f1:3b:6c:
0a:8c:6b:21:1e:3e:88:7d:76:cc:d8:55:c4:72:6a:
f7:fb:d8:99:2c:f5:d2:eb:43:5b:65:fd:7f:cd:c1:
56:e2:6c:c7:a9:8b:6c:5e:6a:4d:a2:77:24:51:7c:
83:38:fe:e5:27:a5:85:a8:26:19:6e:bc:f6:09:2f:
a8:9f:27:f3:1b:61:77:8e:95:57:a1:10:93:1b:1d:
66:44:bd:fc:73:44:35:aa:de:c4:db:0c:a7:de:63:
c7:82:05:c2:e0:54:f4:b2:29:6a:bb:48:2a:0c:2e:
0c:43:ee:85:66:ed:55:b3:dd:d9:97:31:16:d1:a8:
c9:6b:90:f2:18:36:6e:04:1e:96:ac:1d:b5:ec:d4:
08:56:50:9d:72:c4:64:0a:14:71:c9:ff:5b:b4:1e:
f0:05:8e:e6:c6:6c:bb:ef:25:76:2f:70:e5:27:ef:
53:37:54:df:16:21:88:9a:30:31:fc:14:6e:84:c3:
c3:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:C8:18:50:12:B5:D3:51:C9:22:50:11:AC:4D:A9:9E:CB:32:E8:85
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/PsgYUBK101HJIlARrE2pnssy6IU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.72.0/21
78.40.40.0/21
81.21.208.0/20
81.27.0.0/20
93.94.168.0/21
185.53.212.0/22
Signature Algorithm: sha256WithRSAEncryption
c8:d0:8a:ca:d1:bf:aa:3d:25:b9:ff:4b:77:5c:a8:33:31:d5:
46:0c:de:fd:ac:97:7f:2b:80:c8:0f:84:c6:e0:d1:6e:0d:e2:
8d:96:15:7d:51:c8:ff:cf:78:b1:99:c4:02:ef:af:5e:d5:a9:
99:ba:31:11:66:27:62:41:e5:2b:8c:3f:5e:ae:55:49:ba:19:
77:ff:c3:ed:03:f8:38:39:01:aa:58:bc:db:0b:e7:62:03:c8:
7a:f9:06:9f:b4:19:9d:47:e7:1d:27:7b:66:0f:87:09:34:d7:
88:13:b7:c4:3d:7e:b9:bd:21:71:fe:11:da:61:fd:92:d1:e4:
29:21:07:29:79:99:19:a5:89:0b:db:9e:45:f9:25:4c:96:e5:
9c:77:2e:59:09:e4:07:8a:a2:3d:13:4b:bb:39:b4:31:6e:bb:
89:76:a9:b2:36:72:93:2f:d3:2f:f3:cd:92:c4:06:24:a5:46:
6c:71:4d:64:b7:b8:4a:01:7e:05:e2:a6:be:7e:29:12:74:90:
0d:84:ce:dd:9c:3b:d4:0e:3f:e4:ff:e1:d2:1e:d2:b6:e6:32:
11:48:49:9d:42:2c:11:9d:81:7d:e7:2e:88:83:b3:0e:70:db:
17:b7:dd:43:71:69:de:1c:68:82:d6:cd:c9:a3:15:65:f6:f0:
fb:3d:20:ca
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZH6pzktSvT+/kB04w+TXhysMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjgxMzhkNGVjMmVhNTFjYWNlZjA5ZmYxMDU4YTM3MGE1
YmUxOTAwHhcNMjQwOTE2MTE0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWM4MTg1MDEyYjVkMzUxYzkyMjUwMTFhYzRkYTk5ZWNiMzJlODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHemWQN+p2gB6jT9ACGwLyAvyACL
yC7nruDN2qRfZHFKg8AsJwZmLIg1VVtgUokG2ngYYwwQQP0kvsVKLLrjcpNGoSAl
4pLxO2wKjGshHj6IfXbM2FXEcmr3+9iZLPXS60NbZf1/zcFW4mzHqYtsXmpNonck
UXyDOP7lJ6WFqCYZbrz2CS+onyfzG2F3jpVXoRCTGx1mRL38c0Q1qt7E2wyn3mPH
ggXC4FT0silqu0gqDC4MQ+6FZu1Vs93ZlzEW0ajJa5DyGDZuBB6WrB217NQIVlCd
csRkChRxyf9btB7wBY7mxmy77yV2L3DlJ+9TN1TfFiGImjAx/BRuhMPD1QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFD7IGFAStdNRySJQEaxNqZ7LMuiFMB8GA1UdIwQY
MBaAFB9oE41OwupRys7wn/EFijcKW+GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgt
NjA4NTY0ODM5ZmQwLzEvUHNnWVVCSzEwMUhKSWxBUnJFMnBuc3N5NklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgtNjA4NTY0ODM5ZmQw
LzEvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDLuNIAwQD
TigoAwQEURXQAwQEURsAAwQDXV6oAwQCuTXUMA0GCSqGSIb3DQEBCwUAA4IBAQDI
0IrK0b+qPSW5/0t3XKgzMdVGDN79rJd/K4DID4TG4NFuDeKNlhV9Ucj/z3ixmcQC
769e1amZujERZidiQeUrjD9erlVJuhl3/8PtA/g4OQGqWLzbC+diA8h6+QaftBmd
R+cdJ3tmD4cJNNeIE7fEPX65vSFx/hHaYf2S0eQpIQcpeZkZpYkL255F+SVMluWc
dy5ZCeQHiqI9E0u7ObQxbruJdqmyNnKTL9Mv882SxAYkpUZscU1kt7hKAX4F4qa+
fikSdJANhM7dnDvUDj/k/+HSHtK25jIRSEmdQiwRnYF95y6Ig7MOcNsXt91DcWne
HGiC1s3JoxVl9vD7PSDK
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:19:52 2024 by rpki-client on console-ams.rpki-client.org