Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/f8e8e5-692b-40a9-b32f-394c47ff45ae/1/dF2wr9UcXhu-lbqQkIF2UewEc4M.roa
File: dF2wr9UcXhu-lbqQkIF2UewEc4M.roa (raw, json)
Hash identifier: p0WjVjzWZ2Om8SQwFYNVp17w6RrB0ndiAukojmjTqo0=
Subject key identifier: 74:5D:B0:AF:D5:1C:5E:1B:BE:95:BA:90:90:81:76:51:EC:04:73:83
Certificate issuer: /CN=869ab33046862ab58405e5e927ddf41272dfc714
Certificate serial: 0190C044D2B48A5512CFE2AFA2540964D470
Authority key identifier: 86:9A:B3:30:46:86:2A:B5:84:05:E5:E9:27:DD:F4:12:72:DF:C7:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpqzMEaGKrWEBeXpJ930EnLfxxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/f8e8e5-692b-40a9-b32f-394c47ff45ae/1/dF2wr9UcXhu-lbqQkIF2UewEc4M.roa
Signing time: Wed 17 Jul 2024 10:37:34 +0000
ROA not before: Wed 17 Jul 2024 10:37:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42274
IP address blocks: 91.192.12.0/22 maxlen: 22
193.111.44.0/24 maxlen: 24
193.111.56.0/22 maxlen: 22
193.111.56.0/24 maxlen: 24
2001:67c:36c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/f8e8e5-692b-40a9-b32f-394c47ff45ae/1/hpqzMEaGKrWEBeXpJ930EnLfxxQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/f8e8e5-692b-40a9-b32f-394c47ff45ae/1/hpqzMEaGKrWEBeXpJ930EnLfxxQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hpqzMEaGKrWEBeXpJ930EnLfxxQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c0:44:d2:b4:8a:55:12:cf:e2:af:a2:54:09:64:d4:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869ab33046862ab58405e5e927ddf41272dfc714
Validity
Not Before: Jul 17 10:37:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=745db0afd51c5e1bbe95ba9090817651ec047383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:91:ae:5f:b3:c3:85:9d:56:13:53:39:41:4e:
f8:59:11:70:c8:5f:25:bb:f1:6b:ba:0c:c4:82:c3:
5e:2d:d8:36:df:18:62:56:dd:f5:99:de:0d:1c:25:
bb:15:d8:64:f6:84:40:00:47:e5:72:b4:22:7d:85:
9d:16:a8:e9:dd:b5:ac:e1:b0:9f:97:fd:0e:9e:f1:
8e:e0:d7:07:87:50:87:55:60:f6:20:22:1d:cd:11:
03:2b:09:db:6d:98:5b:97:d1:b4:e0:4b:8c:4b:f3:
d7:b5:b7:ea:bb:e0:de:2e:ad:8e:42:0e:48:d3:f4:
8d:a4:b7:51:07:a5:e8:cb:5b:e5:ff:71:0c:f9:43:
02:af:e3:e2:fc:86:9a:2d:be:da:2c:0c:93:b7:13:
19:9f:b1:e9:45:65:b5:51:64:6f:29:1b:3c:72:7c:
34:22:83:19:e2:95:fe:f0:ca:e8:be:04:96:aa:1d:
11:a6:27:a9:f1:95:1e:d4:8b:06:7d:01:e4:05:05:
28:ee:d2:f6:df:e8:26:01:c1:ea:09:11:85:f4:08:
08:50:27:dc:09:98:4b:81:5d:aa:3d:7b:68:0a:1d:
bb:08:d5:ff:45:3f:13:89:88:43:58:c0:68:fb:ce:
ba:96:f1:26:32:f0:ae:74:37:e4:1c:0a:df:b3:70:
1f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:5D:B0:AF:D5:1C:5E:1B:BE:95:BA:90:90:81:76:51:EC:04:73:83
X509v3 Authority Key Identifier:
keyid:86:9A:B3:30:46:86:2A:B5:84:05:E5:E9:27:DD:F4:12:72:DF:C7:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpqzMEaGKrWEBeXpJ930EnLfxxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/f8e8e5-692b-40a9-b32f-394c47ff45ae/1/dF2wr9UcXhu-lbqQkIF2UewEc4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/f8e8e5-692b-40a9-b32f-394c47ff45ae/1/hpqzMEaGKrWEBeXpJ930EnLfxxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.12.0/22
193.111.44.0/24
193.111.56.0/22
IPv6:
2001:67c:36c::/48
Signature Algorithm: sha256WithRSAEncryption
7b:f9:13:be:cd:00:f8:aa:5a:c9:e4:0b:78:66:10:2e:86:2c:
ef:c9:8f:a1:c0:43:73:ca:48:17:c1:cd:c2:e3:b8:c5:7a:fc:
6b:af:ea:2f:49:22:39:68:a3:e2:3e:d0:20:32:4b:22:a5:50:
91:3e:a4:ef:2e:83:fa:f4:51:ef:63:0e:cd:cc:4c:e1:4b:f9:
c3:83:22:3c:3a:47:33:16:17:29:d1:ad:66:89:ea:fa:75:95:
48:cd:ae:62:aa:67:15:da:ec:34:0d:26:8d:b7:e6:e2:60:8b:
ed:81:3a:e2:df:13:5d:af:8f:e6:2d:64:1d:6f:ca:2e:5c:c6:
2e:22:c0:52:ee:a9:b2:dd:49:cf:a9:6c:71:35:80:8b:59:07:
76:2f:f3:9f:b5:6a:5f:23:92:71:ff:94:59:ca:a1:49:ed:ed:
09:9c:2f:1c:92:23:9d:b1:2b:01:0e:69:8f:5e:1c:fa:7a:64:
d9:02:c6:8d:ac:8b:eb:21:f5:05:e4:c5:52:73:58:b0:12:6d:
29:6f:f6:e3:e2:22:3d:80:fc:07:c2:02:f8:b8:5e:3c:e1:c1:
fd:6f:12:c3:ba:93:9c:95:78:1c:ac:6a:8e:e1:0e:c3:a3:9f:
8a:21:eb:e9:b4:6e:bd:7c:87:fb:6f:aa:01:30:bf:7f:eb:ab:
e3:cc:c7:a2
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZDARNK0ilUSz+KvolQJZNRwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OWFiMzMwNDY4NjJhYjU4NDA1ZTVlOTI3ZGRmNDEyNzJk
ZmM3MTQwHhcNMjQwNzE3MTAzNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDVkYjBhZmQ1MWM1ZTFiYmU5NWJhOTA5MDgxNzY1MWVjMDQ3MzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6pGuX7PDhZ1WE1M5QU74WRFwyF8l
u/FrugzEgsNeLdg23xhiVt31md4NHCW7Fdhk9oRAAEflcrQifYWdFqjp3bWs4bCf
l/0OnvGO4NcHh1CHVWD2ICIdzREDKwnbbZhbl9G04EuMS/PXtbfqu+DeLq2OQg5I
0/SNpLdRB6Xoy1vl/3EM+UMCr+Pi/IaaLb7aLAyTtxMZn7HpRWW1UWRvKRs8cnw0
IoMZ4pX+8MrovgSWqh0Rpiep8ZUe1IsGfQHkBQUo7tL23+gmAcHqCRGF9AgIUCfc
CZhLgV2qPXtoCh27CNX/RT8TiYhDWMBo+866lvEmMvCudDfkHArfs3AfewIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHRdsK/VHF4bvpW6kJCBdlHsBHODMB8GA1UdIwQY
MBaAFIaaszBGhiq1hAXl6Sfd9BJy38cUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBxek1FYUdLcldFQmVYcEo5MzBFbkxmeHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9mOGU4ZTUtNjkyYi00MGE5LWIzMmYt
Mzk0YzQ3ZmY0NWFlLzEvZEYyd3I5VWNYaHUtbGJxUWtJRjJVZXdFYzRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9mOGU4ZTUtNjkyYi00MGE5LWIzMmYtMzk0YzQ3ZmY0NWFl
LzEvaHBxek1FYUdLcldFQmVYcEo5MzBFbkxmeHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCW8AMAwQA
wW8sAwQCwW84MA8EAgACMAkDBwAgAQZ8A2wwDQYJKoZIhvcNAQELBQADggEBAHv5
E77NAPiqWsnkC3hmEC6GLO/Jj6HAQ3PKSBfBzcLjuMV6/Guv6i9JIjloo+I+0CAy
SyKlUJE+pO8ug/r0Ue9jDs3MTOFL+cODIjw6RzMWFynRrWaJ6vp1lUjNrmKqZxXa
7DQNJo235uJgi+2BOuLfE12vj+YtZB1vyi5cxi4iwFLuqbLdSc+pbHE1gItZB3Yv
85+1al8jknH/lFnKoUnt7QmcLxySI52xKwEOaY9eHPp6ZNkCxo2si+sh9QXkxVJz
WLASbSlv9uPiIj2A/AfCAvi4Xjzhwf1vEsO6k5yVeBysao7hDsOjn4oh6+m0br18
h/tvqgEwv3/rq+PMx6I=
-----END CERTIFICATE-----
Generated at Fri Sep 20 21:24:47 2024 by rpki-client on console-ams.rpki-client.org