Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/63fbf8-5cff-4991-8f27-a41a4834ecaa/1/rx8BBhHAGTYIKLb1wjcdeKd-5AU.roa
File: rx8BBhHAGTYIKLb1wjcdeKd-5AU.roa (raw, json)
Hash identifier: f0EOvVskwxqcBng2DRgbbtUf1503ZVyhQv9/snzTYkg=
Subject key identifier: AF:1F:01:06:11:C0:19:36:08:28:B6:F5:C2:37:1D:78:A7:7E:E4:05
Certificate issuer: /CN=543c54067385a765b1d5617c43331956fb208e89
Certificate serial: 018CC9BBEC7531AE1144A83566549B611F47
Authority key identifier: 54:3C:54:06:73:85:A7:65:B1:D5:61:7C:43:33:19:56:FB:20:8E:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VDxUBnOFp2Wx1WF8QzMZVvsgjok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/63fbf8-5cff-4991-8f27-a41a4834ecaa/1/rx8BBhHAGTYIKLb1wjcdeKd-5AU.roa
Signing time: Tue 02 Jan 2024 10:33:05 +0000
ROA not before: Tue 02 Jan 2024 10:33:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198595
IP address blocks: 185.202.124.0/24 maxlen: 24
185.202.125.0/24 maxlen: 24
185.202.126.0/24 maxlen: 24
185.202.127.0/24 maxlen: 24
91.236.57.0/24 maxlen: 24
2001:67c:104::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/63fbf8-5cff-4991-8f27-a41a4834ecaa/1/VDxUBnOFp2Wx1WF8QzMZVvsgjok.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/63fbf8-5cff-4991-8f27-a41a4834ecaa/1/VDxUBnOFp2Wx1WF8QzMZVvsgjok.mft
rsync://rpki.ripe.net/repository/DEFAULT/VDxUBnOFp2Wx1WF8QzMZVvsgjok.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 03:05:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:ec:75:31:ae:11:44:a8:35:66:54:9b:61:1f:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=543c54067385a765b1d5617c43331956fb208e89
Validity
Not Before: Jan 2 10:33:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af1f010611c019360828b6f5c2371d78a77ee405
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:24:fe:a7:2e:b7:7e:e5:35:55:8a:44:ab:78:
c2:0b:f7:7a:dd:8f:f7:cb:bc:d8:1e:ff:a8:4c:6b:
b4:67:fc:29:3a:cb:6c:9b:77:d2:f1:38:96:72:61:
a9:f9:8a:b8:c7:f2:71:f6:94:7d:4a:dd:7e:00:01:
02:da:7c:cd:f6:25:2e:cb:b9:5c:ae:70:b6:9d:64:
82:8d:9b:54:d6:3a:8c:fc:bf:38:40:1e:d6:f8:fe:
24:ff:dd:64:18:0c:9f:91:b3:c1:b2:9b:c7:5a:5f:
c7:0e:1f:2e:fc:e5:7a:7e:42:4c:c5:bb:7b:92:a3:
9a:aa:a6:93:58:29:5f:e2:36:8a:3f:5f:62:7c:4a:
74:67:14:99:73:85:bc:1e:95:a4:00:a2:89:43:f0:
b8:bb:31:33:11:e8:5d:54:64:06:59:aa:d7:0b:cb:
de:fc:e0:3f:5e:84:4e:1c:99:c5:90:38:66:86:b4:
33:aa:15:fd:a3:15:5f:af:cd:18:c0:7f:04:ba:22:
8b:99:e1:b5:4f:a3:b1:87:36:6c:21:9d:f0:6a:62:
a2:f4:e5:bb:d6:ef:83:80:11:84:7e:52:8e:72:13:
69:d1:73:8a:ba:11:98:3b:22:d3:65:1c:5e:f5:af:
c2:75:cb:b9:b3:dc:90:35:32:d6:d6:91:a8:27:b1:
f9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:1F:01:06:11:C0:19:36:08:28:B6:F5:C2:37:1D:78:A7:7E:E4:05
X509v3 Authority Key Identifier:
keyid:54:3C:54:06:73:85:A7:65:B1:D5:61:7C:43:33:19:56:FB:20:8E:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VDxUBnOFp2Wx1WF8QzMZVvsgjok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/63fbf8-5cff-4991-8f27-a41a4834ecaa/1/rx8BBhHAGTYIKLb1wjcdeKd-5AU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/63fbf8-5cff-4991-8f27-a41a4834ecaa/1/VDxUBnOFp2Wx1WF8QzMZVvsgjok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.57.0/24
185.202.124.0/22
IPv6:
2001:67c:104::/48
Signature Algorithm: sha256WithRSAEncryption
9a:4d:e1:fe:ee:91:86:39:f6:09:71:3d:cf:f2:04:cc:5e:2f:
d2:98:dd:2e:de:ac:10:24:98:dd:77:79:a7:92:6d:84:9c:97:
e4:a8:cd:71:75:0d:13:1c:c6:df:2f:c5:d9:82:a6:74:97:e6:
72:07:fe:43:e3:a8:e5:74:01:cf:ec:ff:99:78:b5:f4:ff:1c:
87:40:6c:f1:cd:eb:c5:67:2a:31:a5:5a:d9:07:57:e7:a5:da:
c0:7d:1a:ee:c7:92:2f:a3:31:56:80:e5:0c:48:10:02:35:70:
e4:b5:41:19:61:93:a5:a4:1a:25:87:07:85:27:fa:46:1b:cf:
6d:85:36:5b:97:85:d5:ee:9f:bb:3d:9e:fd:49:b3:7d:46:ac:
2a:b4:8a:59:bb:c9:24:5f:ea:77:33:95:56:1e:5d:78:27:09:
38:3c:f3:d5:55:5e:7a:3c:b5:33:6f:95:c2:b6:b8:15:ae:50:
df:e6:92:4d:1e:e8:14:55:3c:52:5f:ea:3c:8e:9a:4d:d8:a5:
28:cb:10:5f:b0:94:41:9d:1b:7e:74:68:76:e6:0e:12:a1:8d:
30:ac:db:1a:41:31:07:aa:59:fd:ea:0a:31:35:45:70:78:06:
24:bf:75:19:e7:ca:22:3b:a1:9b:9a:da:8b:ce:0d:da:91:a0:
5d:d7:54:b5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzJu+x1Ma4RRKg1ZlSbYR9HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0M2M1NDA2NzM4NWE3NjViMWQ1NjE3YzQzMzMxOTU2ZmIy
MDhlODkwHhcNMjQwMTAyMTAzMzA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjFmMDEwNjExYzAxOTM2MDgyOGI2ZjVjMjM3MWQ3OGE3N2VlNDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiT+py63fuU1VYpEq3jCC/d63Y/3
y7zYHv+oTGu0Z/wpOstsm3fS8TiWcmGp+Yq4x/Jx9pR9St1+AAEC2nzN9iUuy7lc
rnC2nWSCjZtU1jqM/L84QB7W+P4k/91kGAyfkbPBspvHWl/HDh8u/OV6fkJMxbt7
kqOaqqaTWClf4jaKP19ifEp0ZxSZc4W8HpWkAKKJQ/C4uzEzEehdVGQGWarXC8ve
/OA/XoROHJnFkDhmhrQzqhX9oxVfr80YwH8EuiKLmeG1T6OxhzZsIZ3wamKi9OW7
1u+DgBGEflKOchNp0XOKuhGYOyLTZRxe9a/Cdcu5s9yQNTLW1pGoJ7H5nQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFK8fAQYRwBk2CCi29cI3HXinfuQFMB8GA1UdIwQY
MBaAFFQ8VAZzhadlsdVhfEMzGVb7II6JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkR4VUJuT0ZwMld4MVdGOFF6TVpWdnNnam9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82M2ZiZjgtNWNmZi00OTkxLThmMjct
YTQxYTQ4MzRlY2FhLzEvcng4QkJoSEFHVFlJS0xiMXdqY2RlS2QtNUFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82M2ZiZjgtNWNmZi00OTkxLThmMjctYTQxYTQ4MzRlY2Fh
LzEvVkR4VUJuT0ZwMld4MVdGOFF6TVpWdnNnam9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW+w5AwQC
ucp8MA8EAgACMAkDBwAgAQZ8AQQwDQYJKoZIhvcNAQELBQADggEBAJpN4f7ukYY5
9glxPc/yBMxeL9KY3S7erBAkmN13eaeSbYScl+SozXF1DRMcxt8vxdmCpnSX5nIH
/kPjqOV0Ac/s/5l4tfT/HIdAbPHN68VnKjGlWtkHV+el2sB9Gu7Hki+jMVaA5QxI
EAI1cOS1QRlhk6WkGiWHB4Un+kYbz22FNluXhdXun7s9nv1Js31GrCq0ilm7ySRf
6nczlVYeXXgnCTg889VVXno8tTNvlcK2uBWuUN/mkk0e6BRVPFJf6jyOmk3YpSjL
EF+wlEGdG350aHbmDhKhjTCs2xpBMQeqWf3qCjE1RXB4BiS/dRnnyiI7oZua2ovO
DdqRoF3XVLU=
-----END CERTIFICATE-----
Generated at Sat Jun 8 08:58:38 2024 by rpki-client on console-ams.rpki-client.org