Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/1-f1hu2otxqdu4jyEsUtAWDKDn3I.roa
File: 1-f1hu2otxqdu4jyEsUtAWDKDn3I.roa (raw, json)
Hash identifier: WnMra+pLBKLHpIaIbDxPshM+D9e9R+tp+wPoGl6NMgI=
Subject key identifier: F9:FD:61:BB:6A:2D:C6:A7:6E:E2:3C:84:B1:4B:40:58:32:83:9F:72
Certificate issuer: /CN=1360d57284bf127c28140e04b26a8f3e8bdef179
Certificate serial: 018CC6B7D2B0139BA83D7282EEBED3673426
Authority key identifier: 13:60:D5:72:84:BF:12:7C:28:14:0E:04:B2:6A:8F:3E:8B:DE:F1:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E2DVcoS_EnwoFA4EsmqPPove8Xk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/1-f1hu2otxqdu4jyEsUtAWDKDn3I.roa
Signing time: Mon 01 Jan 2024 20:29:44 +0000
ROA not before: Mon 01 Jan 2024 20:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20986
IP address blocks: 91.236.153.0/24 maxlen: 24
185.51.218.0/24 maxlen: 24
185.51.219.0/24 maxlen: 24
185.51.216.0/24 maxlen: 24
185.51.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/E2DVcoS_EnwoFA4EsmqPPove8Xk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/E2DVcoS_EnwoFA4EsmqPPove8Xk.mft
rsync://rpki.ripe.net/repository/DEFAULT/E2DVcoS_EnwoFA4EsmqPPove8Xk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 22:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:d2:b0:13:9b:a8:3d:72:82:ee:be:d3:67:34:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1360d57284bf127c28140e04b26a8f3e8bdef179
Validity
Not Before: Jan 1 20:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9fd61bb6a2dc6a76ee23c84b14b405832839f72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:2e:16:c5:b6:a5:39:17:12:55:82:fa:5e:d8:
96:75:fc:ca:8c:85:e5:62:68:26:bf:e8:ae:d0:a0:
07:98:16:70:ad:70:3d:71:e9:d7:5f:4d:73:37:0a:
1f:ad:14:bd:a4:ae:ca:5e:f7:7e:0e:cf:99:9c:9c:
40:7f:1b:f7:c6:c5:c7:9b:fe:07:44:57:21:e9:b0:
58:71:66:94:d4:35:05:c9:3a:7a:27:9a:cd:97:23:
a4:5c:c0:11:55:f5:86:67:59:aa:8b:73:ee:09:f9:
23:38:b5:c6:ed:b9:f6:e5:e7:fb:99:6e:41:ff:4b:
25:71:77:ca:d4:d1:71:57:d0:57:b8:95:c9:7e:10:
1b:21:e3:29:1e:17:07:78:4d:e8:b6:95:51:f5:89:
d8:53:67:32:4a:74:68:9b:0b:70:b8:23:41:21:1d:
1c:5d:d7:c3:07:25:fa:6d:39:99:44:97:55:54:d2:
31:99:a3:4f:04:bb:4b:1d:e1:44:d2:cc:b3:0b:18:
7b:3e:2d:5d:1a:d2:68:f7:83:17:67:f1:93:da:6d:
7f:6f:c5:58:47:23:83:b3:a5:b0:0a:39:63:d4:6d:
f6:19:36:2c:4e:36:72:35:63:57:86:2b:46:a2:5f:
75:2c:ff:4b:bb:7f:4e:c3:6f:83:7c:40:2d:7c:44:
9f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:FD:61:BB:6A:2D:C6:A7:6E:E2:3C:84:B1:4B:40:58:32:83:9F:72
X509v3 Authority Key Identifier:
keyid:13:60:D5:72:84:BF:12:7C:28:14:0E:04:B2:6A:8F:3E:8B:DE:F1:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E2DVcoS_EnwoFA4EsmqPPove8Xk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/1-f1hu2otxqdu4jyEsUtAWDKDn3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/E2DVcoS_EnwoFA4EsmqPPove8Xk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.153.0/24
185.51.216.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:98:21:96:03:b2:0a:dc:41:fe:94:52:9e:cf:63:27:aa:89:
9f:48:ad:fb:60:2a:b6:a6:9e:6b:14:2b:ea:33:f1:71:02:cb:
46:9b:64:60:0e:97:a4:21:2a:cb:e3:6e:db:c1:10:18:bf:c9:
d3:3a:2e:1b:0c:61:6f:43:f7:3f:06:74:1c:fc:bb:e0:98:72:
e4:6f:1d:c3:cc:a0:2a:7b:a3:f9:e7:cb:a9:69:f7:ce:fd:de:
c3:9a:44:69:2f:44:ad:b9:35:a6:96:4b:3b:22:db:e1:19:82:
be:1e:76:d4:98:0a:fe:c9:68:f4:2a:30:f7:73:5f:44:4f:b1:
e7:f1:04:2d:9a:0d:b4:53:a7:b8:07:0f:87:56:26:08:17:c0:
96:86:b4:04:0f:12:6b:96:d0:b6:57:df:f0:6c:77:67:6a:2c:
47:aa:0a:0b:9a:0c:5d:a6:50:11:b3:4b:c8:a9:d5:a5:27:df:
5f:4c:29:35:5b:6f:06:49:13:31:72:1a:e1:2b:ad:f7:80:b1:
d7:9d:6a:fc:20:e9:c9:4b:fb:c4:f2:e7:71:06:99:1b:a8:04:
89:a6:c7:c2:de:c5:ab:75:a5:3f:43:dc:59:c0:91:53:c1:84:
f8:4f:f2:ef:d1:b9:cd:79:7a:cf:f8:39:fd:37:20:88:e6:af:
c7:69:e5:84
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzGt9KwE5uoPXKC7r7TZzQmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNjBkNTcyODRiZjEyN2MyODE0MGUwNGIyNmE4ZjNlOGJk
ZWYxNzkwHhcNMjQwMTAxMjAyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWZkNjFiYjZhMmRjNmE3NmVlMjNjODRiMTRiNDA1ODMyODM5ZjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgS4WxbalORcSVYL6XtiWdfzKjIXl
Ymgmv+iu0KAHmBZwrXA9cenXX01zNwofrRS9pK7KXvd+Ds+ZnJxAfxv3xsXHm/4H
RFch6bBYcWaU1DUFyTp6J5rNlyOkXMARVfWGZ1mqi3PuCfkjOLXG7bn25ef7mW5B
/0slcXfK1NFxV9BXuJXJfhAbIeMpHhcHeE3otpVR9YnYU2cySnRomwtwuCNBIR0c
XdfDByX6bTmZRJdVVNIxmaNPBLtLHeFE0syzCxh7Pi1dGtJo94MXZ/GT2m1/b8VY
RyODs6WwCjlj1G32GTYsTjZyNWNXhitGol91LP9Lu39Ow2+DfEAtfESfIQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPn9YbtqLcanbuI8hLFLQFgyg59yMB8GA1UdIwQY
MBaAFBNg1XKEvxJ8KBQOBLJqjz6L3vF5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTJEVmNvU19FbndvRkE0RXNtcVBQb3ZlOFhrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy81YzU4MjEtZjM0Mi00NzdhLTllYjgt
YWNjMjg3OWY5ZjJlLzEvMS1mMWh1Mm90eHFkdTRqeUVzVXRBV0RLRG4zSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjcvNWM1ODIxLWYzNDItNDc3YS05ZWI4LWFjYzI4NzlmOWYy
ZS8xL0UyRFZjb1NfRW53b0ZBNEVzbXFQUG92ZThYay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFvsmQME
Arkz2DANBgkqhkiG9w0BAQsFAAOCAQEAvJghlgOyCtxB/pRSns9jJ6qJn0it+2Aq
tqaeaxQr6jPxcQLLRptkYA6XpCEqy+Nu28EQGL/J0zouGwxhb0P3PwZ0HPy74Jhy
5G8dw8ygKnuj+efLqWn3zv3ew5pEaS9Erbk1ppZLOyLb4RmCvh521JgK/slo9Cow
93NfRE+x5/EELZoNtFOnuAcPh1YmCBfAloa0BA8Sa5bQtlff8Gx3Z2osR6oKC5oM
XaZQEbNLyKnVpSffX0wpNVtvBkkTMXIa4Sut94Cx151q/CDpyUv7xPLncQaZG6gE
iabHwt7Fq3WlP0PcWcCRU8GE+E/y79G5zXl6z/g5/TcgiOavx2nlhA==
-----END CERTIFICATE-----
Generated at Sun May 26 07:02:22 2024 by rpki-client on console-fra.rpki-client.org