Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/AARgwg4WL8S4psOIZuvEMDfdKh0.roa
File: AARgwg4WL8S4psOIZuvEMDfdKh0.roa (raw, json)
Hash identifier: eHISdkJeeHjF07hd4tGeXYxukmgEvyrIbqCBPyK73Rc=
Subject key identifier: 00:04:60:C2:0E:16:2F:C4:B8:A6:C3:88:66:EB:C4:30:37:DD:2A:1D
Certificate issuer: /CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Certificate serial: 018CC425357F720C98A426F0A68D25B6D2DD
Authority key identifier: D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/AARgwg4WL8S4psOIZuvEMDfdKh0.roa
Signing time: Mon 01 Jan 2024 08:30:22 +0000
ROA not before: Mon 01 Jan 2024 08:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212337
IP address blocks: 91.220.171.0/24 maxlen: 24
185.106.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:02:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:35:7f:72:0c:98:a4:26:f0:a6:8d:25:b6:d2:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Validity
Not Before: Jan 1 08:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=000460c20e162fc4b8a6c38866ebc43037dd2a1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:37:fe:be:0e:c4:13:a5:0f:a8:fb:e9:20:69:
fa:a1:82:f6:50:6d:d9:6a:b0:3f:0a:21:84:c2:0c:
63:f1:29:db:3d:b3:f1:f7:bf:43:01:29:ac:48:c8:
e0:70:a8:18:6f:bd:fd:3a:fa:b0:2c:0c:49:4d:6b:
8b:70:a5:c9:e3:1e:b3:db:88:f5:ee:98:73:6c:34:
5d:39:29:9c:9e:92:52:d3:8f:b8:4f:5a:32:66:26:
82:fa:b0:1d:12:1f:3c:1c:fc:f0:c0:e6:d5:69:ef:
30:ad:cd:f1:78:1a:a8:e1:bd:ca:fe:fe:0f:e6:a4:
f3:94:ae:8d:92:c1:b5:88:d5:73:fc:14:3c:89:6f:
dc:c4:bc:f4:13:77:9d:f4:39:a2:c3:bc:28:e0:f9:
ef:8a:ee:b7:29:7f:2e:50:b0:bf:00:ea:de:d9:36:
92:b0:49:2c:c1:c8:b2:3b:ef:a8:41:ef:4d:60:8e:
47:75:26:bf:5d:74:39:bd:f4:fd:89:f7:22:e3:b4:
69:89:4d:ab:35:2d:d8:b1:0f:0d:64:2b:f7:5d:eb:
e9:22:0d:be:3b:a2:44:c7:c1:18:94:0b:03:b8:05:
dd:7f:b1:31:bf:2a:6b:db:fb:2d:2e:6a:cf:cb:94:
94:c7:fb:af:2e:de:46:a4:3f:50:36:a4:22:74:ae:
44:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:04:60:C2:0E:16:2F:C4:B8:A6:C3:88:66:EB:C4:30:37:DD:2A:1D
X509v3 Authority Key Identifier:
keyid:D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/AARgwg4WL8S4psOIZuvEMDfdKh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.171.0/24
185.106.37.0/24
Signature Algorithm: sha256WithRSAEncryption
57:93:3c:b7:73:1c:60:80:e2:61:3e:ae:72:93:3a:5c:dc:0c:
fe:95:e2:5f:7d:83:33:1c:0d:47:82:bf:34:94:54:cd:e2:1f:
07:5f:89:9e:e2:d6:f7:7c:43:3b:62:b7:00:06:83:b3:7f:4d:
50:57:44:ed:57:2a:e3:57:b2:8f:eb:c8:b9:06:78:86:16:eb:
a1:73:f8:42:fa:74:95:eb:7b:c9:c1:ea:86:02:02:2c:5d:bd:
19:30:5a:5b:20:2b:32:6e:bd:29:ad:8f:27:5f:d5:b4:ea:d3:
32:24:d0:7b:42:65:e7:d7:a6:0d:7a:27:a7:5f:c4:f3:e5:64:
53:ed:c5:69:81:bb:29:ae:d7:2f:b3:bf:8c:1d:99:f2:cc:ac:
23:f6:39:d8:80:48:10:33:b6:03:eb:8a:02:98:d3:1d:11:38:
51:2b:53:3a:5a:ce:c1:25:39:e7:37:e7:53:57:32:82:10:49:
8d:55:6d:1b:08:39:09:9b:27:d7:d0:b1:21:da:0c:a9:34:93:
a6:04:8e:d1:2b:69:15:19:23:84:a2:d3:03:de:c9:da:af:85:
d6:f3:de:d6:fa:06:75:f6:b3:7d:10:25:5d:fb:6a:c5:a7:65:
b6:d4:d7:f0:8c:b5:a8:4e:ea:4e:7c:0c:28:c4:60:9c:43:31:
a2:6a:90:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJTV/cgyYpCbwpo0lttLdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjAwY2JhZmQyNmZlZTUwNjRmYzg5ZjMwMWRmYzhlM2Mx
ZDNjYTUwHhcNMjQwMTAxMDgzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDA0NjBjMjBlMTYyZmM0YjhhNmMzODg2NmViYzQzMDM3ZGQyYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDf+vg7EE6UPqPvpIGn6oYL2UG3Z
arA/CiGEwgxj8SnbPbPx979DASmsSMjgcKgYb739OvqwLAxJTWuLcKXJ4x6z24j1
7phzbDRdOSmcnpJS04+4T1oyZiaC+rAdEh88HPzwwObVae8wrc3xeBqo4b3K/v4P
5qTzlK6NksG1iNVz/BQ8iW/cxLz0E3ed9Dmiw7wo4Pnviu63KX8uULC/AOre2TaS
sEkswciyO++oQe9NYI5HdSa/XXQ5vfT9ifci47RpiU2rNS3YsQ8NZCv3XevpIg2+
O6JEx8EYlAsDuAXdf7Exvypr2/stLmrPy5SUx/uvLt5GpD9QNqQidK5EdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAAEYMIOFi/EuKbDiGbrxDA33SodMB8GA1UdIwQY
MBaAFNNgDLr9Jv7lBk/InzAd/I48HTylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmIt
MWM2ODBhZGY3YTI2LzEvQUFSZ3dnNFdMOFM0cHNPSVp1dkVNRGZkS2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmItMWM2ODBhZGY3YTI2
LzEvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9yrAwQA
uWolMA0GCSqGSIb3DQEBCwUAA4IBAQBXkzy3cxxggOJhPq5ykzpc3Az+leJffYMz
HA1Hgr80lFTN4h8HX4me4tb3fEM7YrcABoOzf01QV0TtVyrjV7KP68i5BniGFuuh
c/hC+nSV63vJweqGAgIsXb0ZMFpbICsybr0prY8nX9W06tMyJNB7QmXn16YNeien
X8Tz5WRT7cVpgbsprtcvs7+MHZnyzKwj9jnYgEgQM7YD64oCmNMdEThRK1M6Ws7B
JTnnN+dTVzKCEEmNVW0bCDkJmyfX0LEh2gypNJOmBI7RK2kVGSOEotMD3snar4XW
897W+gZ19rN9ECVd+2rFp2W21NfwjLWoTupOfAwoxGCcQzGiapCj
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:45:42 2024 by rpki-client on console-fra.rpki-client.org