Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/ulJn4VKnfkW4x6ZBjilHc8i16TA.roa
File: ulJn4VKnfkW4x6ZBjilHc8i16TA.roa (raw, json)
Hash identifier: zvpYmEi1o2X2WHW5VGQoJfrhKyZPU5KIXfH1x/jKiFA=
Subject key identifier: BA:52:67:E1:52:A7:7E:45:B8:C7:A6:41:8E:29:47:73:C8:B5:E9:30
Certificate issuer: /CN=712f2269d15633bdbc71d8cd3f458cbd03fe031f
Certificate serial: 018F46BF5A159C5336F01804A4B3893521DD
Authority key identifier: 71:2F:22:69:D1:56:33:BD:BC:71:D8:CD:3F:45:8C:BD:03:FE:03:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cS8iadFWM728cdjNP0WMvQP-Ax8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/ulJn4VKnfkW4x6ZBjilHc8i16TA.roa
Signing time: Sun 05 May 2024 03:14:56 +0000
ROA not before: Sun 05 May 2024 03:14:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212616
IP address blocks: 91.230.48.0/24 maxlen: 24
93.175.32.0/19 maxlen: 24
176.97.214.0/24 maxlen: 24
2a0e:5b00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/cS8iadFWM728cdjNP0WMvQP-Ax8.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/cS8iadFWM728cdjNP0WMvQP-Ax8.mft
rsync://rpki.ripe.net/repository/DEFAULT/cS8iadFWM728cdjNP0WMvQP-Ax8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jul 2024 20:41:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:46:bf:5a:15:9c:53:36:f0:18:04:a4:b3:89:35:21:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=712f2269d15633bdbc71d8cd3f458cbd03fe031f
Validity
Not Before: May 5 03:14:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba5267e152a77e45b8c7a6418e294773c8b5e930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e6:54:ac:f1:76:bc:42:b2:b6:58:85:4f:0c:
9a:73:ac:02:95:3a:dc:1b:db:17:bf:21:95:a5:a5:
f0:a9:28:54:71:1d:cb:1a:80:b5:45:73:df:2a:7c:
ff:b0:5f:13:27:b1:ff:1e:ac:cc:0f:ba:99:32:58:
38:04:c3:a0:c8:aa:d6:8c:fc:ca:d5:5e:d3:99:f0:
99:1c:dc:38:2f:07:d4:28:a7:97:8b:14:74:63:1e:
c3:46:31:1b:8b:4f:3b:6d:ae:c9:de:34:ab:82:8d:
0a:15:9d:6a:6e:63:30:86:10:f9:a0:41:13:4a:29:
bc:a6:26:75:8a:8b:5b:1a:00:75:99:e7:38:e0:52:
a4:f9:dd:ab:17:1a:0f:e6:60:3c:7b:f5:94:fc:00:
85:b1:a2:98:a9:f8:eb:6e:d7:39:41:b2:00:6a:a0:
9d:91:b0:7b:ab:10:93:94:36:81:91:af:b4:e3:b2:
0b:54:10:6b:4d:36:6c:b8:4c:1c:25:7f:99:7d:a6:
d8:0d:ae:92:00:df:24:c6:bf:5e:fa:5f:e7:8f:4e:
09:11:c2:b6:b1:85:c4:5c:05:e4:b8:ca:50:ac:9c:
d8:5c:bb:75:b5:76:45:05:c8:48:4a:12:1e:80:e8:
8a:4a:79:c3:39:d1:26:f5:86:64:a4:fc:e3:a8:b3:
69:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:52:67:E1:52:A7:7E:45:B8:C7:A6:41:8E:29:47:73:C8:B5:E9:30
X509v3 Authority Key Identifier:
keyid:71:2F:22:69:D1:56:33:BD:BC:71:D8:CD:3F:45:8C:BD:03:FE:03:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cS8iadFWM728cdjNP0WMvQP-Ax8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/ulJn4VKnfkW4x6ZBjilHc8i16TA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/cS8iadFWM728cdjNP0WMvQP-Ax8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.48.0/24
93.175.32.0/19
176.97.214.0/24
IPv6:
2a0e:5b00::/29
Signature Algorithm: sha256WithRSAEncryption
8c:e3:dc:c6:d8:0a:36:92:2e:8f:e0:42:49:04:0a:df:5a:dd:
95:a3:0f:38:c9:4e:16:66:7b:aa:22:14:cf:6d:57:79:fc:04:
2f:28:4a:7a:da:a1:f6:66:2a:df:27:a9:fb:00:bd:00:29:76:
a4:0e:c9:2c:13:15:82:5e:95:d8:5b:7e:6e:96:56:d5:98:d2:
7e:99:90:35:c1:53:11:96:e9:42:f3:ff:b4:1f:15:73:ae:bf:
e0:3a:16:cc:af:81:67:a2:ba:a2:41:d9:eb:f4:49:30:a9:93:
c4:e2:17:59:b0:f9:6f:7c:31:fe:32:c2:8f:b4:c6:ef:2b:e6:
aa:db:09:89:b2:e3:5f:38:c2:22:4c:a6:de:07:5b:b6:49:0c:
7a:c4:91:21:7c:c3:81:5e:6b:55:ed:00:41:ad:ae:a0:0b:c4:
c7:8d:80:de:79:19:4e:36:36:23:56:95:31:b0:c5:24:75:43:
85:d7:7c:fa:17:ca:10:be:48:ca:65:35:a1:27:5a:46:60:ae:
86:1e:bd:9d:55:fa:b1:12:43:c7:96:da:b4:b9:46:b7:cc:c7:
c2:16:39:46:c9:fa:7b:68:ba:6e:06:fd:43:a0:3a:68:8e:a0:
9f:91:d0:3e:8e:5b:e4:ee:80:5c:ed:0f:6c:fc:14:e3:a3:57:
a5:7e:8f:26
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY9Gv1oVnFM28BgEpLOJNSHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMmYyMjY5ZDE1NjMzYmRiYzcxZDhjZDNmNDU4Y2JkMDNm
ZTAzMWYwHhcNMjQwNTA1MDMxNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTUyNjdlMTUyYTc3ZTQ1YjhjN2E2NDE4ZTI5NDc3M2M4YjVlOTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0uZUrPF2vEKytliFTwyac6wClTrc
G9sXvyGVpaXwqShUcR3LGoC1RXPfKnz/sF8TJ7H/HqzMD7qZMlg4BMOgyKrWjPzK
1V7TmfCZHNw4LwfUKKeXixR0Yx7DRjEbi087ba7J3jSrgo0KFZ1qbmMwhhD5oEET
Sim8piZ1iotbGgB1mec44FKk+d2rFxoP5mA8e/WU/ACFsaKYqfjrbtc5QbIAaqCd
kbB7qxCTlDaBka+047ILVBBrTTZsuEwcJX+ZfabYDa6SAN8kxr9e+l/nj04JEcK2
sYXEXAXkuMpQrJzYXLt1tXZFBchIShIegOiKSnnDOdEm9YZkpPzjqLNpxQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLpSZ+FSp35FuMemQY4pR3PItekwMB8GA1UdIwQY
MBaAFHEvImnRVjO9vHHYzT9FjL0D/gMfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1M4aWFkRldNNzI4Y2RqTlAwV012UVAtQXg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lNjM3M2MtNTNjZC00ZmQ1LWE0MzUt
ZDE4YmFiOTUxNWJmLzEvdWxKbjRWS25ma1c0eDZaQmppbEhjOGkxNlRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lNjM3M2MtNTNjZC00ZmQ1LWE0MzUtZDE4YmFiOTUxNWJm
LzEvY1M4aWFkRldNNzI4Y2RqTlAwV012UVAtQXg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW+YwAwQF
Xa8gAwQAsGHWMA0EAgACMAcDBQMqDlsAMA0GCSqGSIb3DQEBCwUAA4IBAQCM49zG
2Ao2ki6P4EJJBArfWt2Vow84yU4WZnuqIhTPbVd5/AQvKEp62qH2ZirfJ6n7AL0A
KXakDsksExWCXpXYW35ullbVmNJ+mZA1wVMRlulC8/+0HxVzrr/gOhbMr4Fnorqi
Qdnr9EkwqZPE4hdZsPlvfDH+MsKPtMbvK+aq2wmJsuNfOMIiTKbeB1u2SQx6xJEh
fMOBXmtV7QBBra6gC8THjYDeeRlONjYjVpUxsMUkdUOF13z6F8oQvkjKZTWhJ1pG
YK6GHr2dVfqxEkPHltq0uUa3zMfCFjlGyfp7aLpuBv1DoDpojqCfkdA+jlvk7oBc
7Q9s/BTjo1elfo8m
-----END CERTIFICATE-----
Generated at Wed Jul 3 01:25:06 2024 by rpki-client on console-ams.rpki-client.org