Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/plxWlbx4VCcM0_otpK3J7UUs8oA.roa
File: plxWlbx4VCcM0_otpK3J7UUs8oA.roa (raw, json)
Hash identifier: z5BCIqaoF7iFlrIYe4lniJVO/toHvwmRQZoMOjCjQUY=
Subject key identifier: A6:5C:56:95:BC:78:54:27:0C:D3:FA:2D:A4:AD:C9:ED:45:2C:F2:80
Certificate issuer: /CN=db239685409f64ba1c3a54a8ef141c924e71d892
Certificate serial: 018CC795453BA97847AE4230C89ADAB5414D
Authority key identifier: DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/plxWlbx4VCcM0_otpK3J7UUs8oA.roa
Signing time: Tue 02 Jan 2024 00:31:37 +0000
ROA not before: Tue 02 Jan 2024 00:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47841
IP address blocks: 91.208.181.0/24 maxlen: 24
146.185.40.0/21 maxlen: 21
185.65.112.0/22 maxlen: 22
95.131.136.0/21 maxlen: 21
2a02:c70::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 10:04:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:45:3b:a9:78:47:ae:42:30:c8:9a:da:b5:41:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db239685409f64ba1c3a54a8ef141c924e71d892
Validity
Not Before: Jan 2 00:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a65c5695bc7854270cd3fa2da4adc9ed452cf280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:87:10:88:58:1f:62:03:8c:c1:4c:50:4e:3b:
09:81:cb:59:ee:34:b2:cd:fb:27:3d:e9:9b:dc:29:
3d:9e:f7:fd:27:72:7f:e4:42:22:b9:97:fb:00:53:
5a:6c:6b:b9:bb:05:09:14:34:2f:92:df:f7:41:a4:
60:88:1e:16:11:cf:26:b3:d6:da:4a:b0:34:0a:c6:
40:41:e3:89:2a:68:79:b9:95:47:90:c8:01:6e:d0:
65:f0:23:de:5a:7a:43:68:10:32:5d:b9:de:ee:ec:
80:34:65:f7:bf:2d:e3:60:50:84:bd:17:8e:4b:72:
00:46:0a:ea:d6:8b:26:ab:8b:25:d3:91:82:b4:3a:
75:df:cc:d2:1c:ec:a7:41:70:48:e1:78:d8:d2:76:
d7:1a:7f:cd:0b:f5:6d:24:46:44:45:0b:da:34:ff:
06:6f:63:bf:73:93:46:07:d7:fc:0c:49:b7:1d:4e:
aa:0a:c1:4e:ce:29:c5:86:c8:f5:d6:e9:35:eb:ea:
32:3d:d5:e6:de:d4:13:71:c6:de:dc:62:f3:d2:2c:
1d:62:9a:83:61:b9:09:dc:a5:9c:bb:b1:31:24:90:
4e:0e:62:64:b9:b8:44:e0:f4:d2:9a:f5:45:fc:0a:
2e:3d:3e:24:f2:1a:48:f5:35:e9:0a:41:f5:da:76:
df:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:5C:56:95:BC:78:54:27:0C:D3:FA:2D:A4:AD:C9:ED:45:2C:F2:80
X509v3 Authority Key Identifier:
keyid:DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/plxWlbx4VCcM0_otpK3J7UUs8oA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.181.0/24
95.131.136.0/21
146.185.40.0/21
185.65.112.0/22
IPv6:
2a02:c70::/32
Signature Algorithm: sha256WithRSAEncryption
ac:04:96:2e:7d:b4:3e:ea:ba:ed:39:1e:4d:fe:ac:d5:4b:a8:
f8:e5:bf:24:cb:9a:f9:90:65:23:0f:36:df:67:f7:31:df:c4:
a9:18:a2:7f:af:35:9f:3f:3e:27:95:aa:8f:6f:4c:44:8c:34:
34:96:0a:57:bb:cf:7b:b6:fb:6c:60:a9:96:dc:fd:88:f9:08:
98:1f:48:62:fd:32:ce:09:41:48:32:06:4d:66:ff:ce:1c:21:
0a:3e:44:0b:f7:fc:3f:ef:40:60:da:6f:56:54:bc:4a:1e:96:
31:03:b7:a6:97:b9:9d:89:cf:7e:ed:fc:47:db:9d:11:b9:79:
20:14:4e:eb:f7:c8:fb:2f:ba:5e:b5:35:34:91:69:11:57:11:
01:b9:22:61:d2:b1:8b:44:f6:21:56:34:2e:73:1c:e6:62:7e:
87:88:c9:60:1d:45:56:6a:80:e2:72:2f:c7:29:83:0f:40:d0:
69:42:26:9b:26:48:58:49:8e:be:65:f8:aa:0f:0f:94:e8:63:
81:49:d1:7a:e5:8a:eb:e9:a7:9c:5c:e9:c5:e2:f6:db:76:34:
49:6e:f8:de:c7:a5:46:7d:d3:f0:e0:a3:31:f9:e7:69:37:c8:
a0:8c:ab:9e:03:98:cc:fa:17:f7:da:96:70:bb:3d:d8:6a:da:
06:5c:df:bc
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzHlUU7qXhHrkIwyJratUFNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjM5Njg1NDA5ZjY0YmExYzNhNTRhOGVmMTQxYzkyNGU3
MWQ4OTIwHhcNMjQwMTAyMDAzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjVjNTY5NWJjNzg1NDI3MGNkM2ZhMmRhNGFkYzllZDQ1MmNmMjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4cQiFgfYgOMwUxQTjsJgctZ7jSy
zfsnPemb3Ck9nvf9J3J/5EIiuZf7AFNabGu5uwUJFDQvkt/3QaRgiB4WEc8ms9ba
SrA0CsZAQeOJKmh5uZVHkMgBbtBl8CPeWnpDaBAyXbne7uyANGX3vy3jYFCEvReO
S3IARgrq1osmq4sl05GCtDp138zSHOynQXBI4XjY0nbXGn/NC/VtJEZERQvaNP8G
b2O/c5NGB9f8DEm3HU6qCsFOzinFhsj11uk16+oyPdXm3tQTccbe3GLz0iwdYpqD
YbkJ3KWcu7ExJJBODmJkubhE4PTSmvVF/AouPT4k8hpI9TXpCkH12nbfEwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKZcVpW8eFQnDNP6LaStye1FLPKAMB8GA1UdIwQY
MBaAFNsjloVAn2S6HDpUqO8UHJJOcdiSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmIt
MmVmNDQ3ZTFiMDhjLzEvcGx4V2xieDRWQ2NNMF9vdHBLM0o3VVVzOG9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmItMmVmNDQ3ZTFiMDhj
LzEvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9C1AwQD
X4OIAwQDkrkoAwQCuUFwMA0EAgACMAcDBQAqAgxwMA0GCSqGSIb3DQEBCwUAA4IB
AQCsBJYufbQ+6rrtOR5N/qzVS6j45b8ky5r5kGUjDzbfZ/cx38SpGKJ/rzWfPz4n
laqPb0xEjDQ0lgpXu897tvtsYKmW3P2I+QiYH0hi/TLOCUFIMgZNZv/OHCEKPkQL
9/w/70Bg2m9WVLxKHpYxA7eml7mdic9+7fxH250RuXkgFE7r98j7L7petTU0kWkR
VxEBuSJh0rGLRPYhVjQucxzmYn6HiMlgHUVWaoDici/HKYMPQNBpQiabJkhYSY6+
ZfiqDw+U6GOBSdF65Yrr6aecXOnF4vbbdjRJbvjex6VGfdPw4KMx+edpN8igjKue
A5jM+hf32pZwuz3YatoGXN+8
-----END CERTIFICATE-----
Generated at Sun May 12 16:29:41 2024 by rpki-client on console-ams.rpki-client.org