Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/AS3jK8p-lMJqKw-owCLt3dCeN5M.roa
File: AS3jK8p-lMJqKw-owCLt3dCeN5M.roa (raw, json)
Hash identifier: uZQSshl6HvA3cXgwwSDubb5fssF1ZD8G3oAgGy24P7o=
Subject key identifier: 01:2D:E3:2B:CA:7E:94:C2:6A:2B:0F:A8:C0:22:ED:DD:D0:9E:37:93
Certificate issuer: /CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Certificate serial: 018CC9BC0EDBAA52E25E525783CA8C66CE81
Authority key identifier: C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/AS3jK8p-lMJqKw-owCLt3dCeN5M.roa
Signing time: Tue 02 Jan 2024 10:33:14 +0000
ROA not before: Tue 02 Jan 2024 10:33:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209372
IP address blocks: 91.108.216.0/22 maxlen: 22
91.108.224.0/24 maxlen: 24
91.108.224.0/19 maxlen: 24
91.108.220.0/22 maxlen: 22
91.108.238.0/24 maxlen: 24
91.108.236.0/24 maxlen: 24
91.108.255.0/24 maxlen: 24
91.108.192.0/24 maxlen: 24
91.108.196.0/22 maxlen: 22
91.108.195.0/24 maxlen: 24
91.108.193.0/24 maxlen: 24
91.108.194.0/24 maxlen: 24
91.108.204.0/22 maxlen: 22
91.108.200.0/22 maxlen: 22
91.108.208.0/24 maxlen: 24
91.108.208.0/22 maxlen: 22
91.108.212.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 15:21:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:0e:db:aa:52:e2:5e:52:57:83:ca:8c:66:ce:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Validity
Not Before: Jan 2 10:33:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=012de32bca7e94c26a2b0fa8c022edddd09e3793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:be:b5:26:67:87:26:4c:11:9f:85:93:af:bc:
29:dc:ea:27:f5:b2:79:7a:10:e3:6f:e8:b1:29:b5:
d2:a5:f7:2a:61:9a:7f:36:7e:e8:ab:7c:c4:da:dd:
7e:1e:8d:f2:a1:6f:9a:e0:9c:48:ce:d7:dc:59:17:
21:d8:01:2d:86:3a:67:b9:c0:b0:13:a4:ba:c9:65:
6d:32:72:ec:0e:0c:89:3e:0a:a6:56:2a:6f:3b:d6:
86:62:d5:15:06:2d:ab:61:94:6f:af:2e:ba:50:6e:
ec:11:6c:2c:86:88:23:f2:4e:10:1d:a9:9d:e2:67:
61:59:e5:21:0d:17:53:06:2b:e2:ea:c0:76:31:16:
b8:45:41:d2:d4:7b:b6:08:d0:3e:6a:e7:74:e1:a2:
c1:99:90:b7:b7:bd:90:53:68:a0:48:57:71:9e:2a:
ba:31:a3:39:ec:8a:93:be:71:59:67:01:e6:63:44:
3d:c7:f3:56:c7:98:f0:c1:10:07:bd:ef:65:e0:f7:
32:86:e7:a3:e3:01:8c:f8:a6:bf:e4:1b:75:dd:6f:
fc:73:6a:19:66:05:c0:a3:f9:e3:17:6e:02:e6:cb:
a8:1d:d4:aa:07:70:e0:9f:23:fe:83:a4:0e:30:6b:
09:4c:dd:0c:c9:a6:82:91:08:52:fc:7b:b2:c6:86:
38:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:2D:E3:2B:CA:7E:94:C2:6A:2B:0F:A8:C0:22:ED:DD:D0:9E:37:93
X509v3 Authority Key Identifier:
keyid:C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/AS3jK8p-lMJqKw-owCLt3dCeN5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.192.0/18
Signature Algorithm: sha256WithRSAEncryption
02:66:00:fd:1d:58:f7:1c:a3:af:7a:46:46:59:f6:a2:9a:32:
ac:f9:21:d3:ca:de:5e:c3:c3:80:e0:a8:d6:d7:ea:9c:d5:1b:
83:0e:63:8e:e2:b9:02:18:74:a4:f8:63:3b:0e:1e:9d:3c:21:
44:ae:b3:29:33:95:bc:96:bd:4b:1a:71:1d:69:eb:99:2c:db:
a7:f0:a4:26:f2:6a:d2:ce:2b:cc:51:34:4b:b6:8b:ce:43:0a:
ac:8e:61:c3:1a:06:d8:a2:14:b2:da:96:b2:5c:aa:ea:24:29:
77:6b:36:94:c6:31:a0:85:18:d4:f9:2d:ca:73:7f:d3:e3:28:
34:cd:e3:94:4c:68:7c:68:51:6c:a3:09:1f:06:bc:5a:a1:ff:
d5:bb:e8:ef:8b:4a:a8:41:fd:10:81:99:c6:28:9c:5c:75:5e:
81:a2:44:c4:32:09:fa:91:1c:65:90:94:64:93:09:89:0e:7f:
b3:60:1e:67:b4:f4:40:7b:be:0a:8a:6d:c0:4f:12:e3:b0:1f:
0f:ad:39:ab:7a:53:60:5f:b8:4d:01:58:eb:1b:7d:d7:28:41:
20:e6:67:f7:56:e3:98:83:0a:dd:12:b3:84:8e:7c:c7:23:9f:
e7:b0:a0:cf:e8:9d:5e:ef:18:57:fd:68:f2:5d:6e:2b:d5:b2:
d0:a9:84:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvA7bqlLiXlJXg8qMZs6BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWU0NTQyNmUxMmU1MGZlMzBlOGZmYzM5ZTA0NDg1ZDhm
NzMzMzkwHhcNMjQwMTAyMTAzMzE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTJkZTMyYmNhN2U5NGMyNmEyYjBmYThjMDIyZWRkZGQwOWUzNzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsb61JmeHJkwRn4WTr7wp3Oon9bJ5
ehDjb+ixKbXSpfcqYZp/Nn7oq3zE2t1+Ho3yoW+a4JxIztfcWRch2AEthjpnucCw
E6S6yWVtMnLsDgyJPgqmVipvO9aGYtUVBi2rYZRvry66UG7sEWwshogj8k4QHamd
4mdhWeUhDRdTBivi6sB2MRa4RUHS1Hu2CNA+aud04aLBmZC3t72QU2igSFdxniq6
MaM57IqTvnFZZwHmY0Q9x/NWx5jwwRAHve9l4Pcyhuej4wGM+Ka/5Bt13W/8c2oZ
ZgXAo/njF24C5suoHdSqB3DgnyP+g6QOMGsJTN0MyaaCkQhS/HuyxoY4EQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAEt4yvKfpTCaisPqMAi7d3QnjeTMB8GA1UdIwQY
MBaAFMLuRUJuEuUP4w6P/DngRIXY9zM5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUt
ZGE3NTQzMGIxNmY2LzEvQVMzaks4cC1sTUpxS3ctb3dDTHQzZENlTjVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUtZGE3NTQzMGIxNmY2
LzEvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGW2zAMA0G
CSqGSIb3DQEBCwUAA4IBAQACZgD9HVj3HKOvekZGWfaimjKs+SHTyt5ew8OA4KjW
1+qc1RuDDmOO4rkCGHSk+GM7Dh6dPCFErrMpM5W8lr1LGnEdaeuZLNun8KQm8mrS
zivMUTRLtovOQwqsjmHDGgbYohSy2payXKrqJCl3azaUxjGghRjU+S3Kc3/T4yg0
zeOUTGh8aFFsowkfBrxaof/Vu+jvi0qoQf0QgZnGKJxcdV6BokTEMgn6kRxlkJRk
kwmJDn+zYB5ntPRAe74Kim3ATxLjsB8PrTmrelNgX7hNAVjrG33XKEEg5mf3VuOY
gwrdErOEjnzHI5/nsKDP6J1e7xhX/WjyXW4r1bLQqYSw
-----END CERTIFICATE-----
Generated at Thu May 9 21:32:55 2024 by rpki-client on console-fra.rpki-client.org