Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a76445-198a-4f85-bbf8-66cca81e6c07/1/yPt4j3qtTnzdZ6BX7sukcKzhVEI.roa
File: yPt4j3qtTnzdZ6BX7sukcKzhVEI.roa (raw, json)
Hash identifier: ugs4m91RC2kNqS3HaQgvAXipuwQNrGWMDZR+FOOrkQo=
Subject key identifier: C8:FB:78:8F:7A:AD:4E:7C:DD:67:A0:57:EE:CB:A4:70:AC:E1:54:42
Certificate issuer: /CN=f4ac99d77a7a1c84dd47f43bb72051aa73b1aad6
Certificate serial: 018CC49379C22EAC455B25E333800F86A1F9
Authority key identifier: F4:AC:99:D7:7A:7A:1C:84:DD:47:F4:3B:B7:20:51:AA:73:B1:AA:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9KyZ13p6HITdR_Q7tyBRqnOxqtY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a76445-198a-4f85-bbf8-66cca81e6c07/1/yPt4j3qtTnzdZ6BX7sukcKzhVEI.roa
Signing time: Mon 01 Jan 2024 10:30:48 +0000
ROA not before: Mon 01 Jan 2024 10:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203015
IP address blocks: 91.213.103.0/24 maxlen: 24
194.50.33.0/24 maxlen: 24
193.23.178.0/24 maxlen: 24
193.23.177.0/24 maxlen: 24
193.23.176.0/24 maxlen: 24
2a0c:82c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/a76445-198a-4f85-bbf8-66cca81e6c07/1/9KyZ13p6HITdR_Q7tyBRqnOxqtY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/a76445-198a-4f85-bbf8-66cca81e6c07/1/9KyZ13p6HITdR_Q7tyBRqnOxqtY.mft
rsync://rpki.ripe.net/repository/DEFAULT/9KyZ13p6HITdR_Q7tyBRqnOxqtY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 13:02:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:79:c2:2e:ac:45:5b:25:e3:33:80:0f:86:a1:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4ac99d77a7a1c84dd47f43bb72051aa73b1aad6
Validity
Not Before: Jan 1 10:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8fb788f7aad4e7cdd67a057eecba470ace15442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:69:d8:5a:bb:6c:1f:3c:fe:20:0c:e8:ad:b3:
81:7a:f0:be:d2:e2:b7:5a:a7:99:73:93:ce:d0:dc:
b2:9c:7a:95:b1:a4:4b:b3:84:97:20:a7:fb:49:13:
a8:72:ee:54:c6:5b:9a:89:d6:4b:26:16:39:19:61:
c9:dd:ca:98:96:16:32:65:02:92:c2:c3:dc:f0:29:
14:a4:b3:28:86:27:15:42:d4:e0:7c:44:ab:da:c2:
6c:79:ea:8a:6d:96:73:9b:d7:db:f4:c0:5b:b4:13:
cc:76:4b:ca:a1:84:d4:77:94:79:e1:d3:71:8a:49:
c6:34:a3:57:30:6d:e9:63:15:b1:79:49:e5:37:f2:
45:c3:ac:f5:ac:84:16:4e:66:b4:d3:e8:c0:7b:0e:
78:a3:b2:33:11:9b:92:63:3f:89:87:ea:58:80:82:
8f:30:b8:d8:b0:dd:dd:96:ed:99:ce:24:86:e5:e1:
8c:c2:83:43:fe:dc:06:cd:76:59:ab:e4:96:c4:b0:
f5:b7:ee:8b:14:36:29:66:29:5e:83:e2:66:80:29:
ba:0b:5c:2f:fa:b7:a6:51:ee:90:b8:be:64:86:d5:
4d:43:4d:76:69:9c:33:c5:2f:19:d4:c5:eb:86:1c:
34:63:9a:b3:15:d6:f1:3d:07:a7:7a:07:e8:0e:03:
40:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:FB:78:8F:7A:AD:4E:7C:DD:67:A0:57:EE:CB:A4:70:AC:E1:54:42
X509v3 Authority Key Identifier:
keyid:F4:AC:99:D7:7A:7A:1C:84:DD:47:F4:3B:B7:20:51:AA:73:B1:AA:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9KyZ13p6HITdR_Q7tyBRqnOxqtY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a76445-198a-4f85-bbf8-66cca81e6c07/1/yPt4j3qtTnzdZ6BX7sukcKzhVEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a76445-198a-4f85-bbf8-66cca81e6c07/1/9KyZ13p6HITdR_Q7tyBRqnOxqtY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.103.0/24
193.23.176.0-193.23.178.255
194.50.33.0/24
IPv6:
2a0c:82c0::/29
Signature Algorithm: sha256WithRSAEncryption
90:9f:95:22:8c:8a:17:9e:ce:52:2f:f2:aa:14:35:e8:f4:3c:
c0:f7:b9:20:a3:89:b6:2d:66:f0:a6:d1:a2:fd:42:3f:c5:53:
37:a3:b9:52:30:73:48:52:a0:93:c9:6b:e3:df:9f:a9:8b:eb:
21:f8:f1:33:bc:61:d2:e6:b3:7b:d4:3c:96:95:ab:3d:68:89:
73:d6:77:a5:ef:e9:bc:0f:54:06:75:ce:84:b0:95:9e:d4:4e:
73:81:57:f7:f2:6e:5d:a5:b6:57:f9:8b:39:09:ce:5a:4f:ed:
2d:3d:b2:99:3f:89:47:7e:15:f2:4e:81:c2:1e:15:a4:9b:0f:
14:ad:89:ac:f9:75:71:b6:57:6d:72:d4:88:61:f5:e0:9b:82:
bf:1c:a1:18:38:48:f7:93:95:8c:82:0d:de:e0:7e:2c:c8:51:
59:cc:9d:c4:e1:3d:2f:dc:38:c4:ce:12:65:48:11:97:c8:65:
06:9a:2e:0d:43:20:86:86:3d:15:78:56:25:90:2c:9c:8a:bb:
8e:33:75:de:36:f2:04:a6:75:d2:47:ca:6d:23:99:62:fb:82:
f4:e9:4d:2f:b5:ff:c1:0e:6e:f7:51:a5:c5:3f:60:4d:05:8f:
77:6d:d2:da:1c:a4:3d:e5:9f:b9:be:4d:3e:e6:bc:8d:bc:ce:
40:a4:6f:d9
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzEk3nCLqxFWyXjM4APhqH5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YWM5OWQ3N2E3YTFjODRkZDQ3ZjQzYmI3MjA1MWFhNzNi
MWFhZDYwHhcNMjQwMTAxMTAzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGZiNzg4ZjdhYWQ0ZTdjZGQ2N2EwNTdlZWNiYTQ3MGFjZTE1NDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2nYWrtsHzz+IAzorbOBevC+0uK3
WqeZc5PO0NyynHqVsaRLs4SXIKf7SROocu5UxluaidZLJhY5GWHJ3cqYlhYyZQKS
wsPc8CkUpLMohicVQtTgfESr2sJseeqKbZZzm9fb9MBbtBPMdkvKoYTUd5R54dNx
iknGNKNXMG3pYxWxeUnlN/JFw6z1rIQWTma00+jAew54o7IzEZuSYz+Jh+pYgIKP
MLjYsN3dlu2ZziSG5eGMwoND/twGzXZZq+SWxLD1t+6LFDYpZileg+JmgCm6C1wv
+remUe6QuL5khtVNQ012aZwzxS8Z1MXrhhw0Y5qzFdbxPQenegfoDgNAPwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFMj7eI96rU583WegV+7LpHCs4VRCMB8GA1UdIwQY
MBaAFPSsmdd6ehyE3Uf0O7cgUapzsarWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUt5WjEzcDZISVRkUl9RN3R5QlJxbk94cXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hNzY0NDUtMTk4YS00Zjg1LWJiZjgt
NjZjY2E4MWU2YzA3LzEveVB0NGozcXRUbnpkWjZCWDdzdWtjS3poVkVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hNzY0NDUtMTk4YS00Zjg1LWJiZjgtNjZjY2E4MWU2YzA3
LzEvOUt5WjEzcDZISVRkUl9RN3R5QlJxbk94cXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQAW9VnMAwD
BATBF7ADBADBF7IDBADCMiEwDQQCAAIwBwMFAyoMgsAwDQYJKoZIhvcNAQELBQAD
ggEBAJCflSKMiheezlIv8qoUNej0PMD3uSCjibYtZvCm0aL9Qj/FUzejuVIwc0hS
oJPJa+Pfn6mL6yH48TO8YdLms3vUPJaVqz1oiXPWd6Xv6bwPVAZ1zoSwlZ7UTnOB
V/fybl2ltlf5izkJzlpP7S09spk/iUd+FfJOgcIeFaSbDxStiaz5dXG2V21y1Ihh
9eCbgr8coRg4SPeTlYyCDd7gfizIUVnMncThPS/cOMTOEmVIEZfIZQaaLg1DIIaG
PRV4ViWQLJyKu44zdd428gSmddJHym0jmWL7gvTpTS+1/8EObvdRpcU/YE0Fj3dt
0tocpD3ln7m+TT7mvI28zkCkb9k=
-----END CERTIFICATE-----
Generated at Tue May 28 21:19:27 2024 by rpki-client on console-ams.rpki-client.org