Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a9fcc9-67b2-44d6-b566-100f84fe950c/1/pGwgjjNX-noWFb6O8Z27W3nr6Ho.roa
File: pGwgjjNX-noWFb6O8Z27W3nr6Ho.roa (raw, json)
Hash identifier: CMvL+Cun+hnulv/8owl5aKHqpmVeGRnjkdPwgRM0loM=
Subject key identifier: A4:6C:20:8E:33:57:FA:7A:16:15:BE:8E:F1:9D:BB:5B:79:EB:E8:7A
Certificate issuer: /CN=f50b6b425600a25a6dc132de514797e2aa4b0247
Certificate serial: 018CC7271719C0A9DE3081410B575CA9F7B8
Authority key identifier: F5:0B:6B:42:56:00:A2:5A:6D:C1:32:DE:51:47:97:E2:AA:4B:02:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9QtrQlYAolptwTLeUUeX4qpLAkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a9fcc9-67b2-44d6-b566-100f84fe950c/1/pGwgjjNX-noWFb6O8Z27W3nr6Ho.roa
Signing time: Mon 01 Jan 2024 22:31:16 +0000
ROA not before: Mon 01 Jan 2024 22:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199743
IP address blocks: 185.48.68.0/22 maxlen: 28
91.217.210.0/24 maxlen: 24
2a01:9660:19::/48 maxlen: 48
2a01:9660::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/a9fcc9-67b2-44d6-b566-100f84fe950c/1/9QtrQlYAolptwTLeUUeX4qpLAkc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/a9fcc9-67b2-44d6-b566-100f84fe950c/1/9QtrQlYAolptwTLeUUeX4qpLAkc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9QtrQlYAolptwTLeUUeX4qpLAkc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:17:19:c0:a9:de:30:81:41:0b:57:5c:a9:f7:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f50b6b425600a25a6dc132de514797e2aa4b0247
Validity
Not Before: Jan 1 22:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a46c208e3357fa7a1615be8ef19dbb5b79ebe87a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ec:0e:ad:96:40:3b:6d:3f:25:94:81:69:c9:
0a:8c:a9:01:a0:e9:f8:19:8c:4b:99:85:ca:0b:99:
52:9a:ec:cf:4c:ad:68:df:b3:09:4b:f7:1d:31:1d:
7c:8f:15:cb:29:ce:10:cc:23:bb:df:4a:38:c2:d5:
b2:82:af:92:0e:89:2a:fd:17:b4:1e:7b:2c:27:9c:
67:66:75:8d:6b:f2:fd:0b:bf:8b:30:1b:b8:15:52:
5d:0b:ca:c5:91:b0:4d:15:29:d0:6c:82:78:ad:fe:
f1:8d:9d:d4:a7:ba:d8:7d:df:88:55:82:70:6d:1a:
15:60:37:85:46:7b:9c:dd:56:c3:b6:04:0f:68:55:
47:fc:b9:36:c9:d3:a1:37:76:e4:a8:47:16:82:d6:
1e:bd:07:01:db:e7:96:eb:00:be:68:2b:b2:3d:77:
51:94:a8:a4:ed:00:4c:af:70:ad:25:02:9f:91:4c:
57:5d:ed:10:ff:b8:69:0a:20:d2:75:f3:e8:85:9d:
49:95:03:91:5b:50:d6:66:8f:80:8c:a5:47:43:07:
16:1d:52:01:b5:54:aa:f9:63:84:20:8f:90:c8:52:
b9:87:91:a2:df:d3:f1:31:35:c1:56:29:78:7e:c2:
6c:c7:bd:33:e2:32:7c:11:bb:ce:d6:fb:4e:04:77:
d0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:6C:20:8E:33:57:FA:7A:16:15:BE:8E:F1:9D:BB:5B:79:EB:E8:7A
X509v3 Authority Key Identifier:
keyid:F5:0B:6B:42:56:00:A2:5A:6D:C1:32:DE:51:47:97:E2:AA:4B:02:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9QtrQlYAolptwTLeUUeX4qpLAkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a9fcc9-67b2-44d6-b566-100f84fe950c/1/pGwgjjNX-noWFb6O8Z27W3nr6Ho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a9fcc9-67b2-44d6-b566-100f84fe950c/1/9QtrQlYAolptwTLeUUeX4qpLAkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.210.0/24
185.48.68.0/22
IPv6:
2a01:9660::/32
Signature Algorithm: sha256WithRSAEncryption
9d:e3:07:aa:0a:26:5c:41:c8:b0:ce:db:7a:0e:0c:8b:90:6e:
ef:4c:02:2e:70:c6:8e:5f:a0:1b:4e:98:88:e2:a8:64:8c:9c:
dc:50:3a:a7:bb:09:1c:20:3c:46:cd:ca:fd:f3:ba:93:a7:86:
8c:c1:2f:7e:49:dc:3c:ac:a4:4d:9d:c6:d7:b3:79:8e:33:28:
f8:47:9a:5a:d5:fd:4f:e6:4e:a8:a4:ff:95:e9:08:51:0a:fc:
93:8a:67:23:cb:92:fb:38:00:67:d8:10:bf:7c:dd:0c:8f:18:
3f:2a:32:e5:5c:30:6e:90:17:da:73:8b:e2:67:d6:a1:42:6a:
46:0b:03:f6:5e:cb:cb:37:f1:a8:0d:ee:c6:b0:19:8a:99:83:
8e:b0:08:f4:1b:91:8a:94:7d:ae:49:63:b3:dc:43:d4:fb:44:
ef:28:6a:de:58:f7:93:5f:17:24:08:7b:07:34:57:27:13:ff:
5a:51:e8:08:fc:47:cd:65:61:2c:3a:05:b0:fe:17:22:9c:e0:
ac:c7:de:45:5a:11:f4:a1:a3:e6:e7:17:75:35:92:d2:c5:21:
02:ca:b4:c0:76:91:fb:0f:28:d5:85:5b:7d:22:ef:d9:de:a2:
1d:20:bf:28:e4:3f:7e:c1:af:0a:c8:7d:04:c0:bf:72:50:69:
5e:22:fb:1f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJxcZwKneMIFBC1dcqfe4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MGI2YjQyNTYwMGEyNWE2ZGMxMzJkZTUxNDc5N2UyYWE0
YjAyNDcwHhcNMjQwMTAxMjIzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDZjMjA4ZTMzNTdmYTdhMTYxNWJlOGVmMTlkYmI1Yjc5ZWJlODdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlewOrZZAO20/JZSBackKjKkBoOn4
GYxLmYXKC5lSmuzPTK1o37MJS/cdMR18jxXLKc4QzCO730o4wtWygq+SDokq/Re0
HnssJ5xnZnWNa/L9C7+LMBu4FVJdC8rFkbBNFSnQbIJ4rf7xjZ3Up7rYfd+IVYJw
bRoVYDeFRnuc3VbDtgQPaFVH/Lk2ydOhN3bkqEcWgtYevQcB2+eW6wC+aCuyPXdR
lKik7QBMr3CtJQKfkUxXXe0Q/7hpCiDSdfPohZ1JlQORW1DWZo+AjKVHQwcWHVIB
tVSq+WOEII+QyFK5h5Gi39PxMTXBVil4fsJsx70z4jJ8EbvO1vtOBHfQXwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKRsII4zV/p6FhW+jvGdu1t56+h6MB8GA1UdIwQY
MBaAFPULa0JWAKJabcEy3lFHl+KqSwJHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVF0clFsWUFvbHB0d1RMZVVVZVg0cXBMQWtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hOWZjYzktNjdiMi00NGQ2LWI1NjYt
MTAwZjg0ZmU5NTBjLzEvcEd3Z2pqTlgtbm9XRmI2TzhaMjdXM25yNkhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hOWZjYzktNjdiMi00NGQ2LWI1NjYtMTAwZjg0ZmU5NTBj
LzEvOVF0clFsWUFvbHB0d1RMZVVVZVg0cXBMQWtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9nSAwQC
uTBEMA0EAgACMAcDBQAqAZZgMA0GCSqGSIb3DQEBCwUAA4IBAQCd4weqCiZcQciw
ztt6DgyLkG7vTAIucMaOX6AbTpiI4qhkjJzcUDqnuwkcIDxGzcr987qTp4aMwS9+
Sdw8rKRNncbXs3mOMyj4R5pa1f1P5k6opP+V6QhRCvyTimcjy5L7OABn2BC/fN0M
jxg/KjLlXDBukBfac4viZ9ahQmpGCwP2XsvLN/GoDe7GsBmKmYOOsAj0G5GKlH2u
SWOz3EPU+0TvKGreWPeTXxckCHsHNFcnE/9aUegI/EfNZWEsOgWw/hcinOCsx95F
WhH0oaPm5xd1NZLSxSECyrTAdpH7DyjVhVt9Iu/Z3qIdIL8o5D9+wa8KyH0EwL9y
UGleIvsf
-----END CERTIFICATE-----
Generated at Fri May 10 18:58:27 2024 by rpki-client on console-fra.rpki-client.org