Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/9a6d83-5c2f-42be-8d76-b802052832cf/1/m4RrSU1IHeLtCyG3Bc2CRMfGH3Q.roa
File: m4RrSU1IHeLtCyG3Bc2CRMfGH3Q.roa (raw, json)
Hash identifier: PxhNv3DE5Mj5ja+vjk2YkbldvNJJKQpFyfaeyTVeLzo=
Subject key identifier: 9B:84:6B:49:4D:48:1D:E2:ED:0B:21:B7:05:CD:82:44:C7:C6:1F:74
Certificate issuer: /CN=dc7d8ed98443de6c688d174f1f0055be4de182a1
Certificate serial: 018CC5001460225752B91517E9E60CED0AE3
Authority key identifier: DC:7D:8E:D9:84:43:DE:6C:68:8D:17:4F:1F:00:55:BE:4D:E1:82:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3H2O2YRD3mxojRdPHwBVvk3hgqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/9a6d83-5c2f-42be-8d76-b802052832cf/1/m4RrSU1IHeLtCyG3Bc2CRMfGH3Q.roa
Signing time: Mon 01 Jan 2024 12:29:25 +0000
ROA not before: Mon 01 Jan 2024 12:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197831
IP address blocks: 91.234.80.0/22 maxlen: 22
91.228.31.0/24 maxlen: 24
91.228.30.0/24 maxlen: 24
91.228.30.0/23 maxlen: 23
176.104.120.0/21 maxlen: 21
91.244.80.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/9a6d83-5c2f-42be-8d76-b802052832cf/1/3H2O2YRD3mxojRdPHwBVvk3hgqE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/9a6d83-5c2f-42be-8d76-b802052832cf/1/3H2O2YRD3mxojRdPHwBVvk3hgqE.mft
rsync://rpki.ripe.net/repository/DEFAULT/3H2O2YRD3mxojRdPHwBVvk3hgqE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 12:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:14:60:22:57:52:b9:15:17:e9:e6:0c:ed:0a:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc7d8ed98443de6c688d174f1f0055be4de182a1
Validity
Not Before: Jan 1 12:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b846b494d481de2ed0b21b705cd8244c7c61f74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ed:78:fd:71:cd:e9:c2:e9:6f:68:6d:0d:02:
ad:d5:62:33:bf:98:cf:15:f5:a8:ad:2e:c4:b4:11:
10:94:59:89:d0:e8:7d:91:21:03:ff:97:f2:1b:8d:
86:34:9a:6a:99:da:23:20:15:8d:0c:69:9a:d0:af:
0c:89:11:65:b5:dd:ac:c1:2c:8b:0b:94:3e:8a:fb:
db:24:2d:99:46:0b:19:5a:fa:f8:c6:93:bd:cb:a2:
3b:90:14:52:0b:f0:9c:2d:f1:77:9e:64:db:67:69:
d6:82:bd:a8:e2:03:d9:a8:4b:5f:a0:f2:18:a5:db:
b6:54:ef:2c:5e:e6:b3:3f:7f:84:a0:a1:bc:3a:ae:
89:c4:7e:e6:64:96:68:fa:62:e3:9e:fb:af:c6:9d:
22:10:2f:0e:e4:50:6d:b5:75:97:2e:f6:0c:f8:c3:
ee:3e:5d:b5:6e:9d:ad:2e:af:17:dc:d6:77:db:9d:
3c:de:c2:02:ca:b1:a1:0d:fc:c8:08:0a:63:2a:e6:
67:34:83:71:50:c1:0b:c4:2d:fc:44:46:43:2f:07:
2c:d2:e1:33:c0:e5:bf:d1:b4:af:f8:8d:50:3b:35:
aa:7d:4c:61:57:b2:bd:5d:4e:31:63:29:2c:c9:70:
20:ff:31:26:a0:96:0a:ea:75:03:1b:cf:72:8d:c8:
49:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:84:6B:49:4D:48:1D:E2:ED:0B:21:B7:05:CD:82:44:C7:C6:1F:74
X509v3 Authority Key Identifier:
keyid:DC:7D:8E:D9:84:43:DE:6C:68:8D:17:4F:1F:00:55:BE:4D:E1:82:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3H2O2YRD3mxojRdPHwBVvk3hgqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/9a6d83-5c2f-42be-8d76-b802052832cf/1/m4RrSU1IHeLtCyG3Bc2CRMfGH3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/9a6d83-5c2f-42be-8d76-b802052832cf/1/3H2O2YRD3mxojRdPHwBVvk3hgqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.30.0/23
91.234.80.0/22
91.244.80.0/20
176.104.120.0/21
Signature Algorithm: sha256WithRSAEncryption
68:7d:0f:e5:fe:d9:cd:0b:41:e8:ae:02:c3:3a:e1:ce:bd:dd:
9a:fe:ea:f5:ab:16:22:05:db:65:bb:1d:36:7e:93:23:09:44:
0f:98:ee:32:75:7a:38:ec:61:d7:1f:96:a5:b1:be:f4:b8:3b:
9d:f7:4d:6e:1d:10:23:2e:35:a1:9d:64:b0:f6:86:a0:37:c8:
ac:44:28:6e:7f:b5:9f:c4:54:d8:c4:39:47:75:9c:18:c4:50:
c7:92:fe:b1:f1:13:ef:a8:5b:5e:82:12:9d:6e:b2:8c:5d:8b:
3f:42:d5:cd:07:6f:7f:e2:3f:2e:59:39:0b:13:c3:17:2a:54:
61:71:34:47:ac:ea:19:8f:f6:f6:3f:2f:de:3e:5c:3c:c4:fa:
53:bb:44:5a:d5:14:d7:f3:a6:40:86:cb:55:25:24:a4:6b:70:
d4:06:3c:55:b3:3f:d7:32:df:e3:5f:e1:1a:b8:15:2b:61:03:
b4:dc:bf:34:b0:15:86:1c:93:19:e4:6e:0d:3c:77:0a:86:a5:
df:26:7a:f9:c4:95:9c:17:59:1d:c7:ad:cd:db:2a:eb:e3:94:
99:7e:00:cc:d2:3a:15:64:7c:7c:ef:c6:13:20:44:6b:cf:fe:
bb:43:57:d7:7f:3b:ba:01:02:2f:ab:38:db:2c:fc:34:92:bc:
fd:6b:91:8e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFABRgIldSuRUX6eYM7QrjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjN2Q4ZWQ5ODQ0M2RlNmM2ODhkMTc0ZjFmMDA1NWJlNGRl
MTgyYTEwHhcNMjQwMTAxMTIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjg0NmI0OTRkNDgxZGUyZWQwYjIxYjcwNWNkODI0NGM3YzYxZjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxe14/XHN6cLpb2htDQKt1WIzv5jP
FfWorS7EtBEQlFmJ0Oh9kSED/5fyG42GNJpqmdojIBWNDGma0K8MiRFltd2swSyL
C5Q+ivvbJC2ZRgsZWvr4xpO9y6I7kBRSC/CcLfF3nmTbZ2nWgr2o4gPZqEtfoPIY
pdu2VO8sXuazP3+EoKG8Oq6JxH7mZJZo+mLjnvuvxp0iEC8O5FBttXWXLvYM+MPu
Pl21bp2tLq8X3NZ325083sICyrGhDfzICApjKuZnNINxUMELxC38REZDLwcs0uEz
wOW/0bSv+I1QOzWqfUxhV7K9XU4xYyksyXAg/zEmoJYK6nUDG89yjchJNQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJuEa0lNSB3i7QshtwXNgkTHxh90MB8GA1UdIwQY
MBaAFNx9jtmEQ95saI0XTx8AVb5N4YKhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0gyTzJZUkQzbXhvalJkUEh3QlZ2azNoZ3FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC85YTZkODMtNWMyZi00MmJlLThkNzYt
YjgwMjA1MjgzMmNmLzEvbTRSclNVMUlIZUx0Q3lHM0JjMkNSTWZHSDNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC85YTZkODMtNWMyZi00MmJlLThkNzYtYjgwMjA1MjgzMmNm
LzEvM0gyTzJZUkQzbXhvalJkUEh3QlZ2azNoZ3FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW+QeAwQC
W+pQAwQEW/RQAwQDsGh4MA0GCSqGSIb3DQEBCwUAA4IBAQBofQ/l/tnNC0HorgLD
OuHOvd2a/ur1qxYiBdtlux02fpMjCUQPmO4ydXo47GHXH5alsb70uDud901uHRAj
LjWhnWSw9oagN8isRChuf7WfxFTYxDlHdZwYxFDHkv6x8RPvqFteghKdbrKMXYs/
QtXNB29/4j8uWTkLE8MXKlRhcTRHrOoZj/b2Py/ePlw8xPpTu0Ra1RTX86ZAhstV
JSSka3DUBjxVsz/XMt/jX+EauBUrYQO03L80sBWGHJMZ5G4NPHcKhqXfJnr5xJWc
F1kdx63N2yrr45SZfgDM0joVZHx878YTIERrz/67Q1fXfzu6AQIvqzjbLPw0krz9
a5GO
-----END CERTIFICATE-----
Generated at Fri May 24 22:31:01 2024 by rpki-client on console-fra.rpki-client.org