Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/Al97u5Yz3HBoJ9f40bmHf5eqMjI.roa
File: Al97u5Yz3HBoJ9f40bmHf5eqMjI.roa (raw, json)
Hash identifier: ZJAvbVmW0jK+7FDNcl17YlrEZzjhdBwk4ObeHYDWQSU=
Subject key identifier: 02:5F:7B:BB:96:33:DC:70:68:27:D7:F8:D1:B9:87:7F:97:AA:32:32
Certificate issuer: /CN=3e43277b7ca79d0e9e07fc4a4b318041df415cb3
Certificate serial: 018F29C8E5C4FC3AC0007CE6240EF6761A69
Authority key identifier: 3E:43:27:7B:7C:A7:9D:0E:9E:07:FC:4A:4B:31:80:41:DF:41:5C:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PkMne3ynnQ6eB_xKSzGAQd9BXLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/Al97u5Yz3HBoJ9f40bmHf5eqMjI.roa
Signing time: Mon 29 Apr 2024 12:16:22 +0000
ROA not before: Mon 29 Apr 2024 12:16:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51264
IP address blocks: 91.228.218.0/24 maxlen: 24
176.117.68.0/23 maxlen: 23
193.108.170.0/24 maxlen: 24
194.0.206.0/24 maxlen: 24
194.143.146.0/24 maxlen: 24
195.14.123.0/24 maxlen: 24
195.93.173.0/24 maxlen: 24
2001:678:cfc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/PkMne3ynnQ6eB_xKSzGAQd9BXLM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/PkMne3ynnQ6eB_xKSzGAQd9BXLM.mft
rsync://rpki.ripe.net/repository/DEFAULT/PkMne3ynnQ6eB_xKSzGAQd9BXLM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 03:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:29:c8:e5:c4:fc:3a:c0:00:7c:e6:24:0e:f6:76:1a:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e43277b7ca79d0e9e07fc4a4b318041df415cb3
Validity
Not Before: Apr 29 12:16:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=025f7bbb9633dc706827d7f8d1b9877f97aa3232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:5c:16:e9:7e:61:0b:77:3a:c3:e4:b8:a8:1a:
cd:1a:fa:55:35:64:0c:ea:86:95:b9:b3:9a:e5:97:
f9:05:20:23:84:97:a9:d9:22:a9:96:fb:b9:03:0a:
99:af:69:76:ea:5a:08:7b:19:1c:33:d9:9b:35:c9:
95:10:29:f1:35:76:5e:6a:20:1c:33:ff:c1:0f:2c:
2b:a9:28:bd:3c:af:56:42:61:4e:e0:df:54:25:17:
77:96:fb:51:3f:65:a4:7d:37:8b:c0:f1:2b:d9:08:
94:c1:ca:aa:51:89:d2:c6:0f:c0:5d:2f:bc:15:fc:
dc:28:b9:af:7f:66:4f:61:6b:d2:f3:85:06:02:81:
4b:06:70:fa:7a:b9:78:30:ac:92:28:4c:0a:7c:6b:
e2:33:82:46:6e:94:6c:57:a0:00:76:67:cb:c7:a4:
2d:fe:5c:2b:b6:cf:b5:67:17:0a:26:74:06:07:d9:
42:18:98:00:d7:85:5a:72:14:bd:9c:c3:42:fa:f9:
aa:73:17:52:15:3c:f7:92:be:f4:08:cb:3b:5a:2a:
5d:91:d6:c9:d5:a4:7d:48:9f:bd:9e:fe:04:56:c9:
4a:b1:6b:19:71:a6:50:38:d1:11:d6:13:dc:ac:ea:
17:2c:f1:4b:09:aa:94:f2:07:2b:d5:ae:12:d3:c8:
0f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:5F:7B:BB:96:33:DC:70:68:27:D7:F8:D1:B9:87:7F:97:AA:32:32
X509v3 Authority Key Identifier:
keyid:3E:43:27:7B:7C:A7:9D:0E:9E:07:FC:4A:4B:31:80:41:DF:41:5C:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PkMne3ynnQ6eB_xKSzGAQd9BXLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/Al97u5Yz3HBoJ9f40bmHf5eqMjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/PkMne3ynnQ6eB_xKSzGAQd9BXLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.218.0/24
176.117.68.0/23
193.108.170.0/24
194.0.206.0/24
194.143.146.0/24
195.14.123.0/24
195.93.173.0/24
IPv6:
2001:678:cfc::/48
Signature Algorithm: sha256WithRSAEncryption
54:ea:a4:1d:f1:93:dd:d2:c0:5f:d2:ef:56:6a:22:18:e5:ce:
f3:ea:5a:b3:d3:7a:4c:7b:44:90:bb:09:c7:88:56:4d:b4:4c:
df:82:1b:18:c9:b2:b1:37:06:9f:a1:2e:05:68:1b:7b:cb:73:
e4:3a:54:ed:a7:20:34:7e:00:be:67:60:73:e7:71:e9:72:37:
af:3b:d3:88:eb:df:22:ee:4a:84:fb:fe:50:d8:d4:26:84:35:
0e:78:d9:1b:d2:7b:b2:5c:2c:28:b2:87:f4:9d:68:34:50:b6:
11:f0:b6:74:52:84:d3:19:0c:86:87:c6:6e:ba:25:a7:04:d4:
32:4f:43:33:a2:a4:f8:f9:8f:ce:16:59:a4:78:1e:a3:1a:00:
8f:f4:a0:62:ce:fc:e5:0a:79:86:d1:81:cf:e4:2a:25:a7:69:
84:3f:06:95:08:ae:7b:e8:1b:d8:82:46:a4:71:a6:55:07:dc:
33:79:75:8d:30:8b:f4:25:32:40:76:25:7c:29:25:e5:50:b6:
8b:d7:04:c3:9d:28:74:90:88:b5:2c:04:37:d8:83:55:8d:50:
c7:eb:b9:6d:f8:97:c2:20:f1:6a:1f:fa:8b:4e:a0:eb:ee:8e:
b7:3c:0f:b5:96:88:31:e4:a3:1d:0c:97:4b:4b:f3:54:4e:14:
09:fd:09:9b
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAY8pyOXE/DrAAHzmJA72dhppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNDMyNzdiN2NhNzlkMGU5ZTA3ZmM0YTRiMzE4MDQxZGY0
MTVjYjMwHhcNMjQwNDI5MTIxNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjVmN2JiYjk2MzNkYzcwNjgyN2Q3ZjhkMWI5ODc3Zjk3YWEzMjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlwW6X5hC3c6w+S4qBrNGvpVNWQM
6oaVubOa5Zf5BSAjhJep2SKplvu5AwqZr2l26loIexkcM9mbNcmVECnxNXZeaiAc
M//BDywrqSi9PK9WQmFO4N9UJRd3lvtRP2WkfTeLwPEr2QiUwcqqUYnSxg/AXS+8
FfzcKLmvf2ZPYWvS84UGAoFLBnD6erl4MKySKEwKfGviM4JGbpRsV6AAdmfLx6Qt
/lwrts+1ZxcKJnQGB9lCGJgA14VachS9nMNC+vmqcxdSFTz3kr70CMs7WipdkdbJ
1aR9SJ+9nv4EVslKsWsZcaZQONER1hPcrOoXLPFLCaqU8gcr1a4S08gPxwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFAJfe7uWM9xwaCfX+NG5h3+XqjIyMB8GA1UdIwQY
MBaAFD5DJ3t8p50Ongf8SksxgEHfQVyzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGtNbmUzeW5uUTZlQl94S1N6R0FRZDlCWExNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yMjE5NDUtYTc0ZS00Nzc1LWFlYTUt
M2NmMmE0NjIyZmJjLzEvQWw5N3U1WXozSEJvSjlmNDBibUhmNWVxTWpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yMjE5NDUtYTc0ZS00Nzc1LWFlYTUtM2NmMmE0NjIyZmJj
LzEvUGtNbmUzeW5uUTZlQl94S1N6R0FRZDlCWExNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQAW+TaAwQB
sHVEAwQAwWyqAwQAwgDOAwQAwo+SAwQAww57AwQAw12tMA8EAgACMAkDBwAgAQZ4
DPwwDQYJKoZIhvcNAQELBQADggEBAFTqpB3xk93SwF/S71ZqIhjlzvPqWrPTekx7
RJC7CceIVk20TN+CGxjJsrE3Bp+hLgVoG3vLc+Q6VO2nIDR+AL5nYHPncelyN687
04jr3yLuSoT7/lDY1CaENQ542RvSe7JcLCiyh/SdaDRQthHwtnRShNMZDIaHxm66
JacE1DJPQzOipPj5j84WWaR4HqMaAI/0oGLO/OUKeYbRgc/kKiWnaYQ/BpUIrnvo
G9iCRqRxplUH3DN5dY0wi/QlMkB2JXwpJeVQtovXBMOdKHSQiLUsBDfYg1WNUMfr
uW34l8Ig8Wof+otOoOvujrc8D7WWiDHkox0Ml0tL81ROFAn9CZs=
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:03:58 2024 by rpki-client on console-ams.rpki-client.org