Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/s5_3hV9WXcm1CRJYnyIB_VjZZ7Q.roa
File: s5_3hV9WXcm1CRJYnyIB_VjZZ7Q.roa (raw, json)
Hash identifier: UKS5pZiv42UTkra4mHaSbZRRNU5rIYHxEPknazKSpNY=
Subject key identifier: B3:9F:F7:85:5F:56:5D:C9:B5:09:12:58:9F:22:01:FD:58:D9:67:B4
Certificate issuer: /CN=77b020308865c3360dab19f3a5703341864e9f50
Certificate serial: 018CC3488C939BD660A2B5AAF73182276FDA
Authority key identifier: 77:B0:20:30:88:65:C3:36:0D:AB:19:F3:A5:70:33:41:86:4E:9F:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d7AgMIhlwzYNqxnzpXAzQYZOn1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/s5_3hV9WXcm1CRJYnyIB_VjZZ7Q.roa
Signing time: Mon 01 Jan 2024 04:29:20 +0000
ROA not before: Mon 01 Jan 2024 04:29:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210841
IP address blocks: 91.232.198.0/24 maxlen: 24
91.232.208.0/24 maxlen: 24
91.232.235.0/24 maxlen: 24
91.232.129.0/24 maxlen: 24
80.73.219.0/24 maxlen: 24
80.73.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/d7AgMIhlwzYNqxnzpXAzQYZOn1A.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/d7AgMIhlwzYNqxnzpXAzQYZOn1A.mft
rsync://rpki.ripe.net/repository/DEFAULT/d7AgMIhlwzYNqxnzpXAzQYZOn1A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:8c:93:9b:d6:60:a2:b5:aa:f7:31:82:27:6f:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77b020308865c3360dab19f3a5703341864e9f50
Validity
Not Before: Jan 1 04:29:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b39ff7855f565dc9b50912589f2201fd58d967b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:05:3a:b2:33:3e:97:60:73:ba:e5:9c:03:b9:
9b:6b:81:a0:ed:09:df:9e:eb:8d:6a:1a:62:b7:bf:
cf:55:9c:dc:79:5f:b4:62:fc:a6:d7:ae:9c:d5:b3:
4a:8c:ff:f1:0a:b6:64:29:52:8d:db:64:42:ce:46:
d2:5f:25:27:6a:e7:cd:b1:71:f7:06:d0:c1:4b:b2:
99:39:94:ae:2c:e5:0c:9c:e7:dc:f3:45:d5:5e:ce:
1a:a0:fa:2f:4b:73:92:d5:83:c0:f9:c7:f7:58:ce:
8f:11:4d:44:d9:1d:d2:6b:c5:11:2f:dd:86:05:16:
14:5d:d7:e7:90:ea:70:8f:e0:c1:84:93:84:9f:e4:
fc:1f:57:2a:f7:e8:96:02:ca:61:53:04:7d:8c:46:
3f:d2:20:cc:eb:9c:03:25:59:c2:7d:24:1d:2d:d7:
bb:c7:ba:34:20:83:99:13:9c:dd:f6:c7:0f:f7:53:
af:19:d0:60:3d:8b:e4:4c:36:26:ac:10:7c:26:af:
44:9e:39:29:2e:02:71:5f:87:a9:7e:81:83:01:f2:
df:67:e2:ff:29:04:a5:69:51:5b:d4:24:2a:60:cd:
71:ac:d1:d0:ab:39:d5:e6:51:a3:7c:cd:60:7b:16:
b6:5b:21:30:19:32:d6:5e:41:6e:b0:43:b6:c7:d2:
82:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:9F:F7:85:5F:56:5D:C9:B5:09:12:58:9F:22:01:FD:58:D9:67:B4
X509v3 Authority Key Identifier:
keyid:77:B0:20:30:88:65:C3:36:0D:AB:19:F3:A5:70:33:41:86:4E:9F:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7AgMIhlwzYNqxnzpXAzQYZOn1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/s5_3hV9WXcm1CRJYnyIB_VjZZ7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/d7AgMIhlwzYNqxnzpXAzQYZOn1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.73.219.0-80.73.223.255
91.232.129.0/24
91.232.198.0/24
91.232.208.0/24
91.232.235.0/24
Signature Algorithm: sha256WithRSAEncryption
55:8f:68:d5:1d:73:dc:09:23:c5:4e:1e:ce:d3:0a:f0:77:08:
89:7d:13:04:ab:9c:aa:6d:06:6a:d4:91:a7:ad:e2:99:41:9a:
de:55:b6:92:44:06:33:e9:ee:c3:41:80:ab:87:e0:b7:4a:58:
80:cc:74:e6:15:83:1a:9c:29:4a:e6:ca:f0:b5:6b:cc:e9:3b:
47:e5:33:21:6b:11:c0:ac:9f:af:fb:2d:7d:61:e9:75:64:31:
89:87:62:5d:8d:37:cb:e4:e5:b1:61:5b:8c:1d:6e:d3:72:c5:
d8:dd:e8:84:25:56:d7:ae:ce:b9:06:cb:98:96:b7:2d:a5:54:
13:96:fa:51:fd:ed:f6:f9:ff:99:61:16:57:7d:53:e8:a0:f9:
3a:9e:28:e1:05:0b:d3:ec:4e:98:42:95:d9:1f:f9:03:3f:5c:
a8:36:89:43:e9:6a:77:a1:5f:a1:b1:0a:1f:ea:1c:7a:9d:74:
bd:81:89:46:95:63:28:08:07:d2:bf:b7:ad:60:f3:f0:26:52:
e5:cc:2d:02:e0:98:dd:91:76:25:cf:35:73:f7:7b:2c:88:5b:
46:24:00:b9:5c:f7:e3:f7:f9:1c:08:9e:e1:ee:1d:a2:95:55:
1f:72:1a:db:83:b3:36:9b:e7:c2:5f:f8:9e:d7:b7:4b:39:b1:
ef:22:0e:ae
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzDSIyTm9ZgorWq9zGCJ2/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YjAyMDMwODg2NWMzMzYwZGFiMTlmM2E1NzAzMzQxODY0
ZTlmNTAwHhcNMjQwMTAxMDQyOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzlmZjc4NTVmNTY1ZGM5YjUwOTEyNTg5ZjIyMDFmZDU4ZDk2N2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gU6sjM+l2BzuuWcA7mba4Gg7Qnf
nuuNahpit7/PVZzceV+0Yvym166c1bNKjP/xCrZkKVKN22RCzkbSXyUnaufNsXH3
BtDBS7KZOZSuLOUMnOfc80XVXs4aoPovS3OS1YPA+cf3WM6PEU1E2R3Sa8URL92G
BRYUXdfnkOpwj+DBhJOEn+T8H1cq9+iWAsphUwR9jEY/0iDM65wDJVnCfSQdLde7
x7o0IIOZE5zd9scP91OvGdBgPYvkTDYmrBB8Jq9EnjkpLgJxX4epfoGDAfLfZ+L/
KQSlaVFb1CQqYM1xrNHQqznV5lGjfM1gexa2WyEwGTLWXkFusEO2x9KC6wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLOf94VfVl3JtQkSWJ8iAf1Y2We0MB8GA1UdIwQY
MBaAFHewIDCIZcM2DasZ86VwM0GGTp9QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDdBZ01JaGx3ellOcXhuenBYQXpRWVpPbjFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kMmFhYjAtODM2My00YjE0LTljYzIt
YzhiYjhlYTM5ODA0LzEvczVfM2hWOVdYY20xQ1JKWW55SUJfVmpaWjdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9kMmFhYjAtODM2My00YjE0LTljYzItYzhiYjhlYTM5ODA0
LzEvZDdBZ01JaGx3ellOcXhuenBYQXpRWVpPbjFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBABQSdsD
BAVQScADBABb6IEDBABb6MYDBABb6NADBABb6OswDQYJKoZIhvcNAQELBQADggEB
AFWPaNUdc9wJI8VOHs7TCvB3CIl9EwSrnKptBmrUkaet4plBmt5VtpJEBjPp7sNB
gKuH4LdKWIDMdOYVgxqcKUrmyvC1a8zpO0flMyFrEcCsn6/7LX1h6XVkMYmHYl2N
N8vk5bFhW4wdbtNyxdjd6IQlVteuzrkGy5iWty2lVBOW+lH97fb5/5lhFld9U+ig
+TqeKOEFC9PsTphCldkf+QM/XKg2iUPpanehX6GxCh/qHHqddL2BiUaVYygIB9K/
t61g8/AmUuXMLQLgmN2RdiXPNXP3eyyIW0YkALlc9+P3+RwInuHuHaKVVR9yGtuD
szab58Jf+J7Xt0s5se8iDq4=
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:28:03 2024 by rpki-client on console-ams.rpki-client.org