Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: M9D2dGqSp8ifwu1+2pH3SqQngfxMhnfFULy2Q+vFPnU=
Subject key identifier: 27:C2:8C:A3:68:B7:A2:79:3B:68:2C:04:E3:3A:49:E1:C4:C1:53:24
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 36C8171523589C5E35CF2B0A45B7065BD5F6DB19
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS174.roa
Signing time: Wed 10 Apr 2024 10:03:39 +0000
ROA not before: Wed 10 Apr 2024 09:58:39 +0000
ROA not after: Wed 09 Apr 2025 10:03:39 +0000
asID: 174
IP address blocks: 91.124.68.0/22 maxlen: 22
91.124.72.0/22 maxlen: 22
91.124.76.0/22 maxlen: 22
91.124.84.0/22 maxlen: 22
91.124.92.0/22 maxlen: 22
91.124.96.0/22 maxlen: 22
91.124.100.0/22 maxlen: 22
91.124.104.0/22 maxlen: 22
91.124.108.0/22 maxlen: 22
91.124.112.0/22 maxlen: 22
91.124.116.0/22 maxlen: 22
91.124.120.0/22 maxlen: 22
91.124.152.0/22 maxlen: 22
91.124.156.0/22 maxlen: 22
91.124.160.0/22 maxlen: 22
91.124.164.0/22 maxlen: 22
91.124.168.0/22 maxlen: 22
91.124.180.0/22 maxlen: 22
91.124.188.0/22 maxlen: 22
91.124.196.0/22 maxlen: 22
91.124.204.0/22 maxlen: 22
91.124.212.0/22 maxlen: 22
91.124.224.0/22 maxlen: 22
91.124.228.0/22 maxlen: 22
91.124.232.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:c8:17:15:23:58:9c:5e:35:cf:2b:0a:45:b7:06:5b:d5:f6:db:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 10 09:58:39 2024 GMT
Not After : Apr 9 10:03:39 2025 GMT
Subject: CN=27C28CA368B7A2793B682C04E33A49E1C4C15324
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7c:27:cb:6f:34:25:ce:f2:41:91:d0:2c:4d:
1f:08:72:9e:90:6e:5b:51:08:96:96:11:38:02:2c:
b0:b7:fb:f6:3d:8c:1b:90:f7:da:36:13:6d:39:8c:
b2:d5:a0:e3:80:e2:81:9b:e4:be:71:0f:46:1e:1f:
bb:e2:75:21:0e:34:dc:cc:99:c7:7f:68:8e:4c:01:
b5:c2:25:67:5b:90:c3:50:3a:24:30:6c:c9:b9:3f:
8f:5d:47:ce:ce:c6:95:29:72:c7:20:8f:9f:39:f6:
eb:79:7d:c7:91:e0:41:44:ed:4d:66:fa:57:3e:20:
13:cb:c1:e7:2b:dc:e2:c6:1e:c7:1b:6e:23:d2:9d:
e3:fc:4d:f7:83:4b:df:e7:24:bc:5e:75:76:62:2f:
67:16:24:ca:f4:e1:89:df:44:e2:89:09:fd:1d:de:
dd:8e:30:fa:5c:2c:b5:95:7a:c1:cb:dd:7e:20:d2:
37:4c:f8:00:ec:43:5c:a9:38:6f:c6:6e:20:bf:78:
a3:6c:33:ff:cd:f5:65:e7:f6:4a:2c:dd:46:93:d6:
4c:3f:12:0c:06:ce:dd:76:02:6f:4d:63:47:66:a6:
ec:f5:e1:e3:7b:21:94:0f:61:c8:f7:cf:0b:e5:08:
a6:1c:d5:d5:24:15:f2:63:1b:4a:0f:e0:9e:07:87:
0f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:C2:8C:A3:68:B7:A2:79:3B:68:2C:04:E3:3A:49:E1:C4:C1:53:24
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.68.0-91.124.79.255
91.124.84.0/22
91.124.92.0-91.124.123.255
91.124.152.0-91.124.171.255
91.124.180.0/22
91.124.188.0/22
91.124.196.0/22
91.124.204.0/22
91.124.212.0/22
91.124.224.0-91.124.235.255
Signature Algorithm: sha256WithRSAEncryption
50:01:03:da:cc:d8:0a:ba:1a:e3:4b:52:04:6c:61:5e:4b:d6:
66:66:a3:87:82:63:3d:64:43:6c:9b:cb:41:be:17:68:b8:d9:
26:c0:7a:e8:25:7d:b0:36:85:3f:69:86:e2:e6:43:b8:5f:a8:
0f:0d:3f:15:f8:1b:4c:52:fd:44:32:12:10:fe:7b:31:a9:c3:
9b:ee:f6:d5:be:ae:a4:c7:ce:d0:1c:be:e5:37:43:7e:28:27:
e7:ae:bd:aa:0a:c5:71:99:6b:cb:6a:5f:05:e0:b5:83:cb:f2:
26:76:99:71:2a:60:05:25:a9:95:d2:85:7a:9b:40:36:86:64:
08:be:94:2d:36:d8:6d:39:0b:ef:16:70:d3:46:ef:6e:6d:83:
6f:03:af:96:ea:4d:5b:ff:8d:eb:04:30:4b:6e:3d:d2:94:33:
ec:3e:ff:c2:1e:85:5f:a9:e7:e2:18:39:ad:de:0e:23:d9:4b:
89:e7:f9:a4:55:4d:6b:a0:cb:dc:27:01:de:77:39:cf:50:fc:
bf:69:95:b9:62:c4:25:f0:55:63:68:13:b4:a8:ba:0b:5b:1a:
16:62:f0:26:39:8f:3e:11:cc:51:fb:d5:3c:88:64:80:e3:d4:
54:69:9d:23:d6:8d:de:24:f2:cf:a8:96:f5:12:2d:59:56:aa:
8a:cc:a9:8a
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgIUNsgXFSNYnF41zysKRbcGW9X22xkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDA0MTAwOTU4MzlaFw0yNTA0MDkxMDAzMzlaMDMxMTAvBgNV
BAMTKDI3QzI4Q0EzNjhCN0EyNzkzQjY4MkMwNEUzM0E0OUUxQzRDMTUzMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWfCfLbzQlzvJBkdAsTR8Icp6Q
bltRCJaWETgCLLC3+/Y9jBuQ99o2E205jLLVoOOA4oGb5L5xD0YeH7vidSEONNzM
mcd/aI5MAbXCJWdbkMNQOiQwbMm5P49dR87OxpUpcscgj5859ut5fceR4EFE7U1m
+lc+IBPLwecr3OLGHscbbiPSneP8TfeDS9/nJLxedXZiL2cWJMr04YnfROKJCf0d
3t2OMPpcLLWVesHL3X4g0jdM+ADsQ1ypOG/GbiC/eKNsM//N9WXn9kos3UaT1kw/
EgwGzt12Am9NY0dmpuz14eN7IZQPYcj3zwvlCKYc1dUkFfJjG0oP4J4Hhw95AgMB
AAGjggJdMIICWTAdBgNVHQ4EFgQUJ8KMo2i3onk7aCwE4zpJ4cTBUyQwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcMAwDBAJbfEQD
BARbfEADBAJbfFQwDAMEAlt8XAMEAlt8eDAMAwQDW3yYAwQCW3yoAwQCW3y0AwQC
W3y8AwQCW3zEAwQCW3zMAwQCW3zUMAwDBAVbfOADBAJbfOgwDQYJKoZIhvcNAQEL
BQADggEBAFABA9rM2Aq6GuNLUgRsYV5L1mZmo4eCYz1kQ2yby0G+F2i42SbAeugl
fbA2hT9phuLmQ7hfqA8NPxX4G0xS/UQyEhD+ezGpw5vu9tW+rqTHztAcvuU3Q34o
J+euvaoKxXGZa8tqXwXgtYPL8iZ2mXEqYAUlqZXShXqbQDaGZAi+lC022G05C+8W
cNNG725tg28Dr5bqTVv/jesEMEtuPdKUM+w+/8IehV+p5+IYOa3eDiPZS4nn+aRV
TWugy9wnAd53Oc9Q/L9plblixCXwVWNoE7SougtbGhZi8CY5jz4RzFH71TyIZIDj
1FRpnSPWjd4k8s+olvUSLVlWqorMqYo=
-----END CERTIFICATE-----
Generated at Sat Apr 27 19:18:12 2024 by rpki-client on console-ams.rpki-client.org