Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/pBV1LMvSPF2FSFxd5vm1nXwn5I4.roa
File: pBV1LMvSPF2FSFxd5vm1nXwn5I4.roa (raw, json)
Hash identifier: 7XyeAfpY48CgosvvIDB9K1x72+yG8DunTlnEuqRmBgA=
Subject key identifier: A4:15:75:2C:CB:D2:3C:5D:85:48:5C:5D:E6:F9:B5:9D:7C:27:E4:8E
Certificate issuer: /CN=0f9a2d2374aa6ac714b5f8a6eddb80dc69679cc6
Certificate serial: 018D83B3804BD2CED4AE41882A5E45357E7A
Authority key identifier: 0F:9A:2D:23:74:AA:6A:C7:14:B5:F8:A6:ED:DB:80:DC:69:67:9C:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5otI3SqascUtfim7duA3GlnnMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/pBV1LMvSPF2FSFxd5vm1nXwn5I4.roa
Signing time: Wed 07 Feb 2024 13:13:15 +0000
ROA not before: Wed 07 Feb 2024 13:13:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57117
IP address blocks: 91.201.197.0/24 maxlen: 24
185.202.105.0/24 maxlen: 24
188.95.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.mft
rsync://rpki.ripe.net/repository/DEFAULT/D5otI3SqascUtfim7duA3GlnnMY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:b3:80:4b:d2:ce:d4:ae:41:88:2a:5e:45:35:7e:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f9a2d2374aa6ac714b5f8a6eddb80dc69679cc6
Validity
Not Before: Feb 7 13:13:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a415752ccbd23c5d85485c5de6f9b59d7c27e48e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:78:f3:0f:94:54:20:c5:8d:39:2d:5f:09:18:
f7:29:fe:3d:fb:ae:42:ba:03:9f:72:c2:3b:48:e6:
8c:3c:8b:29:7e:3f:ad:05:98:36:99:a8:d0:83:1a:
1c:63:68:8c:6f:68:18:26:86:40:de:22:5e:a7:84:
cd:13:bc:0a:d5:57:cb:8d:75:d2:c8:e9:9f:c4:4e:
de:e7:c3:75:e8:ba:ba:f7:7f:21:d6:a3:c8:04:09:
c6:3a:95:43:06:52:c3:b9:62:75:46:76:5c:6a:b5:
a0:c9:18:d6:3b:8f:4b:2e:00:c9:9a:f0:72:3c:37:
be:e1:e9:a9:18:f1:ee:78:97:3a:29:ac:5b:35:cc:
bf:d2:d9:2f:26:b9:6e:c8:95:83:25:27:46:82:14:
c2:5e:9b:1e:3b:08:34:4d:75:e3:86:2a:ac:7b:11:
0b:0a:7a:bf:e7:73:7d:4b:8f:45:46:bf:2f:81:d7:
ca:25:3a:54:45:b7:1c:2a:bf:8c:16:00:c3:51:26:
0c:7d:b5:c4:11:f3:4d:83:40:0b:07:0c:07:11:af:
b1:d1:b3:41:c6:4c:8c:c2:95:d5:7b:26:93:20:15:
e6:04:8f:17:83:4d:36:f6:2d:ee:77:e2:e0:1a:8c:
d6:a3:0a:81:48:fe:60:f6:fc:3a:17:ed:c9:e5:0b:
0b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:15:75:2C:CB:D2:3C:5D:85:48:5C:5D:E6:F9:B5:9D:7C:27:E4:8E
X509v3 Authority Key Identifier:
keyid:0F:9A:2D:23:74:AA:6A:C7:14:B5:F8:A6:ED:DB:80:DC:69:67:9C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5otI3SqascUtfim7duA3GlnnMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/pBV1LMvSPF2FSFxd5vm1nXwn5I4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.197.0/24
185.202.105.0/24
188.95.64.0/24
Signature Algorithm: sha256WithRSAEncryption
65:31:63:b1:11:62:35:d5:3f:86:24:bf:35:fa:e9:20:fb:f7:
bb:13:74:72:df:01:85:80:36:dc:49:39:2f:9b:3b:7e:e6:d9:
12:d5:5d:51:00:39:f3:84:4a:80:1e:f6:45:8f:86:70:64:37:
fc:f0:d8:5f:12:10:f4:7e:4b:6d:77:0e:57:ac:fe:f6:87:cd:
87:88:5d:89:6c:ba:6b:26:02:84:42:67:92:0a:3e:d4:fe:21:
68:5c:c5:2e:92:d2:96:ef:67:a3:11:7d:85:dd:ad:b0:3b:3b:
bc:61:21:b1:0a:82:22:fb:92:df:08:a2:38:91:56:4e:1f:0d:
23:5e:a3:ae:39:3e:8b:b0:93:71:33:56:9d:04:00:90:c0:bc:
3e:15:b4:27:10:a7:2b:b8:4a:7f:23:ce:05:1d:2c:10:26:71:
14:3e:53:26:8f:5e:91:91:d3:fa:d5:a2:9c:1c:95:65:96:69:
d2:f4:c7:04:9c:c1:7e:a6:53:86:48:92:06:9b:c4:a4:6e:6d:
54:89:55:78:7b:e4:5d:ae:9c:82:ac:1c:1a:b3:b1:91:27:ae:
bf:86:eb:bf:4f:78:b4:2f:fc:c2:23:a0:5b:d4:3c:65:be:ad:
b1:9d:ae:f4:ed:1f:9f:ca:cb:00:24:0e:c8:4f:52:65:15:72:
6a:9d:5a:3c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2Ds4BL0s7UrkGIKl5FNX56MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOWEyZDIzNzRhYTZhYzcxNGI1ZjhhNmVkZGI4MGRjNjk2
NzljYzYwHhcNMjQwMjA3MTMxMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDE1NzUyY2NiZDIzYzVkODU0ODVjNWRlNmY5YjU5ZDdjMjdlNDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnjzD5RUIMWNOS1fCRj3Kf49+65C
ugOfcsI7SOaMPIspfj+tBZg2majQgxocY2iMb2gYJoZA3iJep4TNE7wK1VfLjXXS
yOmfxE7e58N16Lq6938h1qPIBAnGOpVDBlLDuWJ1RnZcarWgyRjWO49LLgDJmvBy
PDe+4empGPHueJc6KaxbNcy/0tkvJrluyJWDJSdGghTCXpseOwg0TXXjhiqsexEL
Cnq/53N9S49FRr8vgdfKJTpURbccKr+MFgDDUSYMfbXEEfNNg0ALBwwHEa+x0bNB
xkyMwpXVeyaTIBXmBI8Xg0029i3ud+LgGozWowqBSP5g9vw6F+3J5QsLCwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKQVdSzL0jxdhUhcXeb5tZ18J+SOMB8GA1UdIwQY
MBaAFA+aLSN0qmrHFLX4pu3bgNxpZ5zGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDVvdEkzU3Fhc2NVdGZpbTdkdUEzR2xubk1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wMDI0OGMtMzc5MS00NjI5LWE2YzYt
NmQ5NzE5OTJjMzQ5LzEvcEJWMUxNdlNQRjJGU0Z4ZDV2bTFuWHduNUk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wMDI0OGMtMzc5MS00NjI5LWE2YzYtNmQ5NzE5OTJjMzQ5
LzEvRDVvdEkzU3Fhc2NVdGZpbTdkdUEzR2xubk1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8nFAwQA
ucppAwQAvF9AMA0GCSqGSIb3DQEBCwUAA4IBAQBlMWOxEWI11T+GJL81+ukg+/e7
E3Ry3wGFgDbcSTkvmzt+5tkS1V1RADnzhEqAHvZFj4ZwZDf88NhfEhD0fkttdw5X
rP72h82HiF2JbLprJgKEQmeSCj7U/iFoXMUuktKW72ejEX2F3a2wOzu8YSGxCoIi
+5LfCKI4kVZOHw0jXqOuOT6LsJNxM1adBACQwLw+FbQnEKcruEp/I84FHSwQJnEU
PlMmj16RkdP61aKcHJVllmnS9McEnMF+plOGSJIGm8Skbm1UiVV4e+RdrpyCrBwa
s7GRJ66/huu/T3i0L/zCI6Bb1Dxlvq2xna707R+fyssAJA7IT1JlFXJqnVo8
-----END CERTIFICATE-----
Generated at Fri Jun 21 16:54:25 2024 by rpki-client on console-fra.rpki-client.org