Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/1a4cc0-da92-4596-b123-561ced5bbf92/1/Y0ZBCMA6rxM9xZvFpnPjF6l0EEE.roa
File: Y0ZBCMA6rxM9xZvFpnPjF6l0EEE.roa (raw, json)
Hash identifier: X0SYV8Ufa2Z5+VjN8uaAtJoihjrxsQoFMeKHBRw7Xn4=
Subject key identifier: 63:46:41:08:C0:3A:AF:13:3D:C5:9B:C5:A6:73:E3:17:A9:74:10:41
Certificate issuer: /CN=2e2f6dd9799fa4ea084fd549d710c6896dfae291
Certificate serial: 01912DE415713590F18CC303775CEE19159A
Authority key identifier: 2E:2F:6D:D9:79:9F:A4:EA:08:4F:D5:49:D7:10:C6:89:6D:FA:E2:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Li9t2XmfpOoIT9VJ1xDGiW364pE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/1a4cc0-da92-4596-b123-561ced5bbf92/1/Y0ZBCMA6rxM9xZvFpnPjF6l0EEE.roa
Signing time: Wed 07 Aug 2024 17:30:08 +0000
ROA not before: Wed 07 Aug 2024 17:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58212
IP address blocks: 91.238.123.0/24 maxlen: 24
193.46.81.0/24 maxlen: 24
194.9.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/1a4cc0-da92-4596-b123-561ced5bbf92/1/Li9t2XmfpOoIT9VJ1xDGiW364pE.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/1a4cc0-da92-4596-b123-561ced5bbf92/1/Li9t2XmfpOoIT9VJ1xDGiW364pE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Li9t2XmfpOoIT9VJ1xDGiW364pE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2d:e4:15:71:35:90:f1:8c:c3:03:77:5c:ee:19:15:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e2f6dd9799fa4ea084fd549d710c6896dfae291
Validity
Not Before: Aug 7 17:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63464108c03aaf133dc59bc5a673e317a9741041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:13:93:3f:0a:d9:e4:67:2f:c8:c1:e3:0c:01:
8d:94:e4:14:be:4a:94:5e:94:8c:2a:3f:6c:cc:bf:
28:89:9c:7f:5a:9b:76:0b:77:f3:64:f9:02:b3:25:
dc:5e:b0:03:71:bc:1f:31:aa:4d:0b:34:c4:a4:49:
0c:d0:83:33:51:e2:23:45:5e:39:ba:1a:f0:c9:5a:
53:4d:52:92:8e:92:96:66:c1:f6:9b:4b:88:e5:97:
cd:ac:b4:6e:29:78:f6:e7:95:8c:76:74:9c:de:28:
ec:94:d5:07:f1:cb:42:93:08:3e:32:2c:cc:92:da:
ee:b7:ef:f8:44:be:e8:06:07:4f:69:56:0d:fa:4c:
ca:53:45:5f:aa:95:29:94:6a:ad:e0:7d:de:b9:76:
9d:b1:23:29:40:d4:30:fb:d7:eb:b1:b1:96:47:be:
71:32:15:fe:31:48:34:7d:79:56:92:f7:ea:e1:f7:
46:b0:69:fd:4b:c2:83:97:63:35:4c:e4:2a:62:0b:
41:9f:b9:b7:4c:8d:c9:c1:70:5d:9b:00:8a:5e:c8:
a4:2a:a7:69:81:44:a9:69:29:a8:29:36:c1:80:4d:
83:4a:f3:2a:17:aa:50:fb:f3:9f:44:9f:7d:f7:97:
52:e9:d9:f4:07:bd:87:83:34:92:0f:4d:f4:8b:7a:
ed:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:46:41:08:C0:3A:AF:13:3D:C5:9B:C5:A6:73:E3:17:A9:74:10:41
X509v3 Authority Key Identifier:
keyid:2E:2F:6D:D9:79:9F:A4:EA:08:4F:D5:49:D7:10:C6:89:6D:FA:E2:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Li9t2XmfpOoIT9VJ1xDGiW364pE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/1a4cc0-da92-4596-b123-561ced5bbf92/1/Y0ZBCMA6rxM9xZvFpnPjF6l0EEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/1a4cc0-da92-4596-b123-561ced5bbf92/1/Li9t2XmfpOoIT9VJ1xDGiW364pE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.123.0/24
193.46.81.0/24
194.9.6.0/24
Signature Algorithm: sha256WithRSAEncryption
76:cd:6d:b7:ca:22:35:ae:6e:49:85:89:31:68:8f:f8:cf:28:
39:ee:52:5a:76:55:55:dc:59:18:f0:c3:92:70:b1:01:54:3c:
8c:79:f6:6c:72:d3:c7:79:09:47:a5:7d:e3:a8:1e:f6:b4:fc:
ce:15:f6:14:16:d8:2d:89:da:34:12:09:f5:11:ff:bd:71:58:
a2:23:33:22:7b:57:3d:ce:6d:4f:e9:9a:dc:d1:36:24:e5:b6:
41:ef:ed:ab:e9:55:ee:b5:cb:dc:d0:7e:d3:b4:1d:f9:4f:e3:
ba:30:0f:1b:dd:71:a8:7b:7a:8d:a3:54:47:98:e2:a9:f1:62:
96:68:3d:16:0e:7a:8c:6d:c9:13:4f:25:ab:34:be:21:44:6a:
2b:35:ed:ef:3d:94:06:44:b2:83:1b:5c:4d:51:92:d6:d9:73:
d6:46:31:7d:7d:28:8d:cd:b6:fc:79:53:ef:ab:56:d6:3d:8d:
68:b3:76:5c:66:c0:c1:39:a2:3c:ed:46:a9:1f:9b:b7:85:fd:
d5:e9:f4:fa:2b:e4:2f:d2:20:ce:d7:3d:fe:6b:8a:f0:f6:8b:
3a:67:9d:15:5b:63:39:2c:88:9c:66:d0:51:09:77:f4:54:91:
65:08:87:68:e7:9e:ff:db:4f:bf:84:30:27:15:68:5a:b9:be:
28:f5:d6:07
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZEt5BVxNZDxjMMDd1zuGRWaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMmY2ZGQ5Nzk5ZmE0ZWEwODRmZDU0OWQ3MTBjNjg5NmRm
YWUyOTEwHhcNMjQwODA3MTczMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzQ2NDEwOGMwM2FhZjEzM2RjNTliYzVhNjczZTMxN2E5NzQxMDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxOTPwrZ5GcvyMHjDAGNlOQUvkqU
XpSMKj9szL8oiZx/Wpt2C3fzZPkCsyXcXrADcbwfMapNCzTEpEkM0IMzUeIjRV45
uhrwyVpTTVKSjpKWZsH2m0uI5ZfNrLRuKXj255WMdnSc3ijslNUH8ctCkwg+MizM
ktrut+/4RL7oBgdPaVYN+kzKU0VfqpUplGqt4H3euXadsSMpQNQw+9frsbGWR75x
MhX+MUg0fXlWkvfq4fdGsGn9S8KDl2M1TOQqYgtBn7m3TI3JwXBdmwCKXsikKqdp
gUSpaSmoKTbBgE2DSvMqF6pQ+/OfRJ9995dS6dn0B72HgzSSD030i3rtQwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGNGQQjAOq8TPcWbxaZz4xepdBBBMB8GA1UdIwQY
MBaAFC4vbdl5n6TqCE/VSdcQxolt+uKRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGk5dDJYbWZwT29JVDlWSjF4REdpVzM2NHBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8xYTRjYzAtZGE5Mi00NTk2LWIxMjMt
NTYxY2VkNWJiZjkyLzEvWTBaQkNNQTZyeE05eFp2RnBuUGpGNmwwRUVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8xYTRjYzAtZGE5Mi00NTk2LWIxMjMtNTYxY2VkNWJiZjky
LzEvTGk5dDJYbWZwT29JVDlWSjF4REdpVzM2NHBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+57AwQA
wS5RAwQAwgkGMA0GCSqGSIb3DQEBCwUAA4IBAQB2zW23yiI1rm5JhYkxaI/4zyg5
7lJadlVV3FkY8MOScLEBVDyMefZsctPHeQlHpX3jqB72tPzOFfYUFtgtido0Egn1
Ef+9cViiIzMie1c9zm1P6Zrc0TYk5bZB7+2r6VXutcvc0H7TtB35T+O6MA8b3XGo
e3qNo1RHmOKp8WKWaD0WDnqMbckTTyWrNL4hRGorNe3vPZQGRLKDG1xNUZLW2XPW
RjF9fSiNzbb8eVPvq1bWPY1os3ZcZsDBOaI87UapH5u3hf3V6fT6K+Qv0iDO1z3+
a4rw9os6Z50VW2M5LIicZtBRCXf0VJFlCIdo557/20+/hDAnFWhaub4o9dYH
-----END CERTIFICATE-----
Generated at Sat Sep 28 12:41:44 2024 by rpki-client on console-ams.rpki-client.org