Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/4Xd9JhXhBaDmrhm2wYWXJB08Dn0.roa
File: 4Xd9JhXhBaDmrhm2wYWXJB08Dn0.roa (raw, json)
Hash identifier: bbsZwfCChkCYiS9njVPuOfsd0DMfKNdlsEzf1h+7bVc=
Subject key identifier: E1:77:7D:26:15:E1:05:A0:E6:AE:19:B6:C1:85:97:24:1D:3C:0E:7D
Certificate issuer: /CN=29109da662f9d302fff2c5c4b4afb8f947fec1c0
Certificate serial: 018CC5DCAD4C9B9DA73D10FD768AAF430302
Authority key identifier: 29:10:9D:A6:62:F9:D3:02:FF:F2:C5:C4:B4:AF:B8:F9:47:FE:C1:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRCdpmL50wL_8sXEtK-4-Uf-wcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/4Xd9JhXhBaDmrhm2wYWXJB08Dn0.roa
Signing time: Mon 01 Jan 2024 16:30:22 +0000
ROA not before: Mon 01 Jan 2024 16:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59747
IP address blocks: 91.207.230.0/24 maxlen: 24
91.207.231.0/24 maxlen: 24
2a02:38:1111::/48 maxlen: 48
2a02:39::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/KRCdpmL50wL_8sXEtK-4-Uf-wcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/KRCdpmL50wL_8sXEtK-4-Uf-wcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KRCdpmL50wL_8sXEtK-4-Uf-wcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:ad:4c:9b:9d:a7:3d:10:fd:76:8a:af:43:03:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29109da662f9d302fff2c5c4b4afb8f947fec1c0
Validity
Not Before: Jan 1 16:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1777d2615e105a0e6ae19b6c18597241d3c0e7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f5:69:f6:55:f1:0a:ca:f5:3b:95:ac:7d:0f:
1b:6d:52:3a:aa:1c:8d:ab:42:25:ae:c2:67:f8:32:
e1:88:44:25:75:72:89:7c:6b:de:cf:fd:d3:aa:bc:
25:2b:f4:7a:c3:de:3c:26:ed:1d:8f:22:15:4d:b5:
43:e1:ba:d9:72:e4:30:a1:d2:8f:40:79:ce:0a:8f:
38:2c:5c:00:57:3b:f0:d0:88:18:7c:4e:8c:ec:c1:
75:aa:5e:5e:7a:b2:a5:3c:85:71:96:82:da:9d:08:
72:58:c4:5d:ea:b8:ce:5e:d1:79:dc:fb:ca:08:73:
28:d8:94:a0:77:8e:1b:7d:e9:b7:d4:a1:1a:7c:dc:
c0:ff:4c:04:d3:cb:49:7a:26:7f:01:97:e3:83:f3:
e2:c9:eb:b2:09:3f:a8:e6:56:2a:12:22:25:e9:b7:
a9:6d:73:68:4c:0b:27:7a:a6:2f:1c:a5:01:fb:d2:
f1:e7:a1:3b:d0:f0:01:08:05:a9:62:8e:67:52:fe:
34:83:19:52:fe:f0:07:84:f4:a0:c6:09:db:18:80:
ee:12:78:c3:f4:d7:6f:38:42:92:d8:32:34:03:3e:
f8:95:d3:86:92:60:b1:f5:30:80:c1:31:df:79:3e:
08:cb:2e:ed:0e:94:12:a9:a5:33:94:a6:be:2e:7e:
0d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:77:7D:26:15:E1:05:A0:E6:AE:19:B6:C1:85:97:24:1D:3C:0E:7D
X509v3 Authority Key Identifier:
keyid:29:10:9D:A6:62:F9:D3:02:FF:F2:C5:C4:B4:AF:B8:F9:47:FE:C1:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRCdpmL50wL_8sXEtK-4-Uf-wcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/4Xd9JhXhBaDmrhm2wYWXJB08Dn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/KRCdpmL50wL_8sXEtK-4-Uf-wcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.230.0/23
IPv6:
2a02:38:1111::/48
2a02:39::/32
Signature Algorithm: sha256WithRSAEncryption
9f:13:2b:f9:5c:cb:36:ce:d6:72:59:80:9a:86:8a:96:7f:ee:
a3:6a:40:4b:5d:94:6d:19:5c:b0:d9:12:70:ce:f9:33:39:f1:
72:26:43:51:44:10:6c:53:ab:69:f2:ea:f6:bf:da:c3:c1:d4:
49:0a:e0:22:27:4e:5d:78:b0:21:b0:1e:d7:e6:e6:c0:76:6a:
b6:8d:20:0f:69:e9:79:0c:99:0f:4f:1d:e9:f3:f0:01:75:25:
9d:0f:58:28:f3:7c:dd:45:fd:9f:9b:43:36:8e:84:54:89:a4:
14:e4:7a:47:d4:ec:90:7c:38:69:f0:b5:7f:5c:82:73:d3:6d:
b0:6c:7e:b1:db:ec:1c:04:f8:c3:53:27:76:74:14:f7:f7:12:
88:56:87:8e:03:d3:f4:84:d5:81:03:98:2b:d7:6f:48:c8:d2:
43:00:0c:44:8e:bf:c9:3f:80:e1:94:19:43:1f:10:06:51:b3:
66:70:b7:92:8e:3e:80:41:11:11:0b:c7:74:32:7b:f1:f9:e4:
8f:c5:02:6f:75:6e:84:d1:8a:a0:de:f5:07:38:42:1b:68:a4:
6e:4f:04:80:5b:96:02:67:90:b1:ea:77:06:2b:6e:e9:52:f7:
8c:d9:85:83:07:2d:f4:b3:39:3c:10:d0:9c:a7:8f:01:10:70:
57:d4:ec:4b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzF3K1Mm52nPRD9doqvQwMCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTA5ZGE2NjJmOWQzMDJmZmYyYzVjNGI0YWZiOGY5NDdm
ZWMxYzAwHhcNMjQwMTAxMTYzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTc3N2QyNjE1ZTEwNWEwZTZhZTE5YjZjMTg1OTcyNDFkM2MwZTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfVp9lXxCsr1O5WsfQ8bbVI6qhyN
q0IlrsJn+DLhiEQldXKJfGvez/3TqrwlK/R6w948Ju0djyIVTbVD4brZcuQwodKP
QHnOCo84LFwAVzvw0IgYfE6M7MF1ql5eerKlPIVxloLanQhyWMRd6rjOXtF53PvK
CHMo2JSgd44bfem31KEafNzA/0wE08tJeiZ/AZfjg/PiyeuyCT+o5lYqEiIl6bep
bXNoTAsneqYvHKUB+9Lx56E70PABCAWpYo5nUv40gxlS/vAHhPSgxgnbGIDuEnjD
9NdvOEKS2DI0Az74ldOGkmCx9TCAwTHfeT4Iyy7tDpQSqaUzlKa+Ln4NsQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOF3fSYV4QWg5q4ZtsGFlyQdPA59MB8GA1UdIwQY
MBaAFCkQnaZi+dMC//LFxLSvuPlH/sHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JDZHBtTDUwd0xfOHNYRXRLLTQtVWYtd2NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS85MzAyNzktMzE4Ny00N2E1LTgxMzct
ZjRmYjVjODgwNTA5LzEvNFhkOUpoWGhCYURtcmhtMndZV1hKQjA4RG4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS85MzAyNzktMzE4Ny00N2E1LTgxMzctZjRmYjVjODgwNTA5
LzEvS1JDZHBtTDUwd0xfOHNYRXRLLTQtVWYtd2NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQBW8/mMBYE
AgACMBADBwAqAgA4EREDBQAqAgA5MA0GCSqGSIb3DQEBCwUAA4IBAQCfEyv5XMs2
ztZyWYCahoqWf+6jakBLXZRtGVyw2RJwzvkzOfFyJkNRRBBsU6tp8ur2v9rDwdRJ
CuAiJ05deLAhsB7X5ubAdmq2jSAPael5DJkPTx3p8/ABdSWdD1go83zdRf2fm0M2
joRUiaQU5HpH1OyQfDhp8LV/XIJz022wbH6x2+wcBPjDUyd2dBT39xKIVoeOA9P0
hNWBA5gr129IyNJDAAxEjr/JP4DhlBlDHxAGUbNmcLeSjj6AQRERC8d0Mnvx+eSP
xQJvdW6E0Yqg3vUHOEIbaKRuTwSAW5YCZ5Cx6ncGK27pUveM2YWDBy30szk8ENCc
p48BEHBX1OxL
-----END CERTIFICATE-----
Generated at Mon Jun 24 10:19:09 2024 by rpki-client on console-fra.rpki-client.org