Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c04d99-de44-40ab-a2c0-08279455f941/1/L0iolrwbuvaMmyrFJBQRD6OWnaM.roa
File: L0iolrwbuvaMmyrFJBQRD6OWnaM.roa (raw, json)
Hash identifier: FE4uF3AHljjXoDneX1c/3559a6pUl9uwUCsC3yY19eI=
Subject key identifier: 2F:48:A8:96:BC:1B:BA:F6:8C:9B:2A:C5:24:14:11:0F:A3:96:9D:A3
Certificate issuer: /CN=faa6e5e86023c9b314ee651291fafe8c6dd69a83
Certificate serial: 018CC80160F06D157BE8D171BC52C0802D9C
Authority key identifier: FA:A6:E5:E8:60:23:C9:B3:14:EE:65:12:91:FA:FE:8C:6D:D6:9A:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-qbl6GAjybMU7mUSkfr-jG3WmoM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c04d99-de44-40ab-a2c0-08279455f941/1/L0iolrwbuvaMmyrFJBQRD6OWnaM.roa
Signing time: Tue 02 Jan 2024 02:29:42 +0000
ROA not before: Tue 02 Jan 2024 02:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200736
IP address blocks: 91.211.212.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/c04d99-de44-40ab-a2c0-08279455f941/1/1-qbl6GAjybMU7mUSkfr-jG3WmoM.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/c04d99-de44-40ab-a2c0-08279455f941/1/1-qbl6GAjybMU7mUSkfr-jG3WmoM.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-qbl6GAjybMU7mUSkfr-jG3WmoM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:60:f0:6d:15:7b:e8:d1:71:bc:52:c0:80:2d:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faa6e5e86023c9b314ee651291fafe8c6dd69a83
Validity
Not Before: Jan 2 02:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f48a896bc1bbaf68c9b2ac52414110fa3969da3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:85:a1:71:dc:35:55:7d:d8:d3:39:8b:c5:76:
2a:a5:4e:e6:e0:26:0c:47:d2:e0:5c:75:be:8b:66:
2c:18:56:89:4c:f4:c9:d4:6c:20:9a:94:d7:ed:0f:
c9:a4:6d:e0:2d:d3:1d:05:25:43:33:fd:42:08:7d:
42:5a:9f:13:8d:d5:4e:ba:f0:8e:3c:ad:0f:fc:ff:
18:8d:c8:2c:90:c0:3c:77:f7:0b:d8:53:16:e0:fc:
3a:34:97:74:ad:09:45:e6:0e:07:75:a8:a9:11:33:
b2:a3:dd:ee:fa:43:8b:b9:b1:53:2a:73:5f:53:94:
a1:ea:cd:83:75:bc:a3:4c:20:32:cf:32:24:47:12:
5d:4c:86:07:e1:23:bb:0b:12:38:75:74:78:de:44:
a2:f7:13:c5:0b:e5:2b:56:f2:cc:da:0a:b8:35:83:
dd:0a:b4:9f:4a:10:6f:17:76:95:b6:c6:a3:54:dc:
73:81:53:af:e1:04:49:8d:b2:90:0d:22:d2:17:7c:
8e:2b:a3:72:8b:fd:64:79:51:3e:f4:60:a1:2b:10:
25:37:60:d1:f3:3a:d6:03:16:06:44:43:22:05:ba:
30:48:7a:7e:bb:a4:a1:78:45:f0:19:f9:5d:7c:7c:
e5:6b:4e:16:d9:2f:9b:8c:2b:a9:27:3d:2a:5b:e4:
ca:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:48:A8:96:BC:1B:BA:F6:8C:9B:2A:C5:24:14:11:0F:A3:96:9D:A3
X509v3 Authority Key Identifier:
keyid:FA:A6:E5:E8:60:23:C9:B3:14:EE:65:12:91:FA:FE:8C:6D:D6:9A:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-qbl6GAjybMU7mUSkfr-jG3WmoM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c04d99-de44-40ab-a2c0-08279455f941/1/L0iolrwbuvaMmyrFJBQRD6OWnaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c04d99-de44-40ab-a2c0-08279455f941/1/1-qbl6GAjybMU7mUSkfr-jG3WmoM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.212.0/22
Signature Algorithm: sha256WithRSAEncryption
21:a8:e1:f8:42:a2:0c:d6:1f:0d:ac:99:68:35:ad:4c:40:a8:
fb:5e:ca:c3:6c:4d:4f:2c:86:69:15:77:b8:f0:11:d3:97:14:
a8:cd:e6:72:bb:88:4d:0c:81:c5:3a:a5:9c:7f:7d:e1:94:7b:
53:32:99:18:a7:f6:73:db:c2:b3:9c:14:83:76:a1:55:74:33:
6f:11:97:23:ea:f9:c3:0c:9c:2c:1e:71:bd:3c:c5:a8:9f:2d:
92:e2:d6:44:dc:f3:60:4c:c4:6f:f1:61:0e:aa:c8:e1:05:06:
27:a5:66:eb:6c:27:a7:28:6a:9c:d1:58:2e:9c:ba:7b:74:82:
6d:45:aa:38:4e:9f:43:a1:5b:54:78:a7:b8:a9:0b:24:ef:39:
f4:d0:55:7c:73:6e:0b:bd:2f:6e:ea:51:a4:42:5e:3c:7d:25:
e7:60:6a:f3:4e:54:31:15:e7:34:f6:2e:b7:d8:20:11:99:c3:
52:26:96:a7:c3:09:a6:98:28:f8:40:11:c7:63:6a:be:17:34:
85:c8:44:fe:b7:e9:95:b2:f0:57:a2:73:5b:be:9c:80:3c:d6:
d8:8a:9b:e2:08:63:f2:01:13:5f:ca:34:e5:bd:b6:47:4c:19:
01:09:76:a0:8d:db:e3:a1:17:7b:78:04:bc:6a:c7:40:e7:21:
6b:27:ea:3a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzIAWDwbRV76NFxvFLAgC2cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhYTZlNWU4NjAyM2M5YjMxNGVlNjUxMjkxZmFmZThjNmRk
NjlhODMwHhcNMjQwMTAyMDIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjQ4YTg5NmJjMWJiYWY2OGM5YjJhYzUyNDE0MTEwZmEzOTY5ZGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioWhcdw1VX3Y0zmLxXYqpU7m4CYM
R9LgXHW+i2YsGFaJTPTJ1GwgmpTX7Q/JpG3gLdMdBSVDM/1CCH1CWp8TjdVOuvCO
PK0P/P8YjcgskMA8d/cL2FMW4Pw6NJd0rQlF5g4HdaipETOyo93u+kOLubFTKnNf
U5Sh6s2DdbyjTCAyzzIkRxJdTIYH4SO7CxI4dXR43kSi9xPFC+UrVvLM2gq4NYPd
CrSfShBvF3aVtsajVNxzgVOv4QRJjbKQDSLSF3yOK6Nyi/1keVE+9GChKxAlN2DR
8zrWAxYGREMiBbowSHp+u6SheEXwGfldfHzla04W2S+bjCupJz0qW+TKhQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFC9IqJa8G7r2jJsqxSQUEQ+jlp2jMB8GA1UdIwQY
MBaAFPqm5ehgI8mzFO5lEpH6/oxt1pqDMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1xYmw2R0FqeWJNVTdtVVNrZnItakczV21vTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAvYzA0ZDk5LWRlNDQtNDBhYi1hMmMw
LTA4Mjc5NDU1Zjk0MS8xL0wwaW9scndidXZhTW15ckZKQlFSRDZPV25hTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDAvYzA0ZDk5LWRlNDQtNDBhYi1hMmMwLTA4Mjc5NDU1Zjk0
MS8xLzEtcWJsNkdBanliTVU3bVVTa2ZyLWpHM1dtb00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJb09Qw
DQYJKoZIhvcNAQELBQADggEBACGo4fhCogzWHw2smWg1rUxAqPteysNsTU8shmkV
d7jwEdOXFKjN5nK7iE0MgcU6pZx/feGUe1MymRin9nPbwrOcFIN2oVV0M28RlyPq
+cMMnCwecb08xaifLZLi1kTc82BMxG/xYQ6qyOEFBielZutsJ6coapzRWC6cunt0
gm1FqjhOn0OhW1R4p7ipCyTvOfTQVXxzbgu9L27qUaRCXjx9JedgavNOVDEV5zT2
LrfYIBGZw1ImlqfDCaaYKPhAEcdjar4XNIXIRP636ZWy8Feic1u+nIA81tiKm+II
Y/IBE1/KNOW9tkdMGQEJdqCN2+OhF3t4BLxqx0DnIWsn6jo=
-----END CERTIFICATE-----
Generated at Wed Jun 26 08:22:04 2024 by rpki-client on console-ams.rpki-client.org