Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/vA080fTitIQR3CG0dagQLHIiCl4.roa
File: vA080fTitIQR3CG0dagQLHIiCl4.roa (raw, json)
Hash identifier: /dQhbrjbiNT66M/ybT1DIeTtcfP7DLl9sCMeXOIsR70=
Subject key identifier: BC:0D:3C:D1:F4:E2:B4:84:11:DC:21:B4:75:A8:10:2C:72:22:0A:5E
Certificate issuer: /CN=ad4c830b11261483a62b6696a4c3720e8ad88a0d
Certificate serial: 018CC5DC538C49C0E066BD0281FF140FFD77
Authority key identifier: AD:4C:83:0B:11:26:14:83:A6:2B:66:96:A4:C3:72:0E:8A:D8:8A:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rUyDCxEmFIOmK2aWpMNyDorYig0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/vA080fTitIQR3CG0dagQLHIiCl4.roa
Signing time: Mon 01 Jan 2024 16:30:00 +0000
ROA not before: Mon 01 Jan 2024 16:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3209
IP address blocks: 91.216.108.0/24 maxlen: 24
195.66.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/rUyDCxEmFIOmK2aWpMNyDorYig0.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/rUyDCxEmFIOmK2aWpMNyDorYig0.mft
rsync://rpki.ripe.net/repository/DEFAULT/rUyDCxEmFIOmK2aWpMNyDorYig0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:53:8c:49:c0:e0:66:bd:02:81:ff:14:0f:fd:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad4c830b11261483a62b6696a4c3720e8ad88a0d
Validity
Not Before: Jan 1 16:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc0d3cd1f4e2b48411dc21b475a8102c72220a5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a2:7b:0f:36:5f:f3:7c:66:56:a8:2d:cd:f5:
cc:dc:3d:38:46:f6:8e:7b:67:9f:d5:38:e3:a8:7e:
9b:c7:a8:10:53:30:8a:07:72:d3:42:a4:03:ec:b7:
8f:08:53:fa:a5:6e:87:d2:35:7f:2e:ab:97:e1:56:
7d:29:db:46:e3:1b:1c:54:e7:bc:67:86:ed:08:71:
eb:42:0e:ae:86:f1:c5:8d:32:93:fb:58:98:a8:db:
9e:37:27:f4:99:52:6c:12:eb:70:c7:3e:19:b9:74:
b8:72:4f:68:36:b6:42:9a:88:40:1d:a1:44:b0:a2:
93:1f:fe:e8:ba:98:3a:38:21:e4:c6:2c:66:32:c5:
3e:14:5d:10:a7:5c:d5:c3:44:af:33:0e:b6:86:bf:
71:55:6d:a8:6f:3f:be:3b:ce:44:c9:fc:33:d8:96:
1c:df:c4:65:41:4f:5c:8f:54:21:cb:4a:c1:dd:df:
e1:65:ef:fd:f5:29:fa:bc:3f:f0:f6:6b:53:ed:0d:
bd:6d:b6:50:03:c1:65:3f:03:23:85:4e:dc:3d:bd:
23:40:f3:b2:00:c1:01:06:80:42:11:3f:df:36:00:
70:ac:8f:b9:81:2f:e2:6e:8a:e2:62:42:7a:ae:e8:
25:70:b5:14:a6:33:ff:7a:0b:44:8b:20:2c:f9:a2:
4a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:0D:3C:D1:F4:E2:B4:84:11:DC:21:B4:75:A8:10:2C:72:22:0A:5E
X509v3 Authority Key Identifier:
keyid:AD:4C:83:0B:11:26:14:83:A6:2B:66:96:A4:C3:72:0E:8A:D8:8A:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rUyDCxEmFIOmK2aWpMNyDorYig0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/vA080fTitIQR3CG0dagQLHIiCl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/rUyDCxEmFIOmK2aWpMNyDorYig0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.108.0/24
195.66.76.0/24
Signature Algorithm: sha256WithRSAEncryption
99:a2:a1:ea:70:13:be:bf:3c:90:5a:4d:03:6b:48:2a:b0:2c:
53:36:d4:aa:84:c8:dd:97:63:56:c9:6b:4a:54:e5:19:7f:f7:
47:c8:ca:f3:fc:f8:fb:0a:39:43:c2:7a:e5:20:bd:8c:df:10:
01:a3:9d:88:80:67:eb:bc:cd:7b:7f:6d:ec:2f:72:97:69:7f:
54:75:3a:10:50:58:81:73:0e:db:b2:e1:02:3a:ee:20:58:72:
97:41:bb:fb:08:fb:4f:d4:e0:02:ad:5c:a6:4f:b6:b9:ea:8e:
02:40:54:35:1c:68:94:87:64:64:2f:7c:86:c1:4c:98:07:04:
19:aa:fc:84:60:ad:4e:16:90:a5:2a:22:85:d2:6d:d4:48:ab:
e6:c5:c7:94:27:b0:da:6a:a3:16:89:91:51:c9:24:1f:0d:a6:
7d:a6:63:4c:cb:6d:fd:b5:e9:f9:89:87:e0:00:1b:6b:03:87:
80:c3:01:d1:66:97:a2:80:fd:92:ac:3a:ad:27:3b:2e:6e:78:
98:bd:22:cc:a9:4f:b5:2a:f1:39:7c:6b:c0:5a:f9:8d:16:46:
af:4e:c8:15:8a:3c:a1:a6:e3:14:7d:e2:63:40:1c:c5:bc:ed:
29:14:a0:50:b8:15:f0:9c:e6:3f:e8:d4:71:f4:38:80:98:15:
82:b5:9a:7a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3FOMScDgZr0Cgf8UD/13MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNGM4MzBiMTEyNjE0ODNhNjJiNjY5NmE0YzM3MjBlOGFk
ODhhMGQwHhcNMjQwMTAxMTYzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzBkM2NkMWY0ZTJiNDg0MTFkYzIxYjQ3NWE4MTAyYzcyMjIwYTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaJ7DzZf83xmVqgtzfXM3D04RvaO
e2ef1TjjqH6bx6gQUzCKB3LTQqQD7LePCFP6pW6H0jV/LquX4VZ9KdtG4xscVOe8
Z4btCHHrQg6uhvHFjTKT+1iYqNueNyf0mVJsEutwxz4ZuXS4ck9oNrZCmohAHaFE
sKKTH/7oupg6OCHkxixmMsU+FF0Qp1zVw0SvMw62hr9xVW2obz++O85Eyfwz2JYc
38RlQU9cj1Qhy0rB3d/hZe/99Sn6vD/w9mtT7Q29bbZQA8FlPwMjhU7cPb0jQPOy
AMEBBoBCET/fNgBwrI+5gS/iboriYkJ6ruglcLUUpjP/egtEiyAs+aJK4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLwNPNH04rSEEdwhtHWoECxyIgpeMB8GA1UdIwQY
MBaAFK1MgwsRJhSDpitmlqTDcg6K2IoNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclV5REN4RW1GSU9tSzJhV3BNTnlEb3JZaWcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jNmE2YmEtYWUwNS00NTI0LTg0ZDEt
MjIyY2ViNmMzNDRjLzEvdkEwODBmVGl0SVFSM0NHMGRhZ1FMSElpQ2w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jNmE2YmEtYWUwNS00NTI0LTg0ZDEtMjIyY2ViNmMzNDRj
LzEvclV5REN4RW1GSU9tSzJhV3BNTnlEb3JZaWcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9hsAwQA
w0JMMA0GCSqGSIb3DQEBCwUAA4IBAQCZoqHqcBO+vzyQWk0Da0gqsCxTNtSqhMjd
l2NWyWtKVOUZf/dHyMrz/Pj7CjlDwnrlIL2M3xABo52IgGfrvM17f23sL3KXaX9U
dToQUFiBcw7bsuECOu4gWHKXQbv7CPtP1OACrVymT7a56o4CQFQ1HGiUh2RkL3yG
wUyYBwQZqvyEYK1OFpClKiKF0m3USKvmxceUJ7DaaqMWiZFRySQfDaZ9pmNMy239
ten5iYfgABtrA4eAwwHRZpeigP2SrDqtJzsubniYvSLMqU+1KvE5fGvAWvmNFkav
TsgVijyhpuMUfeJjQBzFvO0pFKBQuBXwnOY/6NRx9DiAmBWCtZp6
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:01:51 2024 by rpki-client on console-fra.rpki-client.org