Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f5b954-65b9-437a-b499-9c28e1cd197e/1/PiEMdx27BTk2Vk8Eh_p61ZvoRDk.roa
File: PiEMdx27BTk2Vk8Eh_p61ZvoRDk.roa (raw, json)
Hash identifier: Q9rxZEJmXGQmBQDlT+c7D8XjZgJ6czdlPH6XVKpDaoc=
Subject key identifier: 3E:21:0C:77:1D:BB:05:39:36:56:4F:04:87:FA:7A:D5:9B:E8:44:39
Certificate issuer: /CN=3d3257a4cc2d989b3126d8b2cfdbbc2015e08bb4
Certificate serial: 018CC348F1DA2169C70D071363E13D79CB6E
Authority key identifier: 3D:32:57:A4:CC:2D:98:9B:31:26:D8:B2:CF:DB:BC:20:15:E0:8B:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PTJXpMwtmJsxJtiyz9u8IBXgi7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f5b954-65b9-437a-b499-9c28e1cd197e/1/PiEMdx27BTk2Vk8Eh_p61ZvoRDk.roa
Signing time: Mon 01 Jan 2024 04:29:46 +0000
ROA not before: Mon 01 Jan 2024 04:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 91.230.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f5b954-65b9-437a-b499-9c28e1cd197e/1/PTJXpMwtmJsxJtiyz9u8IBXgi7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f5b954-65b9-437a-b499-9c28e1cd197e/1/PTJXpMwtmJsxJtiyz9u8IBXgi7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/PTJXpMwtmJsxJtiyz9u8IBXgi7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 16:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f1:da:21:69:c7:0d:07:13:63:e1:3d:79:cb:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d3257a4cc2d989b3126d8b2cfdbbc2015e08bb4
Validity
Not Before: Jan 1 04:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e210c771dbb053936564f0487fa7ad59be84439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8a:63:28:fc:57:f1:a0:6c:ae:1c:b4:14:82:
11:b1:59:18:e5:15:fa:83:a8:b3:70:5f:8f:4c:9e:
da:ab:ba:fb:c9:3f:e3:21:45:ff:2b:2a:34:77:83:
bf:df:25:cd:80:f1:e1:ee:e3:ad:a8:b3:4d:00:b7:
52:0a:af:37:47:66:70:28:c7:c0:04:aa:11:bc:50:
94:0a:f2:16:b0:39:88:14:86:9c:f8:45:b9:9b:e9:
7d:f4:94:47:a2:53:22:a3:23:7a:82:95:73:ae:dd:
be:68:db:30:bf:5f:4b:ab:f4:92:ad:85:71:8d:77:
d9:c1:92:64:ae:36:e6:56:ba:c5:91:2d:9a:f0:79:
c5:f4:f5:dc:46:06:dc:42:40:81:8b:dc:21:12:70:
fe:69:e0:cb:ac:0d:12:ca:ed:2f:ff:50:24:4f:87:
4a:68:be:6b:e0:41:bc:17:97:a5:1c:c6:37:42:6a:
a6:a4:de:9b:a3:66:94:5d:95:41:25:b9:81:c3:1e:
80:97:1c:6b:bf:7c:73:4d:70:cb:4a:62:67:77:4c:
cc:75:1e:06:41:b3:61:f1:57:29:89:bd:eb:74:11:
5c:5f:03:a8:53:5a:76:46:58:59:19:96:3d:d2:49:
4b:e3:97:12:6f:09:58:b9:15:fe:65:bb:a1:ee:fd:
6a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:21:0C:77:1D:BB:05:39:36:56:4F:04:87:FA:7A:D5:9B:E8:44:39
X509v3 Authority Key Identifier:
keyid:3D:32:57:A4:CC:2D:98:9B:31:26:D8:B2:CF:DB:BC:20:15:E0:8B:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PTJXpMwtmJsxJtiyz9u8IBXgi7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f5b954-65b9-437a-b499-9c28e1cd197e/1/PiEMdx27BTk2Vk8Eh_p61ZvoRDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f5b954-65b9-437a-b499-9c28e1cd197e/1/PTJXpMwtmJsxJtiyz9u8IBXgi7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.237.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:78:e3:27:31:55:e9:0e:6c:fa:2c:8c:27:58:d6:8a:fa:79:
75:50:fc:11:83:f1:7a:59:a4:e7:8a:05:8c:33:84:67:0b:9d:
39:85:cd:4c:b7:a6:17:18:68:b8:3a:08:c9:59:d9:6c:2e:72:
fd:e7:3d:bc:2d:d1:46:7e:82:cc:06:0e:9c:38:36:a6:e6:69:
4b:eb:0e:1b:71:cb:eb:b3:a2:00:d2:ea:af:f9:b6:5a:0b:35:
fd:99:bb:c1:2e:09:d7:48:45:8a:20:50:af:48:a2:df:66:5c:
a5:64:c6:63:cd:b6:cf:ee:b7:e7:69:b7:14:2c:8c:bb:a7:c2:
dc:7b:a4:f1:da:9c:62:11:33:24:cb:f9:dc:c0:04:20:63:2e:
d0:5c:d6:75:be:3b:e6:63:43:2a:26:2c:c6:29:c9:86:da:98:
d1:ec:38:ad:fe:0a:e0:8f:cb:84:a3:5f:f8:d9:c9:14:60:8b:
f9:d3:d1:ad:8a:e8:58:59:3e:46:e8:bf:35:82:34:1a:af:dd:
a0:5c:34:49:fd:9b:01:94:73:57:94:af:53:f8:9a:71:ab:46:
50:a3:56:72:b3:6a:66:09:a4:e0:5d:2e:33:e5:43:07:7b:e8:
7a:19:18:7e:c7:1c:2e:60:0f:a1:c4:d8:f3:16:e7:c2:30:36:
f6:aa:90:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSPHaIWnHDQcTY+E9ectuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMzI1N2E0Y2MyZDk4OWIzMTI2ZDhiMmNmZGJiYzIwMTVl
MDhiYjQwHhcNMjQwMTAxMDQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTIxMGM3NzFkYmIwNTM5MzY1NjRmMDQ4N2ZhN2FkNTliZTg0NDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIpjKPxX8aBsrhy0FIIRsVkY5RX6
g6izcF+PTJ7aq7r7yT/jIUX/Kyo0d4O/3yXNgPHh7uOtqLNNALdSCq83R2ZwKMfA
BKoRvFCUCvIWsDmIFIac+EW5m+l99JRHolMioyN6gpVzrt2+aNswv19Lq/SSrYVx
jXfZwZJkrjbmVrrFkS2a8HnF9PXcRgbcQkCBi9whEnD+aeDLrA0Syu0v/1AkT4dK
aL5r4EG8F5elHMY3QmqmpN6bo2aUXZVBJbmBwx6Alxxrv3xzTXDLSmJnd0zMdR4G
QbNh8Vcpib3rdBFcXwOoU1p2RlhZGZY90klL45cSbwlYuRX+Zbuh7v1qDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD4hDHcduwU5NlZPBIf6etWb6EQ5MB8GA1UdIwQY
MBaAFD0yV6TMLZibMSbYss/bvCAV4Iu0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFRKWHBNd3RtSnN4SnRpeXo5dThJQlhnaTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mNWI5NTQtNjViOS00MzdhLWI0OTkt
OWMyOGUxY2QxOTdlLzEvUGlFTWR4MjdCVGsyVms4RWhfcDYxWnZvUkRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mNWI5NTQtNjViOS00MzdhLWI0OTktOWMyOGUxY2QxOTdl
LzEvUFRKWHBNd3RtSnN4SnRpeXo5dThJQlhnaTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+btMA0G
CSqGSIb3DQEBCwUAA4IBAQAPeOMnMVXpDmz6LIwnWNaK+nl1UPwRg/F6WaTnigWM
M4RnC505hc1Mt6YXGGi4OgjJWdlsLnL95z28LdFGfoLMBg6cODam5mlL6w4bccvr
s6IA0uqv+bZaCzX9mbvBLgnXSEWKIFCvSKLfZlylZMZjzbbP7rfnabcULIy7p8Lc
e6Tx2pxiETMky/ncwAQgYy7QXNZ1vjvmY0MqJizGKcmG2pjR7Dit/grgj8uEo1/4
2ckUYIv509GtiuhYWT5G6L81gjQar92gXDRJ/ZsBlHNXlK9T+Jpxq0ZQo1Zys2pm
CaTgXS4z5UMHe+h6GRh+xxwuYA+hxNjzFufCMDb2qpC4
-----END CERTIFICATE-----
Generated at Thu May 2 01:08:41 2024 by rpki-client on console-ams.rpki-client.org