Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/1-ffTF92QMq_4LdSB1AUZsKfHA-M.roa
File: 1-ffTF92QMq_4LdSB1AUZsKfHA-M.roa (raw, json)
Hash identifier: /GAvkrd69/1ykRiTh1Spxay0s7rT0gJT7xgYWGh4VH8=
Subject key identifier: F9:F7:D3:17:DD:90:32:AF:F8:2D:D4:81:D4:05:19:B0:A7:C7:03:E3
Certificate issuer: /CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd
Certificate serial: 018CC5DC58F32B21BFA4D12D3B871056BA18
Authority key identifier: 85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/1-ffTF92QMq_4LdSB1AUZsKfHA-M.roa
Signing time: Mon 01 Jan 2024 16:30:01 +0000
ROA not before: Mon 01 Jan 2024 16:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8508
IP address blocks: 91.220.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:58:f3:2b:21:bf:a4:d1:2d:3b:87:10:56:ba:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd
Validity
Not Before: Jan 1 16:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9f7d317dd9032aff82dd481d40519b0a7c703e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:72:a7:8a:78:6c:66:d3:53:37:9b:37:52:fb:
2d:af:ef:ba:b9:75:9a:ac:82:27:19:47:a9:9e:53:
11:f7:e7:04:a9:e8:f8:51:bb:a5:81:96:58:34:3c:
f3:d7:4c:c7:36:0e:5f:49:1e:5f:53:aa:58:65:3c:
7a:70:c1:7f:3f:4a:ec:72:99:ea:8d:94:26:3a:d5:
99:a8:2c:c9:25:09:94:4b:80:50:2a:16:d2:69:22:
f3:de:08:a9:64:a6:89:cf:24:68:a8:07:61:a2:92:
6b:9b:dc:b9:9d:c3:5c:cb:bd:49:12:1b:0f:22:cf:
7a:1c:69:86:28:c1:18:3e:ed:3a:69:bc:6e:6e:a4:
70:85:af:86:cf:ba:3a:fa:15:69:c9:88:61:7c:5b:
e8:89:2b:bf:8c:69:64:a0:d0:47:92:5d:9c:64:09:
e4:77:b5:35:f0:3b:45:e4:6b:9d:a5:16:54:53:a4:
3d:3d:f8:88:06:c4:2a:08:50:12:eb:f5:7c:29:85:
fe:65:a0:42:54:7d:24:c5:9d:96:b2:ff:dd:d8:46:
7c:5f:96:11:2a:d2:71:00:33:59:5e:2e:42:19:37:
83:91:46:ab:f7:1c:4f:2f:7f:03:5a:79:01:ff:3b:
c8:31:5e:0b:18:8f:ca:11:5e:4d:b9:79:18:4d:b8:
89:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:F7:D3:17:DD:90:32:AF:F8:2D:D4:81:D4:05:19:B0:A7:C7:03:E3
X509v3 Authority Key Identifier:
keyid:85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/1-ffTF92QMq_4LdSB1AUZsKfHA-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.103.0/24
Signature Algorithm: sha256WithRSAEncryption
34:d9:fa:2e:2e:4e:bd:3f:c9:d3:e9:03:48:49:b8:03:0d:f8:
b0:82:39:3c:61:fb:5d:1f:2c:f0:9e:fe:57:3d:54:da:6c:fc:
72:ed:ba:14:ff:d1:0c:98:cb:5d:29:bc:6b:19:0a:da:69:06:
81:7a:f0:38:77:f2:e8:6a:ed:ac:63:28:df:46:c8:62:2b:fd:
c2:46:dd:69:78:74:9c:d7:77:2a:74:4b:13:53:c2:38:33:97:
a3:80:87:58:a3:e2:d5:c2:03:62:63:5e:32:7b:ac:d6:dc:2f:
a4:b1:1e:2d:39:c9:c2:c3:e2:bf:fc:67:49:f0:f8:61:0a:24:
ef:df:7f:6b:8e:53:45:58:e0:a9:c2:a2:48:1a:6d:67:31:68:
bc:90:ac:a8:29:14:ba:94:88:5d:c0:1a:66:cc:a5:19:d0:63:
83:be:00:47:c7:d2:b2:19:3e:37:d1:e6:6f:1b:f5:b9:5d:26:
21:4a:ac:fa:46:09:82:29:a6:b0:5b:f4:68:41:c9:af:e8:f4:
f8:fa:a1:05:f4:d5:68:17:19:2c:72:c7:42:6f:6d:a2:8d:bd:
55:ea:14:f3:38:06:5b:11:26:a5:fb:7f:85:48:ef:01:db:58:
3d:c3:d4:eb:2f:39:7f:f7:1e:85:a8:a0:20:fb:52:ea:2f:92:
70:11:17:49
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzF3FjzKyG/pNEtO4cQVroYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MjM4Y2U3ZWFmNjlhNWJhMmYwOTQ3YjJiYTA1MzM5NGI0
NWI2Y2QwHhcNMjQwMTAxMTYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWY3ZDMxN2RkOTAzMmFmZjgyZGQ0ODFkNDA1MTliMGE3YzcwM2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXKninhsZtNTN5s3Uvstr++6uXWa
rIInGUepnlMR9+cEqej4UbulgZZYNDzz10zHNg5fSR5fU6pYZTx6cMF/P0rscpnq
jZQmOtWZqCzJJQmUS4BQKhbSaSLz3gipZKaJzyRoqAdhopJrm9y5ncNcy71JEhsP
Is96HGmGKMEYPu06abxubqRwha+Gz7o6+hVpyYhhfFvoiSu/jGlkoNBHkl2cZAnk
d7U18DtF5GudpRZUU6Q9PfiIBsQqCFAS6/V8KYX+ZaBCVH0kxZ2Wsv/d2EZ8X5YR
KtJxADNZXi5CGTeDkUar9xxPL38DWnkB/zvIMV4LGI/KEV5NuXkYTbiJOwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPn30xfdkDKv+C3UgdQFGbCnxwPjMB8GA1UdIwQY
MBaAFIUjjOfq9ppbovCUeyugUzlLRbbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1Mjgt
MDMyYWY4MzZjMTcyLzEvMS1mZlRGOTJRTXFfNExkU0IxQVVac0tmSEEtTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvY2E0MTE0LTJmYjktNDNkMS1iNTI4LTAzMmFmODM2YzE3
Mi8xL2hTT001LXIybWx1aThKUjdLNkJUT1V0RnRzMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvcZzAN
BgkqhkiG9w0BAQsFAAOCAQEANNn6Li5OvT/J0+kDSEm4Aw34sII5PGH7XR8s8J7+
Vz1U2mz8cu26FP/RDJjLXSm8axkK2mkGgXrwOHfy6GrtrGMo30bIYiv9wkbdaXh0
nNd3KnRLE1PCODOXo4CHWKPi1cIDYmNeMnus1twvpLEeLTnJwsPiv/xnSfD4YQok
799/a45TRVjgqcKiSBptZzFovJCsqCkUupSIXcAaZsylGdBjg74AR8fSshk+N9Hm
bxv1uV0mIUqs+kYJgimmsFv0aEHJr+j0+PqhBfTVaBcZLHLHQm9too29VeoU8zgG
WxEmpft/hUjvAdtYPcPU6y85f/cehaigIPtS6i+ScBEXSQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:51:10 2024 by rpki-client on console-fra.rpki-client.org