Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/bbfcc4-a277-4b43-b25c-a24d68e36705/1/cH494XyFj0irWYBF4mNn9S0d3Lc.roa
File: cH494XyFj0irWYBF4mNn9S0d3Lc.roa (raw, json)
Hash identifier: ciYRLa4aT9G+RYyWNtm9Y9+p7rLDtLZN+J2CgKnVkMo=
Subject key identifier: 70:7E:3D:E1:7C:85:8F:48:AB:59:80:45:E2:63:67:F5:2D:1D:DC:B7
Certificate issuer: /CN=11084b7d378b993c5f5e749f6a344de23e45ad00
Certificate serial: 018CC725D43C869B766A7A0DF6CD4ECA913D
Authority key identifier: 11:08:4B:7D:37:8B:99:3C:5F:5E:74:9F:6A:34:4D:E2:3E:45:AD:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EQhLfTeLmTxfXnSfajRN4j5FrQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/bbfcc4-a277-4b43-b25c-a24d68e36705/1/cH494XyFj0irWYBF4mNn9S0d3Lc.roa
Signing time: Mon 01 Jan 2024 22:29:54 +0000
ROA not before: Mon 01 Jan 2024 22:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43418
IP address blocks: 91.197.49.0/24 maxlen: 24
91.197.50.0/24 maxlen: 24
91.197.51.0/24 maxlen: 24
91.197.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/bbfcc4-a277-4b43-b25c-a24d68e36705/1/EQhLfTeLmTxfXnSfajRN4j5FrQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/bbfcc4-a277-4b43-b25c-a24d68e36705/1/EQhLfTeLmTxfXnSfajRN4j5FrQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/EQhLfTeLmTxfXnSfajRN4j5FrQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:d4:3c:86:9b:76:6a:7a:0d:f6:cd:4e:ca:91:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11084b7d378b993c5f5e749f6a344de23e45ad00
Validity
Not Before: Jan 1 22:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=707e3de17c858f48ab598045e26367f52d1ddcb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:85:ac:b2:e7:41:55:92:39:d9:f7:1d:40:4a:
b4:be:3e:4d:c6:f1:3f:8c:90:ce:c0:a2:eb:11:f7:
37:5f:05:da:6c:44:9a:2f:b8:24:7e:60:bd:ed:31:
cc:ee:c6:01:5e:b4:21:f0:c6:aa:19:b2:db:dd:29:
18:4e:4a:7a:29:28:35:8f:ac:d6:92:1f:51:1a:db:
b5:0d:02:05:6b:86:14:99:bc:2b:b2:ac:c3:86:a0:
af:64:94:2b:9e:3f:66:59:89:ea:6e:c7:ae:7e:73:
c8:55:3b:68:e5:ae:5a:cc:28:83:4e:a2:da:e5:37:
df:9a:ba:af:a5:ce:1d:62:29:c2:c4:0c:d3:6c:8b:
90:70:e4:d4:70:c7:89:2c:b3:0f:5f:f2:39:df:16:
85:bb:73:2c:bb:df:22:f9:4c:89:5b:34:f1:ca:67:
75:3c:45:77:88:40:d0:af:d5:37:9a:92:1f:02:42:
0c:59:12:de:b4:fd:3a:c4:15:b4:aa:a4:7e:8f:43:
8a:53:78:88:01:04:f8:aa:5b:27:ab:ba:ff:16:97:
5d:79:b4:ce:20:a8:82:6a:5b:a6:d1:48:67:34:e6:
f0:b6:2c:c2:76:9c:f0:28:82:b4:85:02:c1:73:2c:
03:26:0b:3b:2e:60:d3:3f:60:e2:6e:f6:ca:8d:d4:
7e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:7E:3D:E1:7C:85:8F:48:AB:59:80:45:E2:63:67:F5:2D:1D:DC:B7
X509v3 Authority Key Identifier:
keyid:11:08:4B:7D:37:8B:99:3C:5F:5E:74:9F:6A:34:4D:E2:3E:45:AD:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EQhLfTeLmTxfXnSfajRN4j5FrQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bbfcc4-a277-4b43-b25c-a24d68e36705/1/cH494XyFj0irWYBF4mNn9S0d3Lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bbfcc4-a277-4b43-b25c-a24d68e36705/1/EQhLfTeLmTxfXnSfajRN4j5FrQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.48.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:3f:3c:94:20:c1:d7:ce:cf:82:f3:01:38:ab:72:87:45:87:
55:d8:e0:fb:ff:2e:4d:b6:7c:09:a8:59:c1:cc:22:a1:fe:1c:
5b:c0:0a:7f:c7:80:84:af:f3:94:7c:3d:42:da:38:a6:b1:f1:
00:cc:17:23:73:2a:30:f7:82:bd:38:91:e0:f5:be:d9:5b:2c:
45:d3:53:b3:b5:3f:30:b5:63:12:8c:6a:f6:72:75:49:d7:60:
6d:bd:f0:1d:fa:d3:cd:eb:9a:2d:2e:d5:5a:c5:34:20:6e:34:
c3:51:4e:de:50:8e:70:57:be:4c:81:bb:24:76:6b:13:da:a1:
85:0b:d0:57:5f:6c:b9:6f:eb:34:59:5d:9c:df:7e:3a:69:18:
dd:be:8e:6c:b6:71:a0:e2:12:e7:9b:8d:c9:9b:a3:58:f0:43:
e4:fb:67:7a:f5:0e:68:b9:ab:c6:50:4d:49:a3:1e:f1:b1:fc:
19:66:ad:a6:cb:c0:b9:77:17:f4:a5:ee:4e:f4:70:4c:05:07:
da:86:0c:c9:d3:f4:d5:b5:cf:34:58:d6:fe:f0:37:4b:b4:1b:
70:23:27:a8:c6:fb:4e:f8:20:2a:a4:71:1d:38:c6:79:ca:14:
70:9a:eb:6a:d5:89:2b:51:41:08:a0:69:3a:ba:1e:7b:e4:6c:
d5:95:88:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJdQ8hpt2anoN9s1OypE9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMDg0YjdkMzc4Yjk5M2M1ZjVlNzQ5ZjZhMzQ0ZGUyM2U0
NWFkMDAwHhcNMjQwMTAxMjIyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDdlM2RlMTdjODU4ZjQ4YWI1OTgwNDVlMjYzNjdmNTJkMWRkY2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoWssudBVZI52fcdQEq0vj5NxvE/
jJDOwKLrEfc3XwXabESaL7gkfmC97THM7sYBXrQh8MaqGbLb3SkYTkp6KSg1j6zW
kh9RGtu1DQIFa4YUmbwrsqzDhqCvZJQrnj9mWYnqbseufnPIVTto5a5azCiDTqLa
5Tffmrqvpc4dYinCxAzTbIuQcOTUcMeJLLMPX/I53xaFu3Msu98i+UyJWzTxymd1
PEV3iEDQr9U3mpIfAkIMWRLetP06xBW0qqR+j0OKU3iIAQT4qlsnq7r/FpddebTO
IKiCalum0UhnNObwtizCdpzwKIK0hQLBcywDJgs7LmDTP2DibvbKjdR+gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHB+PeF8hY9Iq1mAReJjZ/UtHdy3MB8GA1UdIwQY
MBaAFBEIS303i5k8X150n2o0TeI+Ra0AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVFoTGZUZUxtVHhmWG5TZmFqUk40ajVGclFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iYmZjYzQtYTI3Ny00YjQzLWIyNWMt
YTI0ZDY4ZTM2NzA1LzEvY0g0OTRYeUZqMGlyV1lCRjRtTm45UzBkM0xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iYmZjYzQtYTI3Ny00YjQzLWIyNWMtYTI0ZDY4ZTM2NzA1
LzEvRVFoTGZUZUxtVHhmWG5TZmFqUk40ajVGclFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8UwMA0G
CSqGSIb3DQEBCwUAA4IBAQAsPzyUIMHXzs+C8wE4q3KHRYdV2OD7/y5NtnwJqFnB
zCKh/hxbwAp/x4CEr/OUfD1C2jimsfEAzBcjcyow94K9OJHg9b7ZWyxF01OztT8w
tWMSjGr2cnVJ12BtvfAd+tPN65otLtVaxTQgbjTDUU7eUI5wV75MgbskdmsT2qGF
C9BXX2y5b+s0WV2c3346aRjdvo5stnGg4hLnm43Jm6NY8EPk+2d69Q5ouavGUE1J
ox7xsfwZZq2my8C5dxf0pe5O9HBMBQfahgzJ0/TVtc80WNb+8DdLtBtwIyeoxvtO
+CAqpHEdOMZ5yhRwmutq1YkrUUEIoGk6uh575GzVlYj/
-----END CERTIFICATE-----
Generated at Sun May 19 07:43:09 2024 by rpki-client on console-fra.rpki-client.org