Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/74271c-69a7-4a86-966d-2a1451e7e3c1/1/GiRIkQjdD6NSyQJHog-8JpsmpQA.roa
File: GiRIkQjdD6NSyQJHog-8JpsmpQA.roa (raw, json)
Hash identifier: XqZSWdYRsKDhCbvc4OygGFTZAayWKDohmbOvA0E6rtQ=
Subject key identifier: 1A:24:48:91:08:DD:0F:A3:52:C9:02:47:A2:0F:BC:26:9B:26:A5:00
Certificate issuer: /CN=b443b3486de7826fd6b0e2aec026597b6207b373
Certificate serial: 018CC8713840FBAD51D4F98D8E4408FC5510
Authority key identifier: B4:43:B3:48:6D:E7:82:6F:D6:B0:E2:AE:C0:26:59:7B:62:07:B3:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tEOzSG3ngm_WsOKuwCZZe2IHs3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/74271c-69a7-4a86-966d-2a1451e7e3c1/1/GiRIkQjdD6NSyQJHog-8JpsmpQA.roa
Signing time: Tue 02 Jan 2024 04:31:52 +0000
ROA not before: Tue 02 Jan 2024 04:31:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29684
IP address blocks: 91.213.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/74271c-69a7-4a86-966d-2a1451e7e3c1/1/tEOzSG3ngm_WsOKuwCZZe2IHs3M.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/74271c-69a7-4a86-966d-2a1451e7e3c1/1/tEOzSG3ngm_WsOKuwCZZe2IHs3M.mft
rsync://rpki.ripe.net/repository/DEFAULT/tEOzSG3ngm_WsOKuwCZZe2IHs3M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 13:03:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:38:40:fb:ad:51:d4:f9:8d:8e:44:08:fc:55:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b443b3486de7826fd6b0e2aec026597b6207b373
Validity
Not Before: Jan 2 04:31:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a24489108dd0fa352c90247a20fbc269b26a500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:76:e9:48:16:03:16:34:87:ef:ba:d1:46:dc:
33:69:a9:7a:c0:bf:8a:75:5f:87:cc:78:5d:a1:03:
31:e2:a6:32:49:94:29:19:65:6c:1e:e1:f8:8b:81:
d7:07:f6:8c:e4:28:9a:e6:90:52:98:97:8e:88:fb:
70:91:a4:2b:d4:d7:4a:e0:f3:cc:0e:aa:6b:4c:a5:
d4:ec:32:35:09:a5:6e:55:22:1c:ea:83:58:ea:5f:
00:20:c2:ea:a9:bf:3f:1b:12:3c:bb:9c:5e:30:79:
2c:26:89:79:e3:fe:45:e7:dc:b5:c3:9b:96:f0:24:
fc:82:04:2f:c3:5a:15:d9:2d:2c:52:7a:46:9e:ae:
e2:4a:5a:71:6a:2d:36:9e:ba:14:eb:91:30:31:e0:
cf:83:89:3e:31:e2:9e:e3:17:26:8a:d0:94:dc:65:
40:6d:ff:14:d0:79:3d:50:15:39:49:b6:1f:b9:f8:
19:b6:72:57:0f:c1:45:58:b6:cb:fc:da:a4:fd:22:
e5:b7:26:4e:00:5f:cd:65:47:12:b4:b0:ea:14:81:
9b:12:4b:62:5a:5a:f5:e6:84:5c:a6:ef:a4:cc:62:
68:a8:d8:c2:70:2f:4c:49:b3:f1:06:da:7e:f0:0c:
6d:c0:3e:3a:95:cb:0b:68:d7:81:5e:e6:a9:fb:6a:
0b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:24:48:91:08:DD:0F:A3:52:C9:02:47:A2:0F:BC:26:9B:26:A5:00
X509v3 Authority Key Identifier:
keyid:B4:43:B3:48:6D:E7:82:6F:D6:B0:E2:AE:C0:26:59:7B:62:07:B3:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tEOzSG3ngm_WsOKuwCZZe2IHs3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/74271c-69a7-4a86-966d-2a1451e7e3c1/1/GiRIkQjdD6NSyQJHog-8JpsmpQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/74271c-69a7-4a86-966d-2a1451e7e3c1/1/tEOzSG3ngm_WsOKuwCZZe2IHs3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.205.0/24
Signature Algorithm: sha256WithRSAEncryption
47:29:ab:10:58:01:3a:99:bd:e3:3a:b1:c0:22:e2:e6:55:97:
00:3e:4e:d1:0e:b8:da:11:fc:83:eb:2a:eb:43:2f:04:9d:ec:
2e:6e:2c:48:1a:58:34:fc:05:78:48:ce:9d:09:be:9b:d1:f1:
ae:a6:92:78:ff:03:26:50:52:f2:4f:34:89:3f:c4:0c:15:47:
b3:b9:10:6f:2a:f6:a1:a7:03:74:13:a8:75:7f:66:f5:9f:4b:
1f:d7:17:ec:23:3e:e3:3a:e5:1f:b8:12:c4:2f:2b:3b:8c:c5:
53:9e:21:37:9f:c6:b0:5a:a6:6a:78:e0:51:32:0e:8f:e3:26:
18:d7:7b:49:bf:bd:f8:22:14:13:aa:e3:ec:da:12:3d:84:0d:
71:86:c5:08:ff:12:8a:39:30:62:3b:fd:9b:bd:21:85:b9:82:
2e:72:f5:94:3c:f0:b6:c2:a4:6b:00:ce:6d:11:41:6f:f8:2a:
fd:c6:90:72:bb:a9:03:41:29:82:7a:6f:04:86:85:0d:e6:9b:
29:4a:d3:a8:34:ee:05:15:95:bb:b1:e5:0f:7b:ca:b4:d7:e1:
aa:3f:1d:1b:9b:2f:e0:b7:ae:01:a3:51:0e:91:bc:94:d8:88:
ab:42:0e:6f:87:e5:5c:9e:91:b5:ae:c1:76:39:5c:f9:db:b9:
88:85:fc:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcThA+61R1PmNjkQI/FUQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NDNiMzQ4NmRlNzgyNmZkNmIwZTJhZWMwMjY1OTdiNjIw
N2IzNzMwHhcNMjQwMTAyMDQzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTI0NDg5MTA4ZGQwZmEzNTJjOTAyNDdhMjBmYmMyNjliMjZhNTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXbpSBYDFjSH77rRRtwzaal6wL+K
dV+HzHhdoQMx4qYySZQpGWVsHuH4i4HXB/aM5Cia5pBSmJeOiPtwkaQr1NdK4PPM
DqprTKXU7DI1CaVuVSIc6oNY6l8AIMLqqb8/GxI8u5xeMHksJol54/5F59y1w5uW
8CT8ggQvw1oV2S0sUnpGnq7iSlpxai02nroU65EwMeDPg4k+MeKe4xcmitCU3GVA
bf8U0Hk9UBU5SbYfufgZtnJXD8FFWLbL/Nqk/SLltyZOAF/NZUcStLDqFIGbEkti
Wlr15oRcpu+kzGJoqNjCcC9MSbPxBtp+8AxtwD46lcsLaNeBXuap+2oL2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBokSJEI3Q+jUskCR6IPvCabJqUAMB8GA1UdIwQY
MBaAFLRDs0ht54Jv1rDirsAmWXtiB7NzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEVPelNHM25nbV9Xc09LdXdDWlplMklIczNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC83NDI3MWMtNjlhNy00YTg2LTk2NmQt
MmExNDUxZTdlM2MxLzEvR2lSSWtRamRENk5TeVFKSG9nLThKcHNtcFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC83NDI3MWMtNjlhNy00YTg2LTk2NmQtMmExNDUxZTdlM2Mx
LzEvdEVPelNHM25nbV9Xc09LdXdDWlplMklIczNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9XNMA0G
CSqGSIb3DQEBCwUAA4IBAQBHKasQWAE6mb3jOrHAIuLmVZcAPk7RDrjaEfyD6yrr
Qy8EnewubixIGlg0/AV4SM6dCb6b0fGuppJ4/wMmUFLyTzSJP8QMFUezuRBvKvah
pwN0E6h1f2b1n0sf1xfsIz7jOuUfuBLELys7jMVTniE3n8awWqZqeOBRMg6P4yYY
13tJv734IhQTquPs2hI9hA1xhsUI/xKKOTBiO/2bvSGFuYIucvWUPPC2wqRrAM5t
EUFv+Cr9xpByu6kDQSmCem8EhoUN5pspStOoNO4FFZW7seUPe8q01+GqPx0bmy/g
t64Bo1EOkbyU2IirQg5vh+VcnpG1rsF2OVz527mIhfzI
-----END CERTIFICATE-----
Generated at Tue May 7 15:32:40 2024 by rpki-client on console-fra.rpki-client.org