Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/fadb3f-dc96-4902-86eb-19df5b4d1014/1/23GyK6GnRyoCzRA9-Q_G_jD4uw4.roa
File: 23GyK6GnRyoCzRA9-Q_G_jD4uw4.roa (raw, json)
Hash identifier: TrcUX4Ekic7UgyBgnkoumlPGmVN1Aiceh7Ck9u0VeDc=
Subject key identifier: DB:71:B2:2B:A1:A7:47:2A:02:CD:10:3D:F9:0F:C6:FE:30:F8:BB:0E
Certificate issuer: /CN=e783b62ab8aea520770c57404be7771f679ec0b5
Certificate serial: 018CC5DD0922A2ED1350B742456627496E20
Authority key identifier: E7:83:B6:2A:B8:AE:A5:20:77:0C:57:40:4B:E7:77:1F:67:9E:C0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/54O2KriupSB3DFdAS-d3H2eewLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/fadb3f-dc96-4902-86eb-19df5b4d1014/1/23GyK6GnRyoCzRA9-Q_G_jD4uw4.roa
Signing time: Mon 01 Jan 2024 16:30:46 +0000
ROA not before: Mon 01 Jan 2024 16:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20712
IP address blocks: 91.244.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/fadb3f-dc96-4902-86eb-19df5b4d1014/1/54O2KriupSB3DFdAS-d3H2eewLU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/fadb3f-dc96-4902-86eb-19df5b4d1014/1/54O2KriupSB3DFdAS-d3H2eewLU.mft
rsync://rpki.ripe.net/repository/DEFAULT/54O2KriupSB3DFdAS-d3H2eewLU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:09:22:a2:ed:13:50:b7:42:45:66:27:49:6e:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e783b62ab8aea520770c57404be7771f679ec0b5
Validity
Not Before: Jan 1 16:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db71b22ba1a7472a02cd103df90fc6fe30f8bb0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:47:89:26:ef:b2:d7:ea:d7:ad:59:ae:70:5b:
03:96:03:b8:97:ba:71:ad:c8:cf:23:e5:46:69:fa:
75:49:b0:11:e0:c8:86:27:86:2e:74:4c:8b:38:07:
2a:57:e1:c9:10:48:c0:41:5a:ed:4a:d3:82:02:6a:
12:62:4d:6f:21:85:a3:46:67:43:01:1b:d8:77:bd:
a1:4e:09:aa:99:0c:aa:34:c8:49:a6:d9:b0:e7:1f:
dc:fe:9c:82:b6:71:5c:ac:dc:72:c1:51:0f:ab:aa:
1d:af:b8:77:40:a8:f2:32:91:1a:b6:cb:5c:f0:73:
23:f4:66:8f:de:68:8b:9a:21:53:5f:8b:92:d0:d1:
5b:d5:e3:29:59:00:d3:3c:3c:fb:bb:4d:99:bf:82:
1f:e6:be:0c:62:a9:49:d6:62:6a:f0:95:84:3d:96:
53:83:e1:31:47:b7:30:81:a2:35:b4:d8:18:8b:a6:
fb:c5:93:3a:72:b2:69:83:d8:40:71:9b:08:89:96:
be:43:ca:2b:09:d1:e9:a1:73:a8:d5:d7:2c:13:e7:
4a:46:63:a3:36:8a:c2:01:92:1a:dd:d5:5c:21:28:
d5:82:46:ec:5d:6b:a7:00:cc:5b:eb:bd:06:72:c2:
2b:b1:a3:90:a1:6a:de:3a:7a:40:3c:75:b4:37:d2:
9b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:71:B2:2B:A1:A7:47:2A:02:CD:10:3D:F9:0F:C6:FE:30:F8:BB:0E
X509v3 Authority Key Identifier:
keyid:E7:83:B6:2A:B8:AE:A5:20:77:0C:57:40:4B:E7:77:1F:67:9E:C0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/54O2KriupSB3DFdAS-d3H2eewLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/fadb3f-dc96-4902-86eb-19df5b4d1014/1/23GyK6GnRyoCzRA9-Q_G_jD4uw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/fadb3f-dc96-4902-86eb-19df5b4d1014/1/54O2KriupSB3DFdAS-d3H2eewLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.244.239.0/24
Signature Algorithm: sha256WithRSAEncryption
70:53:b0:33:98:70:47:d8:8e:d7:16:51:8f:88:56:c1:3d:49:
cc:af:80:73:1a:3f:fc:47:58:04:63:f5:76:6f:0b:df:e5:21:
97:4a:8a:ae:a1:ac:09:1f:b4:00:c5:7f:05:b0:a2:21:6d:a9:
99:24:ef:84:92:d1:3e:a3:ab:47:4c:a1:2f:c0:4e:78:73:77:
a7:16:9e:10:08:11:fe:f2:b9:02:57:36:fe:f1:fe:d2:3f:fb:
8b:84:35:91:24:67:d8:f4:44:13:a3:d2:30:cd:aa:f1:10:51:
80:8c:ed:3d:48:0d:50:dd:e9:61:1d:3c:d3:1c:ad:fc:6e:31:
af:65:66:2d:21:ca:b2:71:aa:82:e6:55:ed:9a:18:e3:eb:60:
2e:be:4f:d6:90:c8:d5:78:5f:8f:6e:a5:80:38:d4:a3:fd:01:
64:a6:93:7c:ff:dc:64:ff:ad:99:1d:70:ff:f6:4a:91:d6:bb:
77:1c:3e:46:c7:c3:dd:4c:f0:6c:51:f1:fb:76:7d:ef:c2:1c:
bd:f4:b2:8c:00:cb:43:a2:ef:8c:11:eb:78:80:77:26:2b:6b:
a5:83:c7:59:af:af:8e:7d:94:e9:a9:d7:95:4d:7b:4e:ce:d2:
6c:cb:1b:be:cb:d8:e1:a9:ca:98:47:3f:28:7a:fb:b6:ad:69:
60:ad:f6:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3Qkiou0TULdCRWYnSW4gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ODNiNjJhYjhhZWE1MjA3NzBjNTc0MDRiZTc3NzFmNjc5
ZWMwYjUwHhcNMjQwMTAxMTYzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjcxYjIyYmExYTc0NzJhMDJjZDEwM2RmOTBmYzZmZTMwZjhiYjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0eJJu+y1+rXrVmucFsDlgO4l7px
rcjPI+VGafp1SbAR4MiGJ4YudEyLOAcqV+HJEEjAQVrtStOCAmoSYk1vIYWjRmdD
ARvYd72hTgmqmQyqNMhJptmw5x/c/pyCtnFcrNxywVEPq6odr7h3QKjyMpEatstc
8HMj9GaP3miLmiFTX4uS0NFb1eMpWQDTPDz7u02Zv4If5r4MYqlJ1mJq8JWEPZZT
g+ExR7cwgaI1tNgYi6b7xZM6crJpg9hAcZsIiZa+Q8orCdHpoXOo1dcsE+dKRmOj
NorCAZIa3dVcISjVgkbsXWunAMxb670GcsIrsaOQoWreOnpAPHW0N9KbWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNtxsiuhp0cqAs0QPfkPxv4w+LsOMB8GA1UdIwQY
MBaAFOeDtiq4rqUgdwxXQEvndx9nnsC1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTRPMktyaXVwU0IzREZkQVMtZDNIMmVld0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9mYWRiM2YtZGM5Ni00OTAyLTg2ZWIt
MTlkZjViNGQxMDE0LzEvMjNHeUs2R25SeW9DelJBOS1RX0dfakQ0dXc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9mYWRiM2YtZGM5Ni00OTAyLTg2ZWItMTlkZjViNGQxMDE0
LzEvNTRPMktyaXVwU0IzREZkQVMtZDNIMmVld0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/TvMA0G
CSqGSIb3DQEBCwUAA4IBAQBwU7AzmHBH2I7XFlGPiFbBPUnMr4BzGj/8R1gEY/V2
bwvf5SGXSoquoawJH7QAxX8FsKIhbamZJO+EktE+o6tHTKEvwE54c3enFp4QCBH+
8rkCVzb+8f7SP/uLhDWRJGfY9EQTo9IwzarxEFGAjO09SA1Q3elhHTzTHK38bjGv
ZWYtIcqycaqC5lXtmhjj62Auvk/WkMjVeF+PbqWAONSj/QFkppN8/9xk/62ZHXD/
9kqR1rt3HD5Gx8PdTPBsUfH7dn3vwhy99LKMAMtDou+MEet4gHcmK2ulg8dZr6+O
fZTpqdeVTXtOztJsyxu+y9jhqcqYRz8oevu2rWlgrfas
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:06:35 2024 by rpki-client on console-fra.rpki-client.org