Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/53b13e-debb-456a-8dc1-e811d9407e7a/1/wKrjKzbIbnS9xbET9gxTpjQLXkQ.roa
File: wKrjKzbIbnS9xbET9gxTpjQLXkQ.roa (raw, json)
Hash identifier: +NJfxf5fovjbpm4pQ8MNLVCJGMf4Gmyun/PbJBJF4Oc=
Subject key identifier: C0:AA:E3:2B:36:C8:6E:74:BD:C5:B1:13:F6:0C:53:A6:34:0B:5E:44
Certificate issuer: /CN=6cefa411f0936a466d841ec290cd80cc550a7f6e
Certificate serial: 018D655E024027E8C6D2BC503D2857DEFA96
Authority key identifier: 6C:EF:A4:11:F0:93:6A:46:6D:84:1E:C2:90:CD:80:CC:55:0A:7F:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bO-kEfCTakZthB7CkM2AzFUKf24.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/53b13e-debb-456a-8dc1-e811d9407e7a/1/wKrjKzbIbnS9xbET9gxTpjQLXkQ.roa
Signing time: Thu 01 Feb 2024 15:51:16 +0000
ROA not before: Thu 01 Feb 2024 15:51:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210626
IP address blocks: 91.242.247.0/24 maxlen: 24
2a11:af40::/29 maxlen: 29
2a11:af40:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/53b13e-debb-456a-8dc1-e811d9407e7a/1/bO-kEfCTakZthB7CkM2AzFUKf24.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/53b13e-debb-456a-8dc1-e811d9407e7a/1/bO-kEfCTakZthB7CkM2AzFUKf24.mft
rsync://rpki.ripe.net/repository/DEFAULT/bO-kEfCTakZthB7CkM2AzFUKf24.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:65:5e:02:40:27:e8:c6:d2:bc:50:3d:28:57:de:fa:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cefa411f0936a466d841ec290cd80cc550a7f6e
Validity
Not Before: Feb 1 15:51:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0aae32b36c86e74bdc5b113f60c53a6340b5e44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b0:3a:ac:d7:a4:ff:9d:e9:a4:a6:da:8e:3b:
b3:67:78:ca:9d:8e:9c:08:d8:78:28:8a:b8:81:e5:
c4:a0:2e:7d:8c:62:b6:89:a4:e7:5a:38:f1:27:64:
6d:c6:21:8b:e6:4a:c6:69:49:4b:4e:1a:00:1f:e6:
01:8a:5f:16:46:c3:51:b5:61:2f:f6:f0:dc:aa:ce:
9c:3a:f7:68:7c:f5:d9:9e:59:6b:d5:7e:81:f0:7a:
7f:a1:02:4e:f2:70:6f:42:06:0c:93:6c:15:ae:0a:
9f:62:f0:e9:a6:3f:20:fb:1c:46:b4:81:7d:89:ba:
26:d2:89:5a:d7:5c:ce:38:ee:69:4c:e5:9e:39:fe:
61:1e:ef:e4:55:56:ee:3c:13:3c:27:66:8e:6f:92:
7b:7a:48:5d:d6:b9:63:42:3c:6a:77:42:a8:e0:41:
6b:d0:c5:93:b7:88:98:d4:22:b6:d0:f2:b7:b0:e5:
21:e5:d6:35:4e:17:70:11:c1:2f:2d:a6:c2:f2:f6:
74:dc:8f:5f:c4:e6:7c:bc:6f:6c:23:fa:f1:72:af:
d9:1e:89:e4:4d:54:44:a2:4a:f1:a5:2a:98:39:f1:
0e:33:fe:79:14:9d:38:2a:b0:3d:27:9e:f3:14:af:
4a:53:06:50:d4:b7:11:46:fc:07:04:e4:45:97:25:
e0:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:AA:E3:2B:36:C8:6E:74:BD:C5:B1:13:F6:0C:53:A6:34:0B:5E:44
X509v3 Authority Key Identifier:
keyid:6C:EF:A4:11:F0:93:6A:46:6D:84:1E:C2:90:CD:80:CC:55:0A:7F:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bO-kEfCTakZthB7CkM2AzFUKf24.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/53b13e-debb-456a-8dc1-e811d9407e7a/1/wKrjKzbIbnS9xbET9gxTpjQLXkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/53b13e-debb-456a-8dc1-e811d9407e7a/1/bO-kEfCTakZthB7CkM2AzFUKf24.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.247.0/24
IPv6:
2a11:af40::/29
Signature Algorithm: sha256WithRSAEncryption
27:ac:4a:20:aa:f8:85:66:83:8b:6f:8a:99:25:aa:f2:17:42:
8e:27:78:81:14:eb:1b:4e:cd:9b:42:f6:35:fa:07:ce:6d:a7:
23:56:b1:f7:67:51:3e:3d:b2:d3:18:9d:1f:9a:61:95:3a:60:
42:fa:9b:60:c5:42:9b:74:6f:42:be:14:ab:6e:84:4a:a4:3a:
30:4f:81:93:e3:d3:85:c1:18:27:99:d4:2c:7b:fb:04:59:6c:
67:a8:89:b2:d8:f7:d1:9c:da:ac:0c:34:f1:75:cb:ae:b2:f8:
ef:2e:d8:96:8a:0e:5b:ae:a3:34:c2:f9:10:c0:0f:be:8f:71:
94:67:ac:c8:8b:c6:f5:de:bc:2f:b3:b2:d3:91:0d:ad:54:7d:
64:a9:f0:c4:61:d5:77:82:dc:dd:de:ba:3a:9e:d3:00:98:9f:
28:4e:17:58:d8:d0:4c:ca:1c:72:16:dd:6b:94:64:46:fc:a7:
02:cc:d2:46:1a:93:22:21:46:4b:e9:b1:06:7b:fb:b4:9a:8e:
e7:97:a0:d9:4a:35:55:bf:74:34:99:42:e9:d6:54:49:8d:6e:
eb:7d:64:9c:1f:26:43:79:fe:34:dc:30:11:1c:9a:b9:0e:63:
cd:c3:6a:61:7a:f7:ad:dd:47:5d:1b:bb:a8:9a:c9:4f:af:34:
57:e5:9b:16
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY1lXgJAJ+jG0rxQPShX3vqWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZWZhNDExZjA5MzZhNDY2ZDg0MWVjMjkwY2Q4MGNjNTUw
YTdmNmUwHhcNMjQwMjAxMTU1MTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGFhZTMyYjM2Yzg2ZTc0YmRjNWIxMTNmNjBjNTNhNjM0MGI1ZTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurA6rNek/53ppKbajjuzZ3jKnY6c
CNh4KIq4geXEoC59jGK2iaTnWjjxJ2RtxiGL5krGaUlLThoAH+YBil8WRsNRtWEv
9vDcqs6cOvdofPXZnllr1X6B8Hp/oQJO8nBvQgYMk2wVrgqfYvDppj8g+xxGtIF9
ibom0ola11zOOO5pTOWeOf5hHu/kVVbuPBM8J2aOb5J7ekhd1rljQjxqd0Ko4EFr
0MWTt4iY1CK20PK3sOUh5dY1ThdwEcEvLabC8vZ03I9fxOZ8vG9sI/rxcq/ZHonk
TVREokrxpSqYOfEOM/55FJ04KrA9J57zFK9KUwZQ1LcRRvwHBORFlyXgeQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMCq4ys2yG50vcWxE/YMU6Y0C15EMB8GA1UdIwQY
MBaAFGzvpBHwk2pGbYQewpDNgMxVCn9uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk8ta0VmQ1Rha1p0aEI3Q2tNMkF6RlVLZjI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81M2IxM2UtZGViYi00NTZhLThkYzEt
ZTgxMWQ5NDA3ZTdhLzEvd0tyakt6YkliblM5eGJFVDlneFRwalFMWGtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81M2IxM2UtZGViYi00NTZhLThkYzEtZTgxMWQ5NDA3ZTdh
LzEvYk8ta0VmQ1Rha1p0aEI3Q2tNMkF6RlVLZjI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW/L3MA0E
AgACMAcDBQMqEa9AMA0GCSqGSIb3DQEBCwUAA4IBAQAnrEogqviFZoOLb4qZJary
F0KOJ3iBFOsbTs2bQvY1+gfObacjVrH3Z1E+PbLTGJ0fmmGVOmBC+ptgxUKbdG9C
vhSrboRKpDowT4GT49OFwRgnmdQse/sEWWxnqImy2PfRnNqsDDTxdcuusvjvLtiW
ig5brqM0wvkQwA++j3GUZ6zIi8b13rwvs7LTkQ2tVH1kqfDEYdV3gtzd3ro6ntMA
mJ8oThdY2NBMyhxyFt1rlGRG/KcCzNJGGpMiIUZL6bEGe/u0mo7nl6DZSjVVv3Q0
mULp1lRJjW7rfWScHyZDef403DARHJq5DmPNw2phevet3UddG7uomslPrzRX5ZsW
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:35:44 2024 by rpki-client on console-fra.rpki-client.org