Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/601360-adb9-4cb5-86d9-2bb2377e5a1c/1/IqkbeDmVYK4wPpPqtdMCGSeGhEA.roa
File: IqkbeDmVYK4wPpPqtdMCGSeGhEA.roa (raw, json)
Hash identifier: KMj34VVpcVNi8i2WlNAJy2GsjX5HZ4W9uX7/eKcC7+k=
Subject key identifier: 22:A9:1B:78:39:95:60:AE:30:3E:93:EA:B5:D3:02:19:27:86:84:40
Certificate issuer: /CN=68dafd6360636a6327747a07080f7f2e5e32ce85
Certificate serial: 018CC3B672FC6032A5FAACD4883E22313C82
Authority key identifier: 68:DA:FD:63:60:63:6A:63:27:74:7A:07:08:0F:7F:2E:5E:32:CE:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNr9Y2BjamMndHoHCA9_Ll4yzoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/601360-adb9-4cb5-86d9-2bb2377e5a1c/1/IqkbeDmVYK4wPpPqtdMCGSeGhEA.roa
Signing time: Mon 01 Jan 2024 06:29:23 +0000
ROA not before: Mon 01 Jan 2024 06:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204626
IP address blocks: 91.218.152.0/24 maxlen: 24
91.218.152.0/23 maxlen: 23
91.218.153.0/24 maxlen: 24
2001:678:5f4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/601360-adb9-4cb5-86d9-2bb2377e5a1c/1/aNr9Y2BjamMndHoHCA9_Ll4yzoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/601360-adb9-4cb5-86d9-2bb2377e5a1c/1/aNr9Y2BjamMndHoHCA9_Ll4yzoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNr9Y2BjamMndHoHCA9_Ll4yzoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 03:05:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:72:fc:60:32:a5:fa:ac:d4:88:3e:22:31:3c:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68dafd6360636a6327747a07080f7f2e5e32ce85
Validity
Not Before: Jan 1 06:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22a91b78399560ae303e93eab5d3021927868440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:39:99:70:40:fb:7d:29:b7:49:25:54:66:fc:
db:79:d4:e3:9c:f0:74:0a:fc:2f:a9:c9:59:b8:92:
a7:d1:95:31:b6:d1:b9:2d:df:99:b6:8d:b0:5a:a1:
6d:63:ed:83:e2:61:ec:e6:4c:a3:40:70:8a:a7:d1:
ba:09:bb:d4:f9:e6:d2:7e:ea:4c:ea:70:36:25:18:
a3:82:c9:0a:eb:cb:ef:ef:68:6a:0d:2c:6c:78:59:
b9:9a:4e:44:21:49:21:18:69:c9:60:69:82:4d:09:
3a:20:f9:91:34:81:8e:89:0d:1b:af:1b:06:27:7a:
5f:5c:ef:6a:d6:cd:c5:56:aa:b0:50:07:65:47:b7:
9f:d0:9d:85:09:3e:43:77:6a:87:fc:68:fa:98:63:
bb:b4:70:f9:23:ce:0b:82:b9:57:78:a2:2a:2c:dd:
63:6a:3b:4c:17:ce:19:28:ef:4f:99:88:9e:66:b8:
dd:53:52:b7:26:97:de:10:8b:b2:95:3c:4c:35:09:
42:52:80:3a:0f:35:8e:dd:3c:89:0d:88:0d:72:a6:
e2:ec:a5:33:08:15:0a:4b:75:b9:b0:23:25:01:24:
b1:e8:a9:55:a5:34:4b:a6:75:90:da:0c:33:24:3a:
15:31:20:58:0f:4e:c9:1e:3b:c1:eb:b7:b6:1f:4f:
fb:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:A9:1B:78:39:95:60:AE:30:3E:93:EA:B5:D3:02:19:27:86:84:40
X509v3 Authority Key Identifier:
keyid:68:DA:FD:63:60:63:6A:63:27:74:7A:07:08:0F:7F:2E:5E:32:CE:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNr9Y2BjamMndHoHCA9_Ll4yzoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/601360-adb9-4cb5-86d9-2bb2377e5a1c/1/IqkbeDmVYK4wPpPqtdMCGSeGhEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/601360-adb9-4cb5-86d9-2bb2377e5a1c/1/aNr9Y2BjamMndHoHCA9_Ll4yzoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.152.0/23
IPv6:
2001:678:5f4::/48
Signature Algorithm: sha256WithRSAEncryption
47:14:84:a8:9a:cd:e7:99:45:07:7c:49:f8:30:cd:4c:45:99:
9a:34:14:ef:b4:8e:a9:e5:4b:dd:3c:1b:94:85:b9:3e:a1:80:
7b:1a:19:8b:ec:50:3c:28:51:3b:47:1f:e8:39:fa:cb:5f:af:
45:46:c3:9f:27:91:15:ae:4c:21:2f:c0:ab:b0:53:c3:15:78:
61:21:b2:d6:bb:fb:73:53:fd:b8:24:8d:21:6e:71:4e:34:31:
92:5e:8f:77:8b:15:43:d4:73:2d:1b:49:55:0b:14:c8:73:1f:
10:d2:89:c7:c6:84:87:c5:07:6d:ba:a8:14:a4:5d:b6:86:20:
b9:b6:fe:bf:13:7b:f2:d5:92:d4:5c:8a:e2:50:16:46:9a:0a:
f4:34:60:00:88:28:6a:df:c6:7c:34:26:04:7a:3d:e2:de:f7:
98:a3:e8:2a:df:ad:c3:74:99:91:ff:69:db:b6:93:eb:eb:1f:
8d:cc:c3:11:b0:7c:c9:3c:f7:6d:cc:cf:40:8a:3d:6c:d3:a4:
20:76:76:e6:fb:e0:6b:d5:47:0b:d5:d5:37:8a:03:ca:e2:e3:
9c:05:ec:37:95:16:d1:fa:93:61:ba:92:14:97:25:26:d4:97:
59:74:57:30:30:44:a0:77:87:56:9a:4e:9a:50:b0:23:f7:cd:
05:ee:e6:30
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzDtnL8YDKl+qzUiD4iMTyCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZGFmZDYzNjA2MzZhNjMyNzc0N2EwNzA4MGY3ZjJlNWUz
MmNlODUwHhcNMjQwMTAxMDYyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmE5MWI3ODM5OTU2MGFlMzAzZTkzZWFiNWQzMDIxOTI3ODY4NDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjmZcED7fSm3SSVUZvzbedTjnPB0
CvwvqclZuJKn0ZUxttG5Ld+Zto2wWqFtY+2D4mHs5kyjQHCKp9G6CbvU+ebSfupM
6nA2JRijgskK68vv72hqDSxseFm5mk5EIUkhGGnJYGmCTQk6IPmRNIGOiQ0brxsG
J3pfXO9q1s3FVqqwUAdlR7ef0J2FCT5Dd2qH/Gj6mGO7tHD5I84LgrlXeKIqLN1j
ajtMF84ZKO9PmYieZrjdU1K3JpfeEIuylTxMNQlCUoA6DzWO3TyJDYgNcqbi7KUz
CBUKS3W5sCMlASSx6KlVpTRLpnWQ2gwzJDoVMSBYD07JHjvB67e2H0/7CwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCKpG3g5lWCuMD6T6rXTAhknhoRAMB8GA1UdIwQY
MBaAFGja/WNgY2pjJ3R6BwgPfy5eMs6FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5yOVkyQmphbU1uZEhvSENBOV9MbDR5em9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi82MDEzNjAtYWRiOS00Y2I1LTg2ZDkt
MmJiMjM3N2U1YTFjLzEvSXFrYmVEbVZZSzR3UHBQcXRkTUNHU2VHaEVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi82MDEzNjAtYWRiOS00Y2I1LTg2ZDktMmJiMjM3N2U1YTFj
LzEvYU5yOVkyQmphbU1uZEhvSENBOV9MbDR5em9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW9qYMA8E
AgACMAkDBwAgAQZ4BfQwDQYJKoZIhvcNAQELBQADggEBAEcUhKiazeeZRQd8Sfgw
zUxFmZo0FO+0jqnlS908G5SFuT6hgHsaGYvsUDwoUTtHH+g5+stfr0VGw58nkRWu
TCEvwKuwU8MVeGEhsta7+3NT/bgkjSFucU40MZJej3eLFUPUcy0bSVULFMhzHxDS
icfGhIfFB226qBSkXbaGILm2/r8Te/LVktRciuJQFkaaCvQ0YACIKGrfxnw0JgR6
PeLe95ij6CrfrcN0mZH/adu2k+vrH43MwxGwfMk8923Mz0CKPWzTpCB2dub74GvV
RwvV1TeKA8ri45wF7DeVFtH6k2G6khSXJSbUl1l0VzAwRKB3h1aaTppQsCP3zQXu
5jA=
-----END CERTIFICATE-----
Generated at Sat Jun 8 08:50:30 2024 by rpki-client on console-ams.rpki-client.org