Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/60522f-3539-4c6d-94c1-3c76dd491006/1/jIlTwE71smXv0Zl6i_YjH7HvOnI.roa
File: jIlTwE71smXv0Zl6i_YjH7HvOnI.roa (raw, json)
Hash identifier: diV46BZgHxMNyJav5O4V78J28uGB9y28AXUDBKBy5Ms=
Subject key identifier: 8C:89:53:C0:4E:F5:B2:65:EF:D1:99:7A:8B:F6:23:1F:B1:EF:3A:72
Certificate issuer: /CN=42d4f6e42295f5403b845b52bba9679761d884d8
Certificate serial: 018CC26D367E00AC90F66BC93DFF0E5E914A
Authority key identifier: 42:D4:F6:E4:22:95:F5:40:3B:84:5B:52:BB:A9:67:97:61:D8:84:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QtT25CKV9UA7hFtSu6lnl2HYhNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/60522f-3539-4c6d-94c1-3c76dd491006/1/jIlTwE71smXv0Zl6i_YjH7HvOnI.roa
Signing time: Mon 01 Jan 2024 00:29:46 +0000
ROA not before: Mon 01 Jan 2024 00:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 91.198.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/60522f-3539-4c6d-94c1-3c76dd491006/1/QtT25CKV9UA7hFtSu6lnl2HYhNg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/60522f-3539-4c6d-94c1-3c76dd491006/1/QtT25CKV9UA7hFtSu6lnl2HYhNg.mft
rsync://rpki.ripe.net/repository/DEFAULT/QtT25CKV9UA7hFtSu6lnl2HYhNg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:36:7e:00:ac:90:f6:6b:c9:3d:ff:0e:5e:91:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42d4f6e42295f5403b845b52bba9679761d884d8
Validity
Not Before: Jan 1 00:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c8953c04ef5b265efd1997a8bf6231fb1ef3a72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:86:c4:ec:0e:94:3c:21:93:ef:52:27:4f:5a:
6c:04:b4:01:cb:cf:c0:27:c4:a6:63:e0:0b:a3:aa:
5e:e2:43:6b:ad:3d:0d:14:e4:f8:6e:5a:ea:87:81:
b8:11:0c:38:aa:99:b2:9e:de:9e:ee:7b:5a:5e:e0:
1a:87:2a:6f:d4:a1:3b:2e:3f:eb:4b:55:c3:7b:69:
58:08:e5:9d:cb:e6:bf:fd:8d:6c:df:a1:57:e1:de:
f2:0a:ac:56:3b:4e:95:a3:e1:0f:5a:71:68:a1:02:
df:c5:df:35:7e:d5:77:cf:99:a3:bf:6c:bb:41:f4:
fd:51:96:58:63:f6:9b:82:20:d7:b1:7e:f9:aa:91:
a4:a0:e5:86:61:80:70:57:9b:9b:ab:1b:c5:e5:39:
34:b7:2f:35:a1:b4:8e:fd:1e:72:30:54:9b:b1:01:
7a:a4:0d:73:d7:38:95:38:ea:07:e0:b6:73:62:a2:
8f:9e:3b:a5:d6:31:9b:60:1d:4d:f2:be:ca:62:63:
c5:67:74:95:2c:e6:0a:6c:65:77:cd:c6:56:6f:d8:
bb:eb:ab:09:12:f6:83:05:20:b4:35:9a:40:6d:1b:
f2:3c:c3:40:c0:81:5d:84:aa:1a:67:43:a9:c0:94:
dd:90:14:ea:85:92:03:ac:6c:df:7f:26:e6:0f:63:
fe:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:89:53:C0:4E:F5:B2:65:EF:D1:99:7A:8B:F6:23:1F:B1:EF:3A:72
X509v3 Authority Key Identifier:
keyid:42:D4:F6:E4:22:95:F5:40:3B:84:5B:52:BB:A9:67:97:61:D8:84:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QtT25CKV9UA7hFtSu6lnl2HYhNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/60522f-3539-4c6d-94c1-3c76dd491006/1/jIlTwE71smXv0Zl6i_YjH7HvOnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/60522f-3539-4c6d-94c1-3c76dd491006/1/QtT25CKV9UA7hFtSu6lnl2HYhNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.107.0/24
Signature Algorithm: sha256WithRSAEncryption
76:d7:f1:0c:d3:58:24:7c:8a:f9:34:60:3b:8b:d1:d0:13:eb:
5e:22:ac:75:6d:d8:95:c1:bd:f7:5d:c9:15:eb:21:bb:3f:23:
4f:d5:e2:8a:b2:3f:f7:65:ed:5f:a7:7a:20:e3:ce:01:a6:cf:
68:b5:32:8c:24:10:26:a6:83:0a:72:bc:cf:37:c6:43:59:c1:
30:e7:ce:cd:a6:d8:bb:e4:5a:d7:ae:96:96:1d:3b:45:c4:e9:
57:38:a6:63:25:3f:09:98:eb:3a:2c:5a:03:69:38:bd:69:21:
ff:eb:4b:ed:45:cf:9e:0b:aa:c2:df:79:c8:4d:31:7e:ad:13:
c6:87:b3:b1:c7:e5:0e:13:f0:3f:20:e9:6b:48:30:b9:72:92:
29:4b:01:09:13:4d:77:1e:39:38:ea:e4:7c:04:34:dd:f1:7b:
86:fa:fd:2b:3a:27:10:2c:ff:16:8f:1d:0c:c9:d5:7e:34:42:
6e:a0:41:8e:34:d7:39:09:89:9a:ea:b1:ef:48:21:69:63:d9:
2b:12:58:17:93:dd:ea:00:b1:ea:ea:c0:c1:56:02:d1:80:e2:
22:c7:c6:b9:70:81:35:00:7c:e7:47:2a:16:0e:45:2e:d8:49:
df:61:0b:d7:7b:69:8c:16:d9:da:b3:d4:05:0d:e5:a8:f8:fb:
b4:66:9a:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbTZ+AKyQ9mvJPf8OXpFKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZDRmNmU0MjI5NWY1NDAzYjg0NWI1MmJiYTk2Nzk3NjFk
ODg0ZDgwHhcNMjQwMTAxMDAyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yzg5NTNjMDRlZjViMjY1ZWZkMTk5N2E4YmY2MjMxZmIxZWYzYTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxobE7A6UPCGT71InT1psBLQBy8/A
J8SmY+ALo6pe4kNrrT0NFOT4blrqh4G4EQw4qpmynt6e7ntaXuAahypv1KE7Lj/r
S1XDe2lYCOWdy+a//Y1s36FX4d7yCqxWO06Vo+EPWnFooQLfxd81ftV3z5mjv2y7
QfT9UZZYY/abgiDXsX75qpGkoOWGYYBwV5ubqxvF5Tk0ty81obSO/R5yMFSbsQF6
pA1z1ziVOOoH4LZzYqKPnjul1jGbYB1N8r7KYmPFZ3SVLOYKbGV3zcZWb9i766sJ
EvaDBSC0NZpAbRvyPMNAwIFdhKoaZ0OpwJTdkBTqhZIDrGzffybmD2P+uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIyJU8BO9bJl79GZeov2Ix+x7zpyMB8GA1UdIwQY
MBaAFELU9uQilfVAO4RbUrupZ5dh2ITYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXRUMjVDS1Y5VUE3aEZ0U3U2bG5sMkhZaE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS82MDUyMmYtMzUzOS00YzZkLTk0YzEt
M2M3NmRkNDkxMDA2LzEvaklsVHdFNzFzbVh2MFpsNmlfWWpIN0h2T25JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS82MDUyMmYtMzUzOS00YzZkLTk0YzEtM2M3NmRkNDkxMDA2
LzEvUXRUMjVDS1Y5VUE3aEZ0U3U2bG5sMkhZaE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8ZrMA0G
CSqGSIb3DQEBCwUAA4IBAQB21/EM01gkfIr5NGA7i9HQE+teIqx1bdiVwb33XckV
6yG7PyNP1eKKsj/3Ze1fp3og484Bps9otTKMJBAmpoMKcrzPN8ZDWcEw587Npti7
5FrXrpaWHTtFxOlXOKZjJT8JmOs6LFoDaTi9aSH/60vtRc+eC6rC33nITTF+rRPG
h7Oxx+UOE/A/IOlrSDC5cpIpSwEJE013Hjk46uR8BDTd8XuG+v0rOicQLP8Wjx0M
ydV+NEJuoEGONNc5CYma6rHvSCFpY9krElgXk93qALHq6sDBVgLRgOIix8a5cIE1
AHznRyoWDkUu2EnfYQvXe2mMFtnas9QFDeWo+Pu0Zpq0
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:26:47 2024 by rpki-client on console-fra.rpki-client.org