Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/fb53d6-ada8-426d-99fb-c5cf4b3b1ca6/1/h5YdmnvV1AQtSkmCWQI_s8TbR68.roa
File: h5YdmnvV1AQtSkmCWQI_s8TbR68.roa (raw, json)
Hash identifier: Q3KRHEm4NFuGLlfKOJgY1hSGzXdFqc7/yE81XLjJwY0=
Subject key identifier: 87:96:1D:9A:7B:D5:D4:04:2D:4A:49:82:59:02:3F:B3:C4:DB:47:AF
Certificate issuer: /CN=04f46af885d1ccbb0c09b06870785b5e691787e1
Certificate serial: 018CC26D4BDC98FF27FE03D1E411ED2D9CCC
Authority key identifier: 04:F4:6A:F8:85:D1:CC:BB:0C:09:B0:68:70:78:5B:5E:69:17:87:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BPRq-IXRzLsMCbBocHhbXmkXh-E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/fb53d6-ada8-426d-99fb-c5cf4b3b1ca6/1/h5YdmnvV1AQtSkmCWQI_s8TbR68.roa
Signing time: Mon 01 Jan 2024 00:29:51 +0000
ROA not before: Mon 01 Jan 2024 00:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 91.235.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/fb53d6-ada8-426d-99fb-c5cf4b3b1ca6/1/BPRq-IXRzLsMCbBocHhbXmkXh-E.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/fb53d6-ada8-426d-99fb-c5cf4b3b1ca6/1/BPRq-IXRzLsMCbBocHhbXmkXh-E.mft
rsync://rpki.ripe.net/repository/DEFAULT/BPRq-IXRzLsMCbBocHhbXmkXh-E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:4b:dc:98:ff:27:fe:03:d1:e4:11:ed:2d:9c:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04f46af885d1ccbb0c09b06870785b5e691787e1
Validity
Not Before: Jan 1 00:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87961d9a7bd5d4042d4a498259023fb3c4db47af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:95:43:31:fb:28:1d:1c:ad:2f:55:99:b6:17:
65:96:20:f3:8f:c7:63:e2:35:7c:53:d3:df:3a:8c:
fa:87:e7:0f:d1:a9:0f:0c:52:e7:ee:3f:1e:86:8a:
39:ac:57:c7:f7:9b:bb:eb:be:c9:a3:1e:ac:09:8e:
27:d0:dd:ed:06:7b:68:49:85:8c:86:05:48:4e:77:
f6:87:af:3b:19:7e:e1:06:62:7d:a4:da:3f:3d:97:
21:fe:0d:9f:83:15:d5:6b:40:66:a1:3b:8a:a1:a6:
19:4c:de:33:62:3f:a1:28:f0:03:b8:42:2b:62:7c:
24:d9:b9:23:11:a8:72:ad:ee:eb:0a:02:86:90:40:
17:63:06:99:70:14:4f:57:32:b4:01:96:c0:f7:e8:
bc:a4:99:83:bc:a1:a0:57:89:a7:fb:85:62:de:d4:
29:a5:f5:ba:97:58:22:5a:f7:4b:93:6c:50:a2:0a:
33:e3:c9:ef:04:ad:1f:ca:ba:b2:40:aa:bf:79:d4:
52:40:60:c4:4d:ab:ed:9a:0d:ea:3d:a5:6c:5a:79:
ea:14:65:3d:21:4d:a3:15:04:0f:71:9b:51:34:20:
4d:62:d2:10:a6:95:7c:49:04:17:9a:4c:91:9e:d0:
7f:c5:6e:c1:bf:43:67:e2:2b:80:7e:68:14:17:93:
22:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:96:1D:9A:7B:D5:D4:04:2D:4A:49:82:59:02:3F:B3:C4:DB:47:AF
X509v3 Authority Key Identifier:
keyid:04:F4:6A:F8:85:D1:CC:BB:0C:09:B0:68:70:78:5B:5E:69:17:87:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BPRq-IXRzLsMCbBocHhbXmkXh-E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/fb53d6-ada8-426d-99fb-c5cf4b3b1ca6/1/h5YdmnvV1AQtSkmCWQI_s8TbR68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/fb53d6-ada8-426d-99fb-c5cf4b3b1ca6/1/BPRq-IXRzLsMCbBocHhbXmkXh-E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.63.0/24
Signature Algorithm: sha256WithRSAEncryption
43:c1:b2:09:75:ba:ba:df:f9:e4:2c:97:57:9a:0e:68:dd:3a:
80:33:be:04:3d:8b:98:33:24:b9:cf:3d:17:47:75:13:86:8e:
8a:64:f3:f9:b4:75:72:61:71:83:2c:a3:c7:df:a9:fa:ca:84:
b9:72:e0:29:ef:42:b3:5d:36:ac:0f:2a:78:e7:8a:04:4a:55:
d7:34:e4:88:99:7d:ed:3d:30:1d:13:7e:e7:c3:34:be:13:d2:
e8:ed:fc:da:42:b2:6b:c5:ac:54:f6:36:c5:12:dc:69:0c:f3:
c9:78:dd:69:e7:34:59:8d:be:c5:80:28:27:af:29:f6:b4:de:
dc:71:06:a5:1b:8e:85:78:95:b8:7f:ea:4e:4a:46:a3:8a:5e:
d5:2c:7c:e7:e3:ac:80:36:a1:af:36:1b:62:32:da:a0:da:7e:
2f:7e:92:16:4d:25:8e:5d:0a:e6:27:95:d0:d5:d0:49:5c:49:
c0:41:b6:19:b7:b5:aa:6a:66:59:cb:6d:05:67:59:e4:0b:59:
cd:60:72:2a:c0:02:a5:a3:e5:26:70:19:3e:0e:62:7e:eb:8c:
ff:b5:1c:7b:c8:ee:bd:7f:1e:7a:ce:e6:02:b5:d6:9a:62:63:
38:ee:6e:46:a9:7a:8c:fa:1a:03:b6:33:49:75:1d:ae:2e:3b:
0d:eb:9e:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbUvcmP8n/gPR5BHtLZzMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZjQ2YWY4ODVkMWNjYmIwYzA5YjA2ODcwNzg1YjVlNjkx
Nzg3ZTEwHhcNMjQwMTAxMDAyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzk2MWQ5YTdiZDVkNDA0MmQ0YTQ5ODI1OTAyM2ZiM2M0ZGI0N2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJVDMfsoHRytL1WZthdlliDzj8dj
4jV8U9PfOoz6h+cP0akPDFLn7j8ehoo5rFfH95u7677Jox6sCY4n0N3tBntoSYWM
hgVITnf2h687GX7hBmJ9pNo/PZch/g2fgxXVa0BmoTuKoaYZTN4zYj+hKPADuEIr
Ynwk2bkjEahyre7rCgKGkEAXYwaZcBRPVzK0AZbA9+i8pJmDvKGgV4mn+4Vi3tQp
pfW6l1giWvdLk2xQogoz48nvBK0fyrqyQKq/edRSQGDETavtmg3qPaVsWnnqFGU9
IU2jFQQPcZtRNCBNYtIQppV8SQQXmkyRntB/xW7Bv0Nn4iuAfmgUF5MiEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIeWHZp71dQELUpJglkCP7PE20evMB8GA1UdIwQY
MBaAFAT0aviF0cy7DAmwaHB4W15pF4fhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlBScS1JWFJ6THNNQ2JCb2NIaGJYbWtYaC1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9mYjUzZDYtYWRhOC00MjZkLTk5ZmIt
YzVjZjRiM2IxY2E2LzEvaDVZZG1udlYxQVF0U2ttQ1dRSV9zOFRiUjY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9mYjUzZDYtYWRhOC00MjZkLTk5ZmItYzVjZjRiM2IxY2E2
LzEvQlBScS1JWFJ6THNNQ2JCb2NIaGJYbWtYaC1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+s/MA0G
CSqGSIb3DQEBCwUAA4IBAQBDwbIJdbq63/nkLJdXmg5o3TqAM74EPYuYMyS5zz0X
R3UTho6KZPP5tHVyYXGDLKPH36n6yoS5cuAp70KzXTasDyp454oESlXXNOSImX3t
PTAdE37nwzS+E9Lo7fzaQrJrxaxU9jbFEtxpDPPJeN1p5zRZjb7FgCgnryn2tN7c
cQalG46FeJW4f+pOSkajil7VLHzn46yANqGvNhtiMtqg2n4vfpIWTSWOXQrmJ5XQ
1dBJXEnAQbYZt7WqamZZy20FZ1nkC1nNYHIqwAKlo+UmcBk+DmJ+64z/tRx7yO69
fx56zuYCtdaaYmM47m5GqXqM+hoDtjNJdR2uLjsN655L
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:59:52 2024 by rpki-client on console-fra.rpki-client.org