Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/C1McBUoStX2C-f5AJnmtXiKXLvg.roa
File: C1McBUoStX2C-f5AJnmtXiKXLvg.roa (raw, json)
Hash identifier: eBPGapOa9e7VrDtFQIb6zc0B6c0Gl9PTuWOQ6Q5hozk=
Subject key identifier: 0B:53:1C:05:4A:12:B5:7D:82:F9:FE:40:26:79:AD:5E:22:97:2E:F8
Certificate issuer: /CN=4368330bea2dfe880ffa62f67b566aeae2d287fd
Certificate serial: 018CC6B90ABC41FFFD06DD360B5BBA0D77C7
Authority key identifier: 43:68:33:0B:EA:2D:FE:88:0F:FA:62:F6:7B:56:6A:EA:E2:D2:87:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/C1McBUoStX2C-f5AJnmtXiKXLvg.roa
Signing time: Mon 01 Jan 2024 20:31:04 +0000
ROA not before: Mon 01 Jan 2024 20:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47873
IP address blocks: 91.205.123.0/24 maxlen: 24
91.205.120.0/24 maxlen: 24
91.205.121.0/24 maxlen: 24
91.205.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:0a:bc:41:ff:fd:06:dd:36:0b:5b:ba:0d:77:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4368330bea2dfe880ffa62f67b566aeae2d287fd
Validity
Not Before: Jan 1 20:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b531c054a12b57d82f9fe402679ad5e22972ef8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:26:33:19:66:27:17:49:28:36:28:38:1b:16:
26:c0:ee:6d:69:11:55:5b:38:22:2c:4b:e1:c1:1c:
ab:e0:2b:92:fe:b2:f4:6e:90:98:dc:9e:ff:21:15:
b2:e8:91:dd:e7:4d:57:1f:ad:08:56:1d:d2:a4:0c:
bf:59:5c:02:36:37:f9:9c:00:e9:28:c7:46:a0:d5:
22:5c:51:a7:3b:17:bf:b2:bb:ca:83:97:29:fe:85:
e7:5f:1d:60:9a:24:81:d8:24:a7:19:79:88:da:bf:
7c:f3:ea:a8:5b:f9:87:44:be:56:b7:b8:08:69:c8:
52:b3:bb:46:23:10:14:57:f7:00:d0:da:90:02:d3:
82:5a:f9:80:45:05:a1:a1:42:8b:f1:05:ee:d6:38:
5b:53:57:49:6f:2f:4b:a3:a5:c6:b4:16:ea:18:47:
cb:db:9c:ae:40:2f:f3:f6:4b:c7:a2:6f:cf:e7:3b:
64:b8:b3:66:f0:26:15:5a:11:a0:a4:12:6a:55:7f:
02:18:61:4b:7f:38:be:8a:b0:3f:ef:d5:ae:64:4e:
a2:3b:ac:ed:5a:08:bd:ca:f9:da:04:9c:58:7a:a3:
9e:94:e0:4c:dd:63:0f:f7:ce:39:c9:3e:24:af:d9:
4b:cf:5a:51:39:cb:a3:a5:82:b3:6e:b8:20:ed:c8:
80:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:53:1C:05:4A:12:B5:7D:82:F9:FE:40:26:79:AD:5E:22:97:2E:F8
X509v3 Authority Key Identifier:
keyid:43:68:33:0B:EA:2D:FE:88:0F:FA:62:F6:7B:56:6A:EA:E2:D2:87:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/C1McBUoStX2C-f5AJnmtXiKXLvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.120.0/22
Signature Algorithm: sha256WithRSAEncryption
55:8b:69:6f:0d:00:f1:36:47:1c:dd:7f:e6:26:1b:8e:0f:e3:
11:1b:5d:e0:79:be:70:c5:50:4b:e3:fa:ce:1c:87:18:57:5f:
1f:54:af:8c:d7:3f:dc:2c:95:a1:ac:82:28:ae:9a:e8:28:e9:
a9:9a:d3:8a:be:15:16:8c:8b:45:27:0a:e0:b7:01:9a:b7:37:
d0:0d:0c:2d:e1:85:de:9a:23:3d:0f:a5:3c:fe:d6:66:6b:62:
b6:a1:49:2e:01:66:b4:65:c6:44:af:a8:35:ad:03:6c:63:ef:
2f:77:da:e6:b1:0d:e4:fb:b3:d1:8c:c5:9c:d9:f9:c3:9d:dc:
4f:3f:99:38:a4:00:ab:c4:f8:b0:c1:27:58:e8:74:0f:d1:9e:
ab:41:37:ba:27:4c:41:3d:6e:2e:dc:38:d9:f1:42:ed:05:4b:
5d:5d:41:cd:e7:fc:e3:29:60:a2:d3:51:ed:b7:c1:4a:96:60:
46:55:39:94:3d:ba:de:77:fc:39:91:8e:d5:8d:55:7e:f4:04:
fa:9b:c9:ec:0c:94:57:f8:d2:99:6d:f2:d9:ca:7d:53:89:d8:
81:17:b7:1f:0c:1b:2a:3b:9a:c3:61:7a:9f:c5:21:ce:14:7e:
9f:6c:0b:80:63:67:80:b9:04:4f:99:62:8b:3a:6e:bd:1b:71:
bf:76:42:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuQq8Qf/9Bt02C1u6DXfHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNjgzMzBiZWEyZGZlODgwZmZhNjJmNjdiNTY2YWVhZTJk
Mjg3ZmQwHhcNMjQwMTAxMjAzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjUzMWMwNTRhMTJiNTdkODJmOWZlNDAyNjc5YWQ1ZTIyOTcyZWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCYzGWYnF0koNig4GxYmwO5taRFV
WzgiLEvhwRyr4CuS/rL0bpCY3J7/IRWy6JHd501XH60IVh3SpAy/WVwCNjf5nADp
KMdGoNUiXFGnOxe/srvKg5cp/oXnXx1gmiSB2CSnGXmI2r988+qoW/mHRL5Wt7gI
achSs7tGIxAUV/cA0NqQAtOCWvmARQWhoUKL8QXu1jhbU1dJby9Lo6XGtBbqGEfL
25yuQC/z9kvHom/P5ztkuLNm8CYVWhGgpBJqVX8CGGFLfzi+irA/79WuZE6iO6zt
Wgi9yvnaBJxYeqOelOBM3WMP9845yT4kr9lLz1pROcujpYKzbrgg7ciACQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAtTHAVKErV9gvn+QCZ5rV4ily74MB8GA1UdIwQY
MBaAFENoMwvqLf6ID/pi9ntWauri0of9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTJnekMtb3Rfb2dQLW1MMmUxWnE2dUxTaF8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS84ZmMzYjAtOTcwNC00NzUxLWIxNDkt
NWEzN2Y2YTFiY2E5LzEvQzFNY0JVb1N0WDJDLWY1QUpubXRYaUtYTHZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS84ZmMzYjAtOTcwNC00NzUxLWIxNDktNWEzN2Y2YTFiY2E5
LzEvUTJnekMtb3Rfb2dQLW1MMmUxWnE2dUxTaF8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW814MA0G
CSqGSIb3DQEBCwUAA4IBAQBVi2lvDQDxNkcc3X/mJhuOD+MRG13geb5wxVBL4/rO
HIcYV18fVK+M1z/cLJWhrIIorproKOmpmtOKvhUWjItFJwrgtwGatzfQDQwt4YXe
miM9D6U8/tZma2K2oUkuAWa0ZcZEr6g1rQNsY+8vd9rmsQ3k+7PRjMWc2fnDndxP
P5k4pACrxPiwwSdY6HQP0Z6rQTe6J0xBPW4u3DjZ8ULtBUtdXUHN5/zjKWCi01Ht
t8FKlmBGVTmUPbred/w5kY7VjVV+9AT6m8nsDJRX+NKZbfLZyn1TidiBF7cfDBsq
O5rDYXqfxSHOFH6fbAuAY2eAuQRPmWKLOm69G3G/dkIK
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:35:00 2024 by rpki-client on console-ams.rpki-client.org