Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/RGRQyycScMgIaEkVRTTYZcBbshE.roa
File: RGRQyycScMgIaEkVRTTYZcBbshE.roa (raw, json)
Hash identifier: R251uuvyYJsnRk6nXvAjAQeOdiywSG9AQKpl1Hd9UZs=
Subject key identifier: 44:64:50:CB:27:12:70:C8:08:68:49:15:45:34:D8:65:C0:5B:B2:11
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 018CC86F37AF1BB1F0D3546202B3094ABB4E
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/RGRQyycScMgIaEkVRTTYZcBbshE.roa
Signing time: Tue 02 Jan 2024 04:29:41 +0000
ROA not before: Tue 02 Jan 2024 04:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209242
IP address blocks: 91.221.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 10:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:37:af:1b:b1:f0:d3:54:62:02:b3:09:4a:bb:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Jan 2 04:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=446450cb271270c8086849154534d865c05bb211
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:39:03:ee:31:f3:cb:21:7c:8b:63:1c:c8:a8:
0a:dd:3a:06:f7:c1:c9:93:fa:a7:bf:63:b8:58:1e:
61:fb:b8:3c:10:e3:33:2f:6f:de:c9:e8:9e:30:d6:
e8:03:d0:7a:15:0d:32:20:c4:a8:b0:fa:c9:4c:9b:
90:4a:f6:89:d1:1f:3b:0b:35:ac:93:51:27:4f:ac:
1e:4c:44:f9:42:34:31:a3:35:7e:65:25:a8:b6:aa:
c4:46:dd:41:65:a0:3a:15:82:24:54:87:61:39:6d:
6d:78:7e:ac:d8:a6:c8:00:03:19:5c:e2:96:0f:90:
73:68:b5:79:a4:82:e6:54:8e:32:cd:6a:4b:ad:f0:
ac:46:48:7a:df:10:c6:97:e1:26:d5:5e:c4:26:2a:
40:b6:30:31:6f:5a:6e:05:52:91:da:64:a6:db:84:
a8:58:72:66:c0:24:62:09:c0:e9:97:35:ed:8c:f9:
02:10:4e:1f:95:86:61:1d:96:5e:e5:36:82:e6:f7:
f3:6f:59:32:d0:a1:06:4e:d2:b8:27:e8:f0:26:73:
6c:c7:19:8c:e9:a7:f1:9b:a4:05:9f:fc:17:89:64:
63:68:81:1c:70:65:6e:51:8b:30:e9:0d:73:62:5a:
23:7a:51:77:33:a0:85:dd:61:0d:5a:c5:23:97:5f:
8e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:64:50:CB:27:12:70:C8:08:68:49:15:45:34:D8:65:C0:5B:B2:11
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/RGRQyycScMgIaEkVRTTYZcBbshE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.116.0/24
Signature Algorithm: sha256WithRSAEncryption
42:37:34:ef:68:ce:30:e6:cd:cc:33:77:50:74:24:4e:aa:49:
a5:5b:a5:18:e9:4a:5b:38:d2:f2:05:cc:35:49:d4:d1:c6:c7:
8f:82:7a:70:05:47:0b:5b:28:36:15:7a:b7:51:ec:00:5b:24:
04:be:b4:89:87:df:ba:09:37:1f:eb:80:26:66:bb:1f:8c:64:
07:84:7e:ec:ff:9b:77:b0:ee:bb:9c:23:86:70:a8:a7:45:fc:
99:f4:3c:fd:2a:00:5e:57:8d:71:6c:70:18:3a:9c:52:61:2b:
78:73:f4:d3:90:11:f4:6b:3c:09:3c:6f:86:18:38:3a:42:88:
eb:ef:93:4c:c2:36:99:d3:eb:9c:47:81:cd:95:05:d7:65:8e:
9e:88:03:5f:14:a2:bb:67:95:ff:9b:89:08:0f:18:68:14:5b:
60:a0:b0:d0:e0:c3:3c:e7:56:9a:ae:44:30:ec:be:4a:f1:df:
40:b6:07:d9:a4:27:1e:4f:9d:fc:36:2b:bc:0f:7b:17:86:4d:
76:48:ed:0b:d1:eb:4b:bf:04:e1:6e:a7:e4:0c:15:2d:7a:97:
41:f3:2c:20:50:6d:01:4d:15:f7:fa:6c:84:d6:42:77:9f:97:
eb:de:43:62:04:1f:c4:65:cc:c3:10:31:92:10:dc:f3:a9:cd:
a2:96:b8:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIbzevG7Hw01RiArMJSrtOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjQwMTAyMDQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDY0NTBjYjI3MTI3MGM4MDg2ODQ5MTU0NTM0ZDg2NWMwNWJiMjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjkD7jHzyyF8i2McyKgK3ToG98HJ
k/qnv2O4WB5h+7g8EOMzL2/eyeieMNboA9B6FQ0yIMSosPrJTJuQSvaJ0R87CzWs
k1EnT6weTET5QjQxozV+ZSWotqrERt1BZaA6FYIkVIdhOW1teH6s2KbIAAMZXOKW
D5BzaLV5pILmVI4yzWpLrfCsRkh63xDGl+Em1V7EJipAtjAxb1puBVKR2mSm24So
WHJmwCRiCcDplzXtjPkCEE4flYZhHZZe5TaC5vfzb1ky0KEGTtK4J+jwJnNsxxmM
6afxm6QFn/wXiWRjaIEccGVuUYsw6Q1zYlojelF3M6CF3WENWsUjl1+OmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFERkUMsnEnDICGhJFUU02GXAW7IRMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvUkdSUXl5Y1NjTWdJYUVrVlJUVFlaY0Jic2hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW910MA0G
CSqGSIb3DQEBCwUAA4IBAQBCNzTvaM4w5s3MM3dQdCROqkmlW6UY6UpbONLyBcw1
SdTRxsePgnpwBUcLWyg2FXq3UewAWyQEvrSJh9+6CTcf64AmZrsfjGQHhH7s/5t3
sO67nCOGcKinRfyZ9Dz9KgBeV41xbHAYOpxSYSt4c/TTkBH0azwJPG+GGDg6Qojr
75NMwjaZ0+ucR4HNlQXXZY6eiANfFKK7Z5X/m4kIDxhoFFtgoLDQ4MM851aarkQw
7L5K8d9AtgfZpCceT538Niu8D3sXhk12SO0L0etLvwThbqfkDBUtepdB8ywgUG0B
TRX3+myE1kJ3n5fr3kNiBB/EZczDEDGSENzzqc2ilrg/
-----END CERTIFICATE-----
Generated at Tue May 7 15:38:01 2024 by rpki-client on console-fra.rpki-client.org