Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/0d3f51-af73-4045-a0f1-eab828eca45b/1/S0NkA3KRFwtcCrJm_7yVhQju3cA.roa
File: S0NkA3KRFwtcCrJm_7yVhQju3cA.roa (raw, json)
Hash identifier: gF2785rFDsLVDgiXKjJWxCc0DvDL4yrjjTTOMADCIH8=
Subject key identifier: 4B:43:64:03:72:91:17:0B:5C:0A:B2:66:FF:BC:95:85:08:EE:DD:C0
Certificate issuer: /CN=03ebb001528281734bf5c94bc4bef6f6e99a377e
Certificate serial: 018CC8DF4148D6791582AE4A6511FF327182
Authority key identifier: 03:EB:B0:01:52:82:81:73:4B:F5:C9:4B:C4:BE:F6:F6:E9:9A:37:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A-uwAVKCgXNL9clLxL729umaN34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/0d3f51-af73-4045-a0f1-eab828eca45b/1/S0NkA3KRFwtcCrJm_7yVhQju3cA.roa
Signing time: Tue 02 Jan 2024 06:32:03 +0000
ROA not before: Tue 02 Jan 2024 06:32:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42878
IP address blocks: 91.193.202.0/24 maxlen: 24
91.193.200.0/22 maxlen: 22
91.193.201.0/24 maxlen: 24
91.193.203.0/24 maxlen: 24
91.193.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/0d3f51-af73-4045-a0f1-eab828eca45b/1/A-uwAVKCgXNL9clLxL729umaN34.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/0d3f51-af73-4045-a0f1-eab828eca45b/1/A-uwAVKCgXNL9clLxL729umaN34.mft
rsync://rpki.ripe.net/repository/DEFAULT/A-uwAVKCgXNL9clLxL729umaN34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:41:48:d6:79:15:82:ae:4a:65:11:ff:32:71:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03ebb001528281734bf5c94bc4bef6f6e99a377e
Validity
Not Before: Jan 2 06:32:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b4364037291170b5c0ab266ffbc958508eeddc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:84:95:ea:ac:ba:17:b3:cc:be:87:b6:e5:b9:
40:1b:a7:82:8d:7c:a1:93:15:9d:30:f0:74:83:48:
6b:1d:fe:2e:b1:b1:6f:e1:43:ec:13:97:5a:92:14:
2e:45:8c:22:f1:30:6e:6e:7c:74:97:4d:26:5f:0c:
b2:72:b5:79:0a:df:73:57:00:e8:6a:e0:d9:85:0e:
9d:aa:c7:ae:a9:85:c0:27:6d:58:8c:94:f8:71:5e:
91:e0:c6:21:22:44:0b:68:80:6c:98:89:8e:6e:0d:
02:6e:cc:a5:3e:0d:d0:69:db:4e:a0:ac:d4:fc:37:
e0:36:2f:be:9d:e6:dc:0c:c3:07:86:bc:f4:ad:af:
33:9d:2c:74:85:a8:30:50:59:77:86:77:9c:04:53:
74:f2:5c:80:b8:5d:91:a7:1f:e1:5b:6e:27:8c:0f:
97:6a:20:56:18:0c:48:fd:10:2c:03:85:48:c4:58:
0a:c6:09:fc:16:95:4f:af:1d:fb:48:d6:66:80:18:
ab:72:44:f2:a5:1b:73:72:75:49:6e:ff:90:c0:6c:
fc:be:bc:1e:4f:d5:f1:71:69:47:5c:fc:3b:b1:be:
23:a5:ae:f8:94:78:f0:33:86:34:0c:bd:b4:c9:ec:
8c:72:e3:bc:d7:fd:0b:77:44:27:5d:05:fa:69:52:
42:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:43:64:03:72:91:17:0B:5C:0A:B2:66:FF:BC:95:85:08:EE:DD:C0
X509v3 Authority Key Identifier:
keyid:03:EB:B0:01:52:82:81:73:4B:F5:C9:4B:C4:BE:F6:F6:E9:9A:37:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A-uwAVKCgXNL9clLxL729umaN34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/0d3f51-af73-4045-a0f1-eab828eca45b/1/S0NkA3KRFwtcCrJm_7yVhQju3cA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/0d3f51-af73-4045-a0f1-eab828eca45b/1/A-uwAVKCgXNL9clLxL729umaN34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.200.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:35:e1:b7:83:0d:c2:7f:6e:9c:54:9e:94:b2:d3:87:1b:8e:
bd:21:ad:f3:e9:fb:e7:f7:2e:c4:71:89:ee:6d:df:f3:55:38:
1c:dc:52:54:35:35:e3:01:c6:d9:1c:dc:20:3f:d0:ab:dc:90:
74:62:7f:42:dc:a9:d9:41:6d:28:23:9f:54:ac:68:57:f1:f8:
28:ee:0c:b4:c5:fc:ec:67:e6:a8:98:5d:60:19:95:fb:63:ba:
a8:24:38:43:d0:4c:9c:25:bc:c9:fb:74:77:6a:f2:bf:c1:f2:
99:e1:be:95:fe:45:be:25:67:ff:17:0e:ca:7f:de:3a:79:5c:
28:63:4b:ee:3f:a2:46:af:80:02:7a:d5:ed:88:4d:b8:29:1b:
bc:9f:6e:a1:26:c5:d6:89:bf:da:54:0c:ab:6a:32:0b:56:58:
18:ab:e5:d7:33:3e:6b:26:3c:0b:a0:c2:52:3a:4b:84:52:41:
c3:c2:7f:11:36:28:e5:9d:71:18:69:66:2c:87:53:25:86:af:
e6:3a:5e:b7:22:e0:fe:a1:10:19:e7:e1:72:53:89:42:5d:46:
40:38:8f:66:3a:43:4e:a8:a2:0c:6f:50:43:04:2a:26:af:c3:
10:f0:a1:f0:62:22:8b:a5:78:a3:51:97:0f:03:35:c9:12:1a:
23:3f:7b:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI30FI1nkVgq5KZRH/MnGCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZWJiMDAxNTI4MjgxNzM0YmY1Yzk0YmM0YmVmNmY2ZTk5
YTM3N2UwHhcNMjQwMTAyMDYzMjAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjQzNjQwMzcyOTExNzBiNWMwYWIyNjZmZmJjOTU4NTA4ZWVkZGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4SV6qy6F7PMvoe25blAG6eCjXyh
kxWdMPB0g0hrHf4usbFv4UPsE5dakhQuRYwi8TBubnx0l00mXwyycrV5Ct9zVwDo
auDZhQ6dqseuqYXAJ21YjJT4cV6R4MYhIkQLaIBsmImObg0CbsylPg3QadtOoKzU
/DfgNi++nebcDMMHhrz0ra8znSx0hagwUFl3hnecBFN08lyAuF2Rpx/hW24njA+X
aiBWGAxI/RAsA4VIxFgKxgn8FpVPrx37SNZmgBirckTypRtzcnVJbv+QwGz8vrwe
T9XxcWlHXPw7sb4jpa74lHjwM4Y0DL20yeyMcuO81/0Ld0QnXQX6aVJCJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEtDZANykRcLXAqyZv+8lYUI7t3AMB8GA1UdIwQY
MBaAFAPrsAFSgoFzS/XJS8S+9vbpmjd+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQS11d0FWS0NnWE5MOWNsTHhMNzI5dW1hTjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8wZDNmNTEtYWY3My00MDQ1LWEwZjEt
ZWFiODI4ZWNhNDViLzEvUzBOa0EzS1JGd3RjQ3JKbV83eVZoUWp1M2NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8wZDNmNTEtYWY3My00MDQ1LWEwZjEtZWFiODI4ZWNhNDVi
LzEvQS11d0FWS0NnWE5MOWNsTHhMNzI5dW1hTjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8HIMA0G
CSqGSIb3DQEBCwUAA4IBAQAvNeG3gw3Cf26cVJ6UstOHG469Ia3z6fvn9y7EcYnu
bd/zVTgc3FJUNTXjAcbZHNwgP9Cr3JB0Yn9C3KnZQW0oI59UrGhX8fgo7gy0xfzs
Z+aomF1gGZX7Y7qoJDhD0EycJbzJ+3R3avK/wfKZ4b6V/kW+JWf/Fw7Kf946eVwo
Y0vuP6JGr4ACetXtiE24KRu8n26hJsXWib/aVAyrajILVlgYq+XXMz5rJjwLoMJS
OkuEUkHDwn8RNijlnXEYaWYsh1Mlhq/mOl63IuD+oRAZ5+FyU4lCXUZAOI9mOkNO
qKIMb1BDBComr8MQ8KHwYiKLpXijUZcPAzXJEhojP3vf
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:35:29 2024 by rpki-client on console-ams.rpki-client.org