Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/XmvF-7pJC7vJdUYAbCRfY56FNLY.roa
File: XmvF-7pJC7vJdUYAbCRfY56FNLY.roa (raw, json)
Hash identifier: R7BVQsROki3Iw+2ZZLalksgm3nUnB3IaGVg04wr9cbU=
Subject key identifier: 5E:6B:C5:FB:BA:49:0B:BB:C9:75:46:00:6C:24:5F:63:9E:85:34:B6
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 018F86D20FF832F99F99D5677043E2A003C3
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/XmvF-7pJC7vJdUYAbCRfY56FNLY.roa
Signing time: Fri 17 May 2024 13:51:04 +0000
ROA not before: Fri 17 May 2024 13:51:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43541
IP address blocks: 91.239.200.0/22 maxlen: 22
2001:67c:e94::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:86:d2:0f:f8:32:f9:9f:99:d5:67:70:43:e2:a0:03:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: May 17 13:51:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e6bc5fbba490bbbc97546006c245f639e8534b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ae:e1:a0:d4:a4:e5:18:a9:a5:51:94:95:80:
af:78:94:17:41:d1:d8:74:79:00:76:64:46:7a:3c:
47:6d:29:e5:ff:db:b0:4d:4c:b0:18:ea:51:31:88:
36:80:f0:a3:d5:ce:aa:54:12:d8:ab:07:97:b1:74:
f7:92:4b:a6:2e:24:1e:62:c1:91:73:f9:26:62:26:
31:7e:04:3f:21:4b:6f:74:64:f4:74:c7:79:2e:57:
07:04:ca:09:78:73:04:04:27:84:1a:9d:dd:b6:dd:
49:31:98:ec:e6:6d:c0:1d:c2:e5:99:cc:22:22:3d:
0f:fb:17:7f:03:c1:eb:e5:43:71:4b:1d:f8:25:95:
1c:c4:f4:79:6c:5d:16:1f:bc:65:a5:c6:a5:54:eb:
e7:0b:21:20:6a:07:62:c7:a1:b1:37:d7:61:02:f8:
cd:c7:51:14:6d:f1:aa:6e:f2:de:e7:eb:d3:7c:34:
78:f2:35:73:ac:f1:9d:ac:03:47:53:7f:e8:99:b5:
41:a6:cd:66:e5:6e:9a:f5:d8:b4:3a:e1:77:b4:18:
5b:57:b9:fc:bf:4d:fc:d8:e8:f0:a0:d2:66:18:a7:
a2:04:66:96:b3:9a:d7:5e:d9:b7:4e:b7:86:31:50:
5d:cc:00:bf:d8:85:3e:67:f8:08:b7:bd:f1:b9:06:
be:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:6B:C5:FB:BA:49:0B:BB:C9:75:46:00:6C:24:5F:63:9E:85:34:B6
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/XmvF-7pJC7vJdUYAbCRfY56FNLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.200.0/22
IPv6:
2001:67c:e94::/48
Signature Algorithm: sha256WithRSAEncryption
40:97:5e:d3:25:3b:0e:55:cf:24:fe:c3:77:25:69:d4:e5:20:
0c:9d:e7:8a:7e:8e:0f:ff:97:a5:62:3a:df:e3:fd:92:04:45:
95:54:3a:a9:b6:b4:6f:08:58:56:91:0f:41:de:84:93:58:e4:
c0:a0:2b:1c:18:44:a0:86:3e:86:f2:bb:2f:3b:d8:b2:2e:d3:
17:32:ee:69:17:93:c7:03:c6:a3:c5:e0:e0:a2:90:8e:1e:33:
94:40:e8:9a:86:ce:38:96:cd:64:2a:b6:7a:83:03:68:f3:87:
24:13:bc:97:4e:94:65:c7:1a:75:78:2d:65:55:50:59:8d:38:
c9:41:ae:d1:14:3a:16:de:90:7f:64:5f:1a:03:da:1a:59:5c:
0b:8a:94:35:b1:33:8c:ab:31:a7:b4:b3:c2:fd:c5:2f:8a:d3:
2f:18:93:55:30:11:08:1a:ac:75:d0:30:c0:0f:fa:12:fe:97:
28:0d:ba:26:75:f9:2f:77:7c:42:50:94:f0:5d:2b:d5:4b:69:
b0:e7:01:71:75:f7:ed:68:3e:89:aa:b5:7c:3c:8f:31:90:ef:
7b:fd:25:0d:0a:fd:62:e2:5d:fd:d6:25:19:9c:25:49:af:92:
70:68:b2:36:27:c7:8f:93:2d:26:85:f6:ba:41:46:3c:f3:0d:
8b:89:10:91
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+G0g/4MvmfmdVncEPioAPDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjQwNTE3MTM1MTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTZiYzVmYmJhNDkwYmJiYzk3NTQ2MDA2YzI0NWY2MzllODUzNGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx67hoNSk5RippVGUlYCveJQXQdHY
dHkAdmRGejxHbSnl/9uwTUywGOpRMYg2gPCj1c6qVBLYqweXsXT3kkumLiQeYsGR
c/kmYiYxfgQ/IUtvdGT0dMd5LlcHBMoJeHMEBCeEGp3dtt1JMZjs5m3AHcLlmcwi
Ij0P+xd/A8Hr5UNxSx34JZUcxPR5bF0WH7xlpcalVOvnCyEgagdix6GxN9dhAvjN
x1EUbfGqbvLe5+vTfDR48jVzrPGdrANHU3/ombVBps1m5W6a9di0OuF3tBhbV7n8
v0382OjwoNJmGKeiBGaWs5rXXtm3TreGMVBdzAC/2IU+Z/gIt73xuQa+rQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF5rxfu6SQu7yXVGAGwkX2OehTS2MB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvWG12Ri03cEpDN3ZKZFVZQWJDUmZZNTZGTkxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCW+/IMA8E
AgACMAkDBwAgAQZ8DpQwDQYJKoZIhvcNAQELBQADggEBAECXXtMlOw5VzyT+w3cl
adTlIAyd54p+jg//l6ViOt/j/ZIERZVUOqm2tG8IWFaRD0HehJNY5MCgKxwYRKCG
Pobyuy872LIu0xcy7mkXk8cDxqPF4OCikI4eM5RA6JqGzjiWzWQqtnqDA2jzhyQT
vJdOlGXHGnV4LWVVUFmNOMlBrtEUOhbekH9kXxoD2hpZXAuKlDWxM4yrMae0s8L9
xS+K0y8Yk1UwEQgarHXQMMAP+hL+lygNuiZ1+S93fEJQlPBdK9VLabDnAXF19+1o
PomqtXw8jzGQ73v9JQ0K/WLiXf3WJRmcJUmvknBosjYnx4+TLSaF9rpBRjzzDYuJ
EJE=
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:59:47 2024 by rpki-client on console-ams.rpki-client.org