Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/6a8607-a33a-44af-b2c0-1341de8abe51/1/XT1t9Z2nz7YX8tZS6baMubeuz-c.roa
File: XT1t9Z2nz7YX8tZS6baMubeuz-c.roa (raw, json)
Hash identifier: F0c53UvKpXHfxgW4QKMRXZzB1ai5oMZcXxUBVkD20Ns=
Subject key identifier: 5D:3D:6D:F5:9D:A7:CF:B6:17:F2:D6:52:E9:B6:8C:B9:B7:AE:CF:E7
Certificate issuer: /CN=6559cf34d4cfc59640862d1e4b79d48d9e4d8e7b
Certificate serial: 0191DBB63CBBC596D70E2D5BFE175B79DCDC
Authority key identifier: 65:59:CF:34:D4:CF:C5:96:40:86:2D:1E:4B:79:D4:8D:9E:4D:8E:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZVnPNNTPxZZAhi0eS3nUjZ5Njns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/6a8607-a33a-44af-b2c0-1341de8abe51/1/XT1t9Z2nz7YX8tZS6baMubeuz-c.roa
Signing time: Tue 10 Sep 2024 11:33:58 +0000
ROA not before: Tue 10 Sep 2024 11:33:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3170
IP address blocks: 91.238.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/6a8607-a33a-44af-b2c0-1341de8abe51/1/ZVnPNNTPxZZAhi0eS3nUjZ5Njns.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/6a8607-a33a-44af-b2c0-1341de8abe51/1/ZVnPNNTPxZZAhi0eS3nUjZ5Njns.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZVnPNNTPxZZAhi0eS3nUjZ5Njns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:db:b6:3c:bb:c5:96:d7:0e:2d:5b:fe:17:5b:79:dc:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6559cf34d4cfc59640862d1e4b79d48d9e4d8e7b
Validity
Not Before: Sep 10 11:33:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d3d6df59da7cfb617f2d652e9b68cb9b7aecfe7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:38:10:6b:d5:2d:ca:4c:24:2e:e3:88:1f:22:
08:a6:86:87:e0:69:ae:79:5f:3e:c1:12:ee:bb:16:
09:44:d9:0d:8b:51:4e:4f:c1:d1:13:ba:d8:97:5c:
72:ec:0a:b3:23:6f:74:85:86:4f:bf:d4:76:3b:70:
f9:e3:60:4b:44:65:1a:c3:2d:15:b1:db:3f:97:e6:
2e:02:7d:dc:cd:28:54:d5:82:09:c4:f3:a7:f7:62:
5e:09:dd:56:d0:44:0c:88:d5:54:28:5b:72:9b:91:
50:33:49:c3:36:2a:a1:5d:fe:e6:0f:f0:a7:24:6f:
9b:69:da:6d:45:9c:13:c1:bc:5d:c9:e1:f0:d5:c0:
1b:19:52:c8:09:0c:0b:0a:97:80:57:23:be:29:b1:
54:a6:43:9d:b2:66:5a:be:cc:88:30:e5:d7:35:6b:
08:4f:a8:9e:43:c5:31:96:c2:d6:62:fc:ff:1f:4d:
c9:62:c3:3e:aa:bd:15:de:9f:10:d2:dc:05:0f:43:
fe:45:99:3e:8f:76:04:18:50:85:f0:16:1e:fd:5a:
e2:9f:2d:1e:9a:81:81:9e:0c:b9:03:b2:26:e3:48:
b1:6e:4d:dd:47:58:ec:75:63:78:da:97:ef:6b:04:
3e:e1:1b:c5:a0:69:b0:e0:ab:04:c6:7d:ec:08:16:
29:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:3D:6D:F5:9D:A7:CF:B6:17:F2:D6:52:E9:B6:8C:B9:B7:AE:CF:E7
X509v3 Authority Key Identifier:
keyid:65:59:CF:34:D4:CF:C5:96:40:86:2D:1E:4B:79:D4:8D:9E:4D:8E:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZVnPNNTPxZZAhi0eS3nUjZ5Njns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6a8607-a33a-44af-b2c0-1341de8abe51/1/XT1t9Z2nz7YX8tZS6baMubeuz-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6a8607-a33a-44af-b2c0-1341de8abe51/1/ZVnPNNTPxZZAhi0eS3nUjZ5Njns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.195.0/24
Signature Algorithm: sha256WithRSAEncryption
95:74:95:61:e9:0d:1d:b3:11:0d:ee:87:4b:f0:c8:49:62:ab:
ec:47:6d:5d:6e:e9:98:c8:d7:61:87:f6:7b:e1:39:14:e8:62:
b3:bd:a8:d3:a5:b1:f0:2e:c4:28:92:07:c9:1b:28:ac:6f:fb:
21:62:cf:56:c3:47:25:53:08:56:36:e5:d1:5c:03:03:4e:3e:
00:12:b7:69:25:82:73:c6:78:f7:c6:fe:c6:48:28:97:75:67:
c8:26:15:db:ee:f5:31:41:d0:7c:e5:05:78:32:27:28:47:a4:
50:d3:2c:23:99:a5:3b:97:8e:9b:0a:ea:db:c7:e0:d0:02:bb:
b4:11:2a:c6:2c:88:70:b0:54:42:c6:fd:5f:48:f6:5a:81:2e:
3a:e9:9d:63:d2:59:f3:45:0c:27:14:c0:a3:a3:06:1d:25:b7:
8e:33:56:31:ff:46:60:4a:30:85:9c:65:1f:19:93:9c:18:2f:
eb:5b:e4:d8:73:64:77:88:d2:0c:df:61:23:f2:03:65:aa:0d:
e4:28:20:ef:58:03:53:2f:0d:cd:8f:c2:c2:26:a0:85:30:83:
50:2b:91:99:e1:b3:ae:21:d6:3c:f5:66:9b:18:28:5d:0b:5d:
c4:4c:5f:53:3f:c0:1b:24:9f:76:d7:ea:9e:3e:4c:9b:16:a9:
06:de:78:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHbtjy7xZbXDi1b/hdbedzcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NTljZjM0ZDRjZmM1OTY0MDg2MmQxZTRiNzlkNDhkOWU0
ZDhlN2IwHhcNMjQwOTEwMTEzMzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDNkNmRmNTlkYTdjZmI2MTdmMmQ2NTJlOWI2OGNiOWI3YWVjZmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDgQa9UtykwkLuOIHyIIpoaH4Gmu
eV8+wRLuuxYJRNkNi1FOT8HRE7rYl1xy7AqzI290hYZPv9R2O3D542BLRGUawy0V
sds/l+YuAn3czShU1YIJxPOn92JeCd1W0EQMiNVUKFtym5FQM0nDNiqhXf7mD/Cn
JG+badptRZwTwbxdyeHw1cAbGVLICQwLCpeAVyO+KbFUpkOdsmZavsyIMOXXNWsI
T6ieQ8UxlsLWYvz/H03JYsM+qr0V3p8Q0twFD0P+RZk+j3YEGFCF8BYe/Vriny0e
moGBngy5A7Im40ixbk3dR1jsdWN42pfvawQ+4RvFoGmw4KsExn3sCBYpeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF09bfWdp8+2F/LWUum2jLm3rs/nMB8GA1UdIwQY
MBaAFGVZzzTUz8WWQIYtHkt51I2eTY57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlZuUE5OVFB4WlpBaGkwZVMzblVqWjVOam5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82YTg2MDctYTMzYS00NGFmLWIyYzAt
MTM0MWRlOGFiZTUxLzEvWFQxdDlaMm56N1lYOHRaUzZiYU11YmV1ei1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82YTg2MDctYTMzYS00NGFmLWIyYzAtMTM0MWRlOGFiZTUx
LzEvWlZuUE5OVFB4WlpBaGkwZVMzblVqWjVOam5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+7DMA0G
CSqGSIb3DQEBCwUAA4IBAQCVdJVh6Q0dsxEN7odL8MhJYqvsR21dbumYyNdhh/Z7
4TkU6GKzvajTpbHwLsQokgfJGyisb/shYs9Ww0clUwhWNuXRXAMDTj4AErdpJYJz
xnj3xv7GSCiXdWfIJhXb7vUxQdB85QV4MicoR6RQ0ywjmaU7l46bCurbx+DQAru0
ESrGLIhwsFRCxv1fSPZagS466Z1j0lnzRQwnFMCjowYdJbeOM1Yx/0ZgSjCFnGUf
GZOcGC/rW+TYc2R3iNIM32Ej8gNlqg3kKCDvWANTLw3Nj8LCJqCFMINQK5GZ4bOu
IdY89WabGChdC13ETF9TP8AbJJ921+qePkybFqkG3nim
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:53:22 2024 by rpki-client on console-fra.rpki-client.org