Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/73e1e0-3d46-428c-ab3b-2159efee6a07/1/E9PnOPhA3CNk0TEUhpDtLyU3NcI.roa
File: E9PnOPhA3CNk0TEUhpDtLyU3NcI.roa (raw, json)
Hash identifier: t/9+7+WnBFE9o1Crdzk0wT85EEu+SA4n5PetryfvEyQ=
Subject key identifier: 13:D3:E7:38:F8:40:DC:23:64:D1:31:14:86:90:ED:2F:25:37:35:C2
Certificate issuer: /CN=bb528c126aed0d7f5a06950eb2c2033486856a15
Certificate serial: 018CC4939C76A74D50C9F6B83FE57FDF908A
Authority key identifier: BB:52:8C:12:6A:ED:0D:7F:5A:06:95:0E:B2:C2:03:34:86:85:6A:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u1KMEmrtDX9aBpUOssIDNIaFahU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/73e1e0-3d46-428c-ab3b-2159efee6a07/1/E9PnOPhA3CNk0TEUhpDtLyU3NcI.roa
Signing time: Mon 01 Jan 2024 10:30:57 +0000
ROA not before: Mon 01 Jan 2024 10:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211073
IP address blocks: 91.207.176.0/24 maxlen: 24
91.207.177.0/24 maxlen: 24
91.207.176.0/23 maxlen: 23
2001:67c:414::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/73e1e0-3d46-428c-ab3b-2159efee6a07/1/u1KMEmrtDX9aBpUOssIDNIaFahU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/73e1e0-3d46-428c-ab3b-2159efee6a07/1/u1KMEmrtDX9aBpUOssIDNIaFahU.mft
rsync://rpki.ripe.net/repository/DEFAULT/u1KMEmrtDX9aBpUOssIDNIaFahU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 Nov 2024 04:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:9c:76:a7:4d:50:c9:f6:b8:3f:e5:7f:df:90:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb528c126aed0d7f5a06950eb2c2033486856a15
Validity
Not Before: Jan 1 10:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=13d3e738f840dc2364d131148690ed2f253735c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b2:f3:77:52:b6:39:51:86:47:e4:47:64:2a:
dc:80:d4:d8:83:9a:f3:22:4e:6f:a7:66:26:0a:2e:
bc:7d:99:a6:16:c5:ef:bb:f0:c6:bd:39:34:c0:6b:
25:88:23:40:d5:5c:0f:58:fe:6d:d5:08:18:0e:3e:
93:90:23:cc:46:81:13:00:c2:4f:3d:f8:83:77:a6:
67:42:7c:b4:9d:1a:16:e6:98:9e:ad:d9:5f:d4:6b:
9a:82:e6:16:32:ff:bd:7e:d2:ce:13:b1:96:f2:12:
fa:44:af:d9:1b:dc:d1:ff:18:83:fb:32:df:bf:00:
55:97:42:66:0a:e7:03:91:b2:fb:aa:53:25:9e:1e:
5d:02:0b:21:f0:94:62:7a:05:d4:39:50:e1:32:b0:
2c:11:ea:e1:b6:35:ea:35:c1:7a:03:b8:2d:5e:d8:
ba:e3:d8:df:8e:7c:6f:8f:d5:77:8e:0e:b6:00:cf:
57:32:d5:f8:d4:2d:f2:3a:03:92:9d:29:c3:51:14:
59:45:e9:21:43:ee:a6:b3:9a:17:18:d8:dd:83:03:
26:9d:53:e9:39:c8:82:d8:e5:7a:31:de:f8:a3:41:
92:f4:1a:e4:5c:10:de:c1:7f:18:17:2f:6e:fe:9b:
90:bc:3e:3e:5f:b8:22:54:de:3d:f6:70:e5:e0:1c:
88:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:D3:E7:38:F8:40:DC:23:64:D1:31:14:86:90:ED:2F:25:37:35:C2
X509v3 Authority Key Identifier:
keyid:BB:52:8C:12:6A:ED:0D:7F:5A:06:95:0E:B2:C2:03:34:86:85:6A:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u1KMEmrtDX9aBpUOssIDNIaFahU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/73e1e0-3d46-428c-ab3b-2159efee6a07/1/E9PnOPhA3CNk0TEUhpDtLyU3NcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/73e1e0-3d46-428c-ab3b-2159efee6a07/1/u1KMEmrtDX9aBpUOssIDNIaFahU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.176.0/23
IPv6:
2001:67c:414::/48
Signature Algorithm: sha256WithRSAEncryption
7e:ab:fa:c0:a7:4c:a1:11:89:5e:5d:14:fb:7b:1d:93:00:8b:
99:a7:ff:35:a0:ac:0f:c5:0a:2c:5d:ba:61:20:73:83:ee:88:
16:17:40:35:80:b4:e1:66:1a:64:b2:94:a4:b3:cc:7c:fa:5c:
eb:38:f8:d6:2a:42:42:3b:32:1d:5f:c3:82:ce:c3:fd:2c:2f:
da:02:eb:f6:d2:3f:fa:4b:29:85:2a:ea:d8:35:c5:33:d1:8f:
e6:5f:cb:ca:65:5c:f9:d5:67:21:69:1a:b7:57:12:0e:f8:8e:
5d:3a:2e:b8:25:b5:fb:57:77:b8:88:0f:0e:a8:34:6c:56:ee:
d0:fc:8f:91:f7:8d:75:af:82:16:48:ba:9e:9f:6a:0e:3b:7b:
e6:85:63:5b:b4:00:07:33:42:9c:41:e7:f7:12:76:a9:8b:51:
08:fe:cd:3c:51:96:ec:f2:7a:88:8a:a3:92:52:bf:07:37:41:
1d:94:b5:57:46:ec:8b:52:6b:6d:19:d2:41:5f:ea:a6:2c:05:
b2:43:b3:9d:d4:b4:50:35:26:5a:9a:81:e7:db:fa:ef:f2:83:
59:f8:d4:fe:72:27:c8:6a:61:11:c9:f2:e5:75:e9:9c:b9:04:
ef:cd:3b:f2:31:be:a4:67:de:c5:17:14:e7:03:cc:73:c2:0d:
02:d6:cb:9d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEk5x2p01Qyfa4P+V/35CKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNTI4YzEyNmFlZDBkN2Y1YTA2OTUwZWIyYzIwMzM0ODY4
NTZhMTUwHhcNMjQwMTAxMTAzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2QzZTczOGY4NDBkYzIzNjRkMTMxMTQ4NjkwZWQyZjI1MzczNWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLLzd1K2OVGGR+RHZCrcgNTYg5rz
Ik5vp2YmCi68fZmmFsXvu/DGvTk0wGsliCNA1VwPWP5t1QgYDj6TkCPMRoETAMJP
PfiDd6ZnQny0nRoW5pierdlf1GuaguYWMv+9ftLOE7GW8hL6RK/ZG9zR/xiD+zLf
vwBVl0JmCucDkbL7qlMlnh5dAgsh8JRiegXUOVDhMrAsEerhtjXqNcF6A7gtXti6
49jfjnxvj9V3jg62AM9XMtX41C3yOgOSnSnDURRZRekhQ+6ms5oXGNjdgwMmnVPp
OciC2OV6Md74o0GS9BrkXBDewX8YFy9u/puQvD4+X7giVN499nDl4ByIBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBPT5zj4QNwjZNExFIaQ7S8lNzXCMB8GA1UdIwQY
MBaAFLtSjBJq7Q1/WgaVDrLCAzSGhWoVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTFLTUVtcnREWDlhQnBVT3NzSUROSWFGYWhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi83M2UxZTAtM2Q0Ni00MjhjLWFiM2It
MjE1OWVmZWU2YTA3LzEvRTlQbk9QaEEzQ05rMFRFVWhwRHRMeVUzTmNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi83M2UxZTAtM2Q0Ni00MjhjLWFiM2ItMjE1OWVmZWU2YTA3
LzEvdTFLTUVtcnREWDlhQnBVT3NzSUROSWFGYWhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW8+wMA8E
AgACMAkDBwAgAQZ8BBQwDQYJKoZIhvcNAQELBQADggEBAH6r+sCnTKERiV5dFPt7
HZMAi5mn/zWgrA/FCixdumEgc4PuiBYXQDWAtOFmGmSylKSzzHz6XOs4+NYqQkI7
Mh1fw4LOw/0sL9oC6/bSP/pLKYUq6tg1xTPRj+Zfy8plXPnVZyFpGrdXEg74jl06
LrgltftXd7iIDw6oNGxW7tD8j5H3jXWvghZIup6fag47e+aFY1u0AAczQpxB5/cS
dqmLUQj+zTxRluzyeoiKo5JSvwc3QR2UtVdG7ItSa20Z0kFf6qYsBbJDs53UtFA1
Jlqagefb+u/yg1n41P5yJ8hqYRHJ8uV16Zy5BO/NO/IxvqRn3sUXFOcDzHPCDQLW
y50=
-----END CERTIFICATE-----
Generated at Wed Nov 27 12:33:32 2024 by rpki-client on console-fra.rpki-client.org