Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/uFtXa-gjqXlvDPKb11pRBUnSI-Q.roa
File: uFtXa-gjqXlvDPKb11pRBUnSI-Q.roa (raw, json)
Hash identifier: bjVr099QTLcIiYLthKCNdl9sw2ftjM8pmdWYIAPpyE4=
Subject key identifier: B8:5B:57:6B:E8:23:A9:79:6F:0C:F2:9B:D7:5A:51:05:49:D2:23:E4
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018CC56DFE49C6BF8B9A75C9245E16DEDEAA
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/uFtXa-gjqXlvDPKb11pRBUnSI-Q.roa
Signing time: Mon 01 Jan 2024 14:29:28 +0000
ROA not before: Mon 01 Jan 2024 14:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31133
IP address blocks: 91.243.88.0/24 maxlen: 24
91.243.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 19:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:fe:49:c6:bf:8b:9a:75:c9:24:5e:16:de:de:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 1 14:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b85b576be823a9796f0cf29bd75a510549d223e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5c:eb:d3:62:34:61:18:2e:18:90:86:09:9f:
62:99:fe:9d:86:b9:c4:4d:e8:2b:9c:f1:a0:07:40:
94:33:08:81:61:ac:e4:6a:90:41:de:92:89:c0:a2:
8a:4c:f8:e3:a2:5b:f8:2c:f9:02:02:ec:e5:06:d6:
0a:9d:4f:14:1b:37:b2:3d:9f:ae:8c:45:ee:86:f4:
47:20:f3:f7:be:5a:63:08:52:6e:78:1f:98:53:4a:
1d:7f:3b:98:f0:91:ec:27:b5:3b:89:ff:53:9d:ba:
41:35:35:6f:ac:40:b8:14:1b:4d:2d:48:48:45:e6:
70:11:cc:2c:d3:23:cc:85:7f:03:b1:9a:a7:64:e0:
c4:4f:62:cb:19:95:d0:59:7f:7d:33:26:9b:80:3c:
68:95:61:a6:eb:ea:8f:aa:4b:d8:20:05:31:80:f8:
2c:f9:01:ec:5f:98:12:3c:dd:59:e3:87:55:a9:d5:
26:40:0f:03:34:9a:a2:ce:23:f1:26:e8:1a:48:39:
51:79:c7:5d:52:ac:7b:8c:b2:f3:4d:db:09:0d:c5:
8b:12:2d:dd:bd:ec:98:c3:1b:df:8a:8b:6c:f8:39:
44:20:53:21:67:2c:b0:58:b6:c8:88:35:92:91:7c:
2d:d4:fb:f6:c6:a2:c9:6b:dd:41:6f:e5:e4:a2:71:
ea:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:5B:57:6B:E8:23:A9:79:6F:0C:F2:9B:D7:5A:51:05:49:D2:23:E4
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/uFtXa-gjqXlvDPKb11pRBUnSI-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.243.88.0/24
91.243.95.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:21:92:14:b4:11:87:ec:f8:ee:13:87:f7:43:9d:f2:ee:39:
e2:05:24:d2:d4:93:d2:3e:88:10:a9:17:63:a9:4c:ae:67:38:
eb:28:ad:42:66:93:f3:cd:7d:59:d7:e9:93:75:7e:b6:82:8c:
56:78:5c:94:f6:e1:ec:3d:72:43:c7:3c:3a:08:fd:ce:2a:ff:
f5:cf:11:bc:73:7e:0f:fb:0e:4b:2e:32:33:14:ba:bd:71:53:
83:fb:af:14:fe:87:86:18:a6:65:19:44:c2:58:8f:4b:8c:43:
c7:3d:93:a9:c9:14:d6:aa:17:ac:93:9c:cd:04:37:fe:7a:aa:
a4:5d:ab:ec:03:7a:42:23:47:37:88:ba:e9:e0:eb:33:fd:6e:
54:af:37:8d:f5:12:d5:56:a9:20:22:90:56:50:8c:e3:87:c2:
78:e8:70:15:96:9c:dd:99:b0:67:44:11:28:52:2d:c2:d9:6e:
5a:fe:20:4c:79:28:af:da:51:b3:a8:3a:f1:36:b5:e4:c8:6b:
e6:bc:6f:6f:fa:b2:9e:6e:3d:4a:71:9e:f1:4c:db:ab:d4:91:
40:e6:25:6d:70:30:0b:1c:4e:94:b2:22:b0:c3:15:bf:93:8c:
74:38:a0:3a:cc:86:d4:55:74:54:30:75:d7:6b:3a:66:db:cf:
ec:9e:ad:e2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbf5Jxr+LmnXJJF4W3t6qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQwMTAxMTQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODViNTc2YmU4MjNhOTc5NmYwY2YyOWJkNzVhNTEwNTQ5ZDIyM2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVzr02I0YRguGJCGCZ9imf6dhrnE
TegrnPGgB0CUMwiBYazkapBB3pKJwKKKTPjjolv4LPkCAuzlBtYKnU8UGzeyPZ+u
jEXuhvRHIPP3vlpjCFJueB+YU0odfzuY8JHsJ7U7if9TnbpBNTVvrEC4FBtNLUhI
ReZwEcws0yPMhX8DsZqnZODET2LLGZXQWX99MyabgDxolWGm6+qPqkvYIAUxgPgs
+QHsX5gSPN1Z44dVqdUmQA8DNJqiziPxJugaSDlRecddUqx7jLLzTdsJDcWLEi3d
veyYwxvfiots+DlEIFMhZyywWLbIiDWSkXwt1Pv2xqLJa91Bb+XkonHqhQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLhbV2voI6l5bwzym9daUQVJ0iPkMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvdUZ0WGEtZ2pxWGx2RFBLYjExcFJCVW5TSS1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW/NYAwQA
W/NfMA0GCSqGSIb3DQEBCwUAA4IBAQCyIZIUtBGH7PjuE4f3Q53y7jniBSTS1JPS
PogQqRdjqUyuZzjrKK1CZpPzzX1Z1+mTdX62goxWeFyU9uHsPXJDxzw6CP3OKv/1
zxG8c34P+w5LLjIzFLq9cVOD+68U/oeGGKZlGUTCWI9LjEPHPZOpyRTWqhesk5zN
BDf+eqqkXavsA3pCI0c3iLrp4Osz/W5UrzeN9RLVVqkgIpBWUIzjh8J46HAVlpzd
mbBnRBEoUi3C2W5a/iBMeSiv2lGzqDrxNrXkyGvmvG9v+rKebj1KcZ7xTNur1JFA
5iVtcDALHE6UsiKwwxW/k4x0OKA6zIbUVXRUMHXXazpm28/snq3i
-----END CERTIFICATE-----
Generated at Mon May 13 03:34:00 2024 by rpki-client on console-fra.rpki-client.org