Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/jNadFe_VjXl7PswfYOMW7iJzn8o.roa
File: jNadFe_VjXl7PswfYOMW7iJzn8o.roa (raw, json)
Hash identifier: F7cFfqzjamHLPN50JEl+dEt/J4WHS+rdNW5btmKGz38=
Subject key identifier: 8C:D6:9D:15:EF:D5:8D:79:7B:3E:CC:1F:60:E3:16:EE:22:73:9F:CA
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0190789DFFF08160702AA4DB2B8AAAAE8A19
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/jNadFe_VjXl7PswfYOMW7iJzn8o.roa
Signing time: Wed 03 Jul 2024 12:42:18 +0000
ROA not before: Wed 03 Jul 2024 12:42:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 91.200.223.0/24 maxlen: 24
91.226.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:78:9d:ff:f0:81:60:70:2a:a4:db:2b:8a:aa:ae:8a:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jul 3 12:42:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8cd69d15efd58d797b3ecc1f60e316ee22739fca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:21:4c:3b:49:39:79:e0:8c:d1:aa:58:a9:1a:
89:5b:a6:ca:95:ae:1b:52:0c:af:fa:07:a7:3a:9d:
da:d9:3d:71:b9:7f:f5:ec:5d:6a:28:d3:85:9e:b2:
ed:31:61:fe:e4:d6:bb:cc:33:60:29:9a:a8:59:29:
8f:51:0f:12:29:3e:e5:61:3d:07:72:b4:d6:78:73:
3b:b9:65:fc:84:34:94:c2:a1:51:d8:79:6a:c0:27:
d0:5f:5b:0e:25:eb:18:b1:07:0e:ef:62:0d:92:b2:
6a:19:a2:e0:86:11:a2:26:c6:9c:64:67:ae:70:4e:
68:d6:04:72:d9:83:9b:38:fb:51:62:37:62:5a:93:
f3:a2:65:22:c4:4b:82:46:7e:cc:57:e3:37:75:ef:
a7:f5:62:71:57:cf:30:87:fe:33:44:d7:73:fb:f2:
c8:e5:69:f9:1c:07:d0:1c:ae:38:a2:72:51:ee:8e:
7b:eb:58:12:9e:5a:76:64:45:a0:4d:67:b1:30:79:
de:2b:3e:e6:a4:4d:c0:66:9b:44:b5:49:c2:37:85:
15:25:ac:9a:18:09:73:23:39:95:b0:d5:64:97:78:
5a:e8:48:66:6d:a9:a1:c6:89:b8:93:7e:a7:33:f6:
5e:03:2b:db:0d:09:a8:03:31:b5:fb:c5:28:34:09:
60:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:D6:9D:15:EF:D5:8D:79:7B:3E:CC:1F:60:E3:16:EE:22:73:9F:CA
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/jNadFe_VjXl7PswfYOMW7iJzn8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.223.0/24
91.226.56.0/24
Signature Algorithm: sha256WithRSAEncryption
89:19:1b:79:70:33:33:d6:5d:6c:0d:cc:57:92:b4:c1:0e:cc:
b2:6a:df:1b:08:c6:97:2e:d6:fa:0a:f7:3a:eb:4b:bb:9e:b5:
06:ca:b3:b1:21:d6:c9:85:ec:79:e3:31:58:92:f0:9c:4e:a2:
e9:d9:ca:03:2b:af:ce:4a:1a:18:34:86:2d:f1:79:53:10:2d:
04:8c:4d:ca:c0:e6:a9:0e:70:31:23:3c:62:36:c3:52:6e:ad:
cd:f7:16:df:31:61:9f:3e:12:76:e0:4b:f2:35:5a:3c:f8:8d:
b3:ad:7f:47:e9:b7:a6:70:47:ee:6e:41:f8:e1:7f:3f:20:6d:
76:ed:62:52:fe:2d:a7:5f:63:55:b3:57:06:e1:63:b3:ee:b4:
f4:cd:ca:02:74:d4:06:34:6c:05:dd:3f:dd:26:5a:3c:0b:a6:
65:26:aa:3b:01:b3:18:d4:0f:22:27:3b:c2:be:b6:1d:76:d5:
b0:d9:33:dd:89:e1:8d:39:5c:e7:4e:0e:32:54:72:ce:37:f8:
94:0e:e3:6b:3c:7c:53:bc:80:44:7c:50:b9:1a:b7:17:48:ef:
fa:68:4e:70:b9:ea:d6:85:00:47:c9:bd:7b:49:0b:8a:3b:cb:
ec:f1:32:ad:ec:86:b5:5b:ed:0a:2a:43:1e:cd:85:19:80:d2:
a2:d5:55:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZB4nf/wgWBwKqTbK4qqrooZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNzAzMTI0MjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2Q2OWQxNWVmZDU4ZDc5N2IzZWNjMWY2MGUzMTZlZTIyNzM5ZmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyFMO0k5eeCM0apYqRqJW6bKla4b
Ugyv+genOp3a2T1xuX/17F1qKNOFnrLtMWH+5Na7zDNgKZqoWSmPUQ8SKT7lYT0H
crTWeHM7uWX8hDSUwqFR2HlqwCfQX1sOJesYsQcO72INkrJqGaLghhGiJsacZGeu
cE5o1gRy2YObOPtRYjdiWpPzomUixEuCRn7MV+M3de+n9WJxV88wh/4zRNdz+/LI
5Wn5HAfQHK44onJR7o5761gSnlp2ZEWgTWexMHneKz7mpE3AZptEtUnCN4UVJaya
GAlzIzmVsNVkl3ha6Ehmbamhxom4k36nM/ZeAyvbDQmoAzG1+8UoNAlgqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIzWnRXv1Y15ez7MH2DjFu4ic5/KMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvak5hZEZlX1ZqWGw3UHN3ZllPTVc3aUp6bjhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8jfAwQA
W+I4MA0GCSqGSIb3DQEBCwUAA4IBAQCJGRt5cDMz1l1sDcxXkrTBDsyyat8bCMaX
Ltb6Cvc660u7nrUGyrOxIdbJhex54zFYkvCcTqLp2coDK6/OShoYNIYt8XlTEC0E
jE3KwOapDnAxIzxiNsNSbq3N9xbfMWGfPhJ24EvyNVo8+I2zrX9H6bemcEfubkH4
4X8/IG127WJS/i2nX2NVs1cG4WOz7rT0zcoCdNQGNGwF3T/dJlo8C6ZlJqo7AbMY
1A8iJzvCvrYddtWw2TPdieGNOVznTg4yVHLON/iUDuNrPHxTvIBEfFC5GrcXSO/6
aE5wuerWhQBHyb17SQuKO8vs8TKt7Ia1W+0KKkMezYUZgNKi1VVD
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:07:36 2024 by rpki-client on console-ams.rpki-client.org