Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/4miKmFF29VJr5gh6MzujTkruz7I.roa
File: 4miKmFF29VJr5gh6MzujTkruz7I.roa (raw, json)
Hash identifier: Bspx1wz48ppNHMMEs/M3yA9vz4zXxKHYJI16Eyyxos4=
Subject key identifier: E2:68:8A:98:51:76:F5:52:6B:E6:08:7A:33:3B:A3:4E:4A:EE:CF:B2
Certificate issuer: /CN=d882a197340d3584e6ac17c1fb2a9900ae4f603c
Certificate serial: 019251A48416538152127BC566103531E2C3
Authority key identifier: D8:82:A1:97:34:0D:35:84:E6:AC:17:C1:FB:2A:99:00:AE:4F:60:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/4miKmFF29VJr5gh6MzujTkruz7I.roa
Signing time: Thu 03 Oct 2024 09:09:48 +0000
ROA not before: Thu 03 Oct 2024 09:09:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199777
IP address blocks: 91.238.30.0/24 maxlen: 24
91.238.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 18:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:51:a4:84:16:53:81:52:12:7b:c5:66:10:35:31:e2:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d882a197340d3584e6ac17c1fb2a9900ae4f603c
Validity
Not Before: Oct 3 09:09:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2688a985176f5526be6087a333ba34e4aeecfb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d1:9a:3a:8d:5d:25:bc:a9:c7:b8:39:26:f2:
86:7d:1a:46:3b:13:03:4a:fe:85:41:b8:82:99:c3:
6d:80:04:ae:cd:93:4a:25:0f:91:13:4b:f7:70:50:
52:4d:79:3b:58:30:19:05:a1:34:69:a7:a6:74:1c:
80:e3:ef:06:0e:85:ff:1e:36:9f:a8:8a:3a:5c:2a:
17:d1:3a:86:40:1b:f0:4a:b3:78:d4:02:5a:96:af:
73:c4:3f:cb:12:50:87:8d:9a:d4:78:b8:7f:ee:9d:
f1:27:31:85:bd:b2:eb:b3:af:1c:d8:3c:95:29:2b:
bc:26:6a:73:a6:16:32:84:87:95:df:09:ea:d4:22:
0b:36:6c:8f:d2:64:1a:97:d5:58:5c:00:64:ad:69:
fd:fd:4f:8e:be:ec:9f:c4:e7:6c:c2:5a:c6:95:6c:
d6:f0:32:05:71:d3:03:76:e5:64:6a:be:48:43:58:
47:c3:ad:f7:dd:90:62:8b:8d:4a:79:52:47:4d:c8:
f6:67:f3:78:5d:a9:19:33:c3:75:74:ec:4c:7d:54:
43:8f:2b:9b:ff:30:d4:72:f4:19:c8:18:c8:11:62:
cb:1b:a9:4f:31:d7:9b:86:ca:9f:60:e7:48:a3:5f:
62:f4:f7:44:97:5f:86:5c:58:84:14:35:a6:03:ff:
da:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:68:8A:98:51:76:F5:52:6B:E6:08:7A:33:3B:A3:4E:4A:EE:CF:B2
X509v3 Authority Key Identifier:
keyid:D8:82:A1:97:34:0D:35:84:E6:AC:17:C1:FB:2A:99:00:AE:4F:60:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/4miKmFF29VJr5gh6MzujTkruz7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.30.0/24
91.238.32.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:33:10:14:7f:1d:6b:38:3a:e8:ad:3a:68:72:0c:5b:82:b9:
a2:a5:9e:0b:12:aa:fa:b5:35:1e:42:61:11:aa:a9:4a:21:41:
45:6b:9b:64:ea:d0:21:22:d5:13:5b:7b:fb:c4:1b:e0:10:54:
fe:90:75:ab:9e:4d:7a:4e:7f:43:f2:fc:88:09:d3:ad:30:08:
b6:a5:a0:f8:25:9b:51:2b:98:c8:b4:9f:cd:a0:ed:93:07:9a:
39:e8:8e:23:2b:84:18:bc:82:84:c7:4c:49:35:4f:4c:db:84:
3b:73:eb:ba:fd:d9:be:8a:7f:3d:1b:cf:12:6e:d6:ab:a0:6c:
8f:95:b5:a6:28:d3:e5:f2:de:11:c9:b2:87:7b:ad:93:6d:3c:
de:45:e7:a3:d1:e0:3e:31:27:79:a5:a8:e2:4c:72:a9:52:9e:
20:09:18:d5:05:7a:ff:3b:01:80:b0:34:40:db:df:e2:cf:99:
c0:11:48:cf:09:7a:8d:2e:c3:e3:30:69:f2:0f:64:c4:cc:99:
e1:17:77:14:82:d8:44:54:19:9d:c0:48:22:ec:a7:99:6b:1c:
27:38:03:ba:f3:35:9e:c8:a3:cb:a4:74:e0:03:ee:e2:8c:bd:
6a:fd:e2:0b:26:48:32:39:57:9b:dd:20:d2:d3:b1:17:eb:8e:
a6:bd:8f:f5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJRpIQWU4FSEnvFZhA1MeLDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ODJhMTk3MzQwZDM1ODRlNmFjMTdjMWZiMmE5OTAwYWU0
ZjYwM2MwHhcNMjQxMDAzMDkwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjY4OGE5ODUxNzZmNTUyNmJlNjA4N2EzMzNiYTM0ZTRhZWVjZmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNGaOo1dJbypx7g5JvKGfRpGOxMD
Sv6FQbiCmcNtgASuzZNKJQ+RE0v3cFBSTXk7WDAZBaE0aaemdByA4+8GDoX/Hjaf
qIo6XCoX0TqGQBvwSrN41AJalq9zxD/LElCHjZrUeLh/7p3xJzGFvbLrs68c2DyV
KSu8JmpzphYyhIeV3wnq1CILNmyP0mQal9VYXABkrWn9/U+OvuyfxOdswlrGlWzW
8DIFcdMDduVkar5IQ1hHw6333ZBii41KeVJHTcj2Z/N4XakZM8N1dOxMfVRDjyub
/zDUcvQZyBjIEWLLG6lPMdebhsqfYOdIo19i9PdEl1+GXFiEFDWmA//adQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOJoiphRdvVSa+YIejM7o05K7s+yMB8GA1UdIwQY
MBaAFNiCoZc0DTWE5qwXwfsqmQCuT2A8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMklLaGx6UU5OWVRtckJmQi15cVpBSzVQWUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS84NDFjNDMtMDI2OS00Mjg5LThmYTUt
YjA1YWU1Y2EyZDVlLzEvNG1pS21GRjI5VkpyNWdoNk16dWpUa3J1ejdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS84NDFjNDMtMDI2OS00Mjg5LThmYTUtYjA1YWU1Y2EyZDVl
LzEvMklLaGx6UU5OWVRtckJmQi15cVpBSzVQWUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+4eAwQA
W+4gMA0GCSqGSIb3DQEBCwUAA4IBAQBNMxAUfx1rODrorTpocgxbgrmipZ4LEqr6
tTUeQmERqqlKIUFFa5tk6tAhItUTW3v7xBvgEFT+kHWrnk16Tn9D8vyICdOtMAi2
paD4JZtRK5jItJ/NoO2TB5o56I4jK4QYvIKEx0xJNU9M24Q7c+u6/dm+in89G88S
btaroGyPlbWmKNPl8t4RybKHe62TbTzeReej0eA+MSd5pajiTHKpUp4gCRjVBXr/
OwGAsDRA29/iz5nAEUjPCXqNLsPjMGnyD2TEzJnhF3cUgthEVBmdwEgi7KeZaxwn
OAO68zWeyKPLpHTgA+7ijL1q/eILJkgyOVeb3SDS07EX646mvY/1
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:14:55 2024 by rpki-client on console-ams.rpki-client.org