Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/d902ca-cdf3-4f29-b232-72426d92601b/1/0ako2yVAVunCu3mA-qhDV6WQij0.roa
File: 0ako2yVAVunCu3mA-qhDV6WQij0.roa (raw, json)
Hash identifier: 29F7Gn3Od9D4LAeB3KjpckdqlHS/V6i6bIJExbCbo2k=
Subject key identifier: D1:A9:28:DB:25:40:56:E9:C2:BB:79:80:FA:A8:43:57:A5:90:8A:3D
Certificate issuer: /CN=fb9e390bdcbd95afab4a5ff8c4ed9efc43687bd1
Certificate serial: 018CC492304FBD3A9C74A1D1AA231E4105C0
Authority key identifier: FB:9E:39:0B:DC:BD:95:AF:AB:4A:5F:F8:C4:ED:9E:FC:43:68:7B:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-545C9y9la-rSl_4xO2e_ENoe9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/d902ca-cdf3-4f29-b232-72426d92601b/1/0ako2yVAVunCu3mA-qhDV6WQij0.roa
Signing time: Mon 01 Jan 2024 10:29:24 +0000
ROA not before: Mon 01 Jan 2024 10:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 93.191.148.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/d902ca-cdf3-4f29-b232-72426d92601b/1/1-545C9y9la-rSl_4xO2e_ENoe9E.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/d902ca-cdf3-4f29-b232-72426d92601b/1/1-545C9y9la-rSl_4xO2e_ENoe9E.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-545C9y9la-rSl_4xO2e_ENoe9E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:02:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:30:4f:bd:3a:9c:74:a1:d1:aa:23:1e:41:05:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb9e390bdcbd95afab4a5ff8c4ed9efc43687bd1
Validity
Not Before: Jan 1 10:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1a928db254056e9c2bb7980faa84357a5908a3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d6:dc:aa:1b:6d:63:8a:9f:a8:38:53:32:2f:
dc:14:74:f6:06:77:77:0b:77:f0:2d:1e:d8:81:f9:
e1:92:35:52:02:3d:c4:c3:1e:17:e3:07:a8:e3:6e:
e6:2c:ef:3f:a4:22:4b:ec:8b:5a:0f:43:d7:bf:5e:
8f:7a:8c:82:9e:1b:fd:0f:3a:bb:00:47:91:72:dc:
5f:4f:e4:73:38:cf:1e:53:06:2b:bb:a6:1b:b6:f2:
73:fc:5a:a1:2f:56:df:3a:7d:9e:78:ad:76:65:62:
6f:85:1c:cc:97:0e:30:7b:b6:8f:01:82:cd:d2:71:
23:55:3b:b6:ba:a8:bf:9e:7a:df:d7:7e:cc:7c:aa:
c4:8f:9a:94:94:cc:43:ae:aa:13:21:59:75:3d:0e:
25:3a:31:36:b1:1b:b4:e7:18:6e:26:c8:65:42:c7:
79:89:ce:b3:06:f1:a4:e2:58:46:23:13:2c:57:74:
b7:9b:4a:05:e6:b2:1c:d2:3a:dd:32:55:f0:19:96:
76:c5:e7:69:3a:62:4e:50:e7:6a:4b:e2:a5:f8:c4:
34:a6:7d:51:2b:b8:f1:ea:ff:2b:db:50:a7:ce:29:
69:76:ca:97:c7:bf:80:2b:79:c4:e6:e1:be:ff:7a:
7e:5c:e5:8d:20:6a:96:0d:dd:3c:94:d8:f9:32:d2:
e5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A9:28:DB:25:40:56:E9:C2:BB:79:80:FA:A8:43:57:A5:90:8A:3D
X509v3 Authority Key Identifier:
keyid:FB:9E:39:0B:DC:BD:95:AF:AB:4A:5F:F8:C4:ED:9E:FC:43:68:7B:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-545C9y9la-rSl_4xO2e_ENoe9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/d902ca-cdf3-4f29-b232-72426d92601b/1/0ako2yVAVunCu3mA-qhDV6WQij0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/d902ca-cdf3-4f29-b232-72426d92601b/1/1-545C9y9la-rSl_4xO2e_ENoe9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.191.148.0/23
Signature Algorithm: sha256WithRSAEncryption
c6:69:76:3f:e1:eb:40:a2:d7:ea:e1:32:3e:81:d7:9b:66:7a:
86:53:57:32:f8:bf:29:fe:c9:ca:df:69:ba:0a:e2:77:27:42:
a7:19:e9:ff:d2:68:8b:70:17:f1:80:46:f3:4a:f4:b3:82:4f:
6f:80:5d:77:ba:1e:1f:57:6e:43:1c:31:f4:0f:8e:fe:59:30:
bc:4c:e8:dc:ea:8b:c5:e6:fb:13:32:81:fa:ba:6a:c5:97:43:
8d:40:a0:ab:62:97:c1:aa:bf:8a:1c:a5:47:c7:25:65:77:1c:
55:a2:85:7b:86:a8:66:c6:71:d9:57:d7:d4:16:12:40:96:84:
23:5a:f6:5b:70:5a:eb:b0:af:20:be:2f:5d:b0:37:2b:23:4a:
f7:94:94:27:c4:4c:cf:43:f1:c7:0c:9d:fb:e6:27:04:ba:ea:
0f:b7:09:fc:fb:d1:be:ff:3f:41:f1:18:fe:de:31:02:5a:1d:
19:50:5f:b8:31:ae:f3:02:6a:5c:d7:46:bb:ea:79:cc:e8:58:
c3:b3:5f:6d:5c:9b:23:ed:0a:86:e8:89:98:28:b4:c6:7b:8e:
1a:ac:e9:b0:21:c1:74:4c:ea:8a:29:d8:b1:c3:e0:aa:2e:e3:
56:6a:41:87:08:92:b3:be:bb:93:42:b4:b2:56:b3:9f:e9:90:
14:53:da:81
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzEkjBPvTqcdKHRqiMeQQXAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiOWUzOTBiZGNiZDk1YWZhYjRhNWZmOGM0ZWQ5ZWZjNDM2
ODdiZDEwHhcNMjQwMTAxMTAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWE5MjhkYjI1NDA1NmU5YzJiYjc5ODBmYWE4NDM1N2E1OTA4YTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttbcqhttY4qfqDhTMi/cFHT2Bnd3
C3fwLR7YgfnhkjVSAj3Ewx4X4weo427mLO8/pCJL7ItaD0PXv16PeoyCnhv9Dzq7
AEeRctxfT+RzOM8eUwYru6YbtvJz/FqhL1bfOn2eeK12ZWJvhRzMlw4we7aPAYLN
0nEjVTu2uqi/nnrf137MfKrEj5qUlMxDrqoTIVl1PQ4lOjE2sRu05xhuJshlQsd5
ic6zBvGk4lhGIxMsV3S3m0oF5rIc0jrdMlXwGZZ2xedpOmJOUOdqS+Kl+MQ0pn1R
K7jx6v8r21CnzilpdsqXx7+AK3nE5uG+/3p+XOWNIGqWDd08lNj5MtLl7wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNGpKNslQFbpwrt5gPqoQ1elkIo9MB8GA1UdIwQY
MBaAFPueOQvcvZWvq0pf+MTtnvxDaHvRMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS01NDVDOXk5bGEtclNsXzR4TzJlX0VOb2U5RS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQvZDkwMmNhLWNkZjMtNGYyOS1iMjMy
LTcyNDI2ZDkyNjAxYi8xLzBha28yeVZBVnVuQ3UzbUEtcWhEVjZXUWlqMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjQvZDkwMmNhLWNkZjMtNGYyOS1iMjMyLTcyNDI2ZDkyNjAx
Yi8xLzEtNTQ1Qzl5OWxhLXJTbF80eE8yZV9FTm9lOUUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFdv5Qw
DQYJKoZIhvcNAQELBQADggEBAMZpdj/h60Ci1+rhMj6B15tmeoZTVzL4vyn+ycrf
aboK4ncnQqcZ6f/SaItwF/GARvNK9LOCT2+AXXe6Hh9XbkMcMfQPjv5ZMLxM6Nzq
i8Xm+xMygfq6asWXQ41AoKtil8Gqv4ocpUfHJWV3HFWihXuGqGbGcdlX19QWEkCW
hCNa9ltwWuuwryC+L12wNysjSveUlCfETM9D8ccMnfvmJwS66g+3Cfz70b7/P0Hx
GP7eMQJaHRlQX7gxrvMCalzXRrvqeczoWMOzX21cmyPtCoboiZgotMZ7jhqs6bAh
wXRM6oop2LHD4Kou41ZqQYcIkrO+u5NCtLJWs5/pkBRT2oE=
-----END CERTIFICATE-----
Generated at Fri May 3 02:07:36 2024 by rpki-client on console-fra.rpki-client.org