Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/45a9c5-2cc1-4f45-ba80-ad58189de754/1/T-B6Kqjhmcw6PEhpi9wn5PA4HOk.roa
File: T-B6Kqjhmcw6PEhpi9wn5PA4HOk.roa (raw, json)
Hash identifier: iEYYmTmO1iwzgSRk70Jo9ap3jCwxH+gMVlVvHIt31zA=
Subject key identifier: 4F:E0:7A:2A:A8:E1:99:CC:3A:3C:48:69:8B:DC:27:E4:F0:38:1C:E9
Certificate issuer: /CN=8ab6bd65fe2a86fd42f9c4f504e1eed58570f93d
Certificate serial: 01905D4A72B1B3AA1787A269A100FC75C575
Authority key identifier: 8A:B6:BD:65:FE:2A:86:FD:42:F9:C4:F5:04:E1:EE:D5:85:70:F9:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ira9Zf4qhv1C-cT1BOHu1YVw-T0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/45a9c5-2cc1-4f45-ba80-ad58189de754/1/T-B6Kqjhmcw6PEhpi9wn5PA4HOk.roa
Signing time: Fri 28 Jun 2024 05:21:18 +0000
ROA not before: Fri 28 Jun 2024 05:21:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57808
IP address blocks: 91.235.144.0/22 maxlen: 22
91.235.144.0/23 maxlen: 23
91.235.144.0/24 maxlen: 24
91.235.145.0/24 maxlen: 24
91.235.146.0/23 maxlen: 23
91.235.146.0/24 maxlen: 24
91.235.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/45a9c5-2cc1-4f45-ba80-ad58189de754/1/ira9Zf4qhv1C-cT1BOHu1YVw-T0.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/45a9c5-2cc1-4f45-ba80-ad58189de754/1/ira9Zf4qhv1C-cT1BOHu1YVw-T0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ira9Zf4qhv1C-cT1BOHu1YVw-T0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 22:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5d:4a:72:b1:b3:aa:17:87:a2:69:a1:00:fc:75:c5:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ab6bd65fe2a86fd42f9c4f504e1eed58570f93d
Validity
Not Before: Jun 28 05:21:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4fe07a2aa8e199cc3a3c48698bdc27e4f0381ce9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f6:2d:67:d7:86:83:07:43:0f:56:1c:ba:09:
b0:4e:71:39:04:54:6c:72:e2:9e:a9:2a:67:4a:d5:
ab:5e:a2:45:c8:69:c2:06:76:ea:b0:c2:c7:62:bf:
a3:00:42:e6:8d:d3:71:95:57:40:e5:7c:91:e3:e9:
c7:a2:bf:47:de:5a:cb:24:38:54:42:30:13:62:3a:
71:e2:8e:75:39:0e:19:5c:85:4f:2e:aa:93:e7:df:
e2:44:fa:8d:62:08:4c:79:0e:b0:76:a3:5f:e4:21:
fc:55:60:a2:d6:5f:9e:c0:74:0b:b1:58:19:f8:be:
45:89:42:5f:1e:9d:e2:64:23:bb:8f:54:99:43:f2:
9b:6c:66:40:0a:a7:c5:ac:a0:b8:03:8f:bb:fa:cb:
9a:e8:30:9c:fd:93:34:d9:a4:4c:97:fa:88:94:ab:
ef:63:a1:ed:9c:b8:79:fb:b6:f4:a1:31:9c:5e:e2:
13:81:5c:3e:ba:55:77:79:c5:ee:66:07:83:8c:ef:
7f:90:4c:80:c0:24:e9:80:b7:ca:6a:0e:36:a1:23:
42:eb:7d:a1:75:25:7a:6b:45:4d:99:ba:2f:1f:9a:
18:c8:0e:6a:48:bc:78:83:2c:a8:c1:b3:b6:30:f5:
30:2b:53:9d:87:05:b4:70:0f:bc:2f:0c:4b:7a:02:
14:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:E0:7A:2A:A8:E1:99:CC:3A:3C:48:69:8B:DC:27:E4:F0:38:1C:E9
X509v3 Authority Key Identifier:
keyid:8A:B6:BD:65:FE:2A:86:FD:42:F9:C4:F5:04:E1:EE:D5:85:70:F9:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ira9Zf4qhv1C-cT1BOHu1YVw-T0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/45a9c5-2cc1-4f45-ba80-ad58189de754/1/T-B6Kqjhmcw6PEhpi9wn5PA4HOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/45a9c5-2cc1-4f45-ba80-ad58189de754/1/ira9Zf4qhv1C-cT1BOHu1YVw-T0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.144.0/22
Signature Algorithm: sha256WithRSAEncryption
35:df:27:28:6d:71:5a:ad:f4:94:95:d5:52:f9:fe:7f:4a:19:
a7:cc:4e:bb:87:16:85:0c:91:22:36:ef:fc:84:8b:67:5b:b7:
eb:55:b8:34:5d:45:78:41:1d:5c:9c:42:af:51:1b:9f:be:2e:
c5:6b:a4:61:f2:a1:70:43:e8:e7:a1:67:e3:2f:b8:93:3c:33:
9e:47:c3:d2:fb:29:34:2a:ec:3c:d1:24:05:0d:9c:fa:51:af:
40:37:fc:5f:5e:78:de:d1:ef:9f:da:d6:da:59:93:bd:2e:c9:
04:f1:ca:19:59:d7:7c:5b:81:8a:bb:b0:ad:0c:38:de:7c:6e:
b9:6f:d1:8e:4b:b0:3c:2a:9b:a3:ba:c6:b1:7f:57:14:41:6a:
26:2b:91:7f:57:b3:ea:f3:55:ff:bd:4a:41:5c:22:d2:b6:cc:
0f:39:54:3e:26:40:91:b0:f9:57:f0:49:ff:fa:47:b6:1f:38:
69:ed:36:1e:13:34:96:1c:d5:5c:3a:8c:27:fb:74:c1:7c:5f:
01:3d:87:7a:a1:ab:78:24:8d:16:32:dc:78:93:b5:81:2c:f4:
ff:fc:70:49:54:f8:47:6a:c8:35:35:69:29:a8:24:be:4f:c4:
38:d4:6e:05:89:62:06:3e:b1:fa:e4:44:4a:f5:19:dc:03:4c:
af:ef:09:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBdSnKxs6oXh6JpoQD8dcV1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYjZiZDY1ZmUyYTg2ZmQ0MmY5YzRmNTA0ZTFlZWQ1ODU3
MGY5M2QwHhcNMjQwNjI4MDUyMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmUwN2EyYWE4ZTE5OWNjM2EzYzQ4Njk4YmRjMjdlNGYwMzgxY2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfYtZ9eGgwdDD1YcugmwTnE5BFRs
cuKeqSpnStWrXqJFyGnCBnbqsMLHYr+jAELmjdNxlVdA5XyR4+nHor9H3lrLJDhU
QjATYjpx4o51OQ4ZXIVPLqqT59/iRPqNYghMeQ6wdqNf5CH8VWCi1l+ewHQLsVgZ
+L5FiUJfHp3iZCO7j1SZQ/KbbGZACqfFrKC4A4+7+sua6DCc/ZM02aRMl/qIlKvv
Y6HtnLh5+7b0oTGcXuITgVw+ulV3ecXuZgeDjO9/kEyAwCTpgLfKag42oSNC632h
dSV6a0VNmbovH5oYyA5qSLx4gyyowbO2MPUwK1OdhwW0cA+8LwxLegIUnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE/geiqo4ZnMOjxIaYvcJ+TwOBzpMB8GA1UdIwQY
MBaAFIq2vWX+Kob9QvnE9QTh7tWFcPk9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXJhOVpmNHFodjFDLWNUMUJPSHUxWVZ3LVQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy80NWE5YzUtMmNjMS00ZjQ1LWJhODAt
YWQ1ODE4OWRlNzU0LzEvVC1CNktxamhtY3c2UEVocGk5d241UEE0SE9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy80NWE5YzUtMmNjMS00ZjQ1LWJhODAtYWQ1ODE4OWRlNzU0
LzEvaXJhOVpmNHFodjFDLWNUMUJPSHUxWVZ3LVQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+uQMA0G
CSqGSIb3DQEBCwUAA4IBAQA13ycobXFarfSUldVS+f5/ShmnzE67hxaFDJEiNu/8
hItnW7frVbg0XUV4QR1cnEKvURufvi7Fa6Rh8qFwQ+jnoWfjL7iTPDOeR8PS+yk0
Kuw80SQFDZz6Ua9AN/xfXnje0e+f2tbaWZO9LskE8coZWdd8W4GKu7CtDDjefG65
b9GOS7A8Kpujusaxf1cUQWomK5F/V7Pq81X/vUpBXCLStswPOVQ+JkCRsPlX8En/
+ke2Hzhp7TYeEzSWHNVcOown+3TBfF8BPYd6oat4JI0WMtx4k7WBLPT//HBJVPhH
asg1NWkpqCS+T8Q41G4FiWIGPrH65ERK9RncA0yv7wk2
-----END CERTIFICATE-----
Generated at Sat Sep 28 04:34:35 2024 by rpki-client on console-ams.rpki-client.org