Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/13f8c5-ab7a-4f37-b2d7-8b51792c6660/1/XdFZeTorOt_mOBV6FA9Sdw538kI.roa
File: XdFZeTorOt_mOBV6FA9Sdw538kI.roa (raw, json)
Hash identifier: v3st87g5es1G6UScywer8D6jxNnVU/4gU8DoQF6Fl3M=
Subject key identifier: 5D:D1:59:79:3A:2B:3A:DF:E6:38:15:7A:14:0F:52:77:0E:77:F2:42
Certificate issuer: /CN=1893eddef5cfc38d613eaa81774de30034b19d22
Certificate serial: 018CC86F4F565F6E97E31483EE6F796B2B38
Authority key identifier: 18:93:ED:DE:F5:CF:C3:8D:61:3E:AA:81:77:4D:E3:00:34:B1:9D:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJPt3vXPw41hPqqBd03jADSxnSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/13f8c5-ab7a-4f37-b2d7-8b51792c6660/1/XdFZeTorOt_mOBV6FA9Sdw538kI.roa
Signing time: Tue 02 Jan 2024 04:29:47 +0000
ROA not before: Tue 02 Jan 2024 04:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31725
IP address blocks: 91.201.244.0/23 maxlen: 23
91.201.244.0/22 maxlen: 22
91.201.246.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/13f8c5-ab7a-4f37-b2d7-8b51792c6660/1/GJPt3vXPw41hPqqBd03jADSxnSI.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/13f8c5-ab7a-4f37-b2d7-8b51792c6660/1/GJPt3vXPw41hPqqBd03jADSxnSI.mft
rsync://rpki.ripe.net/repository/DEFAULT/GJPt3vXPw41hPqqBd03jADSxnSI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:4f:56:5f:6e:97:e3:14:83:ee:6f:79:6b:2b:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1893eddef5cfc38d613eaa81774de30034b19d22
Validity
Not Before: Jan 2 04:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5dd159793a2b3adfe638157a140f52770e77f242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f7:88:a2:e8:10:01:47:73:1f:a1:35:7c:67:
8d:17:93:75:92:dd:36:84:28:8a:b4:87:31:03:7d:
24:0b:3d:4b:c7:09:25:88:eb:0e:aa:54:d5:b3:af:
15:ca:84:03:8c:f2:15:9f:d3:c1:e2:26:f1:74:76:
82:17:cb:08:88:fb:9d:c2:de:e5:85:ac:5f:34:38:
1b:a8:e4:6d:df:d5:62:7d:fa:4a:09:17:50:04:da:
13:3d:8e:56:ea:6e:f5:3b:73:2d:94:0a:87:df:d7:
bf:4e:5a:43:ff:39:94:98:c6:3b:b4:6f:2a:32:75:
2a:da:d8:d8:99:73:96:f0:c7:6e:fa:49:91:32:4a:
e5:b4:b4:47:73:67:4b:79:d0:3e:74:7f:b6:37:31:
52:07:2c:9d:a3:1b:55:74:f7:17:b4:95:73:00:ca:
e0:61:a1:92:ee:05:8f:b7:67:99:32:76:33:46:2c:
5e:c5:96:f9:64:5d:9b:70:0a:a4:be:eb:61:4f:e6:
c5:48:86:bc:dd:66:90:17:87:2e:f8:fc:71:73:d6:
db:94:13:74:77:ff:16:7a:03:c4:1e:91:32:05:ca:
da:48:09:77:2e:58:b3:27:78:22:2c:3f:23:a7:48:
07:47:ae:3e:b3:ab:a2:46:6e:15:0a:ab:40:49:2a:
9b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D1:59:79:3A:2B:3A:DF:E6:38:15:7A:14:0F:52:77:0E:77:F2:42
X509v3 Authority Key Identifier:
keyid:18:93:ED:DE:F5:CF:C3:8D:61:3E:AA:81:77:4D:E3:00:34:B1:9D:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJPt3vXPw41hPqqBd03jADSxnSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/13f8c5-ab7a-4f37-b2d7-8b51792c6660/1/XdFZeTorOt_mOBV6FA9Sdw538kI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/13f8c5-ab7a-4f37-b2d7-8b51792c6660/1/GJPt3vXPw41hPqqBd03jADSxnSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.244.0/22
Signature Algorithm: sha256WithRSAEncryption
55:a9:43:a9:bf:d7:ed:5a:c6:e8:19:21:8a:2e:63:e0:7c:27:
79:85:9f:26:bd:0b:e1:b9:82:6c:4d:93:ed:f3:e1:e8:6f:59:
1c:25:6c:aa:04:ba:ae:e8:53:35:d6:cb:4a:b5:e0:77:58:b7:
b9:e7:c3:fd:48:cf:b0:77:b7:ea:0a:01:f4:84:b2:13:0e:68:
2a:36:71:39:67:bf:02:41:1a:e0:3e:10:d9:6b:0f:27:c9:6b:
3a:d3:67:b1:13:14:f6:9b:38:26:18:5a:10:7d:cd:ab:ac:c9:
40:49:69:91:64:71:c4:a0:d5:d4:b9:e6:32:21:7f:11:3d:5d:
ff:84:5e:47:92:0c:63:a3:d0:19:de:f8:bb:c4:e5:ae:10:5e:
d1:21:95:cd:c1:12:e1:bc:82:13:50:f6:89:57:a9:b7:8f:ca:
cc:65:d5:86:40:c6:c7:53:b5:04:0f:f2:1b:fa:e2:50:b0:4e:
be:0e:f6:dd:16:b2:a4:92:d0:58:c7:58:11:e2:1a:f5:a9:25:
5e:3d:0f:0d:3c:3c:2f:8c:83:db:20:a8:aa:a7:38:09:ab:3c:
45:93:0e:4b:5e:56:2c:71:c7:05:cf:1f:22:bd:2e:d6:2b:ad:
f2:8b:a1:27:18:7c:7b:83:cd:2b:ad:f9:5d:48:fd:5c:33:e8:
28:fd:cc:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb09WX26X4xSD7m95ays4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OTNlZGRlZjVjZmMzOGQ2MTNlYWE4MTc3NGRlMzAwMzRi
MTlkMjIwHhcNMjQwMTAyMDQyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGQxNTk3OTNhMmIzYWRmZTYzODE1N2ExNDBmNTI3NzBlNzdmMjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPeIougQAUdzH6E1fGeNF5N1kt02
hCiKtIcxA30kCz1LxwkliOsOqlTVs68VyoQDjPIVn9PB4ibxdHaCF8sIiPudwt7l
haxfNDgbqORt39ViffpKCRdQBNoTPY5W6m71O3MtlAqH39e/TlpD/zmUmMY7tG8q
MnUq2tjYmXOW8Mdu+kmRMkrltLRHc2dLedA+dH+2NzFSByydoxtVdPcXtJVzAMrg
YaGS7gWPt2eZMnYzRixexZb5ZF2bcAqkvuthT+bFSIa83WaQF4cu+Pxxc9bblBN0
d/8WegPEHpEyBcraSAl3LlizJ3giLD8jp0gHR64+s6uiRm4VCqtASSqbrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF3RWXk6Kzrf5jgVehQPUncOd/JCMB8GA1UdIwQY
MBaAFBiT7d71z8ONYT6qgXdN4wA0sZ0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0pQdDN2WFB3NDFoUHFxQmQwM2pBRFN4blNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8xM2Y4YzUtYWI3YS00ZjM3LWIyZDct
OGI1MTc5MmM2NjYwLzEvWGRGWmVUb3JPdF9tT0JWNkZBOVNkdzUzOGtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8xM2Y4YzUtYWI3YS00ZjM3LWIyZDctOGI1MTc5MmM2NjYw
LzEvR0pQdDN2WFB3NDFoUHFxQmQwM2pBRFN4blNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8n0MA0G
CSqGSIb3DQEBCwUAA4IBAQBVqUOpv9ftWsboGSGKLmPgfCd5hZ8mvQvhuYJsTZPt
8+Hob1kcJWyqBLqu6FM11stKteB3WLe558P9SM+wd7fqCgH0hLITDmgqNnE5Z78C
QRrgPhDZaw8nyWs602exExT2mzgmGFoQfc2rrMlASWmRZHHEoNXUueYyIX8RPV3/
hF5Hkgxjo9AZ3vi7xOWuEF7RIZXNwRLhvIITUPaJV6m3j8rMZdWGQMbHU7UED/Ib
+uJQsE6+DvbdFrKkktBYx1gR4hr1qSVePQ8NPDwvjIPbIKiqpzgJqzxFkw5LXlYs
cccFzx8ivS7WK63yi6EnGHx7g80rrfldSP1cM+go/czC
-----END CERTIFICATE-----
Generated at Tue Nov 26 22:54:45 2024 by rpki-client on console-fra.rpki-client.org