Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/43f7ac-6788-490b-9b3b-07fb6171f18f/1/iNdwPl_S2mrmuCe0zg2vuvQ1yfs.roa
File: iNdwPl_S2mrmuCe0zg2vuvQ1yfs.roa (raw, json)
Hash identifier: 0ekT060M2CjB5qlgETix9D/ZTEXAPHvu9lHv6OO1W48=
Subject key identifier: 88:D7:70:3E:5F:D2:DA:6A:E6:B8:27:B4:CE:0D:AF:BA:F4:35:C9:FB
Certificate issuer: /CN=3d43cf40f691f14b35ca657032934802005cfa88
Certificate serial: 018CC424736AC6931739D5416F9581B8AAC8
Authority key identifier: 3D:43:CF:40:F6:91:F1:4B:35:CA:65:70:32:93:48:02:00:5C:FA:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PUPPQPaR8Us1ymVwMpNIAgBc-og.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/43f7ac-6788-490b-9b3b-07fb6171f18f/1/iNdwPl_S2mrmuCe0zg2vuvQ1yfs.roa
Signing time: Mon 01 Jan 2024 08:29:32 +0000
ROA not before: Mon 01 Jan 2024 08:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20712
IP address blocks: 91.200.61.0/24 maxlen: 24
2001:67c:1270::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/43f7ac-6788-490b-9b3b-07fb6171f18f/1/PUPPQPaR8Us1ymVwMpNIAgBc-og.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/43f7ac-6788-490b-9b3b-07fb6171f18f/1/PUPPQPaR8Us1ymVwMpNIAgBc-og.mft
rsync://rpki.ripe.net/repository/DEFAULT/PUPPQPaR8Us1ymVwMpNIAgBc-og.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:73:6a:c6:93:17:39:d5:41:6f:95:81:b8:aa:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d43cf40f691f14b35ca657032934802005cfa88
Validity
Not Before: Jan 1 08:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88d7703e5fd2da6ae6b827b4ce0dafbaf435c9fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:83:28:ff:5f:28:86:ea:25:d0:46:d9:42:49:
75:56:f1:19:22:c9:a5:95:8c:f9:b6:e7:8c:32:11:
7e:df:d6:c9:6b:af:a5:c6:5d:7a:f7:f9:41:07:27:
2e:0d:7b:c4:8c:ac:cc:df:56:cc:14:c7:63:3e:d6:
1f:74:72:7f:dd:a0:14:12:8f:e0:18:b1:05:98:75:
5f:7e:79:c4:e6:e9:e4:b0:a9:75:f6:ed:98:0a:40:
74:1c:02:f1:cc:23:b1:65:bf:bf:24:6e:37:cf:a3:
60:9e:92:ec:ef:f2:db:4c:42:75:d5:cf:c8:81:78:
86:2d:6a:53:76:f3:d9:1a:dd:6c:39:a5:db:72:9e:
68:b9:31:4d:67:80:6f:4c:e7:b5:a1:25:04:f6:b4:
5a:2f:f4:7d:32:8b:8d:f8:ef:f5:45:d6:5b:bd:c4:
d6:53:6a:f6:73:f3:a2:95:cf:3b:2f:69:cf:5a:b1:
6f:79:3a:1b:9a:1c:a1:bd:b1:6e:8d:0c:8f:48:58:
bd:ba:ca:8e:33:a5:f6:fd:f7:27:9c:b1:df:de:00:
71:b1:df:68:d9:48:58:47:bb:88:c6:f1:81:9e:cc:
8e:fd:5b:e0:d5:6f:1c:d9:6a:f1:03:4c:05:24:59:
3b:d5:21:23:70:48:60:77:34:67:b9:ba:ee:cd:4b:
1b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D7:70:3E:5F:D2:DA:6A:E6:B8:27:B4:CE:0D:AF:BA:F4:35:C9:FB
X509v3 Authority Key Identifier:
keyid:3D:43:CF:40:F6:91:F1:4B:35:CA:65:70:32:93:48:02:00:5C:FA:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PUPPQPaR8Us1ymVwMpNIAgBc-og.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/43f7ac-6788-490b-9b3b-07fb6171f18f/1/iNdwPl_S2mrmuCe0zg2vuvQ1yfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/43f7ac-6788-490b-9b3b-07fb6171f18f/1/PUPPQPaR8Us1ymVwMpNIAgBc-og.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.61.0/24
IPv6:
2001:67c:1270::/48
Signature Algorithm: sha256WithRSAEncryption
23:5e:82:2c:d8:6b:ac:41:25:71:b1:63:ed:c3:55:90:fd:49:
30:37:d2:e5:b1:02:ae:d7:d4:e8:5c:45:cb:9b:6a:92:97:5c:
4f:62:e0:7e:94:c9:6e:9e:d1:5c:5c:1d:70:e1:0a:b5:9e:dc:
23:e7:6b:3e:4a:ac:51:19:fc:c3:93:3e:0a:0a:dc:12:16:2d:
5c:22:5e:ce:02:40:26:7c:e8:b5:75:8d:ff:9b:52:30:6d:5a:
74:e6:0e:6b:e5:c7:7d:15:3c:8e:78:c3:68:b6:9f:aa:73:fc:
a8:52:ff:72:9e:2b:8e:08:01:47:ce:cd:67:93:b2:4e:22:6b:
e4:1b:19:f7:32:9f:8e:d3:84:c1:f7:4b:8f:d1:94:6e:a5:f6:
87:73:e7:ba:da:ad:20:fd:23:41:85:32:51:f1:3d:8b:f4:98:
4a:46:63:65:aa:32:cb:72:0f:02:48:b8:6c:dd:62:c2:c3:d2:
70:d2:8a:a3:89:db:7e:1e:18:1b:c4:b8:09:07:69:72:eb:9a:
b3:6c:90:d6:b1:77:e7:d2:bd:8d:b8:8d:53:59:95:2c:11:ca:
36:d0:63:9b:1d:07:56:9f:ca:1d:9b:9d:82:77:23:51:68:89:
ca:48:25:ee:ca:2d:9f:9b:dc:ad:4a:e6:7d:80:db:19:66:98:
22:db:2f:81
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEJHNqxpMXOdVBb5WBuKrIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNDNjZjQwZjY5MWYxNGIzNWNhNjU3MDMyOTM0ODAyMDA1
Y2ZhODgwHhcNMjQwMTAxMDgyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGQ3NzAzZTVmZDJkYTZhZTZiODI3YjRjZTBkYWZiYWY0MzVjOWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4Mo/18ohuol0EbZQkl1VvEZIsml
lYz5tueMMhF+39bJa6+lxl169/lBBycuDXvEjKzM31bMFMdjPtYfdHJ/3aAUEo/g
GLEFmHVffnnE5unksKl19u2YCkB0HALxzCOxZb+/JG43z6NgnpLs7/LbTEJ11c/I
gXiGLWpTdvPZGt1sOaXbcp5ouTFNZ4BvTOe1oSUE9rRaL/R9MouN+O/1RdZbvcTW
U2r2c/Oilc87L2nPWrFveTobmhyhvbFujQyPSFi9usqOM6X2/fcnnLHf3gBxsd9o
2UhYR7uIxvGBnsyO/Vvg1W8c2WrxA0wFJFk71SEjcEhgdzRnubruzUsbWwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIjXcD5f0tpq5rgntM4Nr7r0Ncn7MB8GA1UdIwQY
MBaAFD1Dz0D2kfFLNcplcDKTSAIAXPqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFVQUFFQYVI4VXMxeW1Wd01wTklBZ0JjLW9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC80M2Y3YWMtNjc4OC00OTBiLTliM2It
MDdmYjYxNzFmMThmLzEvaU5kd1BsX1MybXJtdUNlMHpnMnZ1dlExeWZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC80M2Y3YWMtNjc4OC00OTBiLTliM2ItMDdmYjYxNzFmMThm
LzEvUFVQUFFQYVI4VXMxeW1Wd01wTklBZ0JjLW9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW8g9MA8E
AgACMAkDBwAgAQZ8EnAwDQYJKoZIhvcNAQELBQADggEBACNegizYa6xBJXGxY+3D
VZD9STA30uWxAq7X1OhcRcubapKXXE9i4H6UyW6e0VxcHXDhCrWe3CPnaz5KrFEZ
/MOTPgoK3BIWLVwiXs4CQCZ86LV1jf+bUjBtWnTmDmvlx30VPI54w2i2n6pz/KhS
/3KeK44IAUfOzWeTsk4ia+QbGfcyn47ThMH3S4/RlG6l9odz57rarSD9I0GFMlHx
PYv0mEpGY2WqMstyDwJIuGzdYsLD0nDSiqOJ234eGBvEuAkHaXLrmrNskNaxd+fS
vY24jVNZlSwRyjbQY5sdB1afyh2bnYJ3I1FoicpIJe7KLZ+b3K1K5n2A2xlmmCLb
L4E=
-----END CERTIFICATE-----
Generated at Tue Nov 26 02:54:01 2024 by rpki-client on console-fra.rpki-client.org