Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/4SXTfALssGUIoXLqFkO-opGyHjs.roa
File: 4SXTfALssGUIoXLqFkO-opGyHjs.roa (raw, json)
Hash identifier: T+96+9DpPISEMkjWWfP6JmExdzNLGrwC3jPppbFV8ec=
Subject key identifier: E1:25:D3:7C:02:EC:B0:65:08:A1:72:EA:16:43:BE:A2:91:B2:1E:3B
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018CC2DB2D2ED0A65C876B6BD9044F33BEC5
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/4SXTfALssGUIoXLqFkO-opGyHjs.roa
Signing time: Mon 01 Jan 2024 02:29:52 +0000
ROA not before: Mon 01 Jan 2024 02:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57916
IP address blocks: 91.242.97.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.64.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:2d:2e:d0:a6:5c:87:6b:6b:d9:04:4f:33:be:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 02:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e125d37c02ecb06508a172ea1643bea291b21e3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:26:d1:b0:43:84:f6:2e:ef:8d:54:6d:93:11:
11:8a:10:dc:c3:7c:d6:a8:3c:00:cf:cc:61:d5:1a:
7f:59:52:50:df:f9:c1:31:b9:53:a5:b6:cb:3d:ee:
f7:e7:a1:db:cd:d1:72:7e:88:a2:b1:6e:c3:a1:b5:
73:71:59:2f:16:c3:bc:44:15:9b:bf:18:9f:e0:18:
da:0d:da:a6:b3:3a:18:77:6e:ac:82:0c:c0:c9:64:
aa:e3:4e:87:34:43:9d:91:ab:5e:30:21:a6:6d:44:
4b:9d:c1:b1:25:0a:0b:e5:4b:b2:e4:dd:76:4e:96:
4e:7a:00:3d:aa:e4:98:5a:6b:26:a9:e1:d2:8c:3e:
e3:d0:34:17:09:01:7f:f2:a4:ab:39:b9:b9:6d:d9:
1d:2d:83:30:33:7d:4d:c5:cb:5d:68:22:6f:70:87:
7e:20:80:88:4d:7c:87:1c:46:a3:e1:d7:2c:c9:46:
9a:13:d9:f2:c1:8f:94:b0:5b:2b:b8:7c:e4:8a:11:
fd:c6:1d:c4:b9:6b:dc:98:8f:8a:69:c9:4e:18:74:
70:ab:47:54:67:84:29:bc:bc:8e:98:31:c7:1a:ac:
6a:5e:db:3b:e8:76:e3:2e:95:e7:c4:4f:f2:26:87:
cc:02:55:02:78:d1:06:47:f4:fa:5c:1b:9c:9d:11:
cc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:25:D3:7C:02:EC:B0:65:08:A1:72:EA:16:43:BE:A2:91:B2:1E:3B
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/4SXTfALssGUIoXLqFkO-opGyHjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.64.0/22
91.242.97.0/24
91.242.105.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:79:b3:20:66:50:49:02:66:12:1c:e3:be:73:ae:15:a0:95:
00:42:69:1f:b6:f2:07:5e:b2:04:38:72:de:e1:db:a7:cd:55:
12:cd:67:c8:66:2b:c5:53:5c:75:7f:53:49:0f:1b:2c:90:7b:
7d:0f:94:e5:d7:1a:f5:9c:e1:d7:cc:76:80:cd:3b:46:4f:5a:
b4:a1:22:3f:50:85:81:27:32:14:e2:ef:15:2a:a1:80:03:12:
49:a3:15:f8:43:00:ef:65:19:9a:f3:b3:d0:56:90:9e:95:d2:
0e:38:48:e3:05:7a:cf:89:9b:c5:22:9a:cb:1c:55:68:df:53:
38:68:2c:18:1f:d7:2b:67:ae:89:71:58:55:a7:d1:db:0e:8c:
e0:65:c5:61:c2:60:2e:79:e5:b4:29:9d:dd:09:ea:ea:c9:97:
46:cd:16:3a:12:5b:09:15:ff:ed:88:48:67:b6:e0:78:f7:ad:
9a:09:55:9b:2e:71:1f:0b:8d:b2:01:cc:20:8b:33:b9:8a:91:
ea:66:9f:0a:de:0c:8c:f2:dd:22:cc:c9:a7:e6:c2:64:98:20:
13:a9:35:69:99:7d:93:25:8f:43:6e:f2:27:7e:a9:73:b0:15:
46:9f:5d:cc:9c:55:7f:86:3a:e0:3c:e4:62:c5:54:07:67:64:
e2:6b:5f:12
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzC2y0u0KZch2tr2QRPM77FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMTAxMDIyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTI1ZDM3YzAyZWNiMDY1MDhhMTcyZWExNjQzYmVhMjkxYjIxZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsibRsEOE9i7vjVRtkxERihDcw3zW
qDwAz8xh1Rp/WVJQ3/nBMblTpbbLPe7356HbzdFyfoiisW7DobVzcVkvFsO8RBWb
vxif4BjaDdqmszoYd26sggzAyWSq406HNEOdkateMCGmbURLncGxJQoL5Uuy5N12
TpZOegA9quSYWmsmqeHSjD7j0DQXCQF/8qSrObm5bdkdLYMwM31NxctdaCJvcId+
IICITXyHHEaj4dcsyUaaE9nywY+UsFsruHzkihH9xh3EuWvcmI+KaclOGHRwq0dU
Z4QpvLyOmDHHGqxqXts76HbjLpXnxE/yJofMAlUCeNEGR/T6XBucnRHMVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOEl03wC7LBlCKFy6hZDvqKRsh47MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvNFNYVGZBTHNzR1VJb1hMcUZrTy1vcEd5SGpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW/JAAwQA
W/JhAwQAW/JpMA0GCSqGSIb3DQEBCwUAA4IBAQC1ebMgZlBJAmYSHOO+c64VoJUA
QmkftvIHXrIEOHLe4dunzVUSzWfIZivFU1x1f1NJDxsskHt9D5Tl1xr1nOHXzHaA
zTtGT1q0oSI/UIWBJzIU4u8VKqGAAxJJoxX4QwDvZRma87PQVpCeldIOOEjjBXrP
iZvFIprLHFVo31M4aCwYH9crZ66JcVhVp9HbDozgZcVhwmAueeW0KZ3dCerqyZdG
zRY6ElsJFf/tiEhntuB4962aCVWbLnEfC42yAcwgizO5ipHqZp8K3gyM8t0izMmn
5sJkmCATqTVpmX2TJY9DbvInfqlzsBVGn13MnFV/hjrgPORixVQHZ2Tia18S
-----END CERTIFICATE-----
Generated at Sat May 4 03:57:30 2024 by rpki-client on console-fra.rpki-client.org