Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/F6zbrzBlyC67MrZUSwba1px5z_g.roa
File: F6zbrzBlyC67MrZUSwba1px5z_g.roa (raw, json)
Hash identifier: T4dWGvwSQE4/gFTGFhbs68pKgMQwx+f3jum/vphzhQQ=
Subject key identifier: 17:AC:DB:AF:30:65:C8:2E:BB:32:B6:54:4B:06:DA:D6:9C:79:CF:F8
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018CC2DB3F60CDC23157B00F59DD9274B5D2
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/F6zbrzBlyC67MrZUSwba1px5z_g.roa
Signing time: Mon 01 Jan 2024 02:29:57 +0000
ROA not before: Mon 01 Jan 2024 02:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399091
IP address blocks: 91.242.100.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:3f:60:cd:c2:31:57:b0:0f:59:dd:92:74:b5:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 02:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17acdbaf3065c82ebb32b6544b06dad69c79cff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ee:c9:b9:e7:16:4b:9a:39:4a:87:64:53:0c:
93:01:8c:fe:ba:14:e8:36:d4:d0:f1:75:ff:1b:c9:
58:70:05:c6:0d:11:ec:7d:b8:90:17:69:7b:9d:43:
a1:6e:75:ad:9d:ec:64:ef:a0:ab:d5:bd:da:79:05:
dc:0f:65:e6:d7:0f:84:05:29:77:98:ec:e7:c2:cb:
a4:ea:4c:15:1a:90:92:19:fc:95:c8:f7:e8:d9:3b:
73:4b:73:e2:83:d5:ad:cf:fa:66:84:5f:19:24:70:
fc:ca:af:11:57:f0:28:62:33:b5:01:a0:21:2a:b8:
81:ab:55:60:30:c4:73:93:7f:a6:9f:a6:57:7a:c6:
80:43:34:61:64:35:81:b5:70:3b:c0:59:28:a4:fb:
67:90:9b:ab:7c:b4:bc:00:69:0d:8c:04:02:b0:fa:
d0:ac:b4:86:ed:75:e4:7d:90:09:0e:be:14:30:5b:
e2:84:01:f7:c6:db:dc:f6:30:6a:c4:a3:33:19:4a:
df:a4:7a:88:3a:1f:41:3a:7c:6f:2e:79:62:46:82:
09:80:80:ef:40:57:99:08:e5:02:7c:25:dd:20:e9:
e8:cf:e6:43:eb:85:c0:cd:c6:99:d5:47:d9:1f:9f:
ba:03:b8:de:12:b0:50:54:89:32:84:9a:3b:ff:14:
10:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:AC:DB:AF:30:65:C8:2E:BB:32:B6:54:4B:06:DA:D6:9C:79:CF:F8
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/F6zbrzBlyC67MrZUSwba1px5z_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.100.0/23
Signature Algorithm: sha256WithRSAEncryption
23:3f:9c:6c:69:54:34:eb:8f:b7:6f:16:6b:65:38:54:5c:bb:
07:75:b0:d0:11:ba:23:cc:1d:24:12:69:54:f3:f0:32:82:22:
37:5f:3b:1f:27:4e:9e:57:06:42:bf:3a:b4:dc:15:3e:c4:da:
0b:59:47:ac:7e:16:2c:de:fb:e5:ae:8c:97:a2:48:3b:47:06:
29:d5:a2:e8:d3:ed:62:d9:cd:58:e7:90:74:04:6e:a1:4d:b0:
d9:a2:0f:e4:4a:40:e5:9d:86:d7:c9:3c:f4:99:35:43:af:d2:
de:bd:9a:bc:b4:fa:00:6c:04:a3:13:cf:55:6c:74:bd:be:fa:
cf:ff:6a:6f:d3:f9:78:70:8f:84:b4:9c:94:cc:e0:42:be:3f:
0f:0e:b0:a3:b7:72:4b:3e:60:65:fd:29:16:85:53:8d:8c:f1:
c5:51:85:34:ea:71:df:b3:31:b7:51:37:c0:ad:22:f1:a0:b8:
40:65:38:10:dd:1a:b5:77:60:e9:97:ce:74:77:b2:aa:45:53:
ed:48:ff:69:83:07:78:6c:70:57:f0:b2:ea:5e:3d:6f:a6:47:
e3:f5:9b:70:49:10:23:f9:45:16:f6:f4:18:91:30:77:e7:a6:
54:62:42:88:87:30:b6:98:db:01:c0:0a:7a:60:12:05:10:09:
69:95:3c:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2z9gzcIxV7APWd2SdLXSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMTAxMDIyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2FjZGJhZjMwNjVjODJlYmIzMmI2NTQ0YjA2ZGFkNjljNzljZmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+7JuecWS5o5SodkUwyTAYz+uhTo
NtTQ8XX/G8lYcAXGDRHsfbiQF2l7nUOhbnWtnexk76Cr1b3aeQXcD2Xm1w+EBSl3
mOznwsuk6kwVGpCSGfyVyPfo2TtzS3Pig9Wtz/pmhF8ZJHD8yq8RV/AoYjO1AaAh
KriBq1VgMMRzk3+mn6ZXesaAQzRhZDWBtXA7wFkopPtnkJurfLS8AGkNjAQCsPrQ
rLSG7XXkfZAJDr4UMFvihAH3xtvc9jBqxKMzGUrfpHqIOh9BOnxvLnliRoIJgIDv
QFeZCOUCfCXdIOnoz+ZD64XAzcaZ1UfZH5+6A7jeErBQVIkyhJo7/xQQRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBes268wZcguuzK2VEsG2tacec/4MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvRjZ6YnJ6Qmx5QzY3TXJaVVN3YmExcHg1el9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW/JkMA0G
CSqGSIb3DQEBCwUAA4IBAQAjP5xsaVQ064+3bxZrZThUXLsHdbDQEbojzB0kEmlU
8/AygiI3XzsfJ06eVwZCvzq03BU+xNoLWUesfhYs3vvlroyXokg7RwYp1aLo0+1i
2c1Y55B0BG6hTbDZog/kSkDlnYbXyTz0mTVDr9LevZq8tPoAbASjE89VbHS9vvrP
/2pv0/l4cI+EtJyUzOBCvj8PDrCjt3JLPmBl/SkWhVONjPHFUYU06nHfszG3UTfA
rSLxoLhAZTgQ3Rq1d2Dpl850d7KqRVPtSP9pgwd4bHBX8LLqXj1vpkfj9ZtwSRAj
+UUW9vQYkTB356ZUYkKIhzC2mNsBwAp6YBIFEAlplTyk
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:21:12 2024 by rpki-client on console-ams.rpki-client.org