Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/dee744-0854-4cf1-af6a-f56c84943a7d/1/0he25L5w_nSsoO3O2-mCFqSYAqY.roa
File: 0he25L5w_nSsoO3O2-mCFqSYAqY.roa (raw, json)
Hash identifier: tZrDt0M5xC2zBqLMRMVf7AZ+LKtrS5H8QW7TNgwPlJo=
Subject key identifier: D2:17:B6:E4:BE:70:FE:74:AC:A0:ED:CE:DB:E9:82:16:A4:98:02:A6
Certificate issuer: /CN=41d6451b923a07e365b2f190faa55a572dd0fafc
Certificate serial: 018CC8014001ABADB0BF35705A3C58F9C9CF
Authority key identifier: 41:D6:45:1B:92:3A:07:E3:65:B2:F1:90:FA:A5:5A:57:2D:D0:FA:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QdZFG5I6B-NlsvGQ-qVaVy3Q-vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/dee744-0854-4cf1-af6a-f56c84943a7d/1/0he25L5w_nSsoO3O2-mCFqSYAqY.roa
Signing time: Tue 02 Jan 2024 02:29:34 +0000
ROA not before: Tue 02 Jan 2024 02:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197883
IP address blocks: 91.217.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/dee744-0854-4cf1-af6a-f56c84943a7d/1/QdZFG5I6B-NlsvGQ-qVaVy3Q-vw.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/dee744-0854-4cf1-af6a-f56c84943a7d/1/QdZFG5I6B-NlsvGQ-qVaVy3Q-vw.mft
rsync://rpki.ripe.net/repository/DEFAULT/QdZFG5I6B-NlsvGQ-qVaVy3Q-vw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 13:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:40:01:ab:ad:b0:bf:35:70:5a:3c:58:f9:c9:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41d6451b923a07e365b2f190faa55a572dd0fafc
Validity
Not Before: Jan 2 02:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d217b6e4be70fe74aca0edcedbe98216a49802a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:33:9f:e6:1f:c4:86:55:e1:d3:08:72:4f:0e:
d2:c4:87:c0:ef:71:52:53:f9:7e:22:14:ff:1c:94:
15:9d:ef:2d:2a:f0:87:e8:e9:e5:39:53:07:75:01:
15:63:d5:ba:60:31:54:3e:6a:6c:90:06:87:95:78:
2d:ca:14:b9:82:65:b0:0e:e1:7e:ef:e1:6a:17:e2:
19:fa:7f:12:24:e3:98:b0:4b:33:a8:56:7e:44:c9:
3c:c0:f5:93:ff:55:dc:6e:9e:8d:8c:b4:a2:c2:5f:
66:49:85:2f:5f:df:2c:33:79:b8:d0:37:64:09:27:
5a:27:75:f1:41:75:97:cc:2a:54:61:d0:e9:35:59:
a2:b1:9b:30:21:c0:1f:2a:45:5a:2a:8d:82:58:05:
b7:de:e8:28:7f:a6:ac:1f:e3:1d:8a:f6:59:45:84:
66:a9:b1:57:4f:6f:37:2c:cc:2b:b1:49:e8:74:2f:
91:2b:4f:c4:65:97:37:fd:2c:e1:7b:5f:57:b0:70:
16:7e:0b:42:76:7b:2d:ad:1d:03:3e:85:61:9d:3a:
37:85:71:25:2b:97:12:3e:16:5a:71:eb:e1:46:c8:
74:83:a9:2c:a6:0c:01:d4:de:c5:5a:ee:5e:cb:2b:
04:b2:c9:ea:cd:d8:52:b9:32:93:a8:49:1d:e2:b2:
ac:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:17:B6:E4:BE:70:FE:74:AC:A0:ED:CE:DB:E9:82:16:A4:98:02:A6
X509v3 Authority Key Identifier:
keyid:41:D6:45:1B:92:3A:07:E3:65:B2:F1:90:FA:A5:5A:57:2D:D0:FA:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QdZFG5I6B-NlsvGQ-qVaVy3Q-vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/dee744-0854-4cf1-af6a-f56c84943a7d/1/0he25L5w_nSsoO3O2-mCFqSYAqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/dee744-0854-4cf1-af6a-f56c84943a7d/1/QdZFG5I6B-NlsvGQ-qVaVy3Q-vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.118.0/24
Signature Algorithm: sha256WithRSAEncryption
65:ca:e7:d4:c3:71:9a:c2:b8:a2:8d:92:11:f1:bf:1a:14:fb:
92:38:82:c6:7b:27:9e:9d:cc:e2:31:68:e7:7f:03:87:d0:12:
75:68:62:d0:60:5e:fa:55:4f:3f:ed:88:e0:1e:b3:05:8c:b4:
4a:47:c9:e4:47:51:2c:99:31:bb:c4:83:6f:45:9f:a7:03:29:
ba:08:f0:80:ea:40:4c:bf:28:e3:5c:aa:c7:ec:c2:24:36:98:
28:25:6f:6d:29:d3:cd:66:22:51:16:18:1a:4b:e1:10:fd:5c:
e6:9c:af:3c:57:f3:4c:46:81:c8:47:5d:4a:3c:d6:29:e3:6b:
02:4c:e0:e2:32:04:67:32:6a:a1:74:39:43:c2:56:58:a2:bc:
71:0c:0e:0d:07:29:3a:5a:c6:80:cb:dc:68:86:53:a5:af:0e:
ba:af:ee:db:91:1d:e5:fa:be:e5:17:6a:b3:9f:ad:b8:35:32:
4f:0c:77:81:d0:98:96:c9:1c:34:0e:50:a4:82:71:66:92:6c:
1a:05:8e:3f:a5:db:07:a5:e8:43:a4:b0:4c:cb:ea:bc:57:5b:
86:20:99:36:19:18:61:26:b8:8f:bd:c6:66:d7:f2:94:92:a4:
2f:79:fe:c3:2a:00:da:d0:29:ae:1a:eb:51:ae:43:f5:ff:e8:
00:b4:7e:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAUABq62wvzVwWjxY+cnPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZDY0NTFiOTIzYTA3ZTM2NWIyZjE5MGZhYTU1YTU3MmRk
MGZhZmMwHhcNMjQwMTAyMDIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjE3YjZlNGJlNzBmZTc0YWNhMGVkY2VkYmU5ODIxNmE0OTgwMmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTOf5h/EhlXh0whyTw7SxIfA73FS
U/l+IhT/HJQVne8tKvCH6OnlOVMHdQEVY9W6YDFUPmpskAaHlXgtyhS5gmWwDuF+
7+FqF+IZ+n8SJOOYsEszqFZ+RMk8wPWT/1Xcbp6NjLSiwl9mSYUvX98sM3m40Ddk
CSdaJ3XxQXWXzCpUYdDpNVmisZswIcAfKkVaKo2CWAW33ugof6asH+MdivZZRYRm
qbFXT283LMwrsUnodC+RK0/EZZc3/Szhe19XsHAWfgtCdnstrR0DPoVhnTo3hXEl
K5cSPhZacevhRsh0g6kspgwB1N7FWu5eyysEssnqzdhSuTKTqEkd4rKsUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNIXtuS+cP50rKDtztvpghakmAKmMB8GA1UdIwQY
MBaAFEHWRRuSOgfjZbLxkPqlWlct0Pr8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWRaRkc1STZCLU5sc3ZHUS1xVmFWeTNRLXZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9kZWU3NDQtMDg1NC00Y2YxLWFmNmEt
ZjU2Yzg0OTQzYTdkLzEvMGhlMjVMNXdfblNzb08zTzItbUNGcVNZQXFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9kZWU3NDQtMDg1NC00Y2YxLWFmNmEtZjU2Yzg0OTQzYTdk
LzEvUWRaRkc1STZCLU5sc3ZHUS1xVmFWeTNRLXZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9l2MA0G
CSqGSIb3DQEBCwUAA4IBAQBlyufUw3GawriijZIR8b8aFPuSOILGeyeencziMWjn
fwOH0BJ1aGLQYF76VU8/7YjgHrMFjLRKR8nkR1EsmTG7xINvRZ+nAym6CPCA6kBM
vyjjXKrH7MIkNpgoJW9tKdPNZiJRFhgaS+EQ/VzmnK88V/NMRoHIR11KPNYp42sC
TODiMgRnMmqhdDlDwlZYorxxDA4NByk6WsaAy9xohlOlrw66r+7bkR3l+r7lF2qz
n624NTJPDHeB0JiWyRw0DlCkgnFmkmwaBY4/pdsHpehDpLBMy+q8V1uGIJk2GRhh
JriPvcZm1/KUkqQvef7DKgDa0CmuGutRrkP1/+gAtH7f
-----END CERTIFICATE-----
Generated at Fri Sep 27 22:00:39 2024 by rpki-client on console-fra.rpki-client.org