Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/xVvDn0m0fXeWwpEduF8Zr5KQy28.roa
File: xVvDn0m0fXeWwpEduF8Zr5KQy28.roa (raw, json)
Hash identifier: B9DRRPtKbaexpxD65Wl+9gnEDLdZEAmYhn71t7uYyuo=
Subject key identifier: C5:5B:C3:9F:49:B4:7D:77:96:C2:91:1D:B8:5F:19:AF:92:90:CB:6F
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 018CC56E1E8D29F2809DDDD5E2229940CADD
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/xVvDn0m0fXeWwpEduF8Zr5KQy28.roa
Signing time: Mon 01 Jan 2024 14:29:37 +0000
ROA not before: Mon 01 Jan 2024 14:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 91.243.179.0/24 maxlen: 24
195.242.240.0/24 maxlen: 24
93.114.62.0/24 maxlen: 24
93.114.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:1e:8d:29:f2:80:9d:dd:d5:e2:22:99:40:ca:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Jan 1 14:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c55bc39f49b47d7796c2911db85f19af9290cb6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:06:1d:ac:17:b0:8d:61:97:99:5e:f8:9c:7d:
45:c4:ab:5b:72:bd:b2:35:96:bf:f9:e7:e4:08:bb:
8a:d2:4f:24:a7:b6:82:b7:c7:71:aa:6c:db:5c:c1:
41:81:43:f1:8e:dd:89:c5:c5:68:4b:dc:7a:b7:87:
54:94:70:b3:c3:aa:87:33:17:cd:0f:1b:35:b4:25:
a3:89:96:06:ad:d6:88:51:d6:cc:55:2a:78:aa:19:
01:09:e6:02:d5:80:cd:42:aa:7e:15:67:c6:3c:3d:
d3:17:e2:e2:82:44:6b:ef:bf:27:a4:03:85:ef:15:
30:b3:37:df:4b:b1:52:c5:2b:84:e4:d9:70:4a:31:
49:95:73:bc:2e:10:0c:57:06:c8:d5:48:fc:b1:5c:
21:2a:3d:1c:b5:12:3a:f5:4d:82:37:1c:48:6a:f1:
a8:2c:14:32:01:77:17:3e:fd:81:a9:3b:56:45:0c:
69:27:76:43:a1:93:34:ee:ac:e9:07:12:16:a9:e7:
de:71:34:9e:87:ff:e3:b5:8a:41:fb:ea:69:24:d5:
36:ff:07:da:dd:5b:50:1d:1d:4b:b4:f2:53:dd:9e:
5d:08:cc:e6:89:47:d2:09:97:e8:9f:e5:26:8b:b3:
19:29:5a:eb:73:ba:67:a3:a4:3d:4f:d2:98:bc:ee:
c9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:5B:C3:9F:49:B4:7D:77:96:C2:91:1D:B8:5F:19:AF:92:90:CB:6F
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/xVvDn0m0fXeWwpEduF8Zr5KQy28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.243.179.0/24
93.114.60.0/24
93.114.62.0/24
195.242.240.0/24
Signature Algorithm: sha256WithRSAEncryption
32:3e:7f:ce:9f:d1:98:4b:d3:ec:f9:6a:84:35:fd:e2:94:9a:
ee:26:3b:fb:4f:5b:b6:15:cb:b6:24:e4:62:41:af:ba:87:a1:
e4:b0:b8:3a:e5:64:7e:6d:2e:b3:40:92:bc:aa:97:c3:f8:ab:
93:03:37:97:a9:9e:3c:fe:ae:e9:50:41:51:a1:c6:c2:69:97:
8f:25:5e:1d:f4:49:d1:09:98:25:93:de:95:cb:12:8f:6c:f7:
8e:52:81:07:49:9d:db:71:5d:fb:21:7a:9c:b7:dd:fe:c8:5e:
ce:e1:06:9c:72:eb:38:d9:2c:d8:6e:6a:d2:b8:8a:52:f3:2d:
a5:d5:de:8d:1c:50:ff:30:77:13:c2:5f:07:f3:4c:8f:0a:35:
7a:1b:4f:82:46:33:18:51:0c:b7:50:4d:d4:11:f5:c8:89:70:
77:74:11:7d:b8:8e:0d:a7:d9:dc:b7:a4:95:dc:d3:02:d6:d3:
ba:02:e9:50:33:6f:5d:cc:2b:74:77:77:e8:d5:cb:fa:af:f9:
d3:8f:38:77:30:4b:a8:5f:40:1e:c8:63:6f:03:50:4b:db:3a:
b2:e4:84:72:e5:d1:5b:67:87:92:4b:1f:b1:c1:02:83:58:21:
a1:27:bb:bb:7a:0b:bb:d0:bc:f9:5d:a6:f6:12:c8:18:d9:98:
4c:20:d9:f2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFbh6NKfKAnd3V4iKZQMrdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjQwMTAxMTQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTViYzM5ZjQ5YjQ3ZDc3OTZjMjkxMWRiODVmMTlhZjkyOTBjYjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQYdrBewjWGXmV74nH1FxKtbcr2y
NZa/+efkCLuK0k8kp7aCt8dxqmzbXMFBgUPxjt2JxcVoS9x6t4dUlHCzw6qHMxfN
Dxs1tCWjiZYGrdaIUdbMVSp4qhkBCeYC1YDNQqp+FWfGPD3TF+LigkRr778npAOF
7xUwszffS7FSxSuE5NlwSjFJlXO8LhAMVwbI1Uj8sVwhKj0ctRI69U2CNxxIavGo
LBQyAXcXPv2BqTtWRQxpJ3ZDoZM07qzpBxIWqefecTSeh//jtYpB++ppJNU2/wfa
3VtQHR1LtPJT3Z5dCMzmiUfSCZfon+Umi7MZKVrrc7pno6Q9T9KYvO7JyQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMVbw59JtH13lsKRHbhfGa+SkMtvMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEveFZ2RG4wbTBmWGVXd3BFZHVGOFpyNUtReTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW/OzAwQA
XXI8AwQAXXI+AwQAw/LwMA0GCSqGSIb3DQEBCwUAA4IBAQAyPn/On9GYS9Ps+WqE
Nf3ilJruJjv7T1u2Fcu2JORiQa+6h6HksLg65WR+bS6zQJK8qpfD+KuTAzeXqZ48
/q7pUEFRocbCaZePJV4d9EnRCZglk96VyxKPbPeOUoEHSZ3bcV37IXqct93+yF7O
4Qaccus42SzYbmrSuIpS8y2l1d6NHFD/MHcTwl8H80yPCjV6G0+CRjMYUQy3UE3U
EfXIiXB3dBF9uI4Np9nct6SV3NMC1tO6AulQM29dzCt0d3fo1cv6r/nTjzh3MEuo
X0AeyGNvA1BL2zqy5IRy5dFbZ4eSSx+xwQKDWCGhJ7u7egu70Lz5Xab2EsgY2ZhM
INny
-----END CERTIFICATE-----
Generated at Thu May 2 17:45:23 2024 by rpki-client on console-ams.rpki-client.org