Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/7bc8da-cb82-4abc-b2f0-13b4b80c54ba/1/AcVLC3GozpsTUfyXQJpqhkK4D_U.roa
File: AcVLC3GozpsTUfyXQJpqhkK4D_U.roa (raw, json)
Hash identifier: 64B8lSmssg2tYB7e9ecAhITook4ByR6zVVJWH9HXmCY=
Subject key identifier: 01:C5:4B:0B:71:A8:CE:9B:13:51:FC:97:40:9A:6A:86:42:B8:0F:F5
Certificate issuer: /CN=1732f334d8abb68ef822546d8f6f8e81563c6fd9
Certificate serial: 018EFA90F8C4D5DB59E4DFEEBDD04C139431
Authority key identifier: 17:32:F3:34:D8:AB:B6:8E:F8:22:54:6D:8F:6F:8E:81:56:3C:6F:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FzLzNNirto74IlRtj2-OgVY8b9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/7bc8da-cb82-4abc-b2f0-13b4b80c54ba/1/AcVLC3GozpsTUfyXQJpqhkK4D_U.roa
Signing time: Sat 20 Apr 2024 08:13:08 +0000
ROA not before: Sat 20 Apr 2024 08:13:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47951
IP address blocks: 91.103.136.0/24 maxlen: 24
2a13:1d40::/30 maxlen: 30
2a13:1d44::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/7bc8da-cb82-4abc-b2f0-13b4b80c54ba/1/FzLzNNirto74IlRtj2-OgVY8b9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/7bc8da-cb82-4abc-b2f0-13b4b80c54ba/1/FzLzNNirto74IlRtj2-OgVY8b9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/FzLzNNirto74IlRtj2-OgVY8b9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 02:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:fa:90:f8:c4:d5:db:59:e4:df:ee:bd:d0:4c:13:94:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1732f334d8abb68ef822546d8f6f8e81563c6fd9
Validity
Not Before: Apr 20 08:13:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01c54b0b71a8ce9b1351fc97409a6a8642b80ff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:9d:2c:83:02:d7:e3:bd:56:42:75:f9:88:05:
17:44:99:95:a9:bd:39:4e:56:ce:14:cd:d0:f0:90:
d0:c2:f7:01:ec:02:38:62:0d:f3:f6:ec:4f:a8:7f:
f6:10:46:32:d3:8e:ca:da:0e:03:9f:aa:df:e8:11:
e2:a9:6e:02:1d:37:44:40:5f:5a:dc:d4:2e:19:06:
40:b4:6e:6d:19:be:da:ce:b2:bf:90:b6:4c:e3:15:
d9:cd:76:fa:76:e4:51:73:26:1d:fc:75:9a:42:3b:
fc:75:6a:36:ef:f9:78:c9:b1:06:d1:0a:82:4a:18:
b6:a8:1e:52:c2:62:5e:61:d3:bc:ca:d9:38:7c:30:
33:14:1a:96:77:81:f6:56:3b:e0:3b:0b:ad:38:f2:
0a:a2:95:3a:e0:6a:96:ce:6a:fd:4b:f8:77:c7:ad:
c4:5f:e9:5d:c1:0b:82:2f:ac:7f:a6:40:01:53:a4:
89:e7:af:56:e4:d4:d4:0b:42:e6:ca:ed:d1:6c:0f:
82:21:53:3e:11:34:02:9e:b6:98:f4:6d:93:20:dc:
c3:23:36:71:fd:0b:e7:9d:47:04:36:85:17:93:dc:
b9:26:aa:53:64:4d:ba:14:0d:5c:ba:12:78:a8:9f:
78:5a:2a:28:5c:9e:8b:3d:b9:a1:9b:f9:99:81:d0:
3d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:C5:4B:0B:71:A8:CE:9B:13:51:FC:97:40:9A:6A:86:42:B8:0F:F5
X509v3 Authority Key Identifier:
keyid:17:32:F3:34:D8:AB:B6:8E:F8:22:54:6D:8F:6F:8E:81:56:3C:6F:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FzLzNNirto74IlRtj2-OgVY8b9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/7bc8da-cb82-4abc-b2f0-13b4b80c54ba/1/AcVLC3GozpsTUfyXQJpqhkK4D_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/7bc8da-cb82-4abc-b2f0-13b4b80c54ba/1/FzLzNNirto74IlRtj2-OgVY8b9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.136.0/24
IPv6:
2a13:1d40::/29
Signature Algorithm: sha256WithRSAEncryption
26:96:b6:84:e7:f5:1e:2d:f4:a8:4a:56:96:11:08:64:b6:d6:
1b:03:93:2e:10:35:b5:82:a1:b3:85:8c:e4:7c:03:15:8c:8f:
c7:63:2f:22:02:bf:4e:44:3b:ef:c6:5d:99:43:e3:7f:c3:08:
a4:96:33:f7:27:62:80:a1:82:0f:12:ff:e0:d9:c2:d0:c8:4f:
46:70:b4:52:ef:01:93:10:7f:b5:57:22:dc:b5:e9:80:a7:25:
dc:35:f1:3b:2e:20:d6:18:8d:05:fc:51:e7:11:d7:71:2b:ca:
be:aa:1b:5d:eb:fb:4f:e7:52:3f:98:9b:49:00:14:04:c4:3f:
cd:56:62:48:4d:7f:19:35:ec:b6:98:67:3b:93:a3:b8:c8:57:
28:52:95:58:e5:5b:17:d1:f3:95:66:5c:0e:90:2a:36:6a:40:
86:b6:94:8a:37:23:12:e1:f1:3f:22:87:f1:13:c8:94:4c:c8:
c6:af:2e:fa:f6:58:df:64:de:f4:ea:ec:9f:20:9a:41:61:24:
be:cc:0a:09:fc:96:5f:ba:99:64:51:e2:49:62:b3:82:87:9c:
69:41:43:16:cf:ba:e6:eb:9d:87:c7:83:f7:f1:31:28:87:ee:
8d:fc:c0:d5:52:0a:d1:e6:06:d5:26:1c:f3:ac:8b:d9:5d:4d:
8d:fa:49:83
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY76kPjE1dtZ5N/uvdBME5QxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MzJmMzM0ZDhhYmI2OGVmODIyNTQ2ZDhmNmY4ZTgxNTYz
YzZmZDkwHhcNMjQwNDIwMDgxMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWM1NGIwYjcxYThjZTliMTM1MWZjOTc0MDlhNmE4NjQyYjgwZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6p0sgwLX471WQnX5iAUXRJmVqb05
TlbOFM3Q8JDQwvcB7AI4Yg3z9uxPqH/2EEYy047K2g4Dn6rf6BHiqW4CHTdEQF9a
3NQuGQZAtG5tGb7azrK/kLZM4xXZzXb6duRRcyYd/HWaQjv8dWo27/l4ybEG0QqC
Shi2qB5SwmJeYdO8ytk4fDAzFBqWd4H2VjvgOwutOPIKopU64GqWzmr9S/h3x63E
X+ldwQuCL6x/pkABU6SJ569W5NTUC0Lmyu3RbA+CIVM+ETQCnraY9G2TINzDIzZx
/QvnnUcENoUXk9y5JqpTZE26FA1cuhJ4qJ94WiooXJ6LPbmhm/mZgdA9hQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAHFSwtxqM6bE1H8l0CaaoZCuA/1MB8GA1UdIwQY
MBaAFBcy8zTYq7aO+CJUbY9vjoFWPG/ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnpMek5OaXJ0bzc0SWxSdGoyLU9nVlk4YjlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC83YmM4ZGEtY2I4Mi00YWJjLWIyZjAt
MTNiNGI4MGM1NGJhLzEvQWNWTEMzR296cHNUVWZ5WFFKcHFoa0s0RF9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC83YmM4ZGEtY2I4Mi00YWJjLWIyZjAtMTNiNGI4MGM1NGJh
LzEvRnpMek5OaXJ0bzc0SWxSdGoyLU9nVlk4YjlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW2eIMA0E
AgACMAcDBQMqEx1AMA0GCSqGSIb3DQEBCwUAA4IBAQAmlraE5/UeLfSoSlaWEQhk
ttYbA5MuEDW1gqGzhYzkfAMVjI/HYy8iAr9ORDvvxl2ZQ+N/wwikljP3J2KAoYIP
Ev/g2cLQyE9GcLRS7wGTEH+1VyLctemApyXcNfE7LiDWGI0F/FHnEddxK8q+qhtd
6/tP51I/mJtJABQExD/NVmJITX8ZNey2mGc7k6O4yFcoUpVY5VsX0fOVZlwOkCo2
akCGtpSKNyMS4fE/IofxE8iUTMjGry769ljfZN706uyfIJpBYSS+zAoJ/JZfuplk
UeJJYrOCh5xpQUMWz7rm652Hx4P38TEoh+6N/MDVUgrR5gbVJhzzrIvZXU2N+kmD
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:55:32 2024 by rpki-client on console-fra.rpki-client.org