Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/xJ1oXntI4LJREUD1qZlm8HO6juw.roa
File: xJ1oXntI4LJREUD1qZlm8HO6juw.roa (raw, json)
Hash identifier: hsduXXmlfJJXwT1l0zARwscJUZZOWOCs4eAfpyCfQQo=
Subject key identifier: C4:9D:68:5E:7B:48:E0:B2:51:11:40:F5:A9:99:66:F0:73:BA:8E:EC
Certificate issuer: /CN=da8a978b9ce5d26ebcaad0ccb67918a9df318f86
Certificate serial: 019123C343D49A7FE69C7B0939FE57571CCD
Authority key identifier: DA:8A:97:8B:9C:E5:D2:6E:BC:AA:D0:CC:B6:79:18:A9:DF:31:8F:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2oqXi5zl0m68qtDMtnkYqd8xj4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/xJ1oXntI4LJREUD1qZlm8HO6juw.roa
Signing time: Mon 05 Aug 2024 18:18:04 +0000
ROA not before: Mon 05 Aug 2024 18:18:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 91.107.72.0/21 maxlen: 21
91.107.88.0/21 maxlen: 21
159.253.124.0/22 maxlen: 22
185.91.132.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/2oqXi5zl0m68qtDMtnkYqd8xj4Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/2oqXi5zl0m68qtDMtnkYqd8xj4Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/2oqXi5zl0m68qtDMtnkYqd8xj4Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:23:c3:43:d4:9a:7f:e6:9c:7b:09:39:fe:57:57:1c:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8a978b9ce5d26ebcaad0ccb67918a9df318f86
Validity
Not Before: Aug 5 18:18:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c49d685e7b48e0b2511140f5a99966f073ba8eec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4d:26:48:db:45:79:be:be:48:7d:fb:11:f3:
b0:10:83:57:2f:9c:d0:24:1d:a4:83:72:cf:6b:33:
25:e8:f2:02:29:df:fb:bd:7d:78:f3:f7:c2:ca:be:
4b:51:7f:71:4d:a2:46:ce:0c:ea:4c:83:0c:dd:6b:
35:da:71:76:58:7b:c6:d3:6f:aa:82:44:e5:e5:f5:
57:9b:1c:b2:b1:17:4e:26:bc:43:cd:a0:56:a9:06:
f7:da:66:32:25:78:12:d2:cf:53:ba:d3:d3:bd:ff:
95:bf:c1:0f:b8:32:29:33:ad:92:e7:7f:14:1a:6b:
79:17:d7:7a:a4:6c:d8:50:4d:e5:1d:d6:4d:04:ec:
37:82:61:00:a3:65:46:77:aa:1f:3d:ec:34:ca:7c:
af:6d:4c:5d:16:b8:7e:59:ea:a1:d8:61:2f:7f:d1:
33:9d:e0:de:e1:7a:59:76:57:51:f7:a3:0e:4b:ff:
75:b4:8e:b9:52:cd:29:88:c7:7c:37:ec:c1:d0:2f:
a9:d8:44:0e:f8:8f:c9:0c:a0:be:16:d7:c7:10:e1:
67:a8:e3:3c:46:7c:36:da:fe:57:75:c8:52:6f:85:
75:bd:f2:38:ae:58:97:3c:6a:0a:76:51:21:1e:d3:
4b:a3:58:02:53:be:9f:d2:1e:50:a6:16:1b:58:91:
03:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:9D:68:5E:7B:48:E0:B2:51:11:40:F5:A9:99:66:F0:73:BA:8E:EC
X509v3 Authority Key Identifier:
keyid:DA:8A:97:8B:9C:E5:D2:6E:BC:AA:D0:CC:B6:79:18:A9:DF:31:8F:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2oqXi5zl0m68qtDMtnkYqd8xj4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/xJ1oXntI4LJREUD1qZlm8HO6juw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/2oqXi5zl0m68qtDMtnkYqd8xj4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.107.72.0/21
91.107.88.0/21
159.253.124.0/22
185.91.132.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:bd:63:bc:80:c4:ea:5e:46:8e:81:04:73:5c:3a:b3:fb:ec:
57:02:72:37:33:a0:09:5e:a0:95:63:b0:e2:cf:9c:b1:9b:f9:
43:ad:7a:07:bd:52:a7:70:24:18:40:16:d7:bf:39:00:64:d2:
04:3a:b4:cf:48:06:7d:2b:61:8e:26:1f:31:78:6a:c0:d0:a2:
7a:95:44:e0:75:2d:08:7d:74:ce:42:5a:fe:eb:e8:51:65:8b:
28:7e:9d:64:27:ab:32:fd:b7:34:ff:d2:76:5b:b1:ca:4b:75:
be:f5:98:8b:c0:1f:5f:a3:4e:bf:8d:34:1c:e7:7c:8e:bc:14:
2a:32:4a:41:db:ca:12:51:86:71:d4:e4:4a:e6:01:24:48:2a:
24:85:b7:d9:88:e8:61:60:ad:d8:44:3a:1d:06:42:ca:ca:b4:
52:91:96:c8:7e:c3:eb:1b:8c:65:94:28:dc:b9:bb:17:76:a3:
5c:14:58:ee:e5:93:6b:3e:cf:ff:b4:81:3a:0c:46:36:ef:14:
d3:32:07:7f:55:ca:32:7e:bb:1b:4f:04:a2:c7:de:72:43:5a:
b2:a3:0c:73:09:e0:c1:b0:13:82:64:e6:9a:25:58:d2:45:94:
6a:cb:70:01:11:32:4a:70:1b:40:15:e7:62:01:8c:19:24:9a:
ef:ab:92:e5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZEjw0PUmn/mnHsJOf5XVxzNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGE5NzhiOWNlNWQyNmViY2FhZDBjY2I2NzkxOGE5ZGYz
MThmODYwHhcNMjQwODA1MTgxODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDlkNjg1ZTdiNDhlMGIyNTExMTQwZjVhOTk5NjZmMDczYmE4ZWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwk0mSNtFeb6+SH37EfOwEINXL5zQ
JB2kg3LPazMl6PICKd/7vX148/fCyr5LUX9xTaJGzgzqTIMM3Ws12nF2WHvG02+q
gkTl5fVXmxyysRdOJrxDzaBWqQb32mYyJXgS0s9TutPTvf+Vv8EPuDIpM62S538U
Gmt5F9d6pGzYUE3lHdZNBOw3gmEAo2VGd6ofPew0ynyvbUxdFrh+Weqh2GEvf9Ez
neDe4XpZdldR96MOS/91tI65Us0piMd8N+zB0C+p2EQO+I/JDKC+FtfHEOFnqOM8
Rnw22v5XdchSb4V1vfI4rliXPGoKdlEhHtNLo1gCU76f0h5QphYbWJEDbwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMSdaF57SOCyURFA9amZZvBzuo7sMB8GA1UdIwQY
MBaAFNqKl4uc5dJuvKrQzLZ5GKnfMY+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm9xWGk1emwwbTY4cXRETXRua1lxZDh4ajRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8xOGU0OGYtNTk3Mi00ZDNmLWJiNmEt
Yjc4ZGFjMzdlYWM4LzEveEoxb1hudEk0TEpSRVVEMXFabG04SE82anV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8xOGU0OGYtNTk3Mi00ZDNmLWJiNmEtYjc4ZGFjMzdlYWM4
LzEvMm9xWGk1emwwbTY4cXRETXRua1lxZDh4ajRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDW2tIAwQD
W2tYAwQCn/18AwQCuVuEMA0GCSqGSIb3DQEBCwUAA4IBAQBbvWO8gMTqXkaOgQRz
XDqz++xXAnI3M6AJXqCVY7Diz5yxm/lDrXoHvVKncCQYQBbXvzkAZNIEOrTPSAZ9
K2GOJh8xeGrA0KJ6lUTgdS0IfXTOQlr+6+hRZYsofp1kJ6sy/bc0/9J2W7HKS3W+
9ZiLwB9fo06/jTQc53yOvBQqMkpB28oSUYZx1ORK5gEkSCokhbfZiOhhYK3YRDod
BkLKyrRSkZbIfsPrG4xllCjcubsXdqNcFFju5ZNrPs//tIE6DEY27xTTMgd/Vcoy
frsbTwSix95yQ1qyowxzCeDBsBOCZOaaJVjSRZRqy3ABETJKcBtAFediAYwZJJrv
q5Ll
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:17:30 2024 by rpki-client on console-ams.rpki-client.org