Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/20a767-7b41-463b-a6c9-5fc8e6327889/1/INBgK1MYGzmciVM3XCCmgc0AJ4E.roa
File: INBgK1MYGzmciVM3XCCmgc0AJ4E.roa (raw, json)
Hash identifier: uo5/TOOJj1ebGbYc/0PMkFiqgxM2KczSp2bMmpi323I=
Subject key identifier: 20:D0:60:2B:53:18:1B:39:9C:89:53:37:5C:20:A6:81:CD:00:27:81
Certificate issuer: /CN=b1427bdcd47c78431f662a08589005acb50b9341
Certificate serial: 018CC726ED832A1BD62A711D39B2BE2E45ED
Authority key identifier: B1:42:7B:DC:D4:7C:78:43:1F:66:2A:08:58:90:05:AC:B5:0B:93:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUJ73NR8eEMfZioIWJAFrLULk0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/20a767-7b41-463b-a6c9-5fc8e6327889/1/INBgK1MYGzmciVM3XCCmgc0AJ4E.roa
Signing time: Mon 01 Jan 2024 22:31:06 +0000
ROA not before: Mon 01 Jan 2024 22:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8749
IP address blocks: 91.235.148.0/24 maxlen: 24
91.236.12.0/24 maxlen: 24
91.234.54.0/24 maxlen: 24
91.235.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/20a767-7b41-463b-a6c9-5fc8e6327889/1/sUJ73NR8eEMfZioIWJAFrLULk0E.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/20a767-7b41-463b-a6c9-5fc8e6327889/1/sUJ73NR8eEMfZioIWJAFrLULk0E.mft
rsync://rpki.ripe.net/repository/DEFAULT/sUJ73NR8eEMfZioIWJAFrLULk0E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:ed:83:2a:1b:d6:2a:71:1d:39:b2:be:2e:45:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1427bdcd47c78431f662a08589005acb50b9341
Validity
Not Before: Jan 1 22:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20d0602b53181b399c8953375c20a681cd002781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:67:c2:8a:e4:cb:58:f1:96:e7:5a:46:09:c5:
4f:94:12:9f:36:d7:8f:96:0f:21:eb:f8:70:b5:45:
9a:11:fa:f4:db:0b:d1:79:74:fc:82:8b:a4:a4:10:
7a:39:43:b2:83:e7:a2:41:09:ef:6b:21:7a:2f:cc:
22:92:bb:8b:a8:93:72:b9:fb:0b:15:4e:07:7d:38:
72:86:aa:4d:71:70:4c:12:3a:2b:01:f2:09:ca:dc:
57:18:e1:0c:40:42:37:4a:6b:c6:e4:17:87:ae:1b:
03:32:5a:8f:64:7f:e7:35:88:a9:fc:ac:12:33:5f:
f3:24:72:43:94:a1:7a:c0:c5:11:67:47:fc:bc:1e:
1a:ae:57:35:25:00:c1:7b:e0:d4:8b:6b:93:0c:f8:
c0:18:29:fb:51:80:d8:ed:da:bd:b3:62:1d:72:e8:
c9:bb:9d:0e:21:b3:6b:95:c6:29:c1:f8:a1:0a:1b:
d3:b2:78:98:86:0c:eb:c4:61:0b:22:a6:d0:c4:dc:
ab:e2:ea:cb:4c:5b:22:f8:b3:3e:fb:6e:af:0e:c5:
56:96:68:31:5b:0f:9a:ac:40:c1:38:aa:99:3f:0c:
df:d1:2e:50:50:57:c0:ca:61:98:9b:60:2b:ab:6d:
93:c6:f6:5a:de:3d:0d:4a:4e:fd:3b:86:af:62:30:
1c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:D0:60:2B:53:18:1B:39:9C:89:53:37:5C:20:A6:81:CD:00:27:81
X509v3 Authority Key Identifier:
keyid:B1:42:7B:DC:D4:7C:78:43:1F:66:2A:08:58:90:05:AC:B5:0B:93:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUJ73NR8eEMfZioIWJAFrLULk0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/20a767-7b41-463b-a6c9-5fc8e6327889/1/INBgK1MYGzmciVM3XCCmgc0AJ4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/20a767-7b41-463b-a6c9-5fc8e6327889/1/sUJ73NR8eEMfZioIWJAFrLULk0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.54.0/24
91.235.148.0/24
91.235.241.0/24
91.236.12.0/24
Signature Algorithm: sha256WithRSAEncryption
90:01:74:ab:71:78:f0:3b:7c:22:7b:1e:e5:cd:f7:87:17:c2:
52:3c:cf:42:2b:aa:65:e6:cb:62:f5:6b:20:aa:46:7b:4e:28:
f4:2c:7e:f1:a9:92:ad:be:e6:ff:ee:fc:9c:4d:f4:ff:6e:bd:
7d:bc:0b:40:da:03:87:24:8f:f3:99:98:01:67:3e:e2:a4:96:
7f:42:5c:f5:b8:3f:c7:c2:d9:91:54:8e:56:dd:4c:e5:e5:da:
0a:7e:12:cc:43:5a:dc:32:0a:e5:75:69:0c:de:35:63:8b:8a:
36:b6:b0:f1:22:ae:30:4a:61:31:50:47:a3:5d:94:e5:d6:fb:
07:c4:78:5b:78:07:7c:78:d2:6c:dc:c4:0c:56:a7:74:b8:a5:
2b:0e:32:35:47:2a:1f:20:ad:f2:4b:d0:1b:c5:e9:da:06:28:
4d:56:fd:4b:6c:a8:96:eb:fc:28:64:b9:69:c7:b2:6e:eb:92:
47:7c:b2:1f:c8:ae:a7:77:fc:79:ca:5e:58:65:19:cf:07:68:
9a:11:fa:e7:57:61:2f:af:1f:8d:f2:66:36:6d:82:73:b9:ba:
0c:df:9c:aa:1e:d5:d0:43:47:01:f5:b6:20:df:16:14:8e:a9:
0f:31:08:1a:2a:c4:ca:b0:44:52:eb:32:22:63:d1:82:9b:3e:
92:9d:99:b2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHJu2DKhvWKnEdObK+LkXtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNDI3YmRjZDQ3Yzc4NDMxZjY2MmEwODU4OTAwNWFjYjUw
YjkzNDEwHhcNMjQwMTAxMjIzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGQwNjAyYjUzMTgxYjM5OWM4OTUzMzc1YzIwYTY4MWNkMDAyNzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmfCiuTLWPGW51pGCcVPlBKfNteP
lg8h6/hwtUWaEfr02wvReXT8goukpBB6OUOyg+eiQQnvayF6L8wikruLqJNyufsL
FU4HfThyhqpNcXBMEjorAfIJytxXGOEMQEI3SmvG5BeHrhsDMlqPZH/nNYip/KwS
M1/zJHJDlKF6wMURZ0f8vB4arlc1JQDBe+DUi2uTDPjAGCn7UYDY7dq9s2IdcujJ
u50OIbNrlcYpwfihChvTsniYhgzrxGELIqbQxNyr4urLTFsi+LM++26vDsVWlmgx
Ww+arEDBOKqZPwzf0S5QUFfAymGYm2Arq22TxvZa3j0NSk79O4avYjAcDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCDQYCtTGBs5nIlTN1wgpoHNACeBMB8GA1UdIwQY
MBaAFLFCe9zUfHhDH2YqCFiQBay1C5NBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VKNzNOUjhlRU1mWmlvSVdKQUZyTFVMazBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yMGE3NjctN2I0MS00NjNiLWE2Yzkt
NWZjOGU2MzI3ODg5LzEvSU5CZ0sxTVlHem1jaVZNM1hDQ21nYzBBSjRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yMGE3NjctN2I0MS00NjNiLWE2YzktNWZjOGU2MzI3ODg5
LzEvc1VKNzNOUjhlRU1mWmlvSVdKQUZyTFVMazBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+o2AwQA
W+uUAwQAW+vxAwQAW+wMMA0GCSqGSIb3DQEBCwUAA4IBAQCQAXSrcXjwO3wiex7l
zfeHF8JSPM9CK6pl5sti9WsgqkZ7Tij0LH7xqZKtvub/7vycTfT/br19vAtA2gOH
JI/zmZgBZz7ipJZ/Qlz1uD/HwtmRVI5W3Uzl5doKfhLMQ1rcMgrldWkM3jVji4o2
trDxIq4wSmExUEejXZTl1vsHxHhbeAd8eNJs3MQMVqd0uKUrDjI1RyofIK3yS9Ab
xenaBihNVv1LbKiW6/woZLlpx7Ju65JHfLIfyK6nd/x5yl5YZRnPB2iaEfrnV2Ev
rx+N8mY2bYJzuboM35yqHtXQQ0cB9bYg3xYUjqkPMQgaKsTKsERS6zIiY9GCmz6S
nZmy
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:49:21 2024 by rpki-client on console-fra.rpki-client.org