Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/FQlIJ95hpqq7zfGsngorGkgZHVA.roa
File: FQlIJ95hpqq7zfGsngorGkgZHVA.roa (raw, json)
Hash identifier: RSWatvpXyCfejKVGf19b7tPkPVbmKTtku0IsDVYjQHo=
Subject key identifier: 15:09:48:27:DE:61:A6:AA:BB:CD:F1:AC:9E:0A:2B:1A:48:19:1D:50
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 018E9EDFD38E8A5CB0B6B3BC7F2782FC321F
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/FQlIJ95hpqq7zfGsngorGkgZHVA.roa
Signing time: Tue 02 Apr 2024 12:54:12 +0000
ROA not before: Tue 02 Apr 2024 12:54:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 91.210.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 23:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:df:d3:8e:8a:5c:b0:b6:b3:bc:7f:27:82:fc:32:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Apr 2 12:54:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15094827de61a6aabbcdf1ac9e0a2b1a48191d50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b7:16:3c:64:56:6a:11:12:67:0d:7c:75:ce:
10:d9:57:63:e5:44:01:52:f7:20:08:1b:8f:f5:82:
95:43:97:bb:ba:29:3e:d9:fa:db:3d:b0:2a:39:32:
91:f9:98:b1:99:19:81:5f:80:ca:e7:f4:30:3a:cf:
f1:a8:58:0f:32:91:8d:da:af:90:14:c7:01:f0:6d:
9a:5a:02:9c:b0:5b:73:da:7f:84:65:57:c9:d1:83:
31:74:cf:6d:09:5c:f2:aa:e5:9d:e0:87:a6:57:ac:
47:97:6d:9d:66:76:9d:ba:a3:5a:c6:15:8b:59:a8:
40:c5:04:28:4e:6e:8e:01:b1:99:a2:e0:96:bb:a9:
d1:e7:bc:dd:a3:4a:d6:82:f6:69:29:03:6f:44:8e:
85:4e:ec:18:ef:42:46:f6:73:71:2d:04:88:94:e5:
88:c9:1e:9f:2e:9e:ae:ce:25:10:eb:ba:b8:17:07:
53:31:d1:e2:7a:c9:c2:c5:e8:4f:63:80:db:7a:57:
7e:9e:c2:7f:a5:ff:87:72:5d:1f:96:26:b2:5b:d9:
91:99:97:d9:65:7f:b6:46:0b:4f:75:6d:fc:73:ea:
d8:09:64:57:f8:c8:ef:89:f1:06:97:46:7a:95:09:
8e:bf:b4:4b:b4:30:67:0b:0d:90:ea:15:86:e7:94:
16:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:09:48:27:DE:61:A6:AA:BB:CD:F1:AC:9E:0A:2B:1A:48:19:1D:50
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/FQlIJ95hpqq7zfGsngorGkgZHVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.69.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:9c:6b:36:bd:88:7b:58:1a:67:f2:aa:44:57:ef:c5:26:4f:
8a:09:07:bf:73:df:bb:80:73:8c:62:78:8c:29:28:ca:25:11:
9b:f6:13:13:a4:2f:7b:9e:39:a6:3d:66:45:62:65:f2:7c:d6:
e8:22:b2:4c:ad:71:7d:08:74:6e:32:d9:d6:42:d9:5f:6a:e1:
dd:22:c2:18:d2:ad:18:09:9c:8c:ad:1a:b7:0b:7c:63:20:55:
e2:d7:0b:5a:cc:01:24:34:2a:23:bc:ee:9e:e5:4a:5d:7f:59:
34:fc:93:e1:23:4c:3a:95:73:f5:91:f5:75:42:d2:3e:3d:45:
b7:98:2e:07:e0:05:55:db:67:84:42:16:dd:44:19:aa:72:a4:
af:36:e2:69:36:e4:55:22:8c:11:89:a7:b4:99:c8:6b:20:e4:
75:2f:cc:ee:7a:35:ad:d6:46:e8:60:83:f7:ca:53:e9:b9:47:
8d:00:d8:76:2e:69:33:99:c3:1c:84:0c:a3:56:18:bf:d3:e1:
68:20:79:26:fb:ae:f7:03:4d:82:dd:aa:c0:7c:fc:e8:46:00:
4b:3c:26:12:37:75:c9:e3:af:b3:bb:b8:83:a8:8a:9d:1e:c9:
44:c7:30:e5:4a:16:af:23:3f:cb:cd:b0:ac:5d:e0:a2:9b:68:
fb:bb:2e:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6e39OOilywtrO8fyeC/DIfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjQwNDAyMTI1NDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTA5NDgyN2RlNjFhNmFhYmJjZGYxYWM5ZTBhMmIxYTQ4MTkxZDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rcWPGRWahESZw18dc4Q2Vdj5UQB
UvcgCBuP9YKVQ5e7uik+2frbPbAqOTKR+ZixmRmBX4DK5/QwOs/xqFgPMpGN2q+Q
FMcB8G2aWgKcsFtz2n+EZVfJ0YMxdM9tCVzyquWd4IemV6xHl22dZnaduqNaxhWL
WahAxQQoTm6OAbGZouCWu6nR57zdo0rWgvZpKQNvRI6FTuwY70JG9nNxLQSIlOWI
yR6fLp6uziUQ67q4FwdTMdHiesnCxehPY4Dbeld+nsJ/pf+Hcl0fliayW9mRmZfZ
ZX+2RgtPdW38c+rYCWRX+MjvifEGl0Z6lQmOv7RLtDBnCw2Q6hWG55QWeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBUJSCfeYaaqu83xrJ4KKxpIGR1QMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvRlFsSUo5NWhwcXE3emZHc25nb3JHa2daSFZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9JFMA0G
CSqGSIb3DQEBCwUAA4IBAQCpnGs2vYh7WBpn8qpEV+/FJk+KCQe/c9+7gHOMYniM
KSjKJRGb9hMTpC97njmmPWZFYmXyfNboIrJMrXF9CHRuMtnWQtlfauHdIsIY0q0Y
CZyMrRq3C3xjIFXi1wtazAEkNCojvO6e5Updf1k0/JPhI0w6lXP1kfV1QtI+PUW3
mC4H4AVV22eEQhbdRBmqcqSvNuJpNuRVIowRiae0mchrIOR1L8zuejWt1kboYIP3
ylPpuUeNANh2LmkzmcMchAyjVhi/0+FoIHkm+673A02C3arAfPzoRgBLPCYSN3XJ
46+zu7iDqIqdHslExzDlShavIz/LzbCsXeCim2j7uy4C
-----END CERTIFICATE-----
Generated at Mon May 6 04:00:54 2024 by rpki-client on console-ams.rpki-client.org