Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/AcLlbTcmLoFi_Wo5PCFu0v3MtDU.roa
File: AcLlbTcmLoFi_Wo5PCFu0v3MtDU.roa (raw, json)
Hash identifier: kY2icN5p5PkGisykNZMB5FeNidJWWGCG2m4wEhRQeGo=
Subject key identifier: 01:C2:E5:6D:37:26:2E:81:62:FD:6A:39:3C:21:6E:D2:FD:CC:B4:35
Certificate issuer: /CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Certificate serial: 01915BBF69AAF838DF384D6069028406D824
Authority key identifier: 6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/AcLlbTcmLoFi_Wo5PCFu0v3MtDU.roa
Signing time: Fri 16 Aug 2024 15:12:36 +0000
ROA not before: Fri 16 Aug 2024 15:12:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214422
IP address blocks: 77.91.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.mft
rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5b:bf:69:aa:f8:38:df:38:4d:60:69:02:84:06:d8:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Validity
Not Before: Aug 16 15:12:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01c2e56d37262e8162fd6a393c216ed2fdccb435
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a5:2a:ba:81:62:37:b7:fd:b8:52:e4:85:07:
2b:f7:28:db:42:fb:ce:65:96:e1:d9:62:6d:e8:05:
35:3f:23:f5:7c:94:08:74:15:2c:30:95:f3:1d:50:
c5:67:57:de:7d:07:61:51:f8:8d:d6:74:58:c0:02:
d2:42:22:ad:61:9c:25:b1:98:91:6c:88:5d:24:0b:
9c:2c:80:72:5d:8d:e4:3f:90:82:90:e8:28:06:70:
05:46:30:1c:d5:69:b8:2a:47:da:49:70:21:c9:ed:
77:42:0e:33:72:f0:d1:3e:34:1c:8a:17:07:b2:8e:
fd:54:65:33:90:1a:7a:c0:23:46:f5:b9:e4:3a:2e:
e7:be:a3:e2:0a:1e:c7:14:a8:80:a5:85:6d:ab:d0:
ed:2d:57:df:2f:71:63:5c:5d:8a:3f:69:3b:86:2a:
9a:6f:33:38:9f:19:c1:d8:00:06:2b:94:13:d5:bb:
18:8a:1a:13:23:fa:c6:49:76:8a:2d:b8:2a:cc:aa:
dd:37:a7:10:83:0a:6b:6d:ba:7d:ee:89:48:78:0a:
e2:56:ae:66:5e:dc:29:c7:01:cd:0b:e6:2d:f7:35:
ac:0e:b0:32:f0:41:f8:1a:c9:6e:0e:07:62:2b:2b:
3b:6a:20:8e:00:8d:a7:ae:ce:9c:00:d7:b4:ce:ee:
a7:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:C2:E5:6D:37:26:2E:81:62:FD:6A:39:3C:21:6E:D2:FD:CC:B4:35
X509v3 Authority Key Identifier:
keyid:6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/AcLlbTcmLoFi_Wo5PCFu0v3MtDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.66.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:34:49:07:ec:42:bb:60:d5:ae:d0:98:e7:07:ba:16:9e:df:
08:49:2a:1f:3b:06:a3:e4:f1:08:38:d6:fc:25:c9:da:c1:ef:
e0:35:bb:15:27:e6:82:21:35:c3:ac:b4:b8:dd:79:04:d3:ed:
33:27:c0:7c:2f:f5:76:6e:b1:43:ce:dc:0d:77:d7:c8:53:82:
07:8e:80:3c:71:d7:f5:22:87:a2:bd:6e:f9:65:9d:c3:0f:f6:
7c:68:f8:01:9b:8c:6a:d1:38:ab:d6:d0:6a:32:bc:82:59:7a:
48:56:fc:dc:bd:27:81:b6:13:df:d4:c9:8d:aa:39:e0:63:98:
52:e7:50:4d:c9:ca:df:c8:ea:0c:44:ae:42:fd:bf:6c:3a:91:
38:0d:45:4a:10:fd:d9:50:e9:b2:22:ae:45:6c:62:84:7f:91:
d8:62:ad:0e:a1:58:66:fa:31:ee:4d:b1:e9:27:41:a9:a6:5a:
ec:62:9e:db:7a:9b:02:ac:39:01:9d:04:57:d9:68:d8:71:51:
72:3e:8b:bd:12:f2:1c:b7:39:b7:4c:97:bb:55:3a:92:78:45:
b0:45:bf:e4:7a:c9:52:e1:a8:7b:41:1f:e0:fe:f5:28:b5:75:
b9:bc:c2:03:34:66:1b:9d:1e:2d:17:32:cd:85:28:93:4d:f1:
ae:d4:94:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFbv2mq+DjfOE1gaQKEBtgkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDg4Y2VmMjhlMDJhZjdkMDBmMjk3ODE2YzU1ZjhlM2M0
M2Q1MzUwHhcNMjQwODE2MTUxMjM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWMyZTU2ZDM3MjYyZTgxNjJmZDZhMzkzYzIxNmVkMmZkY2NiNDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqUquoFiN7f9uFLkhQcr9yjbQvvO
ZZbh2WJt6AU1PyP1fJQIdBUsMJXzHVDFZ1fefQdhUfiN1nRYwALSQiKtYZwlsZiR
bIhdJAucLIByXY3kP5CCkOgoBnAFRjAc1Wm4KkfaSXAhye13Qg4zcvDRPjQcihcH
so79VGUzkBp6wCNG9bnkOi7nvqPiCh7HFKiApYVtq9DtLVffL3FjXF2KP2k7hiqa
bzM4nxnB2AAGK5QT1bsYihoTI/rGSXaKLbgqzKrdN6cQgwprbbp97olIeAriVq5m
XtwpxwHNC+Yt9zWsDrAy8EH4GsluDgdiKys7aiCOAI2nrs6cANe0zu6nswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAHC5W03Ji6BYv1qOTwhbtL9zLQ1MB8GA1UdIwQY
MBaAFG0IjO8o4Cr30A8peBbFX448Q9U1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYt
ZmVlOGVhZjczYjBkLzEvQWNMbGJUY21Mb0ZpX1dvNVBDRnUwdjNNdERVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYtZmVlOGVhZjczYjBk
LzEvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVtCMA0G
CSqGSIb3DQEBCwUAA4IBAQCbNEkH7EK7YNWu0JjnB7oWnt8ISSofOwaj5PEIONb8
Jcnawe/gNbsVJ+aCITXDrLS43XkE0+0zJ8B8L/V2brFDztwNd9fIU4IHjoA8cdf1
IoeivW75ZZ3DD/Z8aPgBm4xq0Tir1tBqMryCWXpIVvzcvSeBthPf1MmNqjngY5hS
51BNycrfyOoMRK5C/b9sOpE4DUVKEP3ZUOmyIq5FbGKEf5HYYq0OoVhm+jHuTbHp
J0GpplrsYp7bepsCrDkBnQRX2WjYcVFyPou9EvIctzm3TJe7VTqSeEWwRb/keslS
4ah7QR/g/vUotXW5vMIDNGYbnR4tFzLNhSiTTfGu1JR/
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:47:58 2024 by rpki-client on console-ams.rpki-client.org