Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/vZ5QVu5-r3zXVUWUc79AzKzJ-M0.roa
File: vZ5QVu5-r3zXVUWUc79AzKzJ-M0.roa (raw, json)
Hash identifier: BlnXH0HsjaSrf0ef+5Fspw1sC2Z5kuVCIkbJiq0EYGo=
Subject key identifier: BD:9E:50:56:EE:7E:AF:7C:D7:55:45:94:73:BF:40:CC:AC:C9:F8:CD
Certificate issuer: /CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Certificate serial: 01913C62F9721880A74B6953F18B006FBAF0
Authority key identifier: 6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/vZ5QVu5-r3zXVUWUc79AzKzJ-M0.roa
Signing time: Sat 10 Aug 2024 13:03:24 +0000
ROA not before: Sat 10 Aug 2024 13:03:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216319
IP address blocks: 77.91.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.mft
rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 08:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:3c:62:f9:72:18:80:a7:4b:69:53:f1:8b:00:6f:ba:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Validity
Not Before: Aug 10 13:03:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd9e5056ee7eaf7cd755459473bf40ccacc9f8cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:da:cc:64:46:a5:53:1a:6a:21:5d:b7:7e:c6:
fe:70:04:fe:13:ba:e7:15:35:7e:ad:6c:5a:57:ae:
92:db:d8:a0:e7:fd:5f:56:d5:4a:16:23:07:af:31:
59:01:a3:68:38:9d:bf:a9:65:e4:58:51:d6:36:83:
ff:9e:19:56:15:e7:51:e2:10:3c:c8:dd:bb:d2:d9:
2e:c4:63:17:ae:15:d2:ef:65:bd:ec:18:ac:30:25:
06:e0:27:33:87:a9:fa:d0:68:62:21:3c:08:29:01:
45:95:49:d3:8d:e1:0d:94:02:53:b8:2b:d3:91:96:
93:00:41:4d:79:67:b7:9c:bf:2d:eb:c5:d5:9f:72:
5e:e0:ab:88:95:92:58:86:94:41:83:11:a8:c3:24:
dc:87:3b:54:7a:cc:18:c6:f9:15:e4:77:50:2a:e5:
9f:ee:33:75:e4:6a:36:aa:54:87:af:c5:8f:fe:4c:
05:43:57:af:38:98:96:19:a8:72:a3:c7:6e:aa:6b:
e0:6a:1a:2b:dc:bf:b7:73:a2:26:66:ad:88:96:43:
0e:da:4b:f6:03:ee:a8:ab:70:97:8d:8a:a6:2e:8b:
cb:36:3d:00:cb:11:5f:50:56:53:ed:57:50:d5:38:
1e:e9:7f:99:db:e4:54:a4:73:b6:fa:45:35:6f:78:
85:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:9E:50:56:EE:7E:AF:7C:D7:55:45:94:73:BF:40:CC:AC:C9:F8:CD
X509v3 Authority Key Identifier:
keyid:6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/vZ5QVu5-r3zXVUWUc79AzKzJ-M0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.76.0/24
Signature Algorithm: sha256WithRSAEncryption
79:b6:5f:93:14:1e:ee:1c:c0:ef:06:91:c0:22:9c:84:e7:ea:
37:2e:c3:35:d5:6c:91:54:d9:e3:9a:b5:c3:d9:de:d7:ab:0d:
e6:ee:3a:23:34:4f:ff:34:f7:eb:02:4e:68:50:51:b4:4d:ce:
4b:e0:99:06:8c:3c:ea:46:85:de:22:da:38:60:ed:9f:c0:11:
91:84:07:98:d3:87:47:4e:93:ad:d9:c8:54:8f:32:f2:77:79:
66:b4:db:a7:3e:d4:61:c3:91:51:2f:fe:d8:93:c6:16:17:5f:
12:9f:bd:63:b5:de:f7:dd:07:34:77:c0:0d:d5:78:8d:af:c2:
a9:91:79:21:35:16:9a:ee:47:db:8a:2a:be:ca:96:2e:d1:d9:
8c:fd:87:b4:2d:f5:7f:8d:19:06:37:03:1c:ef:55:e2:22:6f:
98:55:88:79:6d:73:24:68:8c:fb:26:0b:fe:9a:31:b0:de:96:
45:df:24:96:e2:69:e9:ab:16:60:58:f4:a0:4f:bf:7b:99:21:
6b:61:ce:1a:62:a2:88:86:03:d4:79:35:9b:d0:23:1a:3b:4b:
63:22:72:12:ed:02:71:b5:7f:11:cc:cc:41:e2:d1:d2:46:0e:
e8:05:dd:ad:11:b0:1f:fd:9c:13:e3:31:36:47:5f:74:3c:f3:
20:85:0c:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZE8YvlyGICnS2lT8YsAb7rwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDg4Y2VmMjhlMDJhZjdkMDBmMjk3ODE2YzU1ZjhlM2M0
M2Q1MzUwHhcNMjQwODEwMTMwMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDllNTA1NmVlN2VhZjdjZDc1NTQ1OTQ3M2JmNDBjY2FjYzlmOGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdrMZEalUxpqIV23fsb+cAT+E7rn
FTV+rWxaV66S29ig5/1fVtVKFiMHrzFZAaNoOJ2/qWXkWFHWNoP/nhlWFedR4hA8
yN270tkuxGMXrhXS72W97BisMCUG4Cczh6n60GhiITwIKQFFlUnTjeENlAJTuCvT
kZaTAEFNeWe3nL8t68XVn3Je4KuIlZJYhpRBgxGowyTchztUeswYxvkV5HdQKuWf
7jN15Go2qlSHr8WP/kwFQ1evOJiWGahyo8duqmvgahor3L+3c6ImZq2IlkMO2kv2
A+6oq3CXjYqmLovLNj0AyxFfUFZT7VdQ1Tge6X+Z2+RUpHO2+kU1b3iFLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL2eUFbufq9811VFlHO/QMysyfjNMB8GA1UdIwQY
MBaAFG0IjO8o4Cr30A8peBbFX448Q9U1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYt
ZmVlOGVhZjczYjBkLzEvdlo1UVZ1NS1yM3pYVlVXVWM3OUF6S3pKLU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYtZmVlOGVhZjczYjBk
LzEvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVtMMA0G
CSqGSIb3DQEBCwUAA4IBAQB5tl+TFB7uHMDvBpHAIpyE5+o3LsM11WyRVNnjmrXD
2d7Xqw3m7jojNE//NPfrAk5oUFG0Tc5L4JkGjDzqRoXeIto4YO2fwBGRhAeY04dH
TpOt2chUjzLyd3lmtNunPtRhw5FRL/7Yk8YWF18Sn71jtd733Qc0d8AN1XiNr8Kp
kXkhNRaa7kfbiiq+ypYu0dmM/Ye0LfV/jRkGNwMc71XiIm+YVYh5bXMkaIz7Jgv+
mjGw3pZF3ySW4mnpqxZgWPSgT797mSFrYc4aYqKIhgPUeTWb0CMaO0tjInIS7QJx
tX8RzMxB4tHSRg7oBd2tEbAf/ZwT4zE2R190PPMghQyb
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:44:02 2024 by rpki-client on console-fra.rpki-client.org