Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/2485f5-df3e-4dba-810e-fe440111d807/1/S4vrF7I9DHNgUvtvqbNE6ECj228.roa
File: S4vrF7I9DHNgUvtvqbNE6ECj228.roa (raw, json)
Hash identifier: EZ99gSIfgOm6ZjYODSZFL7JjM3CmsIg1jhHAiFF21k4=
Subject key identifier: 4B:8B:EB:17:B2:3D:0C:73:60:52:FB:6F:A9:B3:44:E8:40:A3:DB:6F
Certificate issuer: /CN=1d87f30274951cadfb5b737e1333c73d64b04256
Certificate serial: 018CC80199362060BE5A45B86338D557A981
Authority key identifier: 1D:87:F3:02:74:95:1C:AD:FB:5B:73:7E:13:33:C7:3D:64:B0:42:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYfzAnSVHK37W3N-EzPHPWSwQlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/2485f5-df3e-4dba-810e-fe440111d807/1/S4vrF7I9DHNgUvtvqbNE6ECj228.roa
Signing time: Tue 02 Jan 2024 02:29:57 +0000
ROA not before: Tue 02 Jan 2024 02:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49964
IP address blocks: 91.220.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/2485f5-df3e-4dba-810e-fe440111d807/1/HYfzAnSVHK37W3N-EzPHPWSwQlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/2485f5-df3e-4dba-810e-fe440111d807/1/HYfzAnSVHK37W3N-EzPHPWSwQlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/HYfzAnSVHK37W3N-EzPHPWSwQlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:99:36:20:60:be:5a:45:b8:63:38:d5:57:a9:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d87f30274951cadfb5b737e1333c73d64b04256
Validity
Not Before: Jan 2 02:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b8beb17b23d0c736052fb6fa9b344e840a3db6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:46:70:7f:08:79:c3:ef:02:3b:9e:0a:22:dc:
7e:34:16:bf:08:2e:cb:d2:3f:37:ae:a3:a0:7a:44:
1f:b5:ce:05:1a:1d:e6:2b:a6:14:08:69:dc:ef:c8:
37:27:1e:71:64:83:96:72:43:88:2f:91:65:41:76:
ab:8d:c6:01:e8:b4:b1:c4:47:80:18:bd:32:ca:fa:
33:0c:db:bb:4a:8e:8a:55:c6:c4:6d:e6:4c:de:0b:
29:bb:91:fe:9b:89:0f:b3:13:39:fb:b7:25:36:64:
b8:a3:b4:fd:7c:05:af:76:79:f7:26:ae:de:83:9e:
cf:8a:86:c9:db:2e:91:90:36:af:19:04:b1:c4:1d:
f6:6f:64:87:e4:ae:88:76:40:66:14:6b:62:da:95:
88:69:d2:83:85:f3:84:10:8d:8c:14:e7:e1:8b:49:
48:0e:27:ce:5c:6d:03:35:d7:3f:4a:f6:7a:8b:6f:
1a:a7:fe:d5:5e:ea:35:cf:02:64:ff:cf:22:9a:e3:
0a:4d:2e:d0:9b:e5:d9:31:6f:36:dc:88:2b:88:d9:
58:bd:a2:fa:97:7d:fc:16:4d:50:6a:c5:07:74:4c:
7d:b6:d4:20:1c:47:79:05:03:3f:d2:13:fb:d1:42:
94:bd:9e:e7:c7:18:e0:2c:2f:5e:1c:0b:4d:5a:29:
ec:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:8B:EB:17:B2:3D:0C:73:60:52:FB:6F:A9:B3:44:E8:40:A3:DB:6F
X509v3 Authority Key Identifier:
keyid:1D:87:F3:02:74:95:1C:AD:FB:5B:73:7E:13:33:C7:3D:64:B0:42:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYfzAnSVHK37W3N-EzPHPWSwQlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/2485f5-df3e-4dba-810e-fe440111d807/1/S4vrF7I9DHNgUvtvqbNE6ECj228.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/2485f5-df3e-4dba-810e-fe440111d807/1/HYfzAnSVHK37W3N-EzPHPWSwQlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.111.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:3c:f8:82:00:60:ea:54:2e:9f:eb:de:7b:f6:af:5c:ec:f5:
13:fa:4b:fc:28:04:2e:0c:05:b3:c7:c1:2d:a2:e3:1d:87:0d:
9c:61:05:1c:09:44:40:34:79:c4:bb:e6:4f:04:4e:cd:22:3a:
40:63:24:d8:a9:ea:f3:ca:7a:de:fa:27:9d:70:7a:01:26:d0:
5b:61:cb:13:50:d4:5a:c5:71:9a:a7:56:2b:86:1e:78:a5:4f:
cc:0a:c5:33:17:67:af:0c:62:00:e4:f8:7b:a2:5c:6e:11:39:
49:c1:7e:b7:2c:14:0a:b3:05:60:28:d5:f6:2e:14:9a:df:32:
3e:34:6d:04:cb:19:28:67:26:76:61:5e:33:2d:e7:2e:9d:98:
a9:0d:f0:b4:2a:12:cc:1d:a0:e4:03:6d:8a:97:fc:37:a2:67:
5d:d7:5a:e4:ff:42:4d:49:69:26:2f:96:4b:af:3a:05:09:cf:
3c:b2:f7:ff:62:77:30:18:43:79:72:71:ec:45:13:0a:df:87:
5d:47:e8:6f:b9:1c:1f:32:11:9e:5a:b7:5a:42:4c:cc:74:64:
6b:c6:77:68:4e:a2:e1:f5:54:67:22:1a:55:01:80:d2:69:2d:
24:80:ae:15:9b:cc:19:15:20:6d:8a:2e:77:1a:d2:e2:bf:f5:
11:a6:c1:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAZk2IGC+WkW4YzjVV6mBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODdmMzAyNzQ5NTFjYWRmYjViNzM3ZTEzMzNjNzNkNjRi
MDQyNTYwHhcNMjQwMTAyMDIyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjhiZWIxN2IyM2QwYzczNjA1MmZiNmZhOWIzNDRlODQwYTNkYjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUZwfwh5w+8CO54KItx+NBa/CC7L
0j83rqOgekQftc4FGh3mK6YUCGnc78g3Jx5xZIOWckOIL5FlQXarjcYB6LSxxEeA
GL0yyvozDNu7So6KVcbEbeZM3gspu5H+m4kPsxM5+7clNmS4o7T9fAWvdnn3Jq7e
g57PiobJ2y6RkDavGQSxxB32b2SH5K6IdkBmFGti2pWIadKDhfOEEI2MFOfhi0lI
DifOXG0DNdc/SvZ6i28ap/7VXuo1zwJk/88imuMKTS7Qm+XZMW823IgriNlYvaL6
l338Fk1QasUHdEx9ttQgHEd5BQM/0hP70UKUvZ7nxxjgLC9eHAtNWins3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEuL6xeyPQxzYFL7b6mzROhAo9tvMB8GA1UdIwQY
MBaAFB2H8wJ0lRyt+1tzfhMzxz1ksEJWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlmekFuU1ZISzM3VzNOLUV6UEhQV1N3UWxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8yNDg1ZjUtZGYzZS00ZGJhLTgxMGUt
ZmU0NDAxMTFkODA3LzEvUzR2ckY3STlESE5nVXZ0dnFiTkU2RUNqMjI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8yNDg1ZjUtZGYzZS00ZGJhLTgxMGUtZmU0NDAxMTFkODA3
LzEvSFlmekFuU1ZISzM3VzNOLUV6UEhQV1N3UWxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9xvMA0G
CSqGSIb3DQEBCwUAA4IBAQAKPPiCAGDqVC6f69579q9c7PUT+kv8KAQuDAWzx8Et
ouMdhw2cYQUcCURANHnEu+ZPBE7NIjpAYyTYqerzynre+iedcHoBJtBbYcsTUNRa
xXGap1Yrhh54pU/MCsUzF2evDGIA5Ph7olxuETlJwX63LBQKswVgKNX2LhSa3zI+
NG0EyxkoZyZ2YV4zLecunZipDfC0KhLMHaDkA22Kl/w3omdd11rk/0JNSWkmL5ZL
rzoFCc88svf/YncwGEN5cnHsRRMK34ddR+hvuRwfMhGeWrdaQkzMdGRrxndoTqLh
9VRnIhpVAYDSaS0kgK4Vm8wZFSBtii53GtLiv/URpsFX
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:00:43 2024 by rpki-client on console-fra.rpki-client.org