Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/0acf2d-5d62-43f3-8d14-4e0cc58163b0/1/_3cWirOd-rGYOKH0PZ-0AOkN2tE.roa
File: _3cWirOd-rGYOKH0PZ-0AOkN2tE.roa (raw, json)
Hash identifier: CDU1qRhsQws+rMDeXDbN4WQuXFY4lEq+1F4uRii0XnU=
Subject key identifier: FF:77:16:8A:B3:9D:FA:B1:98:38:A1:F4:3D:9F:B4:00:E9:0D:DA:D1
Certificate issuer: /CN=776fae43f73da35fe1a2e429662ae0b91751e3fb
Certificate serial: 018D32C50E342A5DA7CB6826E4FE0269CAE7
Authority key identifier: 77:6F:AE:43:F7:3D:A3:5F:E1:A2:E4:29:66:2A:E0:B9:17:51:E3:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d2-uQ_c9o1_houQpZirguRdR4_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/0acf2d-5d62-43f3-8d14-4e0cc58163b0/1/_3cWirOd-rGYOKH0PZ-0AOkN2tE.roa
Signing time: Mon 22 Jan 2024 20:03:11 +0000
ROA not before: Mon 22 Jan 2024 20:03:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6698
IP address blocks: 91.230.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/0acf2d-5d62-43f3-8d14-4e0cc58163b0/1/d2-uQ_c9o1_houQpZirguRdR4_s.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/0acf2d-5d62-43f3-8d14-4e0cc58163b0/1/d2-uQ_c9o1_houQpZirguRdR4_s.mft
rsync://rpki.ripe.net/repository/DEFAULT/d2-uQ_c9o1_houQpZirguRdR4_s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:32:c5:0e:34:2a:5d:a7:cb:68:26:e4:fe:02:69:ca:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=776fae43f73da35fe1a2e429662ae0b91751e3fb
Validity
Not Before: Jan 22 20:03:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff77168ab39dfab19838a1f43d9fb400e90ddad1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:44:be:74:b8:ae:14:84:80:80:ec:37:72:34:
51:c4:ae:e6:3a:21:9f:53:c3:38:de:92:99:f9:37:
25:84:e9:6d:ae:91:a0:60:f6:87:56:25:c4:ba:68:
09:d2:ed:a5:a4:0b:48:8b:ef:63:04:23:05:f3:a0:
36:e9:69:0f:d5:58:a2:40:b1:94:e1:f4:83:e8:87:
21:79:e0:ed:b9:6b:42:c4:2a:5e:21:20:35:dc:40:
90:e1:72:10:44:97:e3:33:17:eb:46:3f:a3:58:7a:
cc:d5:d1:9a:4f:6d:a6:4b:4d:b9:82:33:d3:37:6b:
66:a7:5c:32:65:91:68:bc:da:86:c7:5b:e0:a7:c1:
d7:e5:86:d7:75:35:fd:b9:7e:fe:fe:b0:ee:78:1f:
af:1f:4c:0d:6d:2f:56:89:09:2a:a5:61:62:da:61:
7f:04:c9:e9:42:02:c1:67:33:62:91:d2:02:15:35:
54:4a:4f:41:69:bb:fb:02:11:aa:fd:94:7d:76:62:
c2:a7:18:ab:40:0d:63:30:96:31:66:f5:c6:cf:81:
30:29:e0:8a:71:1a:ca:bc:92:f3:6c:8e:96:3e:ce:
99:68:65:6b:5c:0b:86:f2:77:b4:34:b1:e4:23:33:
50:08:f1:c4:52:b8:d5:95:61:99:ec:b0:d6:0e:95:
68:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:77:16:8A:B3:9D:FA:B1:98:38:A1:F4:3D:9F:B4:00:E9:0D:DA:D1
X509v3 Authority Key Identifier:
keyid:77:6F:AE:43:F7:3D:A3:5F:E1:A2:E4:29:66:2A:E0:B9:17:51:E3:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2-uQ_c9o1_houQpZirguRdR4_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0acf2d-5d62-43f3-8d14-4e0cc58163b0/1/_3cWirOd-rGYOKH0PZ-0AOkN2tE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0acf2d-5d62-43f3-8d14-4e0cc58163b0/1/d2-uQ_c9o1_houQpZirguRdR4_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.121.0/24
Signature Algorithm: sha256WithRSAEncryption
06:2b:01:3d:ea:8c:c9:07:00:d9:b1:b1:5c:87:8c:ef:3f:0c:
f4:2f:f9:bd:66:f9:07:bf:42:1a:19:1c:1a:71:91:e8:59:cd:
0f:8c:f2:b3:e1:dc:30:65:81:c1:87:4d:ee:92:cb:b1:6a:30:
8c:9b:a9:d3:7f:80:bc:4d:41:fb:53:62:af:31:b7:f6:08:a3:
7a:2e:38:62:f9:0d:ba:76:32:05:a1:1f:cd:89:d3:be:91:97:
6e:4a:30:ff:b4:82:e1:fc:11:eb:35:32:f4:c5:d8:f1:fc:c2:
f0:98:75:0c:10:4b:5e:bb:49:f4:05:05:5a:90:66:b6:7f:a1:
3b:42:5b:f2:fc:35:36:48:e7:62:59:ce:db:a7:4d:9f:50:65:
ac:97:b1:14:98:cf:ba:cc:35:fe:f9:ff:74:8e:3e:69:93:3c:
fa:72:da:66:6e:9b:64:7b:6f:0b:97:bf:dc:60:62:0a:8c:b2:
65:76:55:b1:55:f5:3e:2a:82:c5:71:a4:87:cb:cf:23:30:26:
81:fb:db:df:cd:55:1d:c8:11:44:37:fe:e6:8d:a4:e1:c4:80:
76:6a:ab:bc:33:c3:dc:3c:e9:9a:56:80:7e:34:51:2e:55:71:
3c:bc:a9:ca:ba:01:3d:44:6c:d3:b1:f1:d5:25:3f:ca:e9:27:
30:c6:b1:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0yxQ40Kl2ny2gm5P4CacrnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NmZhZTQzZjczZGEzNWZlMWEyZTQyOTY2MmFlMGI5MTc1
MWUzZmIwHhcNMjQwMTIyMjAwMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjc3MTY4YWIzOWRmYWIxOTgzOGExZjQzZDlmYjQwMGU5MGRkYWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiES+dLiuFISAgOw3cjRRxK7mOiGf
U8M43pKZ+TclhOltrpGgYPaHViXEumgJ0u2lpAtIi+9jBCMF86A26WkP1ViiQLGU
4fSD6IcheeDtuWtCxCpeISA13ECQ4XIQRJfjMxfrRj+jWHrM1dGaT22mS025gjPT
N2tmp1wyZZFovNqGx1vgp8HX5YbXdTX9uX7+/rDueB+vH0wNbS9WiQkqpWFi2mF/
BMnpQgLBZzNikdICFTVUSk9Babv7AhGq/ZR9dmLCpxirQA1jMJYxZvXGz4EwKeCK
cRrKvJLzbI6WPs6ZaGVrXAuG8ne0NLHkIzNQCPHEUrjVlWGZ7LDWDpVo/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP93FoqznfqxmDih9D2ftADpDdrRMB8GA1UdIwQY
MBaAFHdvrkP3PaNf4aLkKWYq4LkXUeP7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDItdVFfYzlvMV9ob3VRcFppcmd1UmRSNF9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wYWNmMmQtNWQ2Mi00M2YzLThkMTQt
NGUwY2M1ODE2M2IwLzEvXzNjV2lyT2QtckdZT0tIMFBaLTBBT2tOMnRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wYWNmMmQtNWQ2Mi00M2YzLThkMTQtNGUwY2M1ODE2M2Iw
LzEvZDItdVFfYzlvMV9ob3VRcFppcmd1UmRSNF9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+Z5MA0G
CSqGSIb3DQEBCwUAA4IBAQAGKwE96ozJBwDZsbFch4zvPwz0L/m9ZvkHv0IaGRwa
cZHoWc0PjPKz4dwwZYHBh03uksuxajCMm6nTf4C8TUH7U2KvMbf2CKN6Ljhi+Q26
djIFoR/NidO+kZduSjD/tILh/BHrNTL0xdjx/MLwmHUMEEteu0n0BQVakGa2f6E7
Qlvy/DU2SOdiWc7bp02fUGWsl7EUmM+6zDX++f90jj5pkzz6ctpmbptke28Ll7/c
YGIKjLJldlWxVfU+KoLFcaSHy88jMCaB+9vfzVUdyBFEN/7mjaThxIB2aqu8M8Pc
POmaVoB+NFEuVXE8vKnKugE9RGzTsfHVJT/K6ScwxrH7
-----END CERTIFICATE-----
Generated at Mon May 20 17:41:32 2024 by rpki-client on console-ams.rpki-client.org