Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/9ajk4C0pzz7yg9W0Aq8P1ySxK8g.roa
File: 9ajk4C0pzz7yg9W0Aq8P1ySxK8g.roa (raw, json)
Hash identifier: yrHMfMl0cV9//UA5WgUOsmD+HjwatvUMH3SNL5LUKiY=
Subject key identifier: F5:A8:E4:E0:2D:29:CF:3E:F2:83:D5:B4:02:AF:0F:D7:24:B1:2B:C8
Certificate issuer: /CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Certificate serial: 018CC4933B1828AFF92C68C74433023AC5F1
Authority key identifier: AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/9ajk4C0pzz7yg9W0Aq8P1ySxK8g.roa
Signing time: Mon 01 Jan 2024 10:30:32 +0000
ROA not before: Mon 01 Jan 2024 10:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57270
IP address blocks: 91.231.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.mft
rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:3b:18:28:af:f9:2c:68:c7:44:33:02:3a:c5:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Validity
Not Before: Jan 1 10:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5a8e4e02d29cf3ef283d5b402af0fd724b12bc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6f:eb:1b:42:4b:46:1e:9c:36:2a:90:b1:16:
a1:66:90:a9:59:76:d2:aa:24:16:4f:bb:04:e0:e9:
64:ae:44:63:13:90:72:0c:56:50:af:d0:78:cb:6b:
eb:b5:3d:55:63:41:f6:80:e2:0a:1f:f5:f0:e4:1a:
32:09:ee:08:fa:f9:c4:73:3e:b0:09:da:e0:a2:11:
5f:c5:bd:ef:6a:42:46:9a:e9:30:17:40:4a:e9:8d:
3b:c3:e0:bb:61:83:c2:2b:87:1c:60:49:8e:08:00:
56:2e:06:55:8e:a7:ea:1c:fb:32:35:85:89:83:ef:
1a:0f:63:c3:e0:ff:ab:01:dc:26:7a:5b:88:0f:2a:
16:01:e7:14:ae:85:12:d3:8c:1e:82:1f:26:22:6f:
b4:78:52:c9:6c:43:cb:2a:d4:fc:c2:93:73:cc:c3:
96:56:b3:85:3b:c1:5a:03:63:16:1d:9b:82:75:06:
e2:ce:8c:a8:9a:d6:36:81:c5:c0:c6:b5:4a:38:db:
af:20:b1:ca:f4:e6:4a:9e:93:1d:44:96:06:13:ab:
8f:b4:87:2f:07:f5:10:36:eb:cc:c3:f1:58:78:c9:
03:b5:23:bb:24:c6:ff:33:1a:65:bf:0e:7d:57:5a:
4f:95:7d:05:72:da:03:e3:ee:d2:26:7d:cb:10:c3:
f7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A8:E4:E0:2D:29:CF:3E:F2:83:D5:B4:02:AF:0F:D7:24:B1:2B:C8
X509v3 Authority Key Identifier:
keyid:AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/9ajk4C0pzz7yg9W0Aq8P1ySxK8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.190.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:b5:fb:45:38:22:a5:0d:ac:ea:f8:cd:a0:6b:b7:93:82:94:
6b:28:4a:1c:c4:45:33:48:9e:6c:2e:4f:0a:97:e1:5b:d2:fe:
c2:46:24:1d:fc:ef:b4:eb:0a:ce:d0:21:e8:d8:36:35:2a:37:
98:38:78:9b:c7:bf:fd:1a:28:37:38:a9:e3:f7:c0:77:bd:6d:
b9:e6:b3:5f:b0:3b:bc:e9:3b:05:04:90:87:97:33:67:7c:90:
c0:65:93:75:2a:30:39:df:1c:9f:3d:9c:6a:82:0a:62:b1:38:
aa:ac:18:0f:15:9e:a7:58:17:c4:40:57:3e:b5:af:8a:9a:e1:
e5:fe:ef:56:06:9b:61:31:85:af:2b:a5:e0:9f:4d:52:65:7e:
7e:06:0e:23:69:12:6a:ce:ab:d0:38:d5:d1:fc:e2:3d:53:ca:
45:a9:39:dd:a2:97:4e:fe:0a:6c:1c:9c:33:0c:4e:30:24:aa:
dd:4d:56:f4:6d:03:34:5c:70:d2:7b:8a:c8:72:a5:4a:b6:67:
a8:9c:26:5e:42:7a:10:2a:95:b5:a5:1d:a2:07:e5:33:0e:76:
ed:52:33:7f:bf:30:fa:65:0d:c4:bf:70:de:64:a0:4f:a1:70:
bd:62:08:6d:a7:86:96:1f:10:2c:99:bf:9b:5a:d2:b0:42:db:
5a:90:1d:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkzsYKK/5LGjHRDMCOsXxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNWU5M2Y5MDIzNTRjZTQ4MDRiNGNiMDQ5Y2Y2OGIyMGY3
NmFlYjIwHhcNMjQwMTAxMTAzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWE4ZTRlMDJkMjljZjNlZjI4M2Q1YjQwMmFmMGZkNzI0YjEyYmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArW/rG0JLRh6cNiqQsRahZpCpWXbS
qiQWT7sE4OlkrkRjE5ByDFZQr9B4y2vrtT1VY0H2gOIKH/Xw5BoyCe4I+vnEcz6w
CdrgohFfxb3vakJGmukwF0BK6Y07w+C7YYPCK4ccYEmOCABWLgZVjqfqHPsyNYWJ
g+8aD2PD4P+rAdwmeluIDyoWAecUroUS04wegh8mIm+0eFLJbEPLKtT8wpNzzMOW
VrOFO8FaA2MWHZuCdQbizoyomtY2gcXAxrVKONuvILHK9OZKnpMdRJYGE6uPtIcv
B/UQNuvMw/FYeMkDtSO7JMb/Mxplvw59V1pPlX0FctoD4+7SJn3LEMP33QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPWo5OAtKc8+8oPVtAKvD9cksSvIMB8GA1UdIwQY
MBaAFK9ek/kCNUzkgEtMsEnPaLIPdq6yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWIt
N2UwNWFkMDE5MGNlLzEvOWFqazRDMHB6ejd5ZzlXMEFxOFAxeVN4SzhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWItN2UwNWFkMDE5MGNl
LzEvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+e+MA0G
CSqGSIb3DQEBCwUAA4IBAQBOtftFOCKlDazq+M2ga7eTgpRrKEocxEUzSJ5sLk8K
l+Fb0v7CRiQd/O+06wrO0CHo2DY1KjeYOHibx7/9Gig3OKnj98B3vW255rNfsDu8
6TsFBJCHlzNnfJDAZZN1KjA53xyfPZxqggpisTiqrBgPFZ6nWBfEQFc+ta+KmuHl
/u9WBpthMYWvK6Xgn01SZX5+Bg4jaRJqzqvQONXR/OI9U8pFqTndopdO/gpsHJwz
DE4wJKrdTVb0bQM0XHDSe4rIcqVKtmeonCZeQnoQKpW1pR2iB+UzDnbtUjN/vzD6
ZQ3Ev3DeZKBPoXC9Yghtp4aWHxAsmb+bWtKwQttakB0T
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:05:25 2024 by rpki-client on console-ams.rpki-client.org