Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/T5hLDt_4AhBr4gQVD0Tu2knK7lY.roa
File: T5hLDt_4AhBr4gQVD0Tu2knK7lY.roa (raw, json)
Hash identifier: R+j2XNy4EMPPsCzq0eZt9zSzy0hjDPoJvJOPBTovIng=
Subject key identifier: 4F:98:4B:0E:DF:F8:02:10:6B:E2:04:15:0F:44:EE:DA:49:CA:EE:56
Certificate issuer: /CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Certificate serial: 0192208A531FBA3CA31651AA50FDE3D49D06
Authority key identifier: AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/T5hLDt_4AhBr4gQVD0Tu2knK7lY.roa
Signing time: Mon 23 Sep 2024 20:19:49 +0000
ROA not before: Mon 23 Sep 2024 20:19:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201119
IP address blocks: 91.228.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.mft
rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:20:8a:53:1f:ba:3c:a3:16:51:aa:50:fd:e3:d4:9d:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Validity
Not Before: Sep 23 20:19:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f984b0edff802106be204150f44eeda49caee56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:04:a6:86:e7:cc:48:42:c9:6f:84:2d:ce:7c:
a9:61:3f:b3:06:2f:2e:9b:f6:23:d8:af:aa:e4:06:
e9:80:2b:35:24:e7:0a:88:1b:2a:21:38:98:6d:f6:
19:3e:a6:f0:11:d9:75:4d:d2:5b:93:d4:26:bc:67:
18:71:90:1b:27:1f:bd:9a:93:47:80:fc:06:31:bb:
4a:6f:40:d4:74:c4:80:e6:75:13:75:04:e2:e7:89:
54:ac:c6:a3:56:c7:dc:95:e1:2f:bb:32:4a:3d:a4:
3c:56:d6:87:98:e5:2b:05:13:cb:91:c6:f2:33:5c:
90:27:4e:7f:48:30:cc:d0:fe:26:b0:dd:44:a8:17:
da:9b:23:5e:d6:90:09:37:ea:45:08:bc:bd:d8:95:
0f:84:f0:21:93:d2:3e:97:ae:17:3a:fc:7b:71:ce:
08:f1:6e:6e:ca:10:30:7d:02:54:9a:3d:2f:a4:f3:
c2:da:8a:8c:fe:c2:2b:ca:22:5d:9a:23:73:f7:17:
10:eb:74:3f:7c:90:4b:f3:28:dc:6b:b6:db:66:e6:
3b:87:e5:8c:09:4b:aa:39:bd:66:e7:12:48:17:5a:
1f:4a:24:08:a3:43:67:8a:dc:73:ef:e7:f3:f6:74:
4b:8e:c0:10:a6:ba:34:09:54:cf:49:34:e8:39:00:
20:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:98:4B:0E:DF:F8:02:10:6B:E2:04:15:0F:44:EE:DA:49:CA:EE:56
X509v3 Authority Key Identifier:
keyid:AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/T5hLDt_4AhBr4gQVD0Tu2knK7lY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.202.0/24
Signature Algorithm: sha256WithRSAEncryption
68:53:8b:fc:67:41:96:b9:23:1e:98:f2:34:ba:01:f9:e0:32:
7a:71:28:a4:8f:dc:05:8e:78:50:9e:4a:b3:2c:61:6c:65:47:
fb:f7:9e:aa:7c:fb:db:a6:54:88:f7:2d:03:57:15:7a:58:af:
f2:de:93:8b:39:c4:19:42:3c:78:a1:0a:02:ef:39:dd:b1:4a:
0a:0b:9e:22:7c:1b:ab:a8:d4:13:b4:53:49:53:78:d2:54:f1:
49:b2:d2:14:2c:ad:2d:be:cb:5b:ba:9a:49:21:9a:80:61:57:
17:cf:3b:22:87:62:98:1e:43:09:de:21:e9:2b:3e:4e:8c:49:
fd:52:c0:79:4d:66:a2:8f:74:c9:ee:75:34:f4:d6:77:50:4e:
7a:de:e9:8c:5c:d7:73:da:f0:05:4f:d5:17:1f:fa:fe:93:9e:
7c:8e:20:da:66:5e:52:1d:18:d7:06:59:b6:e1:9d:f7:07:8c:
e0:17:c1:92:35:4f:cd:07:12:6b:4d:09:a5:48:ef:3a:e9:c5:
39:b2:6d:c4:76:29:70:87:4b:2a:0b:56:90:7a:1e:7a:13:c8:
93:31:44:22:4b:48:12:e7:8c:88:9b:1c:69:0e:85:e2:68:9d:
2e:75:be:cf:94:78:68:94:15:85:6d:f0:42:e0:63:d3:5c:64:
b4:57:14:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIgilMfujyjFlGqUP3j1J0GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNWU5M2Y5MDIzNTRjZTQ4MDRiNGNiMDQ5Y2Y2OGIyMGY3
NmFlYjIwHhcNMjQwOTIzMjAxOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Zjk4NGIwZWRmZjgwMjEwNmJlMjA0MTUwZjQ0ZWVkYTQ5Y2FlZTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQSmhufMSELJb4QtznypYT+zBi8u
m/Yj2K+q5AbpgCs1JOcKiBsqITiYbfYZPqbwEdl1TdJbk9QmvGcYcZAbJx+9mpNH
gPwGMbtKb0DUdMSA5nUTdQTi54lUrMajVsfcleEvuzJKPaQ8VtaHmOUrBRPLkcby
M1yQJ05/SDDM0P4msN1EqBfamyNe1pAJN+pFCLy92JUPhPAhk9I+l64XOvx7cc4I
8W5uyhAwfQJUmj0vpPPC2oqM/sIryiJdmiNz9xcQ63Q/fJBL8yjca7bbZuY7h+WM
CUuqOb1m5xJIF1ofSiQIo0Nnitxz7+fz9nRLjsAQpro0CVTPSTToOQAgwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE+YSw7f+AIQa+IEFQ9E7tpJyu5WMB8GA1UdIwQY
MBaAFK9ek/kCNUzkgEtMsEnPaLIPdq6yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWIt
N2UwNWFkMDE5MGNlLzEvVDVoTER0XzRBaEJyNGdRVkQwVHUya25LN2xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWItN2UwNWFkMDE5MGNl
LzEvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+TKMA0G
CSqGSIb3DQEBCwUAA4IBAQBoU4v8Z0GWuSMemPI0ugH54DJ6cSikj9wFjnhQnkqz
LGFsZUf7956qfPvbplSI9y0DVxV6WK/y3pOLOcQZQjx4oQoC7zndsUoKC54ifBur
qNQTtFNJU3jSVPFJstIULK0tvstbuppJIZqAYVcXzzsih2KYHkMJ3iHpKz5OjEn9
UsB5TWaij3TJ7nU09NZ3UE563umMXNdz2vAFT9UXH/r+k558jiDaZl5SHRjXBlm2
4Z33B4zgF8GSNU/NBxJrTQmlSO866cU5sm3Edilwh0sqC1aQeh56E8iTMUQiS0gS
54yImxxpDoXiaJ0udb7PlHholBWFbfBC4GPTXGS0VxQ/
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:05:25 2024 by rpki-client on console-ams.rpki-client.org