Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/hrrDqXEePBsnhqpzPraI0DtJqC0.roa
File: hrrDqXEePBsnhqpzPraI0DtJqC0.roa (raw, json)
Hash identifier: UeV3Er2CPUGu1ZKOf24Z7WPEv761KUbseJcvx3PMf6I=
Subject key identifier: 86:BA:C3:A9:71:1E:3C:1B:27:86:AA:73:3E:B6:88:D0:3B:49:A8:2D
Certificate issuer: /CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Certificate serial: 018CC4933A901908B7EB0AE15C88CB281351
Authority key identifier: AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/hrrDqXEePBsnhqpzPraI0DtJqC0.roa
Signing time: Mon 01 Jan 2024 10:30:32 +0000
ROA not before: Mon 01 Jan 2024 10:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57142
IP address blocks: 91.230.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.mft
rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:3a:90:19:08:b7:eb:0a:e1:5c:88:cb:28:13:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Validity
Not Before: Jan 1 10:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86bac3a9711e3c1b2786aa733eb688d03b49a82d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:69:fe:fc:d1:26:cb:8a:0f:ea:14:33:5c:d7:
fc:80:cd:e8:19:c2:01:94:77:77:13:64:f6:7b:70:
a1:4a:c4:3b:60:64:76:d1:41:e0:94:c6:64:45:53:
4b:7b:50:7f:15:fa:3a:72:e6:95:f4:81:86:0f:e9:
a0:b0:3f:0e:7e:fd:b4:12:2b:36:4b:92:1f:c3:68:
5b:79:2d:66:b3:b9:55:40:55:ac:98:db:6b:fa:5e:
43:a5:0d:a8:45:ea:f6:ba:06:08:f9:a1:1d:b4:98:
b7:7e:1f:54:8f:5c:aa:23:8b:53:cf:2c:fa:01:2d:
e5:4a:58:c6:2d:a8:dc:62:fd:55:9d:8e:53:a0:ac:
cf:b3:25:f5:0f:ea:e7:c9:cc:40:c0:4c:4b:a8:b4:
1c:d9:13:92:67:7c:76:c5:57:d1:aa:92:c4:78:f6:
d7:f1:4f:e1:76:3f:27:a5:b4:12:ca:9f:f2:4c:aa:
e3:98:6a:ec:e0:c5:6a:23:48:ac:52:e4:b6:a3:81:
d9:25:e0:50:49:a5:f4:a3:3e:24:3b:ea:d6:52:0e:
53:c0:01:d9:a6:58:1d:4d:10:58:21:22:31:eb:a1:
ab:d6:29:22:e0:9b:e0:be:85:af:4e:fc:fa:c5:66:
6e:c5:73:ec:2f:1a:38:52:25:d2:e8:04:79:e2:af:
a4:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:BA:C3:A9:71:1E:3C:1B:27:86:AA:73:3E:B6:88:D0:3B:49:A8:2D
X509v3 Authority Key Identifier:
keyid:AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/hrrDqXEePBsnhqpzPraI0DtJqC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.247.0/24
Signature Algorithm: sha256WithRSAEncryption
13:c4:c2:23:0c:d5:4a:01:e3:6c:38:ea:43:87:2e:57:7a:5c:
e8:bb:53:e6:32:f7:98:17:e4:1c:04:89:47:69:d3:85:3f:51:
8f:fc:67:51:ce:25:4c:df:46:bf:0c:02:5c:5d:e5:9a:44:70:
f4:4d:e3:96:73:a0:ea:71:86:8a:4f:c3:7e:2e:93:99:0e:ff:
15:a5:c4:9a:9c:05:d3:73:6f:cf:e3:b1:05:cc:b5:af:33:34:
47:a7:dd:bb:38:d9:bc:a4:b0:02:37:27:03:3a:94:9d:05:92:
0b:79:6e:e7:ef:e9:83:0b:99:6a:d8:67:ea:62:ea:3f:86:1e:
ba:0e:c1:8f:2d:eb:11:16:8b:8f:cf:9f:5b:87:0b:49:50:c6:
f8:c2:d0:1f:6c:d8:29:64:17:65:0c:76:5e:cf:52:ec:a8:e2:
53:b0:a8:4e:f4:a0:e2:30:bc:e3:16:92:d7:49:8f:97:f1:c3:
a1:d8:fa:f2:2a:95:56:2c:c8:e7:35:6b:62:81:d2:0c:d7:89:
cf:35:59:c6:d8:e5:35:58:c8:fd:47:54:ee:45:d2:7b:c7:72:
98:22:aa:fd:f4:01:19:91:34:c5:9b:50:da:b9:ad:af:09:53:
79:81:5c:a8:52:6a:92:22:33:33:bb:6f:e9:08:00:54:05:8f:
f5:c5:58:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkzqQGQi36wrhXIjLKBNRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNWU5M2Y5MDIzNTRjZTQ4MDRiNGNiMDQ5Y2Y2OGIyMGY3
NmFlYjIwHhcNMjQwMTAxMTAzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmJhYzNhOTcxMWUzYzFiMjc4NmFhNzMzZWI2ODhkMDNiNDlhODJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Gn+/NEmy4oP6hQzXNf8gM3oGcIB
lHd3E2T2e3ChSsQ7YGR20UHglMZkRVNLe1B/Ffo6cuaV9IGGD+mgsD8Ofv20Eis2
S5Ifw2hbeS1ms7lVQFWsmNtr+l5DpQ2oRer2ugYI+aEdtJi3fh9Uj1yqI4tTzyz6
AS3lSljGLajcYv1VnY5ToKzPsyX1D+rnycxAwExLqLQc2ROSZ3x2xVfRqpLEePbX
8U/hdj8npbQSyp/yTKrjmGrs4MVqI0isUuS2o4HZJeBQSaX0oz4kO+rWUg5TwAHZ
plgdTRBYISIx66Gr1iki4JvgvoWvTvz6xWZuxXPsLxo4UiXS6AR54q+kCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIa6w6lxHjwbJ4aqcz62iNA7SagtMB8GA1UdIwQY
MBaAFK9ek/kCNUzkgEtMsEnPaLIPdq6yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWIt
N2UwNWFkMDE5MGNlLzEvaHJyRHFYRWVQQnNuaHFwelByYUkwRHRKcUMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWItN2UwNWFkMDE5MGNl
LzEvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+b3MA0G
CSqGSIb3DQEBCwUAA4IBAQATxMIjDNVKAeNsOOpDhy5Xelzou1PmMveYF+QcBIlH
adOFP1GP/GdRziVM30a/DAJcXeWaRHD0TeOWc6DqcYaKT8N+LpOZDv8VpcSanAXT
c2/P47EFzLWvMzRHp927ONm8pLACNycDOpSdBZILeW7n7+mDC5lq2GfqYuo/hh66
DsGPLesRFouPz59bhwtJUMb4wtAfbNgpZBdlDHZez1LsqOJTsKhO9KDiMLzjFpLX
SY+X8cOh2PryKpVWLMjnNWtigdIM14nPNVnG2OU1WMj9R1TuRdJ7x3KYIqr99AEZ
kTTFm1Daua2vCVN5gVyoUmqSIjMzu2/pCABUBY/1xVjm
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:14:52 2024 by rpki-client on console-fra.rpki-client.org