Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/13c02e-cca0-4dcd-9125-8b315229757d/1/1zXKGIFKmynrYq3zvr5DGQF3stU.roa
File: 1zXKGIFKmynrYq3zvr5DGQF3stU.roa (raw, json)
Hash identifier: cdtu5WzleBMAggxFvuHWQkkMmzlJMVlkc5O+ky1M9rQ=
Subject key identifier: D7:35:CA:18:81:4A:9B:29:EB:62:AD:F3:BE:BE:43:19:01:77:B2:D5
Certificate issuer: /CN=5462d3c7af36c401aa97094d3f2389d7875d14ec
Certificate serial: 01927603C6F539F9E62590A0C5F559C81270
Authority key identifier: 54:62:D3:C7:AF:36:C4:01:AA:97:09:4D:3F:23:89:D7:87:5D:14:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGLTx682xAGqlwlNPyOJ14ddFOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/13c02e-cca0-4dcd-9125-8b315229757d/1/1zXKGIFKmynrYq3zvr5DGQF3stU.roa
Signing time: Thu 10 Oct 2024 10:40:11 +0000
ROA not before: Thu 10 Oct 2024 10:40:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48003
IP address blocks: 91.208.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/13c02e-cca0-4dcd-9125-8b315229757d/1/VGLTx682xAGqlwlNPyOJ14ddFOw.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/13c02e-cca0-4dcd-9125-8b315229757d/1/VGLTx682xAGqlwlNPyOJ14ddFOw.mft
rsync://rpki.ripe.net/repository/DEFAULT/VGLTx682xAGqlwlNPyOJ14ddFOw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:76:03:c6:f5:39:f9:e6:25:90:a0:c5:f5:59:c8:12:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5462d3c7af36c401aa97094d3f2389d7875d14ec
Validity
Not Before: Oct 10 10:40:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d735ca18814a9b29eb62adf3bebe43190177b2d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:75:cb:6b:30:2b:b7:dd:f4:e5:2e:77:b5:04:
d3:44:a2:78:d4:31:f7:9d:e6:f1:68:da:4b:02:8a:
f1:38:6c:8f:e1:96:96:0e:7f:66:c8:9c:39:1a:56:
1b:af:13:55:0a:9b:c1:89:70:3f:7b:0a:1c:70:70:
14:ab:94:b4:ee:ba:f2:f4:5f:e6:4c:40:50:2a:54:
8c:18:d6:3d:b9:f0:91:9a:5f:2e:74:cc:b1:0c:7e:
76:df:30:84:b9:aa:d6:d3:fc:f9:da:c3:d4:86:70:
8c:49:31:4a:5c:0a:a6:6b:94:72:a8:09:52:40:35:
92:b0:6b:9d:6c:9b:da:0a:31:e0:db:49:4b:50:49:
fa:df:35:68:2c:d9:9b:ab:e4:ed:87:c7:c6:e5:e3:
08:3f:0d:0c:17:37:ac:e8:cb:26:bb:9a:63:d2:24:
97:1e:dc:a1:e6:00:33:f8:d0:f0:9e:bf:ea:dc:7b:
c2:0b:7c:ae:d8:93:3b:b9:aa:36:e3:c4:5d:cd:c6:
b2:1d:74:16:12:42:0a:b3:90:33:8d:24:28:b0:f3:
bd:43:55:f7:e9:d1:41:00:a6:13:26:e7:24:20:1b:
3e:c0:df:e3:22:59:c3:d7:c1:8d:6c:cb:13:02:87:
aa:21:6c:57:f0:ad:98:39:f1:16:ca:40:5f:11:e3:
e7:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:35:CA:18:81:4A:9B:29:EB:62:AD:F3:BE:BE:43:19:01:77:B2:D5
X509v3 Authority Key Identifier:
keyid:54:62:D3:C7:AF:36:C4:01:AA:97:09:4D:3F:23:89:D7:87:5D:14:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGLTx682xAGqlwlNPyOJ14ddFOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/13c02e-cca0-4dcd-9125-8b315229757d/1/1zXKGIFKmynrYq3zvr5DGQF3stU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/13c02e-cca0-4dcd-9125-8b315229757d/1/VGLTx682xAGqlwlNPyOJ14ddFOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.239.0/24
Signature Algorithm: sha256WithRSAEncryption
37:29:e6:38:b0:c5:0c:46:e0:eb:ca:fa:c9:83:25:38:2d:73:
6f:af:59:9f:e8:83:34:a6:87:de:60:86:50:69:b5:44:e5:c8:
ba:54:04:c4:d9:b1:c2:d4:e9:07:c8:20:69:d7:15:40:cb:fe:
a7:56:e6:d6:c5:4a:75:20:54:e8:dc:07:25:18:1d:31:11:ed:
0c:4b:cd:97:c4:c9:48:1b:a4:e9:54:0b:28:ae:60:b5:01:f6:
b5:1c:c7:ab:fc:45:e8:55:16:c7:05:a8:76:da:73:c1:47:78:
33:6b:d3:7d:46:05:8f:23:c2:4d:17:83:ed:e5:7c:54:c5:e2:
0c:d9:0e:29:bc:d4:75:90:d2:a4:97:ff:33:db:95:8c:3c:f4:
46:6d:44:a2:a2:f0:7d:1f:f4:3b:a9:41:25:98:34:e2:3b:2e:
dd:88:0a:f9:99:77:31:a7:51:f6:e8:1f:a9:bc:23:b6:fa:b4:
c0:f5:ec:31:4b:ce:51:88:c0:0a:e9:29:d0:02:03:95:8f:6b:
2c:9b:37:81:94:8a:09:85:23:18:c4:41:64:28:ad:53:f5:44:
7e:f3:38:db:5b:33:8b:18:90:51:60:51:39:86:b2:13:5a:63:
c2:ad:d0:61:57:90:5a:bb:76:c8:7b:04:b7:63:7d:7d:de:a2:
f0:f2:21:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJ2A8b1OfnmJZCgxfVZyBJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjJkM2M3YWYzNmM0MDFhYTk3MDk0ZDNmMjM4OWQ3ODc1
ZDE0ZWMwHhcNMjQxMDEwMTA0MDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzM1Y2ExODgxNGE5YjI5ZWI2MmFkZjNiZWJlNDMxOTAxNzdiMmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXXLazArt9305S53tQTTRKJ41DH3
nebxaNpLAorxOGyP4ZaWDn9myJw5GlYbrxNVCpvBiXA/ewoccHAUq5S07rry9F/m
TEBQKlSMGNY9ufCRml8udMyxDH523zCEuarW0/z52sPUhnCMSTFKXAqma5RyqAlS
QDWSsGudbJvaCjHg20lLUEn63zVoLNmbq+Tth8fG5eMIPw0MFzes6Msmu5pj0iSX
Htyh5gAz+NDwnr/q3HvCC3yu2JM7uao248RdzcayHXQWEkIKs5AzjSQosPO9Q1X3
6dFBAKYTJuckIBs+wN/jIlnD18GNbMsTAoeqIWxX8K2YOfEWykBfEePnFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNc1yhiBSpsp62Kt876+QxkBd7LVMB8GA1UdIwQY
MBaAFFRi08evNsQBqpcJTT8jideHXRTsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdMVHg2ODJ4QUdxbHdsTlB5T0oxNGRkRk93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xM2MwMmUtY2NhMC00ZGNkLTkxMjUt
OGIzMTUyMjk3NTdkLzEvMXpYS0dJRktteW5yWXEzenZyNURHUUYzc3RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xM2MwMmUtY2NhMC00ZGNkLTkxMjUtOGIzMTUyMjk3NTdk
LzEvVkdMVHg2ODJ4QUdxbHdsTlB5T0oxNGRkRk93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9DvMA0G
CSqGSIb3DQEBCwUAA4IBAQA3KeY4sMUMRuDryvrJgyU4LXNvr1mf6IM0pofeYIZQ
abVE5ci6VATE2bHC1OkHyCBp1xVAy/6nVubWxUp1IFTo3AclGB0xEe0MS82XxMlI
G6TpVAsormC1Afa1HMer/EXoVRbHBah22nPBR3gza9N9RgWPI8JNF4Pt5XxUxeIM
2Q4pvNR1kNKkl/8z25WMPPRGbUSiovB9H/Q7qUElmDTiOy7diAr5mXcxp1H26B+p
vCO2+rTA9ewxS85RiMAK6SnQAgOVj2ssmzeBlIoJhSMYxEFkKK1T9UR+8zjbWzOL
GJBRYFE5hrITWmPCrdBhV5Bau3bIewS3Y3193qLw8iHX
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:57:07 2024 by rpki-client on console-fra.rpki-client.org