Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/31b8c4-dee7-4eee-a0e0-984e82d4b806/1/O5vmFftvKoWBb5M_Xm1IoiuIvJY.roa
File: O5vmFftvKoWBb5M_Xm1IoiuIvJY.roa (raw, json)
Hash identifier: 172F4A+FcRxc1Kb2gF8qKRe8bTyQdX4UJxvVSTPeA6I=
Subject key identifier: 3B:9B:E6:15:FB:6F:2A:85:81:6F:93:3F:5E:6D:48:A2:2B:88:BC:96
Certificate issuer: /CN=c04f7fc883c9d5e0231a585b0ae139e786543bb6
Certificate serial: 018CC50139A2857C7548171D28DF3A1D4BCC
Authority key identifier: C0:4F:7F:C8:83:C9:D5:E0:23:1A:58:5B:0A:E1:39:E7:86:54:3B:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wE9_yIPJ1eAjGlhbCuE554ZUO7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/31b8c4-dee7-4eee-a0e0-984e82d4b806/1/O5vmFftvKoWBb5M_Xm1IoiuIvJY.roa
Signing time: Mon 01 Jan 2024 12:30:40 +0000
ROA not before: Mon 01 Jan 2024 12:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47788
IP address blocks: 91.208.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/31b8c4-dee7-4eee-a0e0-984e82d4b806/1/wE9_yIPJ1eAjGlhbCuE554ZUO7Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/31b8c4-dee7-4eee-a0e0-984e82d4b806/1/wE9_yIPJ1eAjGlhbCuE554ZUO7Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/wE9_yIPJ1eAjGlhbCuE554ZUO7Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 18:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:39:a2:85:7c:75:48:17:1d:28:df:3a:1d:4b:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c04f7fc883c9d5e0231a585b0ae139e786543bb6
Validity
Not Before: Jan 1 12:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b9be615fb6f2a85816f933f5e6d48a22b88bc96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6a:6b:09:ec:28:ef:ec:05:b8:1f:f9:99:25:
a8:22:01:ef:32:ee:aa:35:58:5e:f5:e2:9b:ae:37:
84:7c:d8:c2:77:37:8a:27:90:8a:4d:11:4a:88:25:
c6:e7:82:4a:50:f4:d8:9b:2b:9e:0b:d6:e4:da:12:
be:ed:2f:64:80:94:67:b2:2b:83:91:c7:33:a5:09:
e9:18:98:68:1d:a2:30:c5:9a:7d:bb:45:a3:3d:88:
24:30:65:1d:9f:4b:ee:e6:b6:00:02:c7:88:af:76:
50:2b:cb:ce:b8:22:47:26:5c:63:ea:a6:f8:35:18:
8a:c5:48:69:39:60:6c:f3:b3:a8:33:5e:09:c9:60:
d8:83:bc:8c:6d:17:10:58:ad:c3:7a:98:20:e6:99:
3e:5c:80:08:99:c9:a9:b6:83:27:c6:37:b7:f6:0e:
e2:33:fd:4b:2b:fa:49:07:35:2f:7f:a1:de:24:32:
0a:45:13:a3:d2:49:74:21:d6:e9:30:23:9a:11:27:
25:ea:3d:e3:15:ee:58:29:59:ba:88:78:cf:18:fb:
f3:80:27:4b:6f:1b:d5:51:7a:e9:d2:03:99:f8:2e:
cf:73:05:fa:02:c5:57:e0:e4:5d:c4:43:09:5b:01:
1b:a8:7c:21:d9:5f:a3:f7:e4:6d:b7:a8:e6:ee:26:
1f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:9B:E6:15:FB:6F:2A:85:81:6F:93:3F:5E:6D:48:A2:2B:88:BC:96
X509v3 Authority Key Identifier:
keyid:C0:4F:7F:C8:83:C9:D5:E0:23:1A:58:5B:0A:E1:39:E7:86:54:3B:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wE9_yIPJ1eAjGlhbCuE554ZUO7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/31b8c4-dee7-4eee-a0e0-984e82d4b806/1/O5vmFftvKoWBb5M_Xm1IoiuIvJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/31b8c4-dee7-4eee-a0e0-984e82d4b806/1/wE9_yIPJ1eAjGlhbCuE554ZUO7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.153.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:61:d9:be:c1:e9:c2:e5:33:a5:be:9f:44:22:eb:0a:45:44:
57:2d:89:9a:4b:e4:9b:6d:40:88:9f:26:65:f0:24:75:e2:26:
2b:6a:70:36:be:e1:f5:7d:97:1a:e3:13:c2:01:78:3b:bb:f1:
bb:55:a5:65:f2:00:65:ae:a6:ee:f3:17:27:ea:95:6c:97:cc:
85:e8:ae:e2:90:4c:82:a8:ce:ca:9f:1f:f7:7e:c7:bc:c7:81:
b2:5f:97:2e:9e:76:3a:6f:bd:6b:d0:94:75:67:ba:00:a2:2c:
18:d1:1f:b1:98:2f:bb:e4:1b:61:a9:71:e7:88:67:f7:1c:0e:
3f:6b:f2:be:e4:ba:9e:37:66:fc:6f:fa:44:cb:44:cf:d0:89:
a0:89:95:52:aa:5f:bf:47:8e:3a:d6:38:c4:af:6c:a8:3e:6a:
33:01:61:8f:ce:a3:d4:5c:01:2d:08:74:0b:04:e8:9d:d8:47:
8c:ea:8b:e9:4d:03:cf:26:f3:79:2f:b6:82:b9:2b:c6:41:b7:
b5:8c:07:e3:43:96:59:05:24:f7:f0:14:ca:b2:34:b6:94:90:
d0:47:88:e5:cd:d8:f1:c0:0a:51:1e:dd:c2:bf:09:18:ac:93:
a1:cf:db:69:90:86:2d:df:db:f0:59:3c:b0:17:22:d3:01:a8:
8e:12:25:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFATmihXx1SBcdKN86HUvMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNGY3ZmM4ODNjOWQ1ZTAyMzFhNTg1YjBhZTEzOWU3ODY1
NDNiYjYwHhcNMjQwMTAxMTIzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjliZTYxNWZiNmYyYTg1ODE2ZjkzM2Y1ZTZkNDhhMjJiODhiYzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWprCewo7+wFuB/5mSWoIgHvMu6q
NVhe9eKbrjeEfNjCdzeKJ5CKTRFKiCXG54JKUPTYmyueC9bk2hK+7S9kgJRnsiuD
kcczpQnpGJhoHaIwxZp9u0WjPYgkMGUdn0vu5rYAAseIr3ZQK8vOuCJHJlxj6qb4
NRiKxUhpOWBs87OoM14JyWDYg7yMbRcQWK3Depgg5pk+XIAImcmptoMnxje39g7i
M/1LK/pJBzUvf6HeJDIKRROj0kl0IdbpMCOaEScl6j3jFe5YKVm6iHjPGPvzgCdL
bxvVUXrp0gOZ+C7PcwX6AsVX4ORdxEMJWwEbqHwh2V+j9+Rtt6jm7iYfmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDub5hX7byqFgW+TP15tSKIriLyWMB8GA1UdIwQY
MBaAFMBPf8iDydXgIxpYWwrhOeeGVDu2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0U5X3lJUEoxZUFqR2xoYkN1RTU1NFpVTzdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8zMWI4YzQtZGVlNy00ZWVlLWEwZTAt
OTg0ZTgyZDRiODA2LzEvTzV2bUZmdHZLb1dCYjVNX1htMUlvaXVJdkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8zMWI4YzQtZGVlNy00ZWVlLWEwZTAtOTg0ZTgyZDRiODA2
LzEvd0U5X3lJUEoxZUFqR2xoYkN1RTU1NFpVTzdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9CZMA0G
CSqGSIb3DQEBCwUAA4IBAQBPYdm+wenC5TOlvp9EIusKRURXLYmaS+SbbUCInyZl
8CR14iYranA2vuH1fZca4xPCAXg7u/G7VaVl8gBlrqbu8xcn6pVsl8yF6K7ikEyC
qM7Knx/3fse8x4GyX5cunnY6b71r0JR1Z7oAoiwY0R+xmC+75BthqXHniGf3HA4/
a/K+5LqeN2b8b/pEy0TP0ImgiZVSql+/R4461jjEr2yoPmozAWGPzqPUXAEtCHQL
BOid2EeM6ovpTQPPJvN5L7aCuSvGQbe1jAfjQ5ZZBST38BTKsjS2lJDQR4jlzdjx
wApRHt3CvwkYrJOhz9tpkIYt39vwWTywFyLTAaiOEiVJ
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:22:22 2024 by rpki-client on console-ams.rpki-client.org