Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/5a01e2-83e2-4a7c-ac2b-58f6723e981e/1/24IlOpcMZbBXEWuOYMQLm9eSz4U.roa
File: 24IlOpcMZbBXEWuOYMQLm9eSz4U.roa (raw, json)
Hash identifier: 5mYbSNd7gLYGPJMTjildQ6jszxTobuo47S51teOZx8Q=
Subject key identifier: DB:82:25:3A:97:0C:65:B0:57:11:6B:8E:60:C4:0B:9B:D7:92:CF:85
Certificate issuer: /CN=fb677ac290fe091fa236e9da66abaf78cd2c8c61
Certificate serial: 018CC4255207ABE933CC17137F405C48F955
Authority key identifier: FB:67:7A:C2:90:FE:09:1F:A2:36:E9:DA:66:AB:AF:78:CD:2C:8C:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-2d6wpD-CR-iNunaZquveM0sjGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/5a01e2-83e2-4a7c-ac2b-58f6723e981e/1/24IlOpcMZbBXEWuOYMQLm9eSz4U.roa
Signing time: Mon 01 Jan 2024 08:30:29 +0000
ROA not before: Mon 01 Jan 2024 08:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43854
IP address blocks: 91.220.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/5a01e2-83e2-4a7c-ac2b-58f6723e981e/1/1-2d6wpD-CR-iNunaZquveM0sjGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/5a01e2-83e2-4a7c-ac2b-58f6723e981e/1/1-2d6wpD-CR-iNunaZquveM0sjGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-2d6wpD-CR-iNunaZquveM0sjGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 13:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:52:07:ab:e9:33:cc:17:13:7f:40:5c:48:f9:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb677ac290fe091fa236e9da66abaf78cd2c8c61
Validity
Not Before: Jan 1 08:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db82253a970c65b057116b8e60c40b9bd792cf85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:77:4e:fa:8a:5a:5c:c2:67:d1:64:e3:f1:35:
c5:0a:95:03:cc:e9:29:42:9d:79:c5:51:14:1e:7e:
b1:29:59:0e:e5:03:34:06:0b:3a:ec:e7:0b:ed:ad:
e3:b2:75:95:80:0e:f8:ab:00:d5:bd:c6:df:5d:e2:
7c:4c:11:ec:99:35:7a:b5:1c:28:36:5c:f9:7d:70:
24:88:a7:92:2e:61:ca:d3:54:01:9c:c2:16:2b:be:
e4:09:52:17:78:42:2d:8f:04:6e:0a:87:ac:93:e3:
64:df:20:57:be:f1:69:75:59:a3:b2:13:f7:93:ad:
0b:90:4d:75:49:48:29:9f:28:e5:7c:9f:44:95:c6:
7f:a2:98:ba:c8:af:c1:be:70:5a:37:92:ac:ca:da:
dc:cd:aa:07:33:7a:dd:97:de:ab:4d:a4:c2:9a:35:
02:07:a8:99:35:6d:66:99:bb:5b:5e:28:38:6f:c8:
8a:3a:ff:8c:81:79:19:e5:9a:1f:1b:9f:c7:cd:46:
e6:4f:38:33:e1:15:ad:fb:46:2b:67:e3:f9:6d:0e:
fc:63:37:20:c3:1b:23:10:07:08:15:3c:60:3f:9c:
18:11:d7:00:ba:0e:0a:e8:7f:0a:4e:dd:00:27:fb:
12:36:4f:78:13:66:32:b3:32:b1:6e:d7:ea:23:c3:
36:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:82:25:3A:97:0C:65:B0:57:11:6B:8E:60:C4:0B:9B:D7:92:CF:85
X509v3 Authority Key Identifier:
keyid:FB:67:7A:C2:90:FE:09:1F:A2:36:E9:DA:66:AB:AF:78:CD:2C:8C:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-2d6wpD-CR-iNunaZquveM0sjGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5a01e2-83e2-4a7c-ac2b-58f6723e981e/1/24IlOpcMZbBXEWuOYMQLm9eSz4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5a01e2-83e2-4a7c-ac2b-58f6723e981e/1/1-2d6wpD-CR-iNunaZquveM0sjGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.213.0/24
Signature Algorithm: sha256WithRSAEncryption
33:a2:0c:94:9f:5a:b5:6c:28:a5:6e:99:71:31:36:a1:4e:b7:
49:df:eb:ff:7a:50:1d:57:ff:7a:32:32:ce:43:49:f5:77:58:
ed:51:e6:45:4b:35:57:7c:10:71:aa:7d:4e:bb:a8:1d:9c:f7:
9a:a9:c2:2d:7b:9f:5b:a2:9e:e3:1b:eb:9a:7c:36:e4:1d:ee:
62:59:0d:b9:94:34:11:c6:ae:a1:77:48:6e:51:3f:1c:5c:57:
34:c6:3a:5c:aa:9f:d6:9c:69:c0:2a:60:29:dd:b6:bd:1f:ff:
0f:cc:1a:88:c6:29:e0:f7:32:70:31:f5:50:3f:ec:bd:4e:e1:
ef:36:dc:aa:8a:0a:b4:15:50:04:04:69:d0:bc:a1:74:10:8e:
ca:8a:e7:72:9c:d1:ab:7a:00:3f:ec:d1:57:05:82:9b:36:8f:
72:57:93:6f:02:93:ad:6f:8e:fa:d7:e1:32:73:72:fb:43:8d:
79:dd:3d:23:a5:b6:3b:bd:d1:3f:55:e1:35:2a:0d:19:92:d0:
3a:33:e5:83:5a:11:7f:d9:c4:a1:28:82:e9:7e:77:99:fb:a6:
1d:4d:6f:13:57:aa:7a:b6:f8:8d:31:4d:c7:8b:a7:68:8c:c7:
ff:9b:70:d8:65:51:9b:7b:40:73:f2:e9:f3:51:79:46:6b:99:
62:87:03:99
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzEJVIHq+kzzBcTf0BcSPlVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNjc3YWMyOTBmZTA5MWZhMjM2ZTlkYTY2YWJhZjc4Y2Qy
YzhjNjEwHhcNMjQwMTAxMDgzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjgyMjUzYTk3MGM2NWIwNTcxMTZiOGU2MGM0MGI5YmQ3OTJjZjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAindO+opaXMJn0WTj8TXFCpUDzOkp
Qp15xVEUHn6xKVkO5QM0Bgs67OcL7a3jsnWVgA74qwDVvcbfXeJ8TBHsmTV6tRwo
Nlz5fXAkiKeSLmHK01QBnMIWK77kCVIXeEItjwRuCoesk+Nk3yBXvvFpdVmjshP3
k60LkE11SUgpnyjlfJ9ElcZ/opi6yK/BvnBaN5KsytrczaoHM3rdl96rTaTCmjUC
B6iZNW1mmbtbXig4b8iKOv+MgXkZ5ZofG5/HzUbmTzgz4RWt+0YrZ+P5bQ78Yzcg
wxsjEAcIFTxgP5wYEdcAug4K6H8KTt0AJ/sSNk94E2YyszKxbtfqI8M2UwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNuCJTqXDGWwVxFrjmDEC5vXks+FMB8GA1UdIwQY
MBaAFPtnesKQ/gkfojbp2marr3jNLIxhMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0yZDZ3cEQtQ1ItaU51bmFacXV2ZU0wc2pHRS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMvNWEwMWUyLTgzZTItNGE3Yy1hYzJi
LTU4ZjY3MjNlOTgxZS8xLzI0SWxPcGNNWmJCWEVXdU9ZTVFMbTllU3o0VS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGMvNWEwMWUyLTgzZTItNGE3Yy1hYzJiLTU4ZjY3MjNlOTgx
ZS8xLzEtMmQ2d3BELUNSLWlOdW5hWnF1dmVNMHNqR0UuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABb3NUw
DQYJKoZIhvcNAQELBQADggEBADOiDJSfWrVsKKVumXExNqFOt0nf6/96UB1X/3oy
Ms5DSfV3WO1R5kVLNVd8EHGqfU67qB2c95qpwi17n1uinuMb65p8NuQd7mJZDbmU
NBHGrqF3SG5RPxxcVzTGOlyqn9acacAqYCndtr0f/w/MGojGKeD3MnAx9VA/7L1O
4e823KqKCrQVUAQEadC8oXQQjsqK53Kc0at6AD/s0VcFgps2j3JXk28Ck61vjvrX
4TJzcvtDjXndPSOltju90T9V4TUqDRmS0Doz5YNaEX/ZxKEogul+d5n7ph1NbxNX
qnq2+I0xTceLp2iMx/+bcNhlUZt7QHPy6fNReUZrmWKHA5k=
-----END CERTIFICATE-----
Generated at Tue Dec 3 18:10:07 2024 by rpki-client on console-fra.rpki-client.org