Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/c8585a-cdf7-4aa3-bc21-212acc4351ff/1/6aRXUlRUG1xGarUwhlzveBikkHo.roa
File: 6aRXUlRUG1xGarUwhlzveBikkHo.roa (raw, json)
Hash identifier: psk3xrDpchZWqdjpAAYvgIjo4O72wR4ovGGHHKTAl8Q=
Subject key identifier: E9:A4:57:52:54:54:1B:5C:46:6A:B5:30:86:5C:EF:78:18:A4:90:7A
Certificate issuer: /CN=1f31120fe225775eb53152d4920e9c573ff2b65e
Certificate serial: 018CC5DC99CD171EEF4A094DC5859D634B48
Authority key identifier: 1F:31:12:0F:E2:25:77:5E:B5:31:52:D4:92:0E:9C:57:3F:F2:B6:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HzESD-Ild161MVLUkg6cVz_ytl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/c8585a-cdf7-4aa3-bc21-212acc4351ff/1/6aRXUlRUG1xGarUwhlzveBikkHo.roa
Signing time: Mon 01 Jan 2024 16:30:17 +0000
ROA not before: Mon 01 Jan 2024 16:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198817
IP address blocks: 91.236.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/c8585a-cdf7-4aa3-bc21-212acc4351ff/1/HzESD-Ild161MVLUkg6cVz_ytl4.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/c8585a-cdf7-4aa3-bc21-212acc4351ff/1/HzESD-Ild161MVLUkg6cVz_ytl4.mft
rsync://rpki.ripe.net/repository/DEFAULT/HzESD-Ild161MVLUkg6cVz_ytl4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:99:cd:17:1e:ef:4a:09:4d:c5:85:9d:63:4b:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f31120fe225775eb53152d4920e9c573ff2b65e
Validity
Not Before: Jan 1 16:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9a4575254541b5c466ab530865cef7818a4907a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b0:e3:99:87:26:b0:88:8a:2e:8c:ca:77:a9:
33:ea:58:26:92:c3:c7:04:3e:22:76:6b:83:bb:d7:
70:de:8d:e5:48:79:65:60:2d:52:2b:2c:22:5e:ac:
5f:82:24:98:63:6a:95:ba:a6:57:49:81:5a:0d:9d:
07:71:82:b3:30:ea:ad:5b:63:ca:c8:76:49:0a:30:
01:09:20:e6:c8:f2:b5:f4:57:32:56:6c:f1:a6:6a:
df:1f:21:ee:3f:0b:14:57:f3:d6:25:4d:32:8d:9e:
ae:91:eb:b4:5c:c1:ec:76:42:a4:98:fa:0c:38:6f:
fb:1c:8e:ba:64:9c:d3:2f:a1:bb:c5:29:3e:ec:81:
f6:db:e8:0a:bd:5d:3f:80:6e:17:b4:b2:59:de:68:
c1:e5:dc:90:1c:b2:df:3d:e0:0d:75:28:4f:dd:e2:
3c:85:28:e0:19:20:5c:2a:de:12:7a:5a:18:63:47:
dd:7c:e1:80:7f:4d:74:37:42:20:f2:05:69:e9:81:
39:57:2f:d3:2f:e4:b7:16:b2:79:f2:00:f9:7d:bb:
fa:aa:11:51:1b:8e:ae:fe:13:a2:17:25:82:8a:5d:
cb:d8:36:8b:ff:98:fd:0f:46:ed:39:0f:8a:0c:a9:
00:31:87:55:0b:c9:b8:e2:4e:c2:61:8f:24:4c:c2:
51:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:A4:57:52:54:54:1B:5C:46:6A:B5:30:86:5C:EF:78:18:A4:90:7A
X509v3 Authority Key Identifier:
keyid:1F:31:12:0F:E2:25:77:5E:B5:31:52:D4:92:0E:9C:57:3F:F2:B6:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzESD-Ild161MVLUkg6cVz_ytl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/c8585a-cdf7-4aa3-bc21-212acc4351ff/1/6aRXUlRUG1xGarUwhlzveBikkHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/c8585a-cdf7-4aa3-bc21-212acc4351ff/1/HzESD-Ild161MVLUkg6cVz_ytl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.234.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:a4:d2:52:cb:6e:85:42:65:5e:7d:ee:a9:b6:f5:de:5b:eb:
f5:db:46:e7:92:b5:a7:9b:10:80:a0:81:c2:d7:df:4e:d3:3d:
88:72:3c:ec:33:e5:a7:bc:bc:00:58:96:69:b5:6a:b3:28:cd:
a7:10:b7:43:a5:42:b2:3f:b9:f5:01:e6:45:b3:b8:de:3f:22:
46:c4:c9:76:72:94:ec:33:79:38:4d:e2:3e:ee:e0:57:5b:37:
a9:3b:bb:9b:35:a2:b7:14:80:28:71:56:1b:8a:d1:57:30:b8:
7c:99:ab:5d:11:a1:04:83:18:2e:4f:dd:e9:1b:d2:73:b2:f0:
df:fd:32:1f:80:ba:42:ef:9d:c1:0a:54:22:8d:a9:f0:fc:7d:
1c:3e:71:b0:af:bd:54:59:84:5a:2d:f1:7c:82:42:2a:76:d3:
6f:dc:a3:df:95:20:1a:66:d6:88:fe:fd:5a:45:bc:60:c8:8d:
c1:7e:b3:6c:90:c7:6c:58:b4:84:52:27:86:ef:d3:6e:0b:04:
eb:44:11:b8:b7:b8:2c:aa:0e:f0:08:59:99:76:24:b1:b9:e6:
50:09:46:39:4a:e7:0d:57:98:18:b4:35:d2:4c:f6:fe:42:93:
50:a3:41:0f:18:53:50:42:50:d6:03:b4:72:d9:e3:e9:88:0c:
89:a8:8d:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3JnNFx7vSglNxYWdY0tIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzExMjBmZTIyNTc3NWViNTMxNTJkNDkyMGU5YzU3M2Zm
MmI2NWUwHhcNMjQwMTAxMTYzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWE0NTc1MjU0NTQxYjVjNDY2YWI1MzA4NjVjZWY3ODE4YTQ5MDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrDjmYcmsIiKLozKd6kz6lgmksPH
BD4idmuDu9dw3o3lSHllYC1SKywiXqxfgiSYY2qVuqZXSYFaDZ0HcYKzMOqtW2PK
yHZJCjABCSDmyPK19FcyVmzxpmrfHyHuPwsUV/PWJU0yjZ6ukeu0XMHsdkKkmPoM
OG/7HI66ZJzTL6G7xSk+7IH22+gKvV0/gG4XtLJZ3mjB5dyQHLLfPeANdShP3eI8
hSjgGSBcKt4SeloYY0fdfOGAf010N0Ig8gVp6YE5Vy/TL+S3FrJ58gD5fbv6qhFR
G46u/hOiFyWCil3L2DaL/5j9D0btOQ+KDKkAMYdVC8m44k7CYY8kTMJRJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOmkV1JUVBtcRmq1MIZc73gYpJB6MB8GA1UdIwQY
MBaAFB8xEg/iJXdetTFS1JIOnFc/8rZeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpFU0QtSWxkMTYxTVZMVWtnNmNWel95dGw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9jODU4NWEtY2RmNy00YWEzLWJjMjEt
MjEyYWNjNDM1MWZmLzEvNmFSWFVsUlVHMXhHYXJVd2hsenZlQmlra0hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9jODU4NWEtY2RmNy00YWEzLWJjMjEtMjEyYWNjNDM1MWZm
LzEvSHpFU0QtSWxkMTYxTVZMVWtnNmNWel95dGw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+zqMA0G
CSqGSIb3DQEBCwUAA4IBAQAapNJSy26FQmVefe6ptvXeW+v120bnkrWnmxCAoIHC
199O0z2IcjzsM+WnvLwAWJZptWqzKM2nELdDpUKyP7n1AeZFs7jePyJGxMl2cpTs
M3k4TeI+7uBXWzepO7ubNaK3FIAocVYbitFXMLh8matdEaEEgxguT93pG9JzsvDf
/TIfgLpC753BClQijanw/H0cPnGwr71UWYRaLfF8gkIqdtNv3KPflSAaZtaI/v1a
RbxgyI3BfrNskMdsWLSEUieG79NuCwTrRBG4t7gsqg7wCFmZdiSxueZQCUY5SucN
V5gYtDXSTPb+QpNQo0EPGFNQQlDWA7Ry2ePpiAyJqI3Y
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:57:42 2024 by rpki-client on console-fra.rpki-client.org