Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/b08f22-11f6-4ee5-a231-b7cd4490a983/1/5YTDBRzvXNwvnA2a9CE43cfx-u0.roa
File: 5YTDBRzvXNwvnA2a9CE43cfx-u0.roa (raw, json)
Hash identifier: 9r3R5XsJt6lG3EuDvYU/sJr/O7ivuMN6YBQgKak470o=
Subject key identifier: E5:84:C3:05:1C:EF:5C:DC:2F:9C:0D:9A:F4:21:38:DD:C7:F1:FA:ED
Certificate issuer: /CN=39abeb591716e908345d329fffd3700352315b98
Certificate serial: 018CC56EBE479E880462AE714F601191688A
Authority key identifier: 39:AB:EB:59:17:16:E9:08:34:5D:32:9F:FF:D3:70:03:52:31:5B:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OavrWRcW6Qg0XTKf_9NwA1IxW5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/b08f22-11f6-4ee5-a231-b7cd4490a983/1/5YTDBRzvXNwvnA2a9CE43cfx-u0.roa
Signing time: Mon 01 Jan 2024 14:30:18 +0000
ROA not before: Mon 01 Jan 2024 14:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39957
IP address blocks: 91.199.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/b08f22-11f6-4ee5-a231-b7cd4490a983/1/OavrWRcW6Qg0XTKf_9NwA1IxW5g.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/b08f22-11f6-4ee5-a231-b7cd4490a983/1/OavrWRcW6Qg0XTKf_9NwA1IxW5g.mft
rsync://rpki.ripe.net/repository/DEFAULT/OavrWRcW6Qg0XTKf_9NwA1IxW5g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:be:47:9e:88:04:62:ae:71:4f:60:11:91:68:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39abeb591716e908345d329fffd3700352315b98
Validity
Not Before: Jan 1 14:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e584c3051cef5cdc2f9c0d9af42138ddc7f1faed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9e:5c:64:c8:1b:3d:0a:e0:4c:60:68:91:ae:
c2:53:f7:17:90:5d:d5:71:be:65:dc:23:80:04:6e:
f5:87:ea:a8:70:73:9d:01:e1:8d:c3:f8:1c:94:3d:
22:83:52:50:da:b5:67:07:46:7a:9a:7c:ee:32:ee:
70:00:55:fc:90:f2:d4:85:5d:44:4e:dc:be:c0:11:
95:39:98:7a:11:a1:45:1a:e7:7b:9b:d5:5e:b8:72:
d4:1a:5a:25:e8:6a:0b:94:e5:e0:41:a3:e6:74:6e:
85:a5:32:d2:b2:a9:7d:6e:b6:6a:2e:60:80:e1:84:
68:60:e9:d7:16:1b:f9:3a:dd:fe:4a:5c:ec:aa:0e:
e0:47:39:a9:7b:38:c0:ce:8e:8f:49:da:46:52:f0:
3a:c7:99:45:89:a8:dc:ff:6f:18:16:1d:fe:7a:80:
54:9e:6e:db:02:20:38:83:be:83:25:d6:66:7e:a0:
72:fe:b6:b2:60:81:93:36:10:ca:11:6c:01:60:cf:
a4:c3:5b:ff:40:35:23:b0:6d:56:7a:b1:a2:dd:0c:
80:9d:9c:67:81:0a:8b:e8:4c:2d:28:c0:b4:d6:68:
49:48:fe:31:54:2d:56:b1:f2:1b:6f:97:79:d4:0c:
3e:91:c2:92:5c:87:4a:56:6f:27:1f:8d:7c:20:b0:
35:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:84:C3:05:1C:EF:5C:DC:2F:9C:0D:9A:F4:21:38:DD:C7:F1:FA:ED
X509v3 Authority Key Identifier:
keyid:39:AB:EB:59:17:16:E9:08:34:5D:32:9F:FF:D3:70:03:52:31:5B:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OavrWRcW6Qg0XTKf_9NwA1IxW5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/b08f22-11f6-4ee5-a231-b7cd4490a983/1/5YTDBRzvXNwvnA2a9CE43cfx-u0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/b08f22-11f6-4ee5-a231-b7cd4490a983/1/OavrWRcW6Qg0XTKf_9NwA1IxW5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.1.0/24
Signature Algorithm: sha256WithRSAEncryption
54:dc:e0:66:1e:af:29:3e:fc:5a:dc:79:63:25:36:f5:71:9a:
2c:8b:9a:ef:a3:33:f0:c9:cf:6d:04:41:55:e2:2d:2f:16:6d:
26:d1:fa:e1:ac:1d:2c:d0:49:d9:88:18:55:06:6c:56:02:29:
ac:35:56:54:72:53:19:70:25:ff:c5:b7:52:90:bc:5c:25:48:
6b:f5:52:7b:8e:8b:f8:e4:38:1a:a5:5a:c1:b7:0c:29:30:f9:
d3:4f:d4:dd:ec:88:e7:db:8e:43:ef:47:97:04:ff:ac:9c:81:
e8:f2:78:f7:80:d4:b8:02:fe:be:4f:4c:c3:5d:b6:78:25:ad:
ab:c7:88:95:35:4e:24:54:c3:a6:45:cf:0b:9a:5e:51:2d:cf:
10:8d:f1:78:d0:4c:49:85:1e:7e:b2:dd:54:41:b3:01:da:ad:
0a:f9:3c:0f:77:0a:16:36:33:16:f7:51:47:84:e8:f6:e0:5d:
42:d8:09:7d:cd:22:c0:d5:89:37:bc:cf:a9:cc:51:bb:ee:4b:
bb:c4:39:7d:1a:79:39:ef:e3:94:e4:98:9a:ed:92:d6:c5:d3:
24:56:27:6a:54:3e:d9:a2:2a:2e:81:03:0d:eb:2c:02:4f:fd:
0a:0a:f2:3c:c9:2e:ae:71:a1:13:ed:9d:bb:d1:86:28:bd:26:
36:db:f7:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbr5HnogEYq5xT2ARkWiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5YWJlYjU5MTcxNmU5MDgzNDVkMzI5ZmZmZDM3MDAzNTIz
MTViOTgwHhcNMjQwMTAxMTQzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTg0YzMwNTFjZWY1Y2RjMmY5YzBkOWFmNDIxMzhkZGM3ZjFmYWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZ5cZMgbPQrgTGBoka7CU/cXkF3V
cb5l3COABG71h+qocHOdAeGNw/gclD0ig1JQ2rVnB0Z6mnzuMu5wAFX8kPLUhV1E
Tty+wBGVOZh6EaFFGud7m9VeuHLUGlol6GoLlOXgQaPmdG6FpTLSsql9brZqLmCA
4YRoYOnXFhv5Ot3+Slzsqg7gRzmpezjAzo6PSdpGUvA6x5lFiajc/28YFh3+eoBU
nm7bAiA4g76DJdZmfqBy/rayYIGTNhDKEWwBYM+kw1v/QDUjsG1WerGi3QyAnZxn
gQqL6EwtKMC01mhJSP4xVC1WsfIbb5d51Aw+kcKSXIdKVm8nH418ILA1jwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOWEwwUc71zcL5wNmvQhON3H8frtMB8GA1UdIwQY
MBaAFDmr61kXFukINF0yn//TcANSMVuYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2F2cldSY1c2UWcwWFRLZl85TndBMUl4VzVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9iMDhmMjItMTFmNi00ZWU1LWEyMzEt
YjdjZDQ0OTBhOTgzLzEvNVlUREJSenZYTnd2bkEyYTlDRTQzY2Z4LXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9iMDhmMjItMTFmNi00ZWU1LWEyMzEtYjdjZDQ0OTBhOTgz
LzEvT2F2cldSY1c2UWcwWFRLZl85TndBMUl4VzVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8cBMA0G
CSqGSIb3DQEBCwUAA4IBAQBU3OBmHq8pPvxa3HljJTb1cZosi5rvozPwyc9tBEFV
4i0vFm0m0frhrB0s0EnZiBhVBmxWAimsNVZUclMZcCX/xbdSkLxcJUhr9VJ7jov4
5DgapVrBtwwpMPnTT9Td7Ijn245D70eXBP+snIHo8nj3gNS4Av6+T0zDXbZ4Ja2r
x4iVNU4kVMOmRc8Lml5RLc8QjfF40ExJhR5+st1UQbMB2q0K+TwPdwoWNjMW91FH
hOj24F1C2Al9zSLA1Yk3vM+pzFG77ku7xDl9Gnk57+OU5Jia7ZLWxdMkVidqVD7Z
oiougQMN6ywCT/0KCvI8yS6ucaET7Z270YYovSY22/fY
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:57:52 2024 by rpki-client on console-fra.rpki-client.org