Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/5a8e04-dd07-435a-b1bf-adedcaa3d26e/1/E4JLwMb808DcWynGqHo-2m-fARA.roa
File: E4JLwMb808DcWynGqHo-2m-fARA.roa (raw, json)
Hash identifier: pN96JWuV/ceKyNn39tlxHy+Scd2OOzlfJgr2eQKsDsY=
Subject key identifier: 13:82:4B:C0:C6:FC:D3:C0:DC:5B:29:C6:A8:7A:3E:DA:6F:9F:01:10
Certificate issuer: /CN=9a7edeac0c6c20ea49d492990e4858541d190ff1
Certificate serial: 019034C3F010B9A069174C27EAF88EBA2540
Authority key identifier: 9A:7E:DE:AC:0C:6C:20:EA:49:D4:92:99:0E:48:58:54:1D:19:0F:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mn7erAxsIOpJ1JKZDkhYVB0ZD_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/5a8e04-dd07-435a-b1bf-adedcaa3d26e/1/E4JLwMb808DcWynGqHo-2m-fARA.roa
Signing time: Thu 20 Jun 2024 08:29:34 +0000
ROA not before: Thu 20 Jun 2024 08:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34259
IP address blocks: 91.195.120.0/24 maxlen: 24
91.195.121.0/24 maxlen: 24
91.220.101.0/24 maxlen: 24
91.223.77.0/24 maxlen: 24
193.111.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/5a8e04-dd07-435a-b1bf-adedcaa3d26e/1/mn7erAxsIOpJ1JKZDkhYVB0ZD_E.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/5a8e04-dd07-435a-b1bf-adedcaa3d26e/1/mn7erAxsIOpJ1JKZDkhYVB0ZD_E.mft
rsync://rpki.ripe.net/repository/DEFAULT/mn7erAxsIOpJ1JKZDkhYVB0ZD_E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 Nov 2024 02:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:34:c3:f0:10:b9:a0:69:17:4c:27:ea:f8:8e:ba:25:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a7edeac0c6c20ea49d492990e4858541d190ff1
Validity
Not Before: Jun 20 08:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=13824bc0c6fcd3c0dc5b29c6a87a3eda6f9f0110
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:07:b8:bc:c9:40:35:d5:d0:02:52:f1:5e:4f:
c4:f5:0c:6c:8c:b4:23:fc:af:c2:d0:02:f1:70:70:
45:0b:80:d3:26:75:91:3e:5d:0f:32:15:77:ff:5b:
22:c9:cb:48:ee:b7:8f:ec:f2:af:6a:24:2c:46:22:
03:7f:6c:cd:13:51:cc:e7:4e:d9:81:ed:e8:bd:24:
75:ff:bc:82:87:6a:68:a6:6e:5a:bc:2b:ea:9c:77:
d8:05:1e:64:1d:dc:c3:fd:c0:17:53:12:bd:8b:4c:
2f:d2:03:15:af:bd:c1:07:3f:b7:28:16:67:ee:67:
a2:e3:d5:db:17:30:28:ca:f7:2f:17:cd:25:51:35:
2e:b0:d7:8b:33:5e:0a:1f:fb:58:26:d7:d2:23:f3:
37:df:43:c0:d8:37:ba:59:36:0a:38:f6:be:63:77:
94:77:6c:b0:3b:93:9f:96:46:16:8a:30:a3:b4:44:
04:04:1c:97:d0:fb:0a:7f:b1:d4:69:ff:31:65:42:
ac:76:02:28:c1:ee:a9:fe:b1:a1:e4:37:a3:b0:76:
12:85:ff:36:73:d8:4e:24:7c:58:63:7b:6c:d4:24:
fe:96:0f:fd:dc:33:57:ce:dd:cc:b0:83:70:55:72:
0c:c2:e3:bc:f9:a6:b5:e3:b2:a4:8e:e4:ee:9e:9b:
4a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:82:4B:C0:C6:FC:D3:C0:DC:5B:29:C6:A8:7A:3E:DA:6F:9F:01:10
X509v3 Authority Key Identifier:
keyid:9A:7E:DE:AC:0C:6C:20:EA:49:D4:92:99:0E:48:58:54:1D:19:0F:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mn7erAxsIOpJ1JKZDkhYVB0ZD_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5a8e04-dd07-435a-b1bf-adedcaa3d26e/1/E4JLwMb808DcWynGqHo-2m-fARA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5a8e04-dd07-435a-b1bf-adedcaa3d26e/1/mn7erAxsIOpJ1JKZDkhYVB0ZD_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.120.0/23
91.220.101.0/24
91.223.77.0/24
193.111.83.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:a8:81:06:d7:ee:13:80:e7:5a:89:f8:2b:68:72:30:de:ff:
65:ee:7b:d8:c9:91:81:69:68:ea:99:08:4e:55:bb:9d:78:c7:
f0:e1:96:e6:31:bf:8a:bc:07:10:62:5d:45:76:27:57:fe:a5:
c7:08:c3:82:05:a5:a4:a1:18:59:3d:9c:a1:e7:89:f6:06:8f:
1e:1c:77:61:fa:4d:8f:99:cf:dd:99:33:96:78:14:01:c8:8c:
42:6f:7c:ec:7b:49:39:92:31:5e:d2:12:73:63:0f:b2:5f:0c:
2c:2e:70:90:fe:1c:6d:0e:3e:b8:b5:68:d1:a4:ae:95:e7:07:
78:00:b7:9c:6f:e3:e3:6a:0a:98:32:d0:a7:18:42:79:2d:04:
4e:fa:25:97:1d:96:9a:93:88:56:c7:be:8e:9e:c7:66:38:1d:
68:1c:01:25:31:ce:29:6b:39:f1:54:e6:1b:19:95:d6:63:11:
b9:c9:3a:e7:e0:8a:87:60:5a:5c:b7:d7:fc:66:7f:42:ea:81:
a5:cb:04:72:81:fa:0e:44:2e:68:7c:97:89:dd:54:a6:3b:fd:
0c:b3:66:e7:43:34:ef:e4:ac:42:49:b2:d5:39:79:f9:e3:26:
0d:61:99:17:65:24:a4:22:cc:35:08:f0:c5:8b:4f:8d:81:1f:
ec:60:25:02
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZA0w/AQuaBpF0wn6viOuiVAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhN2VkZWFjMGM2YzIwZWE0OWQ0OTI5OTBlNDg1ODU0MWQx
OTBmZjEwHhcNMjQwNjIwMDgyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzgyNGJjMGM2ZmNkM2MwZGM1YjI5YzZhODdhM2VkYTZmOWYwMTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwe4vMlANdXQAlLxXk/E9QxsjLQj
/K/C0ALxcHBFC4DTJnWRPl0PMhV3/1siyctI7reP7PKvaiQsRiIDf2zNE1HM507Z
ge3ovSR1/7yCh2popm5avCvqnHfYBR5kHdzD/cAXUxK9i0wv0gMVr73BBz+3KBZn
7mei49XbFzAoyvcvF80lUTUusNeLM14KH/tYJtfSI/M330PA2De6WTYKOPa+Y3eU
d2ywO5OflkYWijCjtEQEBByX0PsKf7HUaf8xZUKsdgIowe6p/rGh5DejsHYShf82
c9hOJHxYY3ts1CT+lg/93DNXzt3MsINwVXIMwuO8+aa147KkjuTunptKeQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBOCS8DG/NPA3Fspxqh6PtpvnwEQMB8GA1UdIwQY
MBaAFJp+3qwMbCDqSdSSmQ5IWFQdGQ/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW43ZXJBeHNJT3BKMUpLWkRraFlWQjBaRF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My81YThlMDQtZGQwNy00MzVhLWIxYmYt
YWRlZGNhYTNkMjZlLzEvRTRKTHdNYjgwOERjV3luR3FIby0ybS1mQVJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My81YThlMDQtZGQwNy00MzVhLWIxYmYtYWRlZGNhYTNkMjZl
LzEvbW43ZXJBeHNJT3BKMUpLWkRraFlWQjBaRF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW8N4AwQA
W9xlAwQAW99NAwQAwW9TMA0GCSqGSIb3DQEBCwUAA4IBAQBMqIEG1+4TgOdaifgr
aHIw3v9l7nvYyZGBaWjqmQhOVbudeMfw4ZbmMb+KvAcQYl1FdidX/qXHCMOCBaWk
oRhZPZyh54n2Bo8eHHdh+k2Pmc/dmTOWeBQByIxCb3zse0k5kjFe0hJzYw+yXwws
LnCQ/hxtDj64tWjRpK6V5wd4ALecb+PjagqYMtCnGEJ5LQRO+iWXHZaak4hWx76O
nsdmOB1oHAElMc4paznxVOYbGZXWYxG5yTrn4IqHYFpct9f8Zn9C6oGlywRygfoO
RC5ofJeJ3VSmO/0Ms2bnQzTv5KxCSbLVOXn54yYNYZkXZSSkIsw1CPDFi0+NgR/s
YCUC
-----END CERTIFICATE-----
Generated at Wed Nov 27 09:14:08 2024 by rpki-client on console-ams.rpki-client.org