Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/bd2005-fb7b-4052-b3f2-88fa3b6eb006/1/I601BXbKmZuZ40s2TXYQbM3B1wQ.roa
File: I601BXbKmZuZ40s2TXYQbM3B1wQ.roa (raw, json)
Hash identifier: OoRUPqOUem4DbsiZfdZ6+xJU5Ruat495jW9i1EDG5k8=
Subject key identifier: 23:AD:35:05:76:CA:99:9B:99:E3:4B:36:4D:76:10:6C:CD:C1:D7:04
Certificate issuer: /CN=926587a7c42c261fa254b0b82e7bc0719cc64812
Certificate serial: 0192543407DDBCB990D2C24D1997AED52822
Authority key identifier: 92:65:87:A7:C4:2C:26:1F:A2:54:B0:B8:2E:7B:C0:71:9C:C6:48:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmWHp8QsJh-iVLC4LnvAcZzGSBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/bd2005-fb7b-4052-b3f2-88fa3b6eb006/1/I601BXbKmZuZ40s2TXYQbM3B1wQ.roa
Signing time: Thu 03 Oct 2024 21:05:48 +0000
ROA not before: Thu 03 Oct 2024 21:05:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207388
IP address blocks: 91.239.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/bd2005-fb7b-4052-b3f2-88fa3b6eb006/1/kmWHp8QsJh-iVLC4LnvAcZzGSBI.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/bd2005-fb7b-4052-b3f2-88fa3b6eb006/1/kmWHp8QsJh-iVLC4LnvAcZzGSBI.mft
rsync://rpki.ripe.net/repository/DEFAULT/kmWHp8QsJh-iVLC4LnvAcZzGSBI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:54:34:07:dd:bc:b9:90:d2:c2:4d:19:97:ae:d5:28:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=926587a7c42c261fa254b0b82e7bc0719cc64812
Validity
Not Before: Oct 3 21:05:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23ad350576ca999b99e34b364d76106ccdc1d704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:cd:8d:24:27:28:c4:1e:c7:4e:ec:df:9d:67:
eb:5c:9f:56:69:3e:90:28:9b:4f:90:43:2c:c0:63:
e0:3d:6a:5f:ea:20:8a:79:c0:e5:14:f4:b0:5e:f1:
3c:52:59:07:fd:91:46:8a:d0:ce:a0:59:c1:8e:6a:
15:3d:c2:b8:54:bf:1f:a0:2f:de:fc:cc:41:8c:e8:
ed:ab:91:76:71:93:7c:b0:e1:40:bf:64:b0:b9:41:
53:05:28:59:1f:fc:a7:40:1e:e9:42:4d:9d:33:53:
ae:07:30:74:d9:c3:1d:ad:33:d4:65:42:46:29:b2:
0d:2a:fa:31:b6:04:1b:10:4b:42:ec:94:cb:01:ec:
3a:34:d7:15:dc:5a:63:f3:08:8a:b6:a6:e4:cd:22:
87:9d:54:f0:f1:da:80:5d:17:24:3e:75:1c:9a:0a:
b4:86:7e:c4:2e:36:57:1e:16:e6:ac:f9:1e:fc:5c:
28:3b:78:74:de:1c:13:34:47:f3:6f:58:ed:6d:fb:
3d:1b:f6:90:22:16:ac:b4:8e:75:b3:ab:a1:49:fb:
d2:cf:3f:30:ba:2e:a8:3e:de:91:03:cf:74:2b:7b:
cc:bb:9a:0d:cf:99:e4:2a:43:84:58:ab:7e:f7:2a:
88:bd:0e:3b:55:93:26:9e:5a:fc:5b:2e:36:01:3c:
a4:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:AD:35:05:76:CA:99:9B:99:E3:4B:36:4D:76:10:6C:CD:C1:D7:04
X509v3 Authority Key Identifier:
keyid:92:65:87:A7:C4:2C:26:1F:A2:54:B0:B8:2E:7B:C0:71:9C:C6:48:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmWHp8QsJh-iVLC4LnvAcZzGSBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/bd2005-fb7b-4052-b3f2-88fa3b6eb006/1/I601BXbKmZuZ40s2TXYQbM3B1wQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/bd2005-fb7b-4052-b3f2-88fa3b6eb006/1/kmWHp8QsJh-iVLC4LnvAcZzGSBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.216.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:1f:5b:9e:84:b5:df:15:c6:e0:9a:82:b6:b8:d9:43:84:62:
85:0f:55:fa:62:6f:12:78:c9:03:61:4f:38:10:53:40:22:c3:
16:b6:63:5f:05:62:05:6c:03:39:ab:33:bb:9f:e7:0b:33:6c:
a4:48:40:39:1a:24:30:db:ba:d4:af:98:0f:df:0c:34:bd:6f:
94:fc:ef:0a:38:32:cb:82:0e:f0:df:76:0a:13:02:4e:40:7f:
65:e5:81:f3:b4:e9:63:19:6a:f6:22:a8:11:2c:fb:4e:b5:53:
db:d7:55:1e:e6:43:24:6d:46:82:54:5d:51:02:fd:76:98:76:
6f:18:57:f0:08:c2:ea:ec:3e:07:fd:e6:8c:93:86:83:41:78:
5b:51:16:08:cd:52:4f:a3:f1:12:5a:da:5b:a4:95:05:2c:21:
60:4d:71:70:8c:6d:ad:46:a5:71:fd:b8:4f:e7:22:90:0b:9f:
f0:e6:25:de:75:2a:5b:0b:76:26:91:77:7c:0f:af:1f:79:ad:
18:00:bb:38:a7:7b:79:08:53:35:76:3e:a1:92:a5:f9:11:9b:
e9:f5:4d:33:83:c7:d4:0e:ee:a8:de:ac:c9:72:ca:e2:9f:6b:
eb:9a:c9:36:4d:08:f6:da:12:45:80:1b:4f:23:93:9f:6a:a2:
6e:fc:77:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJUNAfdvLmQ0sJNGZeu1SgiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNjU4N2E3YzQyYzI2MWZhMjU0YjBiODJlN2JjMDcxOWNj
NjQ4MTIwHhcNMjQxMDAzMjEwNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2FkMzUwNTc2Y2E5OTliOTllMzRiMzY0ZDc2MTA2Y2NkYzFkNzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvs2NJCcoxB7HTuzfnWfrXJ9WaT6Q
KJtPkEMswGPgPWpf6iCKecDlFPSwXvE8UlkH/ZFGitDOoFnBjmoVPcK4VL8foC/e
/MxBjOjtq5F2cZN8sOFAv2SwuUFTBShZH/ynQB7pQk2dM1OuBzB02cMdrTPUZUJG
KbINKvoxtgQbEEtC7JTLAew6NNcV3Fpj8wiKtqbkzSKHnVTw8dqAXRckPnUcmgq0
hn7ELjZXHhbmrPke/FwoO3h03hwTNEfzb1jtbfs9G/aQIhastI51s6uhSfvSzz8w
ui6oPt6RA890K3vMu5oNz5nkKkOEWKt+9yqIvQ47VZMmnlr8Wy42ATyk0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCOtNQV2ypmbmeNLNk12EGzNwdcEMB8GA1UdIwQY
MBaAFJJlh6fELCYfolSwuC57wHGcxkgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva21XSHA4UXNKaC1pVkxDNExudkFjWnpHU0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9iZDIwMDUtZmI3Yi00MDUyLWIzZjIt
ODhmYTNiNmViMDA2LzEvSTYwMUJYYkttWnVaNDBzMlRYWVFiTTNCMXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9iZDIwMDUtZmI3Yi00MDUyLWIzZjItODhmYTNiNmViMDA2
LzEva21XSHA4UXNKaC1pVkxDNExudkFjWnpHU0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+/YMA0G
CSqGSIb3DQEBCwUAA4IBAQClH1uehLXfFcbgmoK2uNlDhGKFD1X6Ym8SeMkDYU84
EFNAIsMWtmNfBWIFbAM5qzO7n+cLM2ykSEA5GiQw27rUr5gP3ww0vW+U/O8KODLL
gg7w33YKEwJOQH9l5YHztOljGWr2IqgRLPtOtVPb11Ue5kMkbUaCVF1RAv12mHZv
GFfwCMLq7D4H/eaMk4aDQXhbURYIzVJPo/ESWtpbpJUFLCFgTXFwjG2tRqVx/bhP
5yKQC5/w5iXedSpbC3YmkXd8D68fea0YALs4p3t5CFM1dj6hkqX5EZvp9U0zg8fU
Du6o3qzJcsrin2vrmsk2TQj22hJFgBtPI5OfaqJu/Hcd
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:45:53 2024 by rpki-client on console-fra.rpki-client.org