Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/4b1d56-d25f-4f64-8a0c-05bff31c53fe/1/bK-a4vPt7WHGjItPv5otIKH2a8U.roa
File: bK-a4vPt7WHGjItPv5otIKH2a8U.roa (raw, json)
Hash identifier: xRelJlbKXbkkN/YSUKd5r/c/hEBDFk5kkDAtx39qii0=
Subject key identifier: 6C:AF:9A:E2:F3:ED:ED:61:C6:8C:8B:4F:BF:9A:2D:20:A1:F6:6B:C5
Certificate issuer: /CN=aa31c98e3cab821c84ddeff2069e02259bd6e61c
Certificate serial: 018CC5DC4B183152AB8D5000BF312A3E8F2B
Authority key identifier: AA:31:C9:8E:3C:AB:82:1C:84:DD:EF:F2:06:9E:02:25:9B:D6:E6:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qjHJjjyrghyE3e_yBp4CJZvW5hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/4b1d56-d25f-4f64-8a0c-05bff31c53fe/1/bK-a4vPt7WHGjItPv5otIKH2a8U.roa
Signing time: Mon 01 Jan 2024 16:29:57 +0000
ROA not before: Mon 01 Jan 2024 16:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50673
IP address blocks: 91.195.80.0/24 maxlen: 24
91.195.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/4b1d56-d25f-4f64-8a0c-05bff31c53fe/1/qjHJjjyrghyE3e_yBp4CJZvW5hw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/4b1d56-d25f-4f64-8a0c-05bff31c53fe/1/qjHJjjyrghyE3e_yBp4CJZvW5hw.mft
rsync://rpki.ripe.net/repository/DEFAULT/qjHJjjyrghyE3e_yBp4CJZvW5hw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 01:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:4b:18:31:52:ab:8d:50:00:bf:31:2a:3e:8f:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa31c98e3cab821c84ddeff2069e02259bd6e61c
Validity
Not Before: Jan 1 16:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6caf9ae2f3eded61c68c8b4fbf9a2d20a1f66bc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a7:a1:cd:34:af:7f:16:a6:a9:b8:f8:b9:ea:
85:06:68:4b:97:a1:6c:89:7c:82:eb:9c:87:d0:75:
1d:68:40:74:81:b1:53:a8:75:05:07:f5:e3:0f:f9:
cb:61:7c:d2:3a:3a:20:72:89:cb:3f:a1:7f:c9:1d:
5e:0f:3e:2e:1c:c6:61:d6:6a:cb:f9:d6:34:3e:64:
27:b9:9f:7c:3c:b8:3f:74:3f:80:9a:00:98:a4:f6:
45:4c:ae:5d:14:87:fa:c3:8d:a8:67:ff:20:ff:ab:
db:fd:53:3a:eb:80:0e:20:20:77:33:84:17:34:fb:
cc:0a:c1:43:36:e0:c5:16:ef:50:69:7a:6b:8f:2f:
8d:06:a9:01:cc:76:fc:b1:f0:1b:72:02:9e:b0:c6:
d1:eb:93:d1:a2:f3:4c:d3:24:38:02:c8:36:09:7a:
bd:53:83:33:ed:2b:ac:87:2d:5f:ac:b5:4e:01:df:
03:74:5c:e6:39:7e:7a:2d:4e:f6:8c:7b:63:99:ba:
06:99:20:51:97:ed:cd:c9:ff:ea:f3:14:99:f0:d6:
38:65:db:5c:0d:ab:5e:3c:68:69:72:0b:f8:fd:88:
03:6e:e9:ea:43:a9:7e:3b:39:bc:1b:4c:bc:d7:c2:
9b:b8:c5:dd:b5:54:42:26:7e:49:20:8e:64:a2:6a:
33:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:AF:9A:E2:F3:ED:ED:61:C6:8C:8B:4F:BF:9A:2D:20:A1:F6:6B:C5
X509v3 Authority Key Identifier:
keyid:AA:31:C9:8E:3C:AB:82:1C:84:DD:EF:F2:06:9E:02:25:9B:D6:E6:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qjHJjjyrghyE3e_yBp4CJZvW5hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4b1d56-d25f-4f64-8a0c-05bff31c53fe/1/bK-a4vPt7WHGjItPv5otIKH2a8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4b1d56-d25f-4f64-8a0c-05bff31c53fe/1/qjHJjjyrghyE3e_yBp4CJZvW5hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.80.0/23
Signature Algorithm: sha256WithRSAEncryption
92:73:94:64:db:99:16:be:08:08:9f:27:db:78:b5:c8:2d:9d:
87:ab:b0:da:59:76:4e:14:0e:5d:4e:f6:03:d9:28:a5:ee:90:
b7:53:21:1c:3b:76:67:18:82:2c:f4:d6:d1:29:b6:b5:65:df:
4a:9f:0e:07:bc:9d:ff:73:a8:1f:30:94:0b:17:d0:4d:1b:11:
e7:60:52:99:de:f8:ea:a2:ca:03:46:78:95:b1:83:f3:30:f6:
5e:e7:49:01:0e:df:6d:57:09:17:b7:a1:c3:a5:ad:ea:0b:a9:
d5:1a:4f:a3:3b:fa:8e:a8:ba:bd:b6:ab:ad:f3:56:e0:93:aa:
ca:cd:86:db:4b:e3:68:cb:56:c2:87:f0:d4:b9:c0:40:de:1f:
40:db:1b:25:29:12:41:f4:d0:7a:24:15:f0:36:ad:0c:38:5f:
2b:a0:93:68:e3:08:2f:b1:ee:b1:83:82:f6:73:8e:3a:23:6e:
4e:c0:be:c6:7f:9b:54:21:ab:ee:39:9e:c1:1b:34:0f:be:94:
8d:57:92:ba:1d:98:77:39:b9:27:1d:80:5d:d2:1c:49:31:f7:
e8:65:0b:dc:b8:9f:fe:ae:be:6f:15:43:38:25:e6:a6:67:10:
82:8b:e0:46:0d:68:65:2d:90:39:10:49:31:6b:86:f4:8a:1a:
9e:72:30:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3EsYMVKrjVAAvzEqPo8rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMzFjOThlM2NhYjgyMWM4NGRkZWZmMjA2OWUwMjI1OWJk
NmU2MWMwHhcNMjQwMTAxMTYyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2FmOWFlMmYzZWRlZDYxYzY4YzhiNGZiZjlhMmQyMGExZjY2YmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaehzTSvfxamqbj4ueqFBmhLl6Fs
iXyC65yH0HUdaEB0gbFTqHUFB/XjD/nLYXzSOjogconLP6F/yR1eDz4uHMZh1mrL
+dY0PmQnuZ98PLg/dD+AmgCYpPZFTK5dFIf6w42oZ/8g/6vb/VM664AOICB3M4QX
NPvMCsFDNuDFFu9QaXprjy+NBqkBzHb8sfAbcgKesMbR65PRovNM0yQ4Asg2CXq9
U4Mz7Sushy1frLVOAd8DdFzmOX56LU72jHtjmboGmSBRl+3Nyf/q8xSZ8NY4Zdtc
DatePGhpcgv4/YgDbunqQ6l+Ozm8G0y818KbuMXdtVRCJn5JII5komoz3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGyvmuLz7e1hxoyLT7+aLSCh9mvFMB8GA1UdIwQY
MBaAFKoxyY48q4IchN3v8gaeAiWb1uYcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWpISmpqeXJnaHlFM2VfeUJwNENKWnZXNWh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny80YjFkNTYtZDI1Zi00ZjY0LThhMGMt
MDViZmYzMWM1M2ZlLzEvYkstYTR2UHQ3V0hHakl0UHY1b3RJS0gyYThVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny80YjFkNTYtZDI1Zi00ZjY0LThhMGMtMDViZmYzMWM1M2Zl
LzEvcWpISmpqeXJnaHlFM2VfeUJwNENKWnZXNWh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8NQMA0G
CSqGSIb3DQEBCwUAA4IBAQCSc5Rk25kWvggInyfbeLXILZ2Hq7DaWXZOFA5dTvYD
2Sil7pC3UyEcO3ZnGIIs9NbRKba1Zd9Knw4HvJ3/c6gfMJQLF9BNGxHnYFKZ3vjq
osoDRniVsYPzMPZe50kBDt9tVwkXt6HDpa3qC6nVGk+jO/qOqLq9tqut81bgk6rK
zYbbS+Noy1bCh/DUucBA3h9A2xslKRJB9NB6JBXwNq0MOF8roJNo4wgvse6xg4L2
c446I25OwL7Gf5tUIavuOZ7BGzQPvpSNV5K6HZh3ObknHYBd0hxJMffoZQvcuJ/+
rr5vFUM4JeamZxCCi+BGDWhlLZA5EEkxa4b0ihqecjDW
-----END CERTIFICATE-----
Generated at Sat Jun 15 10:54:39 2024 by rpki-client on console-ams.rpki-client.org