Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/91_s1p75Zvsrh0f6bxCiE4YKGMU.roa
File: 91_s1p75Zvsrh0f6bxCiE4YKGMU.roa (raw, json)
Hash identifier: gBKR2tl7Oq4gv2NUBRsifnNEdLImWRmDlwjMES0Qbxo=
Subject key identifier: F7:5F:EC:D6:9E:F9:66:FB:2B:87:47:FA:6F:10:A2:13:86:0A:18:C5
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 018CC94CA5E1DE05AC00E329B3610D412965
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/91_s1p75Zvsrh0f6bxCiE4YKGMU.roa
Signing time: Tue 02 Jan 2024 08:31:32 +0000
ROA not before: Tue 02 Jan 2024 08:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36113
IP address blocks: 188.191.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.mft
rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:a5:e1:de:05:ac:00:e3:29:b3:61:0d:41:29:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Jan 2 08:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f75fecd69ef966fb2b8747fa6f10a213860a18c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:5b:b6:68:77:03:15:04:4a:5c:74:a9:9e:6e:
c5:81:7b:3d:a0:c9:c6:ba:f9:63:63:4d:04:18:81:
92:a6:d3:83:23:0a:c1:96:50:87:e8:c9:c2:82:e5:
02:20:86:eb:bb:af:06:69:56:7b:5d:a5:9d:88:32:
05:81:5b:a9:a9:7c:b4:75:be:27:10:66:d2:11:af:
c1:c6:17:5c:f3:4f:7c:7f:42:d2:f5:a2:07:11:7b:
52:f9:9b:ce:18:79:49:41:31:ba:d7:78:50:71:d2:
9c:c2:0b:8b:61:3d:65:f7:8a:d3:67:8c:4e:92:98:
bf:ee:5f:26:b2:5b:27:2f:7d:73:d4:6d:a4:ae:71:
c4:69:04:c3:c1:b6:c6:28:e8:90:a0:6d:e5:9e:7f:
84:a5:79:24:60:73:db:45:a0:78:26:e2:43:73:f2:
25:65:68:37:c3:40:c9:7c:8f:3b:3d:c6:1b:b5:5a:
ee:e0:66:0b:0e:09:be:39:c1:28:33:b9:fe:52:c0:
b4:30:8f:80:6c:29:67:7c:4a:61:a5:da:09:a0:dc:
f8:8d:72:99:9e:79:3e:75:5a:61:03:e3:09:6f:c7:
07:d3:b5:3b:61:58:e8:00:a8:cf:77:62:5a:3a:c6:
f7:78:7b:41:c3:87:f5:a0:3d:1e:d3:f3:7d:56:55:
4e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:5F:EC:D6:9E:F9:66:FB:2B:87:47:FA:6F:10:A2:13:86:0A:18:C5
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/91_s1p75Zvsrh0f6bxCiE4YKGMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.191.111.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:58:15:38:d9:94:72:8f:d1:6d:1d:79:a9:12:c8:5e:c1:e3:
ab:6d:1c:5b:b2:f4:0c:8a:4e:b5:62:b8:02:d8:33:32:f4:f7:
9f:d6:07:20:fb:f5:ff:88:b0:83:bc:85:f7:58:f8:5f:7d:e4:
94:fc:ed:58:69:78:91:4b:4a:11:1a:03:94:32:60:31:da:fb:
e1:97:76:e0:95:38:26:16:d0:7e:93:fb:41:21:1d:90:55:d5:
5c:09:7e:e2:7b:c5:ad:76:e5:6d:54:11:6f:86:cd:ca:83:4e:
34:fc:f6:4c:79:cc:9d:b4:21:61:ca:94:7c:bf:4b:b1:1f:41:
c7:62:45:fa:79:15:cf:53:83:ec:4a:da:99:d2:e4:76:b1:68:
e6:47:d0:5a:ce:37:44:33:f5:9e:fc:86:54:b6:1f:6d:bf:42:
5c:40:4a:5f:33:e3:be:3c:69:19:a1:af:4a:14:4e:0f:65:97:
22:3d:b0:fe:bc:4a:e0:ad:02:c5:9f:a5:8c:33:00:a5:bb:e3:
49:29:4c:18:87:fd:11:d9:74:7b:f5:ad:9f:76:b0:a1:84:41:
ef:4e:bb:a3:85:ad:ef:86:5d:83:e9:22:80:9f:5f:6f:c2:8e:
17:46:67:41:60:d0:a5:f0:c3:27:5c:60:e4:10:2c:f6:ea:b4:
8d:c3:54:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTKXh3gWsAOMps2ENQSllMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjQwMTAyMDgzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzVmZWNkNjllZjk2NmZiMmI4NzQ3ZmE2ZjEwYTIxMzg2MGExOGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFu2aHcDFQRKXHSpnm7FgXs9oMnG
uvljY00EGIGSptODIwrBllCH6MnCguUCIIbru68GaVZ7XaWdiDIFgVupqXy0db4n
EGbSEa/Bxhdc8098f0LS9aIHEXtS+ZvOGHlJQTG613hQcdKcwguLYT1l94rTZ4xO
kpi/7l8mslsnL31z1G2krnHEaQTDwbbGKOiQoG3lnn+EpXkkYHPbRaB4JuJDc/Il
ZWg3w0DJfI87PcYbtVru4GYLDgm+OcEoM7n+UsC0MI+AbClnfEphpdoJoNz4jXKZ
nnk+dVphA+MJb8cH07U7YVjoAKjPd2JaOsb3eHtBw4f1oD0e0/N9VlVONwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPdf7Nae+Wb7K4dH+m8QohOGChjFMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvOTFfczFwNzVadnNyaDBmNmJ4Q2lFNFlLR01VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL9vMA0G
CSqGSIb3DQEBCwUAA4IBAQBbWBU42ZRyj9FtHXmpEsheweOrbRxbsvQMik61YrgC
2DMy9Pef1gcg+/X/iLCDvIX3WPhffeSU/O1YaXiRS0oRGgOUMmAx2vvhl3bglTgm
FtB+k/tBIR2QVdVcCX7ie8WtduVtVBFvhs3Kg040/PZMecydtCFhypR8v0uxH0HH
YkX6eRXPU4PsStqZ0uR2sWjmR9BazjdEM/We/IZUth9tv0JcQEpfM+O+PGkZoa9K
FE4PZZciPbD+vErgrQLFn6WMMwClu+NJKUwYh/0R2XR79a2fdrChhEHvTrujha3v
hl2D6SKAn19vwo4XRmdBYNCl8MMnXGDkECz26rSNw1RF
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:13:19 2024 by rpki-client on console-ams.rpki-client.org