Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/6db264-73d4-43ac-a97e-590b1b2a4609/1/VlB4bMaYasbjSNxf3lIhj_E44Oo.roa
File: VlB4bMaYasbjSNxf3lIhj_E44Oo.roa (raw, json)
Hash identifier: iGxzl30TuvujJnmslBnpWl8tHD8rWWgJzqyKOPNJgI4=
Subject key identifier: 56:50:78:6C:C6:98:6A:C6:E3:48:DC:5F:DE:52:21:8F:F1:38:E0:EA
Certificate issuer: /CN=6416bc721c740c10fc7b0d8b1b358a2d35f488b7
Certificate serial: 018CC3B685186C926D44DF65887ED5C6307B
Authority key identifier: 64:16:BC:72:1C:74:0C:10:FC:7B:0D:8B:1B:35:8A:2D:35:F4:88:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBa8chx0DBD8ew2LGzWKLTX0iLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/6db264-73d4-43ac-a97e-590b1b2a4609/1/VlB4bMaYasbjSNxf3lIhj_E44Oo.roa
Signing time: Mon 01 Jan 2024 06:29:27 +0000
ROA not before: Mon 01 Jan 2024 06:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57570
IP address blocks: 91.232.230.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/6db264-73d4-43ac-a97e-590b1b2a4609/1/ZBa8chx0DBD8ew2LGzWKLTX0iLc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/6db264-73d4-43ac-a97e-590b1b2a4609/1/ZBa8chx0DBD8ew2LGzWKLTX0iLc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZBa8chx0DBD8ew2LGzWKLTX0iLc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:85:18:6c:92:6d:44:df:65:88:7e:d5:c6:30:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6416bc721c740c10fc7b0d8b1b358a2d35f488b7
Validity
Not Before: Jan 1 06:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5650786cc6986ac6e348dc5fde52218ff138e0ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:67:45:8c:bb:cd:5f:04:38:52:62:e5:da:ed:
47:5d:a4:8c:44:96:99:5d:e4:33:c0:2a:14:ac:ae:
14:64:2f:6a:e8:8d:0e:1f:d3:e5:33:b7:8b:27:dd:
80:cf:b3:47:bd:de:5f:17:63:07:29:f8:cc:c8:1f:
aa:1d:01:28:fd:4d:20:58:d6:59:c4:34:25:32:46:
8b:97:29:d7:06:e4:d9:cc:84:d5:bd:d1:e8:33:3a:
3b:59:39:f1:ab:61:a6:39:e6:a9:27:ce:91:e6:85:
8a:d3:2e:c4:77:2a:5e:aa:69:66:0b:72:3f:90:dc:
d2:d5:b8:1a:7e:a2:98:24:b2:45:dd:06:1a:4b:aa:
85:19:44:0a:bd:b0:a8:4d:ab:10:5e:74:97:16:0d:
5f:99:94:41:6a:c0:e7:64:23:e1:b3:c6:c9:da:55:
07:52:0a:77:02:67:24:e9:05:88:2e:3d:1c:3e:c0:
e7:90:3d:92:21:3f:03:d2:3b:0f:99:fc:c0:5d:ef:
6f:11:1c:d8:0d:8c:58:b6:8f:bd:96:aa:fc:01:81:
5c:11:0d:67:53:d5:c0:ee:84:9b:e0:5e:d4:60:4e:
03:84:42:8d:0c:87:a4:b7:09:71:28:d3:0a:b2:2a:
8a:8f:6c:05:7e:da:fd:7e:f8:2f:42:a3:89:b0:13:
e7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:50:78:6C:C6:98:6A:C6:E3:48:DC:5F:DE:52:21:8F:F1:38:E0:EA
X509v3 Authority Key Identifier:
keyid:64:16:BC:72:1C:74:0C:10:FC:7B:0D:8B:1B:35:8A:2D:35:F4:88:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBa8chx0DBD8ew2LGzWKLTX0iLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/6db264-73d4-43ac-a97e-590b1b2a4609/1/VlB4bMaYasbjSNxf3lIhj_E44Oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/6db264-73d4-43ac-a97e-590b1b2a4609/1/ZBa8chx0DBD8ew2LGzWKLTX0iLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.230.0/23
Signature Algorithm: sha256WithRSAEncryption
b8:73:88:d0:18:c3:18:db:4b:ee:3b:15:de:4a:02:66:85:dd:
f8:a0:98:59:b9:ea:28:77:ba:fa:ed:0d:de:5a:48:c8:24:7b:
8f:fa:6d:12:4c:89:85:11:37:20:b6:35:dd:28:98:43:58:18:
24:82:de:67:fa:56:da:d8:9c:13:f9:43:5f:c1:b3:04:f2:f9:
3c:6f:60:36:1d:5b:ed:7b:b3:74:0b:6d:46:6d:7a:50:90:48:
68:13:c4:ee:ee:6d:32:2e:f5:95:b9:fe:2a:da:2f:76:9b:2d:
eb:30:e9:b2:f6:1e:40:8a:c7:7b:92:48:c1:1a:61:4e:39:36:
18:6c:29:0c:9e:9b:df:d7:a6:b9:f7:bf:63:47:7c:1b:83:d7:
5e:d4:b8:e9:c4:6b:24:1f:c9:79:0a:cf:4b:1e:02:ad:36:7e:
e7:1b:9b:e7:c1:ea:b7:58:55:ab:92:37:81:72:ad:22:70:dc:
70:b5:fb:9c:5c:68:ba:18:96:69:cd:7c:ce:53:f7:da:33:63:
7b:5e:94:30:df:9c:df:28:a2:94:5f:d3:86:73:c6:02:7d:eb:
ba:02:12:ce:81:7e:84:77:9b:4b:7d:95:6d:af:e6:f4:6c:4d:
14:69:ca:1d:e3:fd:f5:b0:e2:d4:4e:1e:02:ad:54:5a:88:a2:
59:5e:00:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtoUYbJJtRN9liH7VxjB7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTZiYzcyMWM3NDBjMTBmYzdiMGQ4YjFiMzU4YTJkMzVm
NDg4YjcwHhcNMjQwMTAxMDYyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjUwNzg2Y2M2OTg2YWM2ZTM0OGRjNWZkZTUyMjE4ZmYxMzhlMGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmdFjLvNXwQ4UmLl2u1HXaSMRJaZ
XeQzwCoUrK4UZC9q6I0OH9PlM7eLJ92Az7NHvd5fF2MHKfjMyB+qHQEo/U0gWNZZ
xDQlMkaLlynXBuTZzITVvdHoMzo7WTnxq2GmOeapJ86R5oWK0y7EdypeqmlmC3I/
kNzS1bgafqKYJLJF3QYaS6qFGUQKvbCoTasQXnSXFg1fmZRBasDnZCPhs8bJ2lUH
Ugp3Amck6QWILj0cPsDnkD2SIT8D0jsPmfzAXe9vERzYDYxYto+9lqr8AYFcEQ1n
U9XA7oSb4F7UYE4DhEKNDIektwlxKNMKsiqKj2wFftr9fvgvQqOJsBPnQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFZQeGzGmGrG40jcX95SIY/xOODqMB8GA1UdIwQY
MBaAFGQWvHIcdAwQ/HsNixs1ii019Ii3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJhOGNoeDBEQkQ4ZXcyTEd6V0tMVFgwaUxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy82ZGIyNjQtNzNkNC00M2FjLWE5N2Ut
NTkwYjFiMmE0NjA5LzEvVmxCNGJNYVlhc2JqU054ZjNsSWhqX0U0NE9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy82ZGIyNjQtNzNkNC00M2FjLWE5N2UtNTkwYjFiMmE0NjA5
LzEvWkJhOGNoeDBEQkQ4ZXcyTEd6V0tMVFgwaUxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+jmMA0G
CSqGSIb3DQEBCwUAA4IBAQC4c4jQGMMY20vuOxXeSgJmhd34oJhZueood7r67Q3e
WkjIJHuP+m0STImFETcgtjXdKJhDWBgkgt5n+lba2JwT+UNfwbME8vk8b2A2HVvt
e7N0C21GbXpQkEhoE8Tu7m0yLvWVuf4q2i92my3rMOmy9h5Aisd7kkjBGmFOOTYY
bCkMnpvf16a5979jR3wbg9de1LjpxGskH8l5Cs9LHgKtNn7nG5vnweq3WFWrkjeB
cq0icNxwtfucXGi6GJZpzXzOU/faM2N7XpQw35zfKKKUX9OGc8YCfeu6AhLOgX6E
d5tLfZVtr+b0bE0Uacod4/31sOLUTh4CrVRaiKJZXgB8
-----END CERTIFICATE-----
Generated at Fri Jun 7 21:01:05 2024 by rpki-client on console-fra.rpki-client.org