Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/56eaR_0rXdf4g32HIUg1gpDbVuw.roa
File: 56eaR_0rXdf4g32HIUg1gpDbVuw.roa (raw, json)
Hash identifier: 2+63CODMKPLpoZyqko23C230bV9xv787U3dtKx0QEvc=
Subject key identifier: E7:A7:9A:47:FD:2B:5D:D7:F8:83:7D:87:21:48:35:82:90:DB:56:EC
Certificate issuer: /CN=44f885220f1719f5837cb5a36fa62f3f537e8e3f
Certificate serial: 018CC9BC647BFC167118451A9E2EA0D2636B
Authority key identifier: 44:F8:85:22:0F:17:19:F5:83:7C:B5:A3:6F:A6:2F:3F:53:7E:8E:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPiFIg8XGfWDfLWjb6YvP1N-jj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/56eaR_0rXdf4g32HIUg1gpDbVuw.roa
Signing time: Tue 02 Jan 2024 10:33:35 +0000
ROA not before: Tue 02 Jan 2024 10:33:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44548
IP address blocks: 91.220.199.0/24 maxlen: 24
195.93.156.0/23 maxlen: 23
195.93.156.0/24 maxlen: 24
195.93.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/RPiFIg8XGfWDfLWjb6YvP1N-jj8.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/RPiFIg8XGfWDfLWjb6YvP1N-jj8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RPiFIg8XGfWDfLWjb6YvP1N-jj8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:64:7b:fc:16:71:18:45:1a:9e:2e:a0:d2:63:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44f885220f1719f5837cb5a36fa62f3f537e8e3f
Validity
Not Before: Jan 2 10:33:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7a79a47fd2b5dd7f8837d872148358290db56ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:63:14:4b:e5:12:8a:d4:a7:59:24:ed:09:0e:
6f:1d:7a:ca:5b:0f:1f:36:42:b7:54:a4:1c:02:7a:
90:e3:06:1d:49:f0:2c:d8:7f:43:58:ab:52:b1:d5:
1c:cb:39:6d:5a:5f:1d:d5:d1:d7:0c:3f:0c:2d:21:
cb:2e:b5:fc:73:69:a8:49:c6:4c:94:3a:aa:59:f5:
df:de:be:6c:12:b1:0f:79:e7:c2:36:1b:0e:b1:d9:
b0:94:b0:f7:7c:6a:0f:77:7e:9c:d4:8a:0d:4a:3d:
39:14:19:0c:3b:1a:de:9e:07:7f:5a:75:7a:db:3e:
53:70:52:fd:01:86:5c:dd:b6:58:e5:2b:84:4b:bf:
fe:de:15:3b:02:e5:e0:bb:1b:79:61:ef:ca:6f:b2:
4f:f6:e9:d8:24:81:3d:4b:b6:38:c6:a9:f0:ec:1b:
97:3f:54:42:32:01:1d:fb:94:a3:94:a3:8a:77:58:
b6:9b:13:07:2d:89:ef:bb:c7:62:d9:6e:79:86:e0:
ae:14:67:4a:32:fd:1d:02:96:c2:8c:b3:6f:21:36:
d9:78:47:41:f9:04:83:f7:7d:e3:2a:87:0d:44:95:
da:e2:f4:c9:b3:f1:a0:85:b5:e5:3d:e5:df:d8:46:
53:a8:6f:4d:ca:c3:68:a6:39:50:7d:c2:6a:34:71:
6d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:A7:9A:47:FD:2B:5D:D7:F8:83:7D:87:21:48:35:82:90:DB:56:EC
X509v3 Authority Key Identifier:
keyid:44:F8:85:22:0F:17:19:F5:83:7C:B5:A3:6F:A6:2F:3F:53:7E:8E:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPiFIg8XGfWDfLWjb6YvP1N-jj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/56eaR_0rXdf4g32HIUg1gpDbVuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/RPiFIg8XGfWDfLWjb6YvP1N-jj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.199.0/24
195.93.156.0/23
Signature Algorithm: sha256WithRSAEncryption
06:1e:cc:08:93:5c:88:70:7b:91:ba:fa:6a:97:2f:08:9f:32:
f2:ad:11:59:6b:d5:58:93:41:2a:08:ad:21:5f:f4:d4:6a:6a:
0a:fb:90:b0:cb:38:6b:c2:55:3c:30:95:d9:1e:60:a7:ea:39:
ad:32:66:d9:61:bc:1b:6c:a2:56:2c:27:be:71:4b:8a:7e:d1:
ed:ae:cb:ae:be:ea:3c:81:29:b0:41:cb:9d:4a:01:1d:3a:f4:
e9:eb:28:95:dc:d3:99:1c:13:1a:67:90:e2:e5:08:d1:55:35:
b8:88:d5:cf:81:5f:a4:59:c6:9a:da:51:d0:2d:77:4a:82:f2:
73:5c:10:93:1d:34:ea:08:1b:7b:dd:88:e1:17:95:9e:a4:c3:
be:e0:8a:64:fd:86:fd:e5:c0:dd:ab:52:66:d1:af:84:82:81:
de:74:da:26:2e:20:7e:4d:36:27:48:76:6c:4a:74:24:9e:10:
c3:b9:7a:60:6d:8e:c8:ac:b9:45:84:6c:ba:57:6d:50:15:1a:
b4:c1:c4:65:67:36:c8:9f:df:e1:1d:71:86:cf:e9:9f:eb:38:
32:05:fa:fd:c6:72:b4:5b:32:4a:98:ad:c0:76:7d:34:02:de:
fa:71:e0:c0:85:00:dd:85:56:04:eb:16:e5:22:b8:7d:8f:9e:
96:71:87:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvGR7/BZxGEUani6g0mNrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0Zjg4NTIyMGYxNzE5ZjU4MzdjYjVhMzZmYTYyZjNmNTM3
ZThlM2YwHhcNMjQwMTAyMTAzMzM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2E3OWE0N2ZkMmI1ZGQ3Zjg4MzdkODcyMTQ4MzU4MjkwZGI1NmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWMUS+USitSnWSTtCQ5vHXrKWw8f
NkK3VKQcAnqQ4wYdSfAs2H9DWKtSsdUcyzltWl8d1dHXDD8MLSHLLrX8c2moScZM
lDqqWfXf3r5sErEPeefCNhsOsdmwlLD3fGoPd36c1IoNSj05FBkMOxrengd/WnV6
2z5TcFL9AYZc3bZY5SuES7/+3hU7AuXguxt5Ye/Kb7JP9unYJIE9S7Y4xqnw7BuX
P1RCMgEd+5SjlKOKd1i2mxMHLYnvu8di2W55huCuFGdKMv0dApbCjLNvITbZeEdB
+QSD933jKocNRJXa4vTJs/GghbXlPeXf2EZTqG9NysNopjlQfcJqNHFt+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOenmkf9K13X+IN9hyFINYKQ21bsMB8GA1UdIwQY
MBaAFET4hSIPFxn1g3y1o2+mLz9Tfo4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBpRklnOFhHZldEZkxXamI2WXZQMU4tamo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iYWIxOTQtNWUyNC00ZWFkLThmNDkt
MzdlZDk5MTQzYWFlLzEvNTZlYVJfMHJYZGY0ZzMySElVZzFncERiVnV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9iYWIxOTQtNWUyNC00ZWFkLThmNDktMzdlZDk5MTQzYWFl
LzEvUlBpRklnOFhHZldEZkxXamI2WXZQMU4tamo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9zHAwQB
w12cMA0GCSqGSIb3DQEBCwUAA4IBAQAGHswIk1yIcHuRuvpqly8InzLyrRFZa9VY
k0EqCK0hX/TUamoK+5CwyzhrwlU8MJXZHmCn6jmtMmbZYbwbbKJWLCe+cUuKftHt
rsuuvuo8gSmwQcudSgEdOvTp6yiV3NOZHBMaZ5Di5QjRVTW4iNXPgV+kWcaa2lHQ
LXdKgvJzXBCTHTTqCBt73YjhF5WepMO+4Ipk/Yb95cDdq1Jm0a+EgoHedNomLiB+
TTYnSHZsSnQknhDDuXpgbY7IrLlFhGy6V21QFRq0wcRlZzbIn9/hHXGGz+mf6zgy
Bfr9xnK0WzJKmK3Adn00At76ceDAhQDdhVYE6xblIrh9j56WcYcL
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:40:50 2024 by rpki-client on console-ams.rpki-client.org