Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/23M91Gnrn26S_GMAxct48UG5fLY.roa
File: 23M91Gnrn26S_GMAxct48UG5fLY.roa (raw, json)
Hash identifier: CeqjlA6eUL46maf/DqMkD14wh9N5hSIpFgiGiSgkF+s=
Subject key identifier: DB:73:3D:D4:69:EB:9F:6E:92:FC:63:00:C5:CB:78:F1:41:B9:7C:B6
Certificate issuer: /CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Certificate serial: 018CC5DC78ABD5F878B30D7E1E3BB570631B
Authority key identifier: 4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/23M91Gnrn26S_GMAxct48UG5fLY.roa
Signing time: Mon 01 Jan 2024 16:30:09 +0000
ROA not before: Mon 01 Jan 2024 16:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58507
IP address blocks: 159.197.192.0/19 maxlen: 24
161.8.192.0/18 maxlen: 24
161.8.0.0/18 maxlen: 24
159.197.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TdlU08d8nE437r91PYbz3PCR1Kk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TdlU08d8nE437r91PYbz3PCR1Kk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:78:ab:d5:f8:78:b3:0d:7e:1e:3b:b5:70:63:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Validity
Not Before: Jan 1 16:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db733dd469eb9f6e92fc6300c5cb78f141b97cb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f3:a3:e0:9c:92:b4:fd:62:26:d5:75:db:1e:
3c:fd:43:e3:89:f8:6f:b5:4d:be:dd:e9:41:a5:7d:
9f:d2:b2:30:53:c2:a9:9f:bf:07:41:90:1f:93:5e:
27:f8:72:45:73:be:f5:93:f4:57:51:3c:67:a2:44:
ab:3c:db:b8:18:aa:68:0c:c2:32:ce:81:e7:ac:39:
6a:e5:df:e9:64:3e:1b:31:be:c7:51:24:18:72:53:
15:d3:7a:c6:db:93:3f:d2:c4:aa:8e:47:a9:c1:e1:
6b:1f:00:eb:0d:2d:10:d2:cd:4d:18:5e:86:bc:d0:
b2:68:a4:4e:e9:a6:79:7a:fe:cc:2e:64:99:4c:2b:
b0:08:43:3a:e7:ab:4e:99:88:d6:75:f0:75:c1:6e:
79:bf:dd:95:9b:07:23:57:cb:b4:aa:9d:e6:56:0f:
80:d0:5a:d8:10:c3:1d:56:6b:d8:45:1b:25:36:84:
da:a2:97:ec:be:62:ae:95:c8:81:cb:8b:c9:5b:26:
f7:5b:92:f8:d4:ce:f0:09:23:d1:11:73:7a:65:16:
a1:ce:ac:0b:25:fc:ea:a9:77:89:68:0c:0a:52:56:
1d:e6:49:7d:d3:26:02:5f:58:ad:cf:9f:9a:09:09:
86:d3:38:0d:fb:b6:49:01:2e:17:d2:57:01:c1:95:
5a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:73:3D:D4:69:EB:9F:6E:92:FC:63:00:C5:CB:78:F1:41:B9:7C:B6
X509v3 Authority Key Identifier:
keyid:4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/23M91Gnrn26S_GMAxct48UG5fLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TdlU08d8nE437r91PYbz3PCR1Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.197.128.0-159.197.223.255
161.8.0.0/18
161.8.192.0/18
Signature Algorithm: sha256WithRSAEncryption
7f:1a:4d:0d:60:9e:17:3a:8a:b7:e7:2d:14:f1:fa:48:7e:4e:
27:b4:f3:4b:6d:ff:ab:6e:d2:93:4f:17:07:db:db:43:ad:b8:
c6:87:a9:97:07:09:b0:96:f0:1e:59:02:ae:9d:b9:8a:d3:ae:
8f:65:da:77:7b:7e:d4:d4:df:af:ab:87:4c:bb:c0:db:78:8d:
f5:d9:38:60:44:2b:57:3a:65:8b:9e:43:b6:5a:aa:5a:24:75:
d2:20:c9:cf:62:4c:51:33:46:86:48:61:5a:c6:ab:22:b1:77:
19:1c:7b:1c:15:88:74:f3:bf:5a:ae:02:64:de:7d:0a:47:48:
de:67:a8:3c:77:94:6a:3f:59:ee:9f:e3:50:b7:e8:e4:b4:65:
3c:5a:a6:27:fe:49:48:19:0e:f6:8c:c5:25:f2:10:a2:73:aa:
a1:32:41:8a:ee:df:3a:eb:04:1e:4f:32:71:8b:ac:e9:3c:60:
ed:11:75:34:18:0d:3c:6c:f7:89:67:94:13:8f:9c:88:61:d5:
a3:fb:09:31:68:b2:88:e1:c6:a5:2a:8a:57:d2:73:17:a8:15:
2c:d7:68:48:fd:35:81:c9:38:2c:f5:17:be:ce:41:d4:eb:2c:
34:3a:c0:1d:2b:e1:83:d6:52:ef:3f:be:bd:65:04:ad:1b:77:
c0:d5:41:95
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzF3Hir1fh4sw1+Hju1cGMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDk1NGQzYzc3YzljNGUzN2VlYmY3NTNkODZmM2RjZjA5
MWQ0YTkwHhcNMjQwMTAxMTYzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjczM2RkNDY5ZWI5ZjZlOTJmYzYzMDBjNWNiNzhmMTQxYjk3Y2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPOj4JyStP1iJtV12x48/UPjifhv
tU2+3elBpX2f0rIwU8Kpn78HQZAfk14n+HJFc771k/RXUTxnokSrPNu4GKpoDMIy
zoHnrDlq5d/pZD4bMb7HUSQYclMV03rG25M/0sSqjkepweFrHwDrDS0Q0s1NGF6G
vNCyaKRO6aZ5ev7MLmSZTCuwCEM656tOmYjWdfB1wW55v92VmwcjV8u0qp3mVg+A
0FrYEMMdVmvYRRslNoTaopfsvmKulciBy4vJWyb3W5L41M7wCSPREXN6ZRahzqwL
JfzqqXeJaAwKUlYd5kl90yYCX1itz5+aCQmG0zgN+7ZJAS4X0lcBwZVa3QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNtzPdRp659ukvxjAMXLePFBuXy2MB8GA1UdIwQY
MBaAFE3ZVNPHfJxON+6/dT2G89zwkdSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDIt
ZWI3YWFhNjgyOGJlLzEvMjNNOTFHbnJuMjZTX0dNQXhjdDQ4VUc1ZkxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDItZWI3YWFhNjgyOGJl
LzEvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAefxYAD
BAWfxcADBAahCAADBAahCMAwDQYJKoZIhvcNAQELBQADggEBAH8aTQ1gnhc6irfn
LRTx+kh+Tie080tt/6tu0pNPFwfb20OtuMaHqZcHCbCW8B5ZAq6duYrTro9l2nd7
ftTU36+rh0y7wNt4jfXZOGBEK1c6ZYueQ7ZaqlokddIgyc9iTFEzRoZIYVrGqyKx
dxkcexwViHTzv1quAmTefQpHSN5nqDx3lGo/We6f41C36OS0ZTxapif+SUgZDvaM
xSXyEKJzqqEyQYru3zrrBB5PMnGLrOk8YO0RdTQYDTxs94lnlBOPnIhh1aP7CTFo
sojhxqUqilfScxeoFSzXaEj9NYHJOCz1F77OQdTrLDQ6wB0r4YPWUu8/vr1lBK0b
d8DVQZU=
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:30:42 2024 by rpki-client on console-fra.rpki-client.org