Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/24f02d-b23a-4c81-91f0-7f9025e53109/1/piVwq262Z8TI1E5Hhh8nrus_bZo.roa
File: piVwq262Z8TI1E5Hhh8nrus_bZo.roa (raw, json)
Hash identifier: z1PUmmOZespj1yOnSLOBAa5ifi72NfCWRcqbn+d3Mk0=
Subject key identifier: A6:25:70:AB:6E:B6:67:C4:C8:D4:4E:47:86:1F:27:AE:EB:3F:6D:9A
Certificate issuer: /CN=5b1a2cf2f13745ee1bbf7f0a74bead3ce5074855
Certificate serial: 018CC94E6E4F81DD6D4A375742F4CFA985B1
Authority key identifier: 5B:1A:2C:F2:F1:37:45:EE:1B:BF:7F:0A:74:BE:AD:3C:E5:07:48:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wxos8vE3Re4bv38KdL6tPOUHSFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/24f02d-b23a-4c81-91f0-7f9025e53109/1/piVwq262Z8TI1E5Hhh8nrus_bZo.roa
Signing time: Tue 02 Jan 2024 08:33:29 +0000
ROA not before: Tue 02 Jan 2024 08:33:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3303
IP address blocks: 91.198.58.0/24 maxlen: 24
2001:678:d98::/48 maxlen: 48
2001:678:d9c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/24f02d-b23a-4c81-91f0-7f9025e53109/1/Wxos8vE3Re4bv38KdL6tPOUHSFU.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/24f02d-b23a-4c81-91f0-7f9025e53109/1/Wxos8vE3Re4bv38KdL6tPOUHSFU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wxos8vE3Re4bv38KdL6tPOUHSFU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:6e:4f:81:dd:6d:4a:37:57:42:f4:cf:a9:85:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b1a2cf2f13745ee1bbf7f0a74bead3ce5074855
Validity
Not Before: Jan 2 08:33:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a62570ab6eb667c4c8d44e47861f27aeeb3f6d9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:dc:ac:ff:96:67:30:76:be:0a:b9:58:e4:68:
1a:52:e4:9d:ba:a1:ff:eb:44:fd:a7:d4:e8:0b:5b:
4a:21:9c:25:4a:01:ff:4a:5c:68:c3:97:03:6e:27:
9e:3d:40:5e:9d:07:bd:62:f5:7b:0a:4e:c0:6b:a8:
9c:b7:d1:c8:86:72:fe:5b:b0:31:39:a2:87:4d:ea:
ee:0c:ce:0d:2c:b3:dc:b4:1a:3c:e5:75:be:28:64:
7a:b0:57:bd:e7:a9:dc:01:1f:d6:ef:8e:85:ac:eb:
63:20:34:28:8b:13:38:76:16:ad:8a:14:c8:49:d2:
a8:da:f6:23:25:1c:bc:3e:5f:f0:0f:af:69:de:4b:
53:52:3c:66:86:b7:10:b4:2f:3e:b0:bb:b6:fe:52:
d2:d0:2a:d9:ef:1d:03:1b:15:57:0f:db:49:aa:76:
0a:d0:6b:01:52:17:a5:2f:b2:69:20:4c:8f:a6:a4:
67:e3:29:ac:cb:e4:9a:d9:8d:02:38:71:c8:fb:05:
cb:d8:b4:c3:b7:7a:8a:4a:5d:a7:e7:51:86:be:1a:
e7:4a:cc:d5:2d:aa:be:1e:7e:07:42:0f:13:b4:d0:
96:af:f8:e3:7a:28:b3:84:7a:10:0f:d5:13:50:0a:
08:c9:a4:ef:a0:f4:27:f5:72:f6:ab:60:9b:d2:dc:
1c:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:25:70:AB:6E:B6:67:C4:C8:D4:4E:47:86:1F:27:AE:EB:3F:6D:9A
X509v3 Authority Key Identifier:
keyid:5B:1A:2C:F2:F1:37:45:EE:1B:BF:7F:0A:74:BE:AD:3C:E5:07:48:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wxos8vE3Re4bv38KdL6tPOUHSFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/24f02d-b23a-4c81-91f0-7f9025e53109/1/piVwq262Z8TI1E5Hhh8nrus_bZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/24f02d-b23a-4c81-91f0-7f9025e53109/1/Wxos8vE3Re4bv38KdL6tPOUHSFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.58.0/24
IPv6:
2001:678:d98::/48
2001:678:d9c::/48
Signature Algorithm: sha256WithRSAEncryption
61:e3:6c:6c:a4:6c:b2:e6:f9:92:ec:9f:75:0e:25:20:66:3a:
ac:2e:d6:14:ff:c2:44:05:a2:c1:94:38:59:3f:95:55:7f:ea:
1f:3b:2a:be:c6:d3:a5:5d:b3:25:03:d0:c6:9e:42:d6:b2:18:
97:93:ca:fe:ff:1b:96:3b:54:ae:6c:03:a8:04:2f:74:db:ac:
af:75:aa:6f:94:fe:4e:52:92:34:c7:cc:c4:67:47:aa:f2:ff:
00:56:d1:20:41:b8:19:e5:1f:cf:0c:ae:07:31:20:eb:f8:f0:
6b:a2:5f:3b:4a:e7:7f:0f:26:30:4d:26:62:24:29:2f:97:4a:
52:c2:3e:99:30:35:3b:33:ca:7b:28:95:9e:06:ea:88:c5:4c:
4b:a3:9d:b9:30:a3:8e:e9:3c:f9:ec:97:52:54:a5:81:73:87:
27:40:56:c6:5d:10:d1:9a:4b:d0:8c:f1:ae:cd:3a:9e:45:21:
87:84:c7:ab:df:ed:2b:15:74:de:e0:96:dd:47:ac:78:11:00:
2a:c2:6c:51:0a:88:89:3a:e0:12:75:87:05:a1:1d:9b:00:46:
b3:b8:01:3f:a7:b3:6e:38:31:52:a4:ff:c6:c4:c3:75:e4:3f:
79:80:52:ad:da:13:de:ec:ce:fb:a6:15:9d:a8:45:e5:71:66:
7a:3f:ef:54
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzJTm5Pgd1tSjdXQvTPqYWxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMWEyY2YyZjEzNzQ1ZWUxYmJmN2YwYTc0YmVhZDNjZTUw
NzQ4NTUwHhcNMjQwMTAyMDgzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjI1NzBhYjZlYjY2N2M0YzhkNDRlNDc4NjFmMjdhZWViM2Y2ZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdys/5ZnMHa+CrlY5GgaUuSduqH/
60T9p9ToC1tKIZwlSgH/Slxow5cDbieePUBenQe9YvV7Ck7Aa6ict9HIhnL+W7Ax
OaKHTeruDM4NLLPctBo85XW+KGR6sFe956ncAR/W746FrOtjIDQoixM4dhatihTI
SdKo2vYjJRy8Pl/wD69p3ktTUjxmhrcQtC8+sLu2/lLS0CrZ7x0DGxVXD9tJqnYK
0GsBUhelL7JpIEyPpqRn4ymsy+Sa2Y0COHHI+wXL2LTDt3qKSl2n51GGvhrnSszV
Laq+Hn4HQg8TtNCWr/jjeiizhHoQD9UTUAoIyaTvoPQn9XL2q2Cb0twcPwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKYlcKtutmfEyNROR4YfJ67rP22aMB8GA1UdIwQY
MBaAFFsaLPLxN0XuG79/CnS+rTzlB0hVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3hvczh2RTNSZTRidjM4S2RMNnRQT1VIU0ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yNGYwMmQtYjIzYS00YzgxLTkxZjAt
N2Y5MDI1ZTUzMTA5LzEvcGlWd3EyNjJaOFRJMUU1SGhoOG5ydXNfYlpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yNGYwMmQtYjIzYS00YzgxLTkxZjAtN2Y5MDI1ZTUzMTA5
LzEvV3hvczh2RTNSZTRidjM4S2RMNnRQT1VIU0ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAW8Y6MBgE
AgACMBIDBwAgAQZ4DZgDBwAgAQZ4DZwwDQYJKoZIhvcNAQELBQADggEBAGHjbGyk
bLLm+ZLsn3UOJSBmOqwu1hT/wkQFosGUOFk/lVV/6h87Kr7G06VdsyUD0MaeQtay
GJeTyv7/G5Y7VK5sA6gEL3TbrK91qm+U/k5SkjTHzMRnR6ry/wBW0SBBuBnlH88M
rgcxIOv48GuiXztK538PJjBNJmIkKS+XSlLCPpkwNTszynsolZ4G6ojFTEujnbkw
o47pPPnsl1JUpYFzhydAVsZdENGaS9CM8a7NOp5FIYeEx6vf7SsVdN7glt1HrHgR
ACrCbFEKiIk64BJ1hwWhHZsARrO4AT+ns244MVKk/8bEw3XkP3mAUq3aE97szvum
FZ2oReVxZno/71Q=
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:48:12 2024 by rpki-client on console-fra.rpki-client.org