Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/n7dvXs46PJvH-fvJf3blKX8JhWk.roa
File: n7dvXs46PJvH-fvJf3blKX8JhWk.roa (raw, json)
Hash identifier: w7waTTDZYz+QmxcU1/skRxYwOak0DGxoKCTCZA1IiYA=
Subject key identifier: 9F:B7:6F:5E:CE:3A:3C:9B:C7:F9:FB:C9:7F:76:E5:29:7F:09:85:69
Certificate issuer: /CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Certificate serial: 018CC8714AC12354E77251BCA1FCB6CA53C2
Authority key identifier: 66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/n7dvXs46PJvH-fvJf3blKX8JhWk.roa
Signing time: Tue 02 Jan 2024 04:31:57 +0000
ROA not before: Tue 02 Jan 2024 04:31:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200363
IP address blocks: 91.197.232.0/24 maxlen: 24
91.197.233.0/24 maxlen: 24
2a01:af::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Zpauprq3nEj13e5KRr9Ktk2GMWA.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Zpauprq3nEj13e5KRr9Ktk2GMWA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:4a:c1:23:54:e7:72:51:bc:a1:fc:b6:ca:53:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Validity
Not Before: Jan 2 04:31:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fb76f5ece3a3c9bc7f9fbc97f76e5297f098569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d7:6e:d2:53:02:e5:9f:c0:d9:75:9d:a6:e6:
20:ee:8e:4a:bc:bb:19:79:0d:28:11:8e:95:cb:a7:
f3:85:84:b9:52:60:2b:1a:09:18:e3:d5:67:9a:06:
05:b3:51:5d:2c:6c:7b:d0:be:19:5d:3d:2f:f5:27:
56:db:f9:3b:3a:4f:c3:9b:5e:02:0b:d6:82:48:49:
e4:6a:09:95:03:5d:84:92:12:d2:2b:24:fe:dd:75:
05:15:7a:53:a3:62:93:38:2e:a6:5f:76:01:86:aa:
97:43:e2:fd:c5:49:32:97:00:e9:9f:b3:b9:b8:98:
9c:d4:88:5b:8f:3f:a7:75:df:cd:93:af:6b:4f:81:
7f:ad:45:b6:96:85:9d:44:df:ba:da:3c:e5:39:45:
d6:b2:1c:5e:2e:71:18:36:c8:d6:61:8d:7f:89:d4:
d8:00:01:50:4e:2c:53:79:fd:e3:45:23:8e:41:a2:
57:f1:1c:a0:3d:54:79:16:7a:24:c6:40:e2:1f:a2:
36:ba:62:14:8a:e0:43:dc:bc:50:f4:ec:a6:76:0f:
99:56:63:0c:fb:3b:21:f2:ab:0c:d4:83:ea:f5:0d:
4f:9d:b3:1c:42:d3:62:04:8f:86:dd:41:a7:f6:15:
4b:5e:51:0e:b1:69:55:d6:a9:d3:5c:d7:7d:04:5b:
ac:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:B7:6F:5E:CE:3A:3C:9B:C7:F9:FB:C9:7F:76:E5:29:7F:09:85:69
X509v3 Authority Key Identifier:
keyid:66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/n7dvXs46PJvH-fvJf3blKX8JhWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Zpauprq3nEj13e5KRr9Ktk2GMWA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.232.0/23
IPv6:
2a01:af::/32
Signature Algorithm: sha256WithRSAEncryption
56:f5:4b:cb:b3:74:d7:e7:fa:50:8c:ea:3e:32:67:93:be:c2:
e0:3c:7e:6d:96:78:b8:0a:62:49:bb:75:c4:2f:fb:09:07:7f:
e9:dd:64:79:d9:67:81:a6:62:fa:c0:6f:25:26:96:9a:03:c7:
6e:9f:95:68:01:c1:4a:b9:63:d1:58:1b:77:c5:09:ac:ad:49:
39:66:31:72:20:a8:2d:16:a7:8c:6d:54:1a:12:8f:eb:dd:40:
47:82:18:96:d5:fe:16:cb:f8:af:95:ec:0c:11:08:9d:43:93:
97:cc:ac:fa:ae:29:3d:ff:72:97:5e:c1:a4:c5:26:f4:b7:75:
c2:26:f0:7a:d6:9b:f8:8f:1f:7d:cc:d4:e2:54:3e:96:1f:90:
7c:b5:d3:43:f0:3f:30:5a:0a:e0:83:94:d8:1b:47:f8:41:6e:
29:eb:23:fc:3f:c0:8f:96:17:e3:95:49:ee:ce:61:6d:b8:83:
2a:2b:2b:21:41:fb:54:22:2d:30:0a:7a:42:1b:dc:e9:13:99:
3d:22:cb:b1:1a:cd:f9:5c:75:c2:ea:74:d3:11:ec:a7:a6:95:
fb:35:64:41:36:c7:22:8d:23:c7:c6:11:39:a9:45:1e:06:da:
5b:f9:fb:98:87:91:10:87:1a:a6:b6:5e:2e:49:5b:09:33:2b:
11:7f:57:f2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIcUrBI1TnclG8ofy2ylPCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OTZhZWE2YmFiNzljNDhmNWRkZWU0YTQ2YmY0YWI2NGQ4
NjMxNjAwHhcNMjQwMTAyMDQzMTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmI3NmY1ZWNlM2EzYzliYzdmOWZiYzk3Zjc2ZTUyOTdmMDk4NTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNdu0lMC5Z/A2XWdpuYg7o5KvLsZ
eQ0oEY6Vy6fzhYS5UmArGgkY49VnmgYFs1FdLGx70L4ZXT0v9SdW2/k7Ok/Dm14C
C9aCSEnkagmVA12EkhLSKyT+3XUFFXpTo2KTOC6mX3YBhqqXQ+L9xUkylwDpn7O5
uJic1Ihbjz+ndd/Nk69rT4F/rUW2loWdRN+62jzlOUXWshxeLnEYNsjWYY1/idTY
AAFQTixTef3jRSOOQaJX8RygPVR5FnokxkDiH6I2umIUiuBD3LxQ9Oymdg+ZVmMM
+zsh8qsM1IPq9Q1PnbMcQtNiBI+G3UGn9hVLXlEOsWlV1qnTXNd9BFusPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ+3b17OOjybx/n7yX925Sl/CYVpMB8GA1UdIwQY
MBaAFGaWrqa6t5xI9d3uSka/SrZNhjFgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2Qt
ZjAxOThjNmMyNDc0LzEvbjdkdlhzNDZQSnZILWZ2SmYzYmxLWDhKaFdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2QtZjAxOThjNmMyNDc0
LzEvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBW8XoMA0E
AgACMAcDBQAqAQCvMA0GCSqGSIb3DQEBCwUAA4IBAQBW9UvLs3TX5/pQjOo+MmeT
vsLgPH5tlni4CmJJu3XEL/sJB3/p3WR52WeBpmL6wG8lJpaaA8dun5VoAcFKuWPR
WBt3xQmsrUk5ZjFyIKgtFqeMbVQaEo/r3UBHghiW1f4Wy/ivlewMEQidQ5OXzKz6
rik9/3KXXsGkxSb0t3XCJvB61pv4jx99zNTiVD6WH5B8tdND8D8wWgrgg5TYG0f4
QW4p6yP8P8CPlhfjlUnuzmFtuIMqKyshQftUIi0wCnpCG9zpE5k9IsuxGs35XHXC
6nTTEeynppX7NWRBNscijSPHxhE5qUUeBtpb+fuYh5EQhxqmtl4uSVsJMysRf1fy
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:09:02 2024 by rpki-client on console-ams.rpki-client.org