Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/bn7XVVkqMCINrv4hqBRG6UdHXgE.roa
File: bn7XVVkqMCINrv4hqBRG6UdHXgE.roa (raw, json)
Hash identifier: y6WrtZNlDFHtlW+g4xWbdvlkfushEFx+1G9FpGozvqI=
Subject key identifier: 6E:7E:D7:55:59:2A:30:22:0D:AE:FE:21:A8:14:46:E9:47:47:5E:01
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 018EEC5F82B86342C8DC0CFD75CFFBB8E5DC
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/bn7XVVkqMCINrv4hqBRG6UdHXgE.roa
Signing time: Wed 17 Apr 2024 14:04:26 +0000
ROA not before: Wed 17 Apr 2024 14:04:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215077
IP address blocks: 91.191.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ec:5f:82:b8:63:42:c8:dc:0c:fd:75:cf:fb:b8:e5:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Apr 17 14:04:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e7ed755592a30220daefe21a81446e947475e01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f9:56:67:f8:f1:6c:bf:3e:cb:87:04:52:b8:
ce:af:8c:06:d1:ef:1a:c7:1b:7b:60:a7:b7:7c:a6:
c1:e7:de:4b:ea:fc:cc:da:95:00:79:74:97:1c:bf:
11:b2:95:fd:42:7e:53:0c:f2:5e:36:ad:d4:8b:c5:
c2:d1:bc:7f:89:16:3b:6a:d1:b0:2f:6e:bf:e5:48:
c9:ba:f4:bb:39:d8:5f:d4:ec:bb:70:21:fb:c9:08:
c0:2a:d2:11:17:0f:af:7f:3e:95:b9:df:91:b1:ba:
85:e2:b4:8b:38:f6:e7:47:01:b4:1b:e4:c2:db:a1:
33:85:b3:10:ca:34:00:17:a6:9a:02:85:e5:f0:03:
dd:0a:1e:f0:13:46:2b:40:16:0b:51:52:84:2c:69:
cf:7c:eb:43:57:70:f4:67:2a:57:cd:06:a6:87:71:
fe:5b:01:65:ba:a7:b9:dc:a3:38:16:bf:84:3e:67:
be:56:c2:61:dd:bb:f8:f8:e5:fc:3a:e2:61:49:19:
50:51:a8:b6:c5:65:a1:ce:d7:c0:da:69:8f:2e:b7:
e4:d4:e2:66:62:bb:fa:62:9e:28:59:01:c4:bf:9a:
da:f6:22:10:9b:eb:5a:80:13:1f:9c:71:b9:7c:6a:
7f:b9:c2:0c:c7:f4:66:a4:07:cf:9a:36:9c:ce:91:
9a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:7E:D7:55:59:2A:30:22:0D:AE:FE:21:A8:14:46:E9:47:47:5E:01
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/bn7XVVkqMCINrv4hqBRG6UdHXgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.191.188.0/24
Signature Algorithm: sha256WithRSAEncryption
98:ac:70:6c:a4:1f:58:36:2b:e5:b2:fb:4c:b8:56:c6:02:7c:
32:42:2d:ee:03:9c:fd:fe:64:e9:aa:8c:1e:70:0c:e2:f9:84:
44:6b:c6:5e:62:9c:a9:5b:4f:9e:83:e2:97:57:90:74:cf:c2:
7e:48:25:b1:14:46:1b:cf:a4:22:64:e7:9c:1e:4d:30:4d:b8:
60:f3:4c:6c:6d:2a:3a:f0:3e:d3:2f:cd:cd:9e:8d:19:e1:ff:
ee:23:bb:cb:44:33:54:3b:32:0f:86:3b:ea:8c:b8:27:1a:98:
81:a2:9d:b1:ad:9c:3b:77:fd:12:1f:7b:17:24:9f:a2:be:23:
5d:b2:b3:02:e0:1f:bb:10:ff:2c:f5:e4:69:7c:78:34:fe:37:
23:fc:4a:e5:23:fb:b1:0e:94:eb:2a:68:5a:ec:58:5e:f5:4e:
d0:bc:aa:9d:2e:64:48:28:78:dc:93:14:6a:c4:9f:7f:bb:ba:
86:27:90:32:11:dd:aa:ca:f4:75:fa:bd:d6:f3:4b:e0:8d:08:
6a:3e:6a:cc:fe:52:3e:da:a7:c9:8f:d7:57:87:99:4a:50:6d:
b1:7d:96:36:17:bb:33:f8:c4:3f:1c:6b:43:bb:cd:5d:72:b7:
cd:b8:57:48:3f:ae:7c:6e:14:c9:d9:fb:75:59:7f:15:f3:dd:
ce:67:89:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7sX4K4Y0LI3Az9dc/7uOXcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwNDE3MTQwNDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTdlZDc1NTU5MmEzMDIyMGRhZWZlMjFhODE0NDZlOTQ3NDc1ZTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPlWZ/jxbL8+y4cEUrjOr4wG0e8a
xxt7YKe3fKbB595L6vzM2pUAeXSXHL8RspX9Qn5TDPJeNq3Ui8XC0bx/iRY7atGw
L26/5UjJuvS7Odhf1Oy7cCH7yQjAKtIRFw+vfz6Vud+RsbqF4rSLOPbnRwG0G+TC
26EzhbMQyjQAF6aaAoXl8APdCh7wE0YrQBYLUVKELGnPfOtDV3D0ZypXzQamh3H+
WwFluqe53KM4Fr+EPme+VsJh3bv4+OX8OuJhSRlQUai2xWWhztfA2mmPLrfk1OJm
Yrv6Yp4oWQHEv5ra9iIQm+tagBMfnHG5fGp/ucIMx/RmpAfPmjaczpGa8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5+11VZKjAiDa7+IagURulHR14BMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvYm43WFZWa3FNQ0lOcnY0aHFCUkc2VWRIWGdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW7+8MA0G
CSqGSIb3DQEBCwUAA4IBAQCYrHBspB9YNivlsvtMuFbGAnwyQi3uA5z9/mTpqowe
cAzi+YREa8ZeYpypW0+eg+KXV5B0z8J+SCWxFEYbz6QiZOecHk0wTbhg80xsbSo6
8D7TL83Nno0Z4f/uI7vLRDNUOzIPhjvqjLgnGpiBop2xrZw7d/0SH3sXJJ+iviNd
srMC4B+7EP8s9eRpfHg0/jcj/ErlI/uxDpTrKmha7Fhe9U7QvKqdLmRIKHjckxRq
xJ9/u7qGJ5AyEd2qyvR1+r3W80vgjQhqPmrM/lI+2qfJj9dXh5lKUG2xfZY2F7sz
+MQ/HGtDu81dcrfNuFdIP658bhTJ2ft1WX8V893OZ4lA
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:41:54 2024 by rpki-client on console-ams.rpki-client.org