Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/abd2a7-3bfd-4613-9f01-6ca7c54263b9/1/SbO8xzHi7q8Sa8IL1CPO9Vx4UGU.roa
File: SbO8xzHi7q8Sa8IL1CPO9Vx4UGU.roa (raw, json)
Hash identifier: EFV6lXYBJWUSDJj+qVXoqE3P7v249rfgz+PP/5YkIVc=
Subject key identifier: 49:B3:BC:C7:31:E2:EE:AF:12:6B:C2:0B:D4:23:CE:F5:5C:78:50:65
Certificate issuer: /CN=5965c62f10c25e7a7ef18356833aa4f9b9842c6a
Certificate serial: 018CC348D32CF201D8A765696D3F0CAE5229
Authority key identifier: 59:65:C6:2F:10:C2:5E:7A:7E:F1:83:56:83:3A:A4:F9:B9:84:2C:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WWXGLxDCXnp-8YNWgzqk-bmELGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/abd2a7-3bfd-4613-9f01-6ca7c54263b9/1/SbO8xzHi7q8Sa8IL1CPO9Vx4UGU.roa
Signing time: Mon 01 Jan 2024 04:29:38 +0000
ROA not before: Mon 01 Jan 2024 04:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59437
IP address blocks: 91.239.86.0/24 maxlen: 24
2a11:cc80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/abd2a7-3bfd-4613-9f01-6ca7c54263b9/1/WWXGLxDCXnp-8YNWgzqk-bmELGo.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/abd2a7-3bfd-4613-9f01-6ca7c54263b9/1/WWXGLxDCXnp-8YNWgzqk-bmELGo.mft
rsync://rpki.ripe.net/repository/DEFAULT/WWXGLxDCXnp-8YNWgzqk-bmELGo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:d3:2c:f2:01:d8:a7:65:69:6d:3f:0c:ae:52:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5965c62f10c25e7a7ef18356833aa4f9b9842c6a
Validity
Not Before: Jan 1 04:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49b3bcc731e2eeaf126bc20bd423cef55c785065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:59:7c:d1:ad:e7:8c:bb:82:99:c5:49:3d:32:
5c:92:7e:10:fe:78:16:0f:36:3a:2d:70:d7:4d:34:
91:e6:b2:7e:a6:02:b8:b4:de:09:9f:eb:84:ad:a0:
86:1d:af:18:37:60:61:8d:a5:ca:1c:cc:ba:a8:9b:
1e:54:f6:7a:39:d5:4d:a7:d6:d3:a2:a7:ba:75:55:
08:97:58:8c:99:68:67:88:8d:4c:de:95:8f:6b:cb:
9e:95:e2:c4:8a:45:96:33:63:12:80:55:ff:8b:6f:
37:ec:79:49:60:f3:99:f2:2b:5e:eb:51:d2:38:d8:
14:8d:2d:89:94:99:92:d5:e7:c7:1e:c6:88:7a:dd:
59:a4:af:41:6d:88:10:20:c7:60:f4:59:56:7a:78:
60:00:3f:1b:2f:30:dd:62:6b:7c:b8:1d:d6:36:42:
b0:69:7b:b6:77:14:62:1c:34:76:2e:d5:02:1b:7d:
37:5b:81:a3:cf:f7:18:a4:55:0e:e2:25:0d:32:54:
36:d7:80:83:ec:cd:50:23:b2:cb:a0:8f:ca:3e:77:
ba:46:cf:8c:5b:f2:a7:6b:e4:ee:94:a4:a7:8a:08:
56:7a:12:58:49:50:57:96:24:b9:40:c3:22:78:45:
f4:c2:c9:82:f8:cf:f6:26:6a:bc:a2:02:31:5e:01:
bb:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:B3:BC:C7:31:E2:EE:AF:12:6B:C2:0B:D4:23:CE:F5:5C:78:50:65
X509v3 Authority Key Identifier:
keyid:59:65:C6:2F:10:C2:5E:7A:7E:F1:83:56:83:3A:A4:F9:B9:84:2C:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WWXGLxDCXnp-8YNWgzqk-bmELGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/abd2a7-3bfd-4613-9f01-6ca7c54263b9/1/SbO8xzHi7q8Sa8IL1CPO9Vx4UGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/abd2a7-3bfd-4613-9f01-6ca7c54263b9/1/WWXGLxDCXnp-8YNWgzqk-bmELGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.86.0/24
IPv6:
2a11:cc80::/29
Signature Algorithm: sha256WithRSAEncryption
78:77:2b:80:97:e7:89:d8:77:7f:82:d3:40:d4:bb:85:47:73:
37:b5:e7:38:06:37:3e:ae:a0:08:70:f7:48:9e:d7:08:c3:19:
60:10:94:f0:73:6b:b0:4f:4b:47:52:0c:77:73:af:cf:1f:c2:
e1:b2:0c:98:ed:65:e7:99:c0:f8:cb:dd:0d:80:52:46:e4:a5:
9b:eb:35:2e:ff:b5:4b:17:03:40:4b:d6:51:de:a3:fa:6b:88:
46:9d:d9:a7:3a:54:b3:94:f5:4e:97:31:23:75:03:70:df:49:
1c:b5:08:39:24:e4:3d:80:91:1e:32:c7:bf:c8:ae:3a:58:8c:
21:14:36:b0:ac:c8:06:1f:85:f4:ce:a2:93:5c:f7:fd:19:43:
4b:28:1f:f1:b6:a5:3d:af:a8:be:59:79:16:f4:4b:07:43:b3:
bc:81:52:f7:ea:07:cd:aa:95:c7:4b:30:e8:3a:6f:b0:bf:5b:
37:c6:36:d3:9e:da:a8:3b:25:47:7d:90:cb:72:73:b0:17:b3:
8b:b2:65:f3:7b:61:99:9b:fb:ab:f1:4a:94:6b:00:ba:01:0a:
04:aa:79:3f:6f:c3:a7:0f:cb:52:0c:d8:b9:23:5a:2e:97:2e:
ca:8c:fd:6a:b7:93:56:fa:63:2d:ad:b8:ec:08:3d:62:bf:69:
d1:6f:12:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSNMs8gHYp2VpbT8MrlIpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NjVjNjJmMTBjMjVlN2E3ZWYxODM1NjgzM2FhNGY5Yjk4
NDJjNmEwHhcNMjQwMTAxMDQyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWIzYmNjNzMxZTJlZWFmMTI2YmMyMGJkNDIzY2VmNTVjNzg1MDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1l80a3njLuCmcVJPTJckn4Q/ngW
DzY6LXDXTTSR5rJ+pgK4tN4Jn+uEraCGHa8YN2BhjaXKHMy6qJseVPZ6OdVNp9bT
oqe6dVUIl1iMmWhniI1M3pWPa8ueleLEikWWM2MSgFX/i2837HlJYPOZ8ite61HS
ONgUjS2JlJmS1efHHsaIet1ZpK9BbYgQIMdg9FlWenhgAD8bLzDdYmt8uB3WNkKw
aXu2dxRiHDR2LtUCG303W4Gjz/cYpFUO4iUNMlQ214CD7M1QI7LLoI/KPne6Rs+M
W/Kna+TulKSnighWehJYSVBXliS5QMMieEX0wsmC+M/2Jmq8ogIxXgG78QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEmzvMcx4u6vEmvCC9QjzvVceFBlMB8GA1UdIwQY
MBaAFFllxi8Qwl56fvGDVoM6pPm5hCxqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1dYR0x4RENYbnAtOFlOV2d6cWstYm1FTEdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9hYmQyYTctM2JmZC00NjEzLTlmMDEt
NmNhN2M1NDI2M2I5LzEvU2JPOHh6SGk3cThTYThJTDFDUE85Vng0VUdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9hYmQyYTctM2JmZC00NjEzLTlmMDEtNmNhN2M1NDI2M2I5
LzEvV1dYR0x4RENYbnAtOFlOV2d6cWstYm1FTEdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW+9WMA0E
AgACMAcDBQMqEcyAMA0GCSqGSIb3DQEBCwUAA4IBAQB4dyuAl+eJ2Hd/gtNA1LuF
R3M3tec4Bjc+rqAIcPdIntcIwxlgEJTwc2uwT0tHUgx3c6/PH8LhsgyY7WXnmcD4
y90NgFJG5KWb6zUu/7VLFwNAS9ZR3qP6a4hGndmnOlSzlPVOlzEjdQNw30kctQg5
JOQ9gJEeMse/yK46WIwhFDawrMgGH4X0zqKTXPf9GUNLKB/xtqU9r6i+WXkW9EsH
Q7O8gVL36gfNqpXHSzDoOm+wv1s3xjbTntqoOyVHfZDLcnOwF7OLsmXze2GZm/ur
8UqUawC6AQoEqnk/b8OnD8tSDNi5I1ouly7KjP1qt5NW+mMtrbjsCD1iv2nRbxJG
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:38:11 2024 by rpki-client on console-ams.rpki-client.org