Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/COZBeN9tJFDfe1NTdRzBn2TZaEM.roa
File: COZBeN9tJFDfe1NTdRzBn2TZaEM.roa (raw, json)
Hash identifier: LnUT/7p0PWCrDam+Ygx/cbA0EK009Z5Bm6LCIz7dgi0=
Subject key identifier: 08:E6:41:78:DF:6D:24:50:DF:7B:53:53:75:1C:C1:9F:64:D9:68:43
Certificate issuer: /CN=2ad59994f2af79599cfb3ff2e3e98e518f914fba
Certificate serial: 01923DAE099224034E4A77104CC56FFEFB8C
Authority key identifier: 2A:D5:99:94:F2:AF:79:59:9C:FB:3F:F2:E3:E9:8E:51:8F:91:4F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KtWZlPKveVmc-z_y4-mOUY-RT7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/COZBeN9tJFDfe1NTdRzBn2TZaEM.roa
Signing time: Sun 29 Sep 2024 12:07:48 +0000
ROA not before: Sun 29 Sep 2024 12:07:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43395
IP address blocks: 91.239.108.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/KtWZlPKveVmc-z_y4-mOUY-RT7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/KtWZlPKveVmc-z_y4-mOUY-RT7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/KtWZlPKveVmc-z_y4-mOUY-RT7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:3d:ae:09:92:24:03:4e:4a:77:10:4c:c5:6f:fe:fb:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ad59994f2af79599cfb3ff2e3e98e518f914fba
Validity
Not Before: Sep 29 12:07:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08e64178df6d2450df7b5353751cc19f64d96843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1d:bd:83:f4:11:99:ae:d9:9f:c3:ea:be:11:
73:ae:5c:1c:5b:c3:af:f3:5e:4a:6f:4d:af:14:a7:
91:db:78:67:5b:6d:b8:2f:bf:0a:c8:04:93:77:2f:
1e:bf:f1:c1:b8:12:16:2e:20:f3:31:8e:48:ae:f0:
83:1a:9a:80:26:59:e5:de:36:22:32:1a:75:61:84:
65:f0:a9:db:39:49:97:cc:25:4d:2f:b3:e6:1a:1d:
6d:62:b0:c5:e6:d0:3b:ce:ae:de:3a:c5:0b:35:b2:
eb:39:46:3e:d5:f5:29:e8:48:7e:ba:a8:cd:64:64:
af:28:5b:2b:b9:91:a9:7e:cc:9a:b6:17:aa:aa:51:
d4:bd:ac:77:e2:6a:b0:3a:81:2c:b4:31:03:e0:91:
3d:72:06:06:29:0f:21:d6:57:37:16:4c:30:e7:f4:
6d:1e:33:f7:c0:99:cb:ff:35:20:b5:7b:e8:f5:e2:
6e:d1:1e:55:7e:29:e3:ac:06:bb:ce:93:45:b2:f9:
57:2c:16:2c:80:19:67:8a:96:74:ac:b4:44:0c:d0:
c6:39:95:ec:89:af:56:52:12:84:9e:21:b6:fe:3c:
0b:ef:fc:8b:b2:2f:15:06:24:00:4a:d6:c5:1a:a1:
fa:a1:51:23:9c:02:b3:21:99:03:84:9a:fe:c4:20:
e6:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:E6:41:78:DF:6D:24:50:DF:7B:53:53:75:1C:C1:9F:64:D9:68:43
X509v3 Authority Key Identifier:
keyid:2A:D5:99:94:F2:AF:79:59:9C:FB:3F:F2:E3:E9:8E:51:8F:91:4F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtWZlPKveVmc-z_y4-mOUY-RT7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/COZBeN9tJFDfe1NTdRzBn2TZaEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/KtWZlPKveVmc-z_y4-mOUY-RT7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.108.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:a8:29:bb:51:6c:b6:fd:32:e5:fb:6b:c9:88:7a:c6:8b:f7:
06:19:9a:15:57:e1:3c:ab:f0:ae:6f:d1:33:e3:63:36:de:54:
0f:c1:b4:74:a9:16:5e:5c:62:89:8a:16:f2:cc:60:b1:5e:62:
88:a4:98:5e:7a:f9:29:14:f9:83:95:59:7d:a9:e3:b8:f3:69:
f8:c0:0e:91:7c:14:e8:4f:7d:3a:d7:74:00:00:db:c7:2d:d2:
cf:ef:bf:7e:1e:e4:fb:46:58:75:04:76:1b:7a:29:72:58:b8:
ce:1b:50:dc:50:59:41:43:08:ab:d7:c6:8a:56:0d:ce:36:c6:
35:36:06:6c:af:51:13:1f:98:fd:41:a5:83:8a:d1:89:f6:a4:
06:10:3d:64:cc:51:7e:6b:27:77:ce:fc:b3:85:c5:6b:45:f0:
33:6f:62:d9:23:60:89:c8:98:82:e5:e4:a7:14:ef:a9:bf:09:
d6:8c:18:e4:a8:9b:c7:e9:51:d1:52:24:98:96:2b:82:0a:17:
f7:02:d4:67:fd:06:f2:3b:8e:a0:ec:45:af:15:3f:07:4a:99:
5a:7a:2a:6f:73:82:08:91:55:c9:44:58:d2:01:4a:5b:e0:61:
d9:87:0a:3b:54:8b:23:31:fe:50:32:aa:93:5d:06:c9:94:dc:
36:63:9e:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZI9rgmSJANOSncQTMVv/vuMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZDU5OTk0ZjJhZjc5NTk5Y2ZiM2ZmMmUzZTk4ZTUxOGY5
MTRmYmEwHhcNMjQwOTI5MTIwNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGU2NDE3OGRmNmQyNDUwZGY3YjUzNTM3NTFjYzE5ZjY0ZDk2ODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlR29g/QRma7Zn8PqvhFzrlwcW8Ov
815Kb02vFKeR23hnW224L78KyASTdy8ev/HBuBIWLiDzMY5IrvCDGpqAJlnl3jYi
Mhp1YYRl8KnbOUmXzCVNL7PmGh1tYrDF5tA7zq7eOsULNbLrOUY+1fUp6Eh+uqjN
ZGSvKFsruZGpfsyatheqqlHUvax34mqwOoEstDED4JE9cgYGKQ8h1lc3Fkww5/Rt
HjP3wJnL/zUgtXvo9eJu0R5VfinjrAa7zpNFsvlXLBYsgBlnipZ0rLREDNDGOZXs
ia9WUhKEniG2/jwL7/yLsi8VBiQAStbFGqH6oVEjnAKzIZkDhJr+xCDmQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAjmQXjfbSRQ33tTU3UcwZ9k2WhDMB8GA1UdIwQY
MBaAFCrVmZTyr3lZnPs/8uPpjlGPkU+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3RXWmxQS3ZlVm1jLXpfeTQtbU9VWS1SVDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yYmNmMzEtNjI3Ny00ZTg3LWEwMDct
YmJlMmM0ZDg4YzJmLzEvQ09aQmVOOXRKRkRmZTFOVGRSekJuMlRaYUVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yYmNmMzEtNjI3Ny00ZTg3LWEwMDctYmJlMmM0ZDg4YzJm
LzEvS3RXWmxQS3ZlVm1jLXpfeTQtbU9VWS1SVDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+9sMA0G
CSqGSIb3DQEBCwUAA4IBAQB7qCm7UWy2/TLl+2vJiHrGi/cGGZoVV+E8q/Cub9Ez
42M23lQPwbR0qRZeXGKJihbyzGCxXmKIpJheevkpFPmDlVl9qeO482n4wA6RfBTo
T30613QAANvHLdLP779+HuT7Rlh1BHYbeilyWLjOG1DcUFlBQwir18aKVg3ONsY1
NgZsr1ETH5j9QaWDitGJ9qQGED1kzFF+ayd3zvyzhcVrRfAzb2LZI2CJyJiC5eSn
FO+pvwnWjBjkqJvH6VHRUiSYliuCChf3AtRn/QbyO46g7EWvFT8HSplaeipvc4II
kVXJRFjSAUpb4GHZhwo7VIsjMf5QMqqTXQbJlNw2Y564
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:07:07 2024 by rpki-client on console-ams.rpki-client.org