Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/vAouYBCFeyDmySpeNAjeknivPWk.roa
File: vAouYBCFeyDmySpeNAjeknivPWk.roa (raw, json)
Hash identifier: DCgfOeSOEd7mTa2vvDpWDLEb5XCgrRbcoX3s6CIdZHc=
Subject key identifier: BC:0A:2E:60:10:85:7B:20:E6:C9:2A:5E:34:08:DE:92:78:AF:3D:69
Certificate issuer: /CN=2ad59994f2af79599cfb3ff2e3e98e518f914fba
Certificate serial: 018E64B62F28986DFDEA3F7CC2ACADC0DCEC
Authority key identifier: 2A:D5:99:94:F2:AF:79:59:9C:FB:3F:F2:E3:E9:8E:51:8F:91:4F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KtWZlPKveVmc-z_y4-mOUY-RT7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/vAouYBCFeyDmySpeNAjeknivPWk.roa
Signing time: Fri 22 Mar 2024 05:50:44 +0000
ROA not before: Fri 22 Mar 2024 05:50:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 91.239.108.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/KtWZlPKveVmc-z_y4-mOUY-RT7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/KtWZlPKveVmc-z_y4-mOUY-RT7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/KtWZlPKveVmc-z_y4-mOUY-RT7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:64:b6:2f:28:98:6d:fd:ea:3f:7c:c2:ac:ad:c0:dc:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ad59994f2af79599cfb3ff2e3e98e518f914fba
Validity
Not Before: Mar 22 05:50:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc0a2e6010857b20e6c92a5e3408de9278af3d69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3c:d8:5b:14:b3:90:ea:8f:59:51:12:e6:2d:
95:e4:f9:4a:7a:40:03:b5:f3:70:6e:c8:f1:94:1c:
bb:5d:63:b7:77:98:06:44:48:8c:47:75:20:00:fc:
98:ef:23:6e:48:39:33:57:8d:38:df:d3:fa:8d:3a:
1b:8f:c2:91:f3:85:22:6f:82:c2:df:96:61:51:28:
ef:46:a9:0a:69:23:dd:72:9e:43:dd:98:5d:83:80:
ec:a3:02:43:93:53:cd:6e:3b:fe:12:f9:56:b5:f4:
6d:bf:be:9a:5c:b5:e1:a1:fa:0b:33:30:11:80:ce:
12:99:d3:f8:4b:3b:95:25:b9:3a:8e:cf:3d:23:49:
41:f4:4e:06:82:56:64:28:87:74:a8:0d:a6:b7:05:
ed:39:b6:3e:24:29:9e:83:77:6e:dc:01:a9:84:30:
48:a5:4b:63:32:54:01:ba:52:cf:24:80:15:72:38:
42:ad:16:35:4f:89:4a:2d:71:17:ed:90:ac:9d:81:
81:8b:53:41:d1:62:ac:aa:77:89:8c:9d:77:7e:f3:
0d:bf:6b:10:72:6a:75:fb:9d:02:6a:27:db:16:a0:
1f:bc:9a:15:83:46:69:52:72:0a:4d:d4:a5:4e:f7:
9a:3a:e8:7e:e7:20:4a:7b:66:85:b1:9b:1c:c4:ed:
14:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:0A:2E:60:10:85:7B:20:E6:C9:2A:5E:34:08:DE:92:78:AF:3D:69
X509v3 Authority Key Identifier:
keyid:2A:D5:99:94:F2:AF:79:59:9C:FB:3F:F2:E3:E9:8E:51:8F:91:4F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtWZlPKveVmc-z_y4-mOUY-RT7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/vAouYBCFeyDmySpeNAjeknivPWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/KtWZlPKveVmc-z_y4-mOUY-RT7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.108.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:21:ff:2d:61:4d:ab:db:1b:ee:7e:31:58:8f:aa:bc:96:e3:
54:87:0f:17:0a:63:f8:c8:e9:cd:ea:43:28:0a:fb:f5:6a:5d:
f4:1b:ac:10:a7:86:61:11:41:f1:ec:a6:a8:5f:a3:78:7f:1b:
37:be:83:68:e7:02:f7:70:c0:25:e2:ec:5d:aa:ea:c1:5d:cd:
f8:2e:dd:07:6d:21:6f:3e:93:dc:6b:c0:6e:cd:74:59:5d:93:
40:1e:3b:d8:9d:10:76:70:f3:89:94:9b:d4:c7:7d:f4:84:ee:
7d:41:b3:71:a2:f0:ce:27:96:71:59:fb:2a:67:b3:ac:db:b5:
e7:72:b8:b0:6e:d5:61:83:7d:17:fd:d0:e7:bb:43:8f:aa:6c:
48:20:46:a0:ee:3b:77:c3:9e:c5:8d:79:6a:4f:44:07:87:6c:
f3:25:05:78:4e:46:5d:32:79:54:59:90:ca:1f:0d:a1:89:bf:
bb:2b:f6:1a:33:a7:48:ba:85:72:3d:1a:09:f2:c5:a5:47:4d:
af:f2:41:12:c5:5d:2e:51:52:73:e9:74:19:d6:c8:be:6e:fa:
b2:bc:e0:33:31:d9:20:3e:1d:86:e1:b3:d8:2d:0a:9d:ad:7b:
98:db:2e:05:79:6a:8e:9b:ff:6b:aa:31:f5:3f:0b:d8:31:a2:
8d:cc:54:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5kti8omG396j98wqytwNzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZDU5OTk0ZjJhZjc5NTk5Y2ZiM2ZmMmUzZTk4ZTUxOGY5
MTRmYmEwHhcNMjQwMzIyMDU1MDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzBhMmU2MDEwODU3YjIwZTZjOTJhNWUzNDA4ZGU5Mjc4YWYzZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjzYWxSzkOqPWVES5i2V5PlKekAD
tfNwbsjxlBy7XWO3d5gGREiMR3UgAPyY7yNuSDkzV40439P6jTobj8KR84Uib4LC
35ZhUSjvRqkKaSPdcp5D3Zhdg4DsowJDk1PNbjv+EvlWtfRtv76aXLXhofoLMzAR
gM4SmdP4SzuVJbk6js89I0lB9E4GglZkKId0qA2mtwXtObY+JCmeg3du3AGphDBI
pUtjMlQBulLPJIAVcjhCrRY1T4lKLXEX7ZCsnYGBi1NB0WKsqneJjJ13fvMNv2sQ
cmp1+50CaifbFqAfvJoVg0ZpUnIKTdSlTveaOuh+5yBKe2aFsZscxO0UpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLwKLmAQhXsg5skqXjQI3pJ4rz1pMB8GA1UdIwQY
MBaAFCrVmZTyr3lZnPs/8uPpjlGPkU+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3RXWmxQS3ZlVm1jLXpfeTQtbU9VWS1SVDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yYmNmMzEtNjI3Ny00ZTg3LWEwMDct
YmJlMmM0ZDg4YzJmLzEvdkFvdVlCQ0ZleURteVNwZU5BamVrbml2UFdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yYmNmMzEtNjI3Ny00ZTg3LWEwMDctYmJlMmM0ZDg4YzJm
LzEvS3RXWmxQS3ZlVm1jLXpfeTQtbU9VWS1SVDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+9sMA0G
CSqGSIb3DQEBCwUAA4IBAQBNIf8tYU2r2xvufjFYj6q8luNUhw8XCmP4yOnN6kMo
Cvv1al30G6wQp4ZhEUHx7KaoX6N4fxs3voNo5wL3cMAl4uxdqurBXc34Lt0HbSFv
PpPca8BuzXRZXZNAHjvYnRB2cPOJlJvUx330hO59QbNxovDOJ5ZxWfsqZ7Os27Xn
criwbtVhg30X/dDnu0OPqmxIIEag7jt3w57FjXlqT0QHh2zzJQV4TkZdMnlUWZDK
Hw2hib+7K/YaM6dIuoVyPRoJ8sWlR02v8kESxV0uUVJz6XQZ1si+bvqyvOAzMdkg
Ph2G4bPYLQqdrXuY2y4FeWqOm/9rqjH1PwvYMaKNzFSH
-----END CERTIFICATE-----
Generated at Thu Apr 25 23:07:22 2024 by rpki-client on console-fra.rpki-client.org