Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/AcHw6NFnva8gKOleZy4QvPQ-4R8.roa
File: AcHw6NFnva8gKOleZy4QvPQ-4R8.roa (raw, json)
Hash identifier: 9+7IiNZOOlJyg4jvJL55SkPZwK0IX2xFM88J8B+f3ZI=
Subject key identifier: 01:C1:F0:E8:D1:67:BD:AF:20:28:E9:5E:67:2E:10:BC:F4:3E:E1:1F
Certificate issuer: /CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Certificate serial: 018CC493905A3E5EE76C27C8DC3DC332DF4C
Authority key identifier: AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/AcHw6NFnva8gKOleZy4QvPQ-4R8.roa
Signing time: Mon 01 Jan 2024 10:30:54 +0000
ROA not before: Mon 01 Jan 2024 10:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47624
IP address blocks: 91.206.139.0/24 maxlen: 24
91.206.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:90:5a:3e:5e:e7:6c:27:c8:dc:3d:c3:32:df:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Validity
Not Before: Jan 1 10:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01c1f0e8d167bdaf2028e95e672e10bcf43ee11f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9f:17:62:8d:d4:1d:58:d9:bb:e4:9f:9b:a5:
86:b3:05:a5:2f:5a:48:cd:ef:81:09:65:c2:a1:55:
74:ee:6d:ec:05:84:7a:ac:07:9d:e5:0b:aa:4f:94:
e9:e8:20:9f:72:90:8b:58:0f:35:6f:8b:c0:dd:aa:
3a:e1:6e:65:c5:50:80:aa:14:8a:e6:9e:9e:46:be:
7e:e1:65:1d:7d:33:b7:80:fb:c5:13:03:a1:f9:51:
0d:47:1e:99:9d:50:1f:ff:e4:db:ed:f0:67:3e:d5:
8a:e5:85:cb:95:a5:f5:64:2e:77:e6:d1:9e:99:31:
d4:b5:00:99:44:fe:3b:09:d3:ad:38:f1:aa:2d:67:
4c:78:c6:8a:f3:24:5a:a8:a0:78:c1:9c:49:f2:dd:
a6:a4:61:ee:65:31:05:8d:41:82:0b:4f:f9:f3:47:
2f:61:11:83:bf:3e:a8:13:99:4f:34:88:ca:92:15:
46:be:49:f4:2a:83:ec:47:20:50:aa:ce:cf:59:a9:
9a:90:81:bf:90:95:b4:d9:ff:9e:2e:6b:0a:1a:f1:
99:ff:6d:28:81:f8:8a:83:16:96:fd:6b:5c:4f:bd:
a1:9d:33:11:13:a4:d3:9a:b6:ca:37:ce:70:4e:2a:
3b:35:99:9e:d7:82:9c:87:66:e4:b3:97:2a:d2:1f:
59:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:C1:F0:E8:D1:67:BD:AF:20:28:E9:5E:67:2E:10:BC:F4:3E:E1:1F
X509v3 Authority Key Identifier:
keyid:AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/AcHw6NFnva8gKOleZy4QvPQ-4R8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.138.0/23
Signature Algorithm: sha256WithRSAEncryption
64:f1:78:98:a3:35:c8:c5:9d:48:c0:91:ae:ad:71:9c:82:cd:
dc:36:18:8c:0a:3f:da:e5:aa:4d:04:1d:17:ca:22:22:be:fc:
07:bc:eb:62:00:e2:34:45:3d:37:06:5f:ce:30:dd:37:20:1c:
31:ae:b3:2c:0f:8b:29:64:5e:8e:c1:83:96:3a:8a:6d:65:75:
22:2f:1e:87:d3:db:e9:e1:ed:80:ed:d0:e0:1a:f8:b1:5c:d8:
46:b0:80:39:dc:c2:12:8d:15:d5:65:0d:2d:83:4b:a8:6b:c1:
f6:fa:a1:c7:a0:37:73:2c:ca:b7:ae:3f:53:5a:53:2d:d6:3b:
e1:fa:61:db:98:5b:ba:fa:6d:11:0f:da:ac:98:ed:ee:9b:b0:
8b:f8:c3:0f:52:85:2d:b9:94:21:83:52:ff:3c:37:f5:c1:54:
b3:8f:12:6e:78:32:87:0e:28:db:54:95:b8:29:88:1d:04:6b:
64:78:63:57:f8:e6:db:ff:73:b3:30:c3:4e:53:36:e5:f0:a1:
d7:cd:53:6d:ce:d7:9b:3c:72:e2:58:84:91:0f:fe:02:83:f5:
62:3c:a0:7c:04:df:ad:80:ad:7b:a6:90:1c:f7:3f:c5:13:af:
67:07:88:10:e4:e8:e5:2a:dd:dc:4e:10:f9:b3:c0:d2:d3:d8:
4a:ea:05:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk5BaPl7nbCfI3D3DMt9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMWY3MjFiN2I3ZTZkMDQ5ZmJmZTUyMGUxY2E4OWMxY2Ey
NTY4MTMwHhcNMjQwMTAxMTAzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWMxZjBlOGQxNjdiZGFmMjAyOGU5NWU2NzJlMTBiY2Y0M2VlMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZ8XYo3UHVjZu+Sfm6WGswWlL1pI
ze+BCWXCoVV07m3sBYR6rAed5QuqT5Tp6CCfcpCLWA81b4vA3ao64W5lxVCAqhSK
5p6eRr5+4WUdfTO3gPvFEwOh+VENRx6ZnVAf/+Tb7fBnPtWK5YXLlaX1ZC535tGe
mTHUtQCZRP47CdOtOPGqLWdMeMaK8yRaqKB4wZxJ8t2mpGHuZTEFjUGCC0/580cv
YRGDvz6oE5lPNIjKkhVGvkn0KoPsRyBQqs7PWamakIG/kJW02f+eLmsKGvGZ/20o
gfiKgxaW/WtcT72hnTMRE6TTmrbKN85wTio7NZme14Kch2bks5cq0h9ZzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAHB8OjRZ72vICjpXmcuELz0PuEfMB8GA1UdIwQY
MBaAFKwfcht7fm0En7/lIOHKicHKJWgTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjIt
NjRkMjljODZiZjNlLzEvQWNIdzZORm52YThnS09sZVp5NFF2UFEtNFI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjItNjRkMjljODZiZjNl
LzEvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW86KMA0G
CSqGSIb3DQEBCwUAA4IBAQBk8XiYozXIxZ1IwJGurXGcgs3cNhiMCj/a5apNBB0X
yiIivvwHvOtiAOI0RT03Bl/OMN03IBwxrrMsD4spZF6OwYOWOoptZXUiLx6H09vp
4e2A7dDgGvixXNhGsIA53MISjRXVZQ0tg0uoa8H2+qHHoDdzLMq3rj9TWlMt1jvh
+mHbmFu6+m0RD9qsmO3um7CL+MMPUoUtuZQhg1L/PDf1wVSzjxJueDKHDijbVJW4
KYgdBGtkeGNX+Obb/3OzMMNOUzbl8KHXzVNtztebPHLiWISRD/4Cg/ViPKB8BN+t
gK17ppAc9z/FE69nB4gQ5OjlKt3cThD5s8DS09hK6gVT
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:22:42 2024 by rpki-client on console-fra.rpki-client.org