Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/630904-5612-49f7-80b3-a3ca2112268b/1/LseOpkQPyaBpV7WaRRY5_Au4YCs.roa
File: LseOpkQPyaBpV7WaRRY5_Au4YCs.roa (raw, json)
Hash identifier: bHTpEXjpnXkvYLnNlmMeoi+ixMtMHAyS/qTZXYpuCao=
Subject key identifier: 2E:C7:8E:A6:44:0F:C9:A0:69:57:B5:9A:45:16:39:FC:0B:B8:60:2B
Certificate issuer: /CN=f38b7ca41f40082290ca8aefdec4bd297d3aec0c
Certificate serial: 018CC725A765B4E0D297F1CE1FF32772A006
Authority key identifier: F3:8B:7C:A4:1F:40:08:22:90:CA:8A:EF:DE:C4:BD:29:7D:3A:EC:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/84t8pB9ACCKQyorv3sS9KX067Aw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/630904-5612-49f7-80b3-a3ca2112268b/1/LseOpkQPyaBpV7WaRRY5_Au4YCs.roa
Signing time: Mon 01 Jan 2024 22:29:42 +0000
ROA not before: Mon 01 Jan 2024 22:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198611
IP address blocks: 91.240.131.0/24 maxlen: 24
2a0c:44c0:2::/48 maxlen: 48
2a0c:44c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/630904-5612-49f7-80b3-a3ca2112268b/1/84t8pB9ACCKQyorv3sS9KX067Aw.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/630904-5612-49f7-80b3-a3ca2112268b/1/84t8pB9ACCKQyorv3sS9KX067Aw.mft
rsync://rpki.ripe.net/repository/DEFAULT/84t8pB9ACCKQyorv3sS9KX067Aw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 May 2024 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:a7:65:b4:e0:d2:97:f1:ce:1f:f3:27:72:a0:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f38b7ca41f40082290ca8aefdec4bd297d3aec0c
Validity
Not Before: Jan 1 22:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ec78ea6440fc9a06957b59a451639fc0bb8602b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e7:80:6f:2a:df:a9:d8:6a:f5:d7:f9:da:a8:
49:5e:c8:c0:f0:49:84:2d:4b:9e:6e:fd:29:c6:e3:
c6:ff:f7:1e:09:b0:b9:bb:7c:cd:2e:59:2d:5d:8c:
fe:1a:e6:22:c9:59:b8:ff:5e:2f:13:bf:8b:20:7c:
99:3e:01:0f:0b:18:f4:98:d6:25:9a:0a:ee:c0:13:
06:d2:78:36:22:51:64:c5:e8:65:d3:0e:4e:6a:08:
8e:79:19:8b:ae:df:79:b5:4f:6b:cd:23:af:aa:f8:
44:4e:c5:6d:48:57:c4:d5:40:bb:b8:68:80:17:78:
30:ba:79:ee:79:77:c0:b7:3f:5b:d5:57:9a:21:aa:
c5:f8:06:68:8c:fc:31:db:c5:e7:57:c5:ca:ed:3e:
b6:2a:a9:ba:f8:4a:98:b2:9b:37:03:4c:2a:ef:48:
65:d7:e9:d9:5d:c8:ce:0e:73:0b:da:0a:b6:a5:f3:
ad:b2:17:23:e7:ab:e1:3d:2b:32:cb:0c:c8:1f:c9:
0a:9d:88:3b:12:dd:f0:56:07:57:72:6e:6b:92:c8:
63:af:fd:b3:02:fb:85:c8:02:e2:39:44:1a:c2:89:
57:06:fe:a3:fb:fc:ea:5d:2f:64:be:2b:61:8a:30:
f3:86:3a:8a:44:4b:62:62:83:52:8e:8f:21:52:67:
56:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:C7:8E:A6:44:0F:C9:A0:69:57:B5:9A:45:16:39:FC:0B:B8:60:2B
X509v3 Authority Key Identifier:
keyid:F3:8B:7C:A4:1F:40:08:22:90:CA:8A:EF:DE:C4:BD:29:7D:3A:EC:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/84t8pB9ACCKQyorv3sS9KX067Aw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/630904-5612-49f7-80b3-a3ca2112268b/1/LseOpkQPyaBpV7WaRRY5_Au4YCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/630904-5612-49f7-80b3-a3ca2112268b/1/84t8pB9ACCKQyorv3sS9KX067Aw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.131.0/24
IPv6:
2a0c:44c0:1::-2a0c:44c0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
63:fd:53:bc:c9:ef:80:32:84:be:1d:3b:ee:f6:09:bf:dc:57:
6b:49:33:f8:e9:90:4b:08:d8:37:d5:54:b5:09:48:af:cb:66:
38:db:80:3c:d2:89:e8:f4:43:78:ff:98:4b:b1:15:e3:76:26:
93:16:59:2d:3e:d2:07:47:7e:5c:01:64:ba:de:e2:b3:79:51:
fb:61:fc:49:13:39:1b:24:2a:28:7c:c5:0c:f1:a8:04:53:6c:
29:37:65:28:cc:fc:6f:7b:32:9d:89:dd:75:83:d5:ae:16:3b:
10:c2:cc:97:20:22:be:d5:27:d8:f5:09:62:6f:ca:99:dc:6e:
39:d7:91:cd:bb:eb:cf:ed:16:20:a2:1a:e8:c2:36:79:56:83:
cc:80:70:2b:11:f7:3f:be:1c:1d:7a:b9:54:cf:73:36:a9:6d:
2c:9c:cc:b6:49:f2:43:da:12:a6:56:ee:c3:09:39:84:a9:2d:
b7:4c:ae:09:dd:c7:09:52:5f:74:2d:c3:f1:2a:15:b5:93:cb:
ff:4e:da:45:32:12:41:da:ae:c3:b1:c3:73:eb:49:b4:7b:ae:
e3:50:9d:0e:47:8b:f6:fb:a8:dd:af:5b:eb:4a:e2:62:f0:9c:
fb:68:ba:cc:0d:47:2e:3e:53:27:91:f8:3c:ca:95:59:21:88:
75:a9:b4:f9
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzHJadltODSl/HOH/MncqAGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzOGI3Y2E0MWY0MDA4MjI5MGNhOGFlZmRlYzRiZDI5N2Qz
YWVjMGMwHhcNMjQwMTAxMjIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWM3OGVhNjQ0MGZjOWEwNjk1N2I1OWE0NTE2MzlmYzBiYjg2MDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+eAbyrfqdhq9df52qhJXsjA8EmE
LUuebv0pxuPG//ceCbC5u3zNLlktXYz+GuYiyVm4/14vE7+LIHyZPgEPCxj0mNYl
mgruwBMG0ng2IlFkxehl0w5OagiOeRmLrt95tU9rzSOvqvhETsVtSFfE1UC7uGiA
F3gwunnueXfAtz9b1VeaIarF+AZojPwx28XnV8XK7T62Kqm6+EqYsps3A0wq70hl
1+nZXcjODnML2gq2pfOtshcj56vhPSsyywzIH8kKnYg7Et3wVgdXcm5rkshjr/2z
AvuFyALiOUQawolXBv6j+/zqXS9kvithijDzhjqKREtiYoNSjo8hUmdW5wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFC7HjqZED8mgaVe1mkUWOfwLuGArMB8GA1UdIwQY
MBaAFPOLfKQfQAgikMqK797EvSl9OuwMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODR0OHBCOUFDQ0tReW9ydjNzUzlLWDA2N0F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS82MzA5MDQtNTYxMi00OWY3LTgwYjMt
YTNjYTIxMTIyNjhiLzEvTHNlT3BrUVB5YUJwVjdXYVJSWTVfQXU0WUNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS82MzA5MDQtNTYxMi00OWY3LTgwYjMtYTNjYTIxMTIyNjhi
LzEvODR0OHBCOUFDQ0tReW9ydjNzUzlLWDA2N0F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAW/CDMBoE
AgACMBQwEgMHACoMRMAAAQMHACoMRMAAAjANBgkqhkiG9w0BAQsFAAOCAQEAY/1T
vMnvgDKEvh077vYJv9xXa0kz+OmQSwjYN9VUtQlIr8tmONuAPNKJ6PRDeP+YS7EV
43YmkxZZLT7SB0d+XAFkut7is3lR+2H8SRM5GyQqKHzFDPGoBFNsKTdlKMz8b3sy
nYnddYPVrhY7EMLMlyAivtUn2PUJYm/KmdxuOdeRzbvrz+0WIKIa6MI2eVaDzIBw
KxH3P74cHXq5VM9zNqltLJzMtknyQ9oSplbuwwk5hKktt0yuCd3HCVJfdC3D8SoV
tZPL/07aRTISQdquw7HDc+tJtHuu41CdDkeL9vuo3a9b60riYvCc+2i6zA1HLj5T
J5H4PMqVWSGIdam0+Q==
-----END CERTIFICATE-----
Generated at Thu May 23 22:46:07 2024 by rpki-client on console-ams.rpki-client.org