Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/02f9bb-6e6a-478a-bac8-5911fe63af79/1/AKERlgInC3XwY2cWyudXMewgdRc.roa
File: AKERlgInC3XwY2cWyudXMewgdRc.roa (raw, json)
Hash identifier: lACuj9VNEgdF9ASFMxXPB3OBBuMlNh0U/k6Ud8+/r3Q=
Subject key identifier: 00:A1:11:96:02:27:0B:75:F0:63:67:16:CA:E7:57:31:EC:20:75:17
Certificate issuer: /CN=4de4f96771d91f87c21be9f00d120327f5bbf2ea
Certificate serial: 018CC5DCFE68AD5A6CCCC7BAA802F3879233
Authority key identifier: 4D:E4:F9:67:71:D9:1F:87:C2:1B:E9:F0:0D:12:03:27:F5:BB:F2:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TeT5Z3HZH4fCG-nwDRIDJ_W78uo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/02f9bb-6e6a-478a-bac8-5911fe63af79/1/AKERlgInC3XwY2cWyudXMewgdRc.roa
Signing time: Mon 01 Jan 2024 16:30:43 +0000
ROA not before: Mon 01 Jan 2024 16:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28907
IP address blocks: 91.228.146.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/02f9bb-6e6a-478a-bac8-5911fe63af79/1/TeT5Z3HZH4fCG-nwDRIDJ_W78uo.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/02f9bb-6e6a-478a-bac8-5911fe63af79/1/TeT5Z3HZH4fCG-nwDRIDJ_W78uo.mft
rsync://rpki.ripe.net/repository/DEFAULT/TeT5Z3HZH4fCG-nwDRIDJ_W78uo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:fe:68:ad:5a:6c:cc:c7:ba:a8:02:f3:87:92:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4de4f96771d91f87c21be9f00d120327f5bbf2ea
Validity
Not Before: Jan 1 16:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00a1119602270b75f0636716cae75731ec207517
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f7:85:89:24:4a:14:45:ea:8e:35:4a:b0:06:
e6:7e:f0:cb:46:be:46:f9:ba:84:15:95:f9:25:cd:
e0:09:42:8e:20:5f:fe:b1:bd:35:7c:1b:e4:11:d5:
c0:2e:24:28:8a:08:1d:4d:75:eb:94:8e:13:9d:44:
32:d7:bd:00:89:bb:59:36:f2:ff:86:fc:a6:46:47:
c1:ed:26:2f:c8:d6:f5:6f:58:1f:60:f9:76:cc:d5:
ca:85:f0:f3:8f:d7:7d:c3:24:9e:11:be:b0:9f:0b:
27:ad:99:e6:59:10:ff:a4:fb:e4:34:13:1e:f2:fa:
e7:c3:33:85:62:eb:ea:61:b0:98:52:59:7a:1a:9a:
eb:22:6d:2f:54:a1:b0:36:48:91:0d:b8:97:2f:e2:
42:f6:b6:ef:8b:5f:34:5a:d7:69:94:d3:cc:08:50:
9f:88:f6:77:7e:bc:a0:4c:95:cb:ec:fd:c8:2b:19:
09:55:b8:b8:38:df:b0:f1:50:22:e2:46:4b:07:a8:
5c:56:c3:79:27:f9:b3:74:02:e0:01:c5:a1:f7:95:
bd:e2:26:3c:37:4f:88:a5:a3:b7:50:c4:61:35:fe:
22:a2:78:80:65:d3:02:2c:e4:6c:da:a7:56:c8:ca:
41:f7:0b:e2:d8:2d:8f:62:35:f4:a0:fe:f1:4d:d3:
7b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:A1:11:96:02:27:0B:75:F0:63:67:16:CA:E7:57:31:EC:20:75:17
X509v3 Authority Key Identifier:
keyid:4D:E4:F9:67:71:D9:1F:87:C2:1B:E9:F0:0D:12:03:27:F5:BB:F2:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TeT5Z3HZH4fCG-nwDRIDJ_W78uo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/02f9bb-6e6a-478a-bac8-5911fe63af79/1/AKERlgInC3XwY2cWyudXMewgdRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/02f9bb-6e6a-478a-bac8-5911fe63af79/1/TeT5Z3HZH4fCG-nwDRIDJ_W78uo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.146.0/23
Signature Algorithm: sha256WithRSAEncryption
38:6d:db:70:16:ab:f8:14:d4:94:7b:d9:72:85:be:68:f4:cc:
04:8c:1b:d2:c8:36:a7:31:ab:aa:af:90:c6:e1:b5:d0:2b:39:
b4:dc:f4:10:a7:ea:6b:51:31:38:1b:ef:9b:ee:b4:dc:f3:3b:
ea:0e:97:2d:3e:29:59:8a:5f:ab:2a:7d:ad:c3:da:fb:c4:f8:
63:2e:e4:ea:01:ca:e7:a7:c8:4e:d2:ad:5a:18:eb:a3:58:4c:
9a:f7:04:6a:1a:75:6a:40:30:95:4c:09:6a:7c:db:a8:17:f4:
a4:31:18:27:1d:92:29:ed:3e:4d:99:36:c5:b5:6e:2b:7c:ec:
35:33:ca:ac:97:9c:50:2e:22:03:98:4b:ea:63:a7:f0:27:8a:
2d:95:d4:5e:fc:38:b8:9b:e8:55:f3:24:7e:6d:bc:9a:1d:a0:
87:3f:31:a8:9a:ac:32:23:1a:86:8e:b9:04:42:e1:62:03:07:
65:03:d5:e6:93:d7:89:be:55:b7:20:90:ae:da:e8:9e:1d:ba:
8a:c1:4a:fc:6e:3a:e8:ac:cb:2a:19:d6:93:1d:1f:1b:c7:e3:
36:1e:24:16:c6:aa:cc:0c:53:98:e5:ca:8d:55:d0:f2:a2:72:
e9:12:00:23:66:c6:11:fa:3c:31:1d:26:e9:47:c8:a3:64:ed:
1b:79:15:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3P5orVpszMe6qALzh5IzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZTRmOTY3NzFkOTFmODdjMjFiZTlmMDBkMTIwMzI3ZjVi
YmYyZWEwHhcNMjQwMTAxMTYzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGExMTE5NjAyMjcwYjc1ZjA2MzY3MTZjYWU3NTczMWVjMjA3NTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPeFiSRKFEXqjjVKsAbmfvDLRr5G
+bqEFZX5Jc3gCUKOIF/+sb01fBvkEdXALiQoiggdTXXrlI4TnUQy170AibtZNvL/
hvymRkfB7SYvyNb1b1gfYPl2zNXKhfDzj9d9wySeEb6wnwsnrZnmWRD/pPvkNBMe
8vrnwzOFYuvqYbCYUll6GprrIm0vVKGwNkiRDbiXL+JC9rbvi180WtdplNPMCFCf
iPZ3frygTJXL7P3IKxkJVbi4ON+w8VAi4kZLB6hcVsN5J/mzdALgAcWh95W94iY8
N0+IpaO3UMRhNf4ioniAZdMCLORs2qdWyMpB9wvi2C2PYjX0oP7xTdN7uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAChEZYCJwt18GNnFsrnVzHsIHUXMB8GA1UdIwQY
MBaAFE3k+Wdx2R+Hwhvp8A0SAyf1u/LqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGVUNVozSFpINGZDRy1ud0RSSURKX1c3OHVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8wMmY5YmItNmU2YS00NzhhLWJhYzgt
NTkxMWZlNjNhZjc5LzEvQUtFUmxnSW5DM1h3WTJjV3l1ZFhNZXdnZFJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8wMmY5YmItNmU2YS00NzhhLWJhYzgtNTkxMWZlNjNhZjc5
LzEvVGVUNVozSFpINGZDRy1ud0RSSURKX1c3OHVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+SSMA0G
CSqGSIb3DQEBCwUAA4IBAQA4bdtwFqv4FNSUe9lyhb5o9MwEjBvSyDanMauqr5DG
4bXQKzm03PQQp+prUTE4G++b7rTc8zvqDpctPilZil+rKn2tw9r7xPhjLuTqAcrn
p8hO0q1aGOujWEya9wRqGnVqQDCVTAlqfNuoF/SkMRgnHZIp7T5NmTbFtW4rfOw1
M8qsl5xQLiIDmEvqY6fwJ4otldRe/Di4m+hV8yR+bbyaHaCHPzGomqwyIxqGjrkE
QuFiAwdlA9Xmk9eJvlW3IJCu2uieHbqKwUr8bjrorMsqGdaTHR8bx+M2HiQWxqrM
DFOY5cqNVdDyonLpEgAjZsYR+jwxHSbpR8ijZO0beRXi
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:23:03 2024 by rpki-client on console-fra.rpki-client.org