Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/968d41-4d77-42be-80b1-beafe0efc09c/1/pZKtfAu5WXmsh1j7OftvlF4-AwM.roa
File: pZKtfAu5WXmsh1j7OftvlF4-AwM.roa (raw, json)
Hash identifier: ajyKh4r01mcDNUWXoV92elmusNQecRGj1vvPqmF/mAs=
Subject key identifier: A5:92:AD:7C:0B:B9:59:79:AC:87:58:FB:39:FB:6F:94:5E:3E:03:03
Certificate issuer: /CN=9757052075961e9d90c27d07125a4b446cafd790
Certificate serial: 018CC9BC8541BCE122F9FD435A1B21BACE1B
Authority key identifier: 97:57:05:20:75:96:1E:9D:90:C2:7D:07:12:5A:4B:44:6C:AF:D7:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l1cFIHWWHp2Qwn0HElpLRGyv15A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/968d41-4d77-42be-80b1-beafe0efc09c/1/pZKtfAu5WXmsh1j7OftvlF4-AwM.roa
Signing time: Tue 02 Jan 2024 10:33:44 +0000
ROA not before: Tue 02 Jan 2024 10:33:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49957
IP address blocks: 91.207.250.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/968d41-4d77-42be-80b1-beafe0efc09c/1/l1cFIHWWHp2Qwn0HElpLRGyv15A.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/968d41-4d77-42be-80b1-beafe0efc09c/1/l1cFIHWWHp2Qwn0HElpLRGyv15A.mft
rsync://rpki.ripe.net/repository/DEFAULT/l1cFIHWWHp2Qwn0HElpLRGyv15A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:85:41:bc:e1:22:f9:fd:43:5a:1b:21:ba:ce:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9757052075961e9d90c27d07125a4b446cafd790
Validity
Not Before: Jan 2 10:33:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a592ad7c0bb95979ac8758fb39fb6f945e3e0303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:f0:e3:aa:97:e4:d8:c5:d2:e7:b4:bd:9a:ec:
d5:e3:4a:e0:0c:88:60:9c:59:36:08:96:54:a9:b7:
ed:25:7e:b0:84:04:12:51:ef:bc:fb:90:64:65:8f:
24:4a:8b:86:bf:e1:2c:be:83:56:9f:13:1b:90:5c:
fc:92:e5:79:03:c7:8d:3f:bf:cd:ac:d8:6b:00:08:
30:a8:94:84:dc:92:c0:6e:71:be:a1:41:28:a1:73:
87:93:2f:7c:ca:fb:2d:c0:ad:ba:23:5f:1d:ea:a5:
34:68:9d:b0:9b:fb:25:ed:85:48:84:07:82:83:72:
d1:2f:b6:e2:22:a6:c4:92:0e:30:1e:8e:8c:68:f5:
42:dd:0a:55:5d:f9:d8:44:d6:95:ab:3c:67:fd:02:
24:a1:2e:ca:ae:c3:8c:df:fc:18:bf:06:bf:cb:89:
77:c6:56:3c:7a:67:64:c1:7e:10:52:29:6b:5d:fd:
fe:6e:9c:87:96:7b:d7:ce:95:9a:d0:0a:f9:07:9a:
4d:10:5b:cb:7b:20:5d:45:6d:76:fb:09:f5:b2:cf:
1f:f7:2b:2a:64:ec:5c:83:4a:47:53:d6:a5:68:75:
c8:18:bd:41:1c:e5:54:3d:02:a6:3f:e7:84:a2:54:
f6:4e:84:15:40:71:c4:1b:75:22:1a:03:c1:da:24:
39:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:92:AD:7C:0B:B9:59:79:AC:87:58:FB:39:FB:6F:94:5E:3E:03:03
X509v3 Authority Key Identifier:
keyid:97:57:05:20:75:96:1E:9D:90:C2:7D:07:12:5A:4B:44:6C:AF:D7:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l1cFIHWWHp2Qwn0HElpLRGyv15A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/968d41-4d77-42be-80b1-beafe0efc09c/1/pZKtfAu5WXmsh1j7OftvlF4-AwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/968d41-4d77-42be-80b1-beafe0efc09c/1/l1cFIHWWHp2Qwn0HElpLRGyv15A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.250.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:09:39:0e:94:46:ba:c9:ad:37:28:5f:13:c8:8b:61:9c:27:
6d:fd:dc:0f:48:e1:3f:fe:54:33:4f:e0:a1:0e:70:7b:0c:85:
1e:06:87:15:13:cd:e6:14:93:e2:9f:68:ca:0f:55:ad:9d:a8:
31:09:d2:7b:1f:02:ac:49:fd:f7:db:0a:dd:7e:2e:9b:76:92:
45:85:fc:89:02:e7:9f:45:3c:ef:5f:4a:ed:7b:6d:46:62:ba:
39:b1:11:6c:51:25:5f:d7:cf:4c:49:b1:87:06:60:1f:f4:9b:
ae:b4:3d:6f:30:85:08:f7:f4:6e:01:7c:14:31:91:6e:85:d2:
b3:f1:5f:b3:8e:3a:ad:9f:40:af:49:e5:2b:f9:ea:9a:7c:05:
c1:55:b3:44:e9:66:ae:a7:94:72:55:9f:be:37:fb:37:4b:b9:
5a:51:c6:d3:42:21:b9:c6:d4:ab:4b:ba:cd:0d:ca:86:18:3b:
0b:22:a4:dc:e3:0b:f8:fa:bd:62:25:2b:8a:4a:21:bf:82:4c:
ba:ce:0f:08:e4:43:25:60:c6:a5:ad:16:bf:dd:57:b1:e6:c1:
8b:f6:db:96:5f:c7:de:b3:ea:5e:d5:ba:51:93:03:df:91:b5:
b0:e5:54:c5:fc:51:14:94:00:63:09:81:3e:57:21:78:a6:ce:
54:6c:a3:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvIVBvOEi+f1DWhshus4bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NTcwNTIwNzU5NjFlOWQ5MGMyN2QwNzEyNWE0YjQ0NmNh
ZmQ3OTAwHhcNMjQwMTAyMTAzMzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTkyYWQ3YzBiYjk1OTc5YWM4NzU4ZmIzOWZiNmY5NDVlM2UwMzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6fDjqpfk2MXS57S9muzV40rgDIhg
nFk2CJZUqbftJX6whAQSUe+8+5BkZY8kSouGv+EsvoNWnxMbkFz8kuV5A8eNP7/N
rNhrAAgwqJSE3JLAbnG+oUEooXOHky98yvstwK26I18d6qU0aJ2wm/sl7YVIhAeC
g3LRL7biIqbEkg4wHo6MaPVC3QpVXfnYRNaVqzxn/QIkoS7KrsOM3/wYvwa/y4l3
xlY8emdkwX4QUilrXf3+bpyHlnvXzpWa0Ar5B5pNEFvLeyBdRW12+wn1ss8f9ysq
ZOxcg0pHU9alaHXIGL1BHOVUPQKmP+eEolT2ToQVQHHEG3UiGgPB2iQ5QwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKWSrXwLuVl5rIdY+zn7b5RePgMDMB8GA1UdIwQY
MBaAFJdXBSB1lh6dkMJ9BxJaS0Rsr9eQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDFjRklIV1dIcDJRd24wSEVscExSR3l2MTVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi85NjhkNDEtNGQ3Ny00MmJlLTgwYjEt
YmVhZmUwZWZjMDljLzEvcFpLdGZBdTVXWG1zaDFqN09mdHZsRjQtQXdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi85NjhkNDEtNGQ3Ny00MmJlLTgwYjEtYmVhZmUwZWZjMDlj
LzEvbDFjRklIV1dIcDJRd24wSEVscExSR3l2MTVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8/6MA0G
CSqGSIb3DQEBCwUAA4IBAQBtCTkOlEa6ya03KF8TyIthnCdt/dwPSOE//lQzT+Ch
DnB7DIUeBocVE83mFJPin2jKD1WtnagxCdJ7HwKsSf332wrdfi6bdpJFhfyJAuef
RTzvX0rte21GYro5sRFsUSVf189MSbGHBmAf9JuutD1vMIUI9/RuAXwUMZFuhdKz
8V+zjjqtn0CvSeUr+eqafAXBVbNE6Waup5RyVZ++N/s3S7laUcbTQiG5xtSrS7rN
DcqGGDsLIqTc4wv4+r1iJSuKSiG/gky6zg8I5EMlYMalrRa/3Vex5sGL9tuWX8fe
s+pe1bpRkwPfkbWw5VTF/FEUlABjCYE+VyF4ps5UbKNr
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:00:49 2024 by rpki-client on console-fra.rpki-client.org