Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/J4osEdyK2x45JsCUMJHexFdk2GU.roa
File: J4osEdyK2x45JsCUMJHexFdk2GU.roa (raw, json)
Hash identifier: 731kAKS4bSL9/VcQ07rKgFNPzRxbZi54KbWB+hsPPWk=
Subject key identifier: 27:8A:2C:11:DC:8A:DB:1E:39:26:C0:94:30:91:DE:C4:57:64:D8:65
Certificate issuer: /CN=d1a8969d7e32cbf927664b2dc436b96e7149a62b
Certificate serial: 018CC56E48F7B1B3811245E41239D4094617
Authority key identifier: D1:A8:96:9D:7E:32:CB:F9:27:66:4B:2D:C4:36:B9:6E:71:49:A6:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0aiWnX4yy_knZkstxDa5bnFJpis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/J4osEdyK2x45JsCUMJHexFdk2GU.roa
Signing time: Mon 01 Jan 2024 14:29:48 +0000
ROA not before: Mon 01 Jan 2024 14:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51518
IP address blocks: 91.217.78.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft
rsync://rpki.ripe.net/repository/DEFAULT/0aiWnX4yy_knZkstxDa5bnFJpis.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:48:f7:b1:b3:81:12:45:e4:12:39:d4:09:46:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1a8969d7e32cbf927664b2dc436b96e7149a62b
Validity
Not Before: Jan 1 14:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=278a2c11dc8adb1e3926c0943091dec45764d865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:56:17:96:43:2c:bc:e5:6b:be:62:33:56:92:
0f:82:8f:10:ce:b2:71:a7:3d:2d:da:fe:0b:05:b3:
4a:af:88:3d:f3:13:fd:f3:3d:40:5f:e6:e5:02:98:
38:84:61:81:96:05:b7:01:c9:92:b7:5a:fc:9e:7c:
44:68:cb:c5:3e:c2:92:53:33:fb:5f:3f:32:4f:64:
04:f3:1b:d4:6b:8a:44:97:ff:e9:8d:bc:0d:ab:77:
1c:c2:d4:32:9c:0f:e3:6b:d4:b1:f9:16:40:3f:10:
59:78:9e:67:33:07:e0:bf:c4:ac:bd:ca:ce:49:d2:
b2:f9:95:49:c0:34:0d:5c:6f:b1:ba:38:77:07:6a:
4d:4b:c6:24:b4:d3:2c:91:90:ba:07:f8:59:44:8d:
93:c2:fe:5b:ef:21:54:0a:9c:61:36:c7:cb:75:13:
5e:17:4e:80:7a:72:58:1d:b0:e3:91:3a:d5:05:ae:
b8:b9:31:84:d9:3e:75:2b:8f:36:33:73:93:6d:20:
dd:a7:a3:68:5d:2d:93:99:c2:fd:64:b9:f3:22:e6:
3e:03:d8:72:ee:c0:8a:c2:61:e5:8d:ae:12:32:3d:
99:78:ca:e8:0f:f9:1e:32:6e:26:ab:ba:ef:b4:68:
2a:f8:43:fc:7a:bf:72:b6:ea:21:34:b2:d9:7f:6f:
fa:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:8A:2C:11:DC:8A:DB:1E:39:26:C0:94:30:91:DE:C4:57:64:D8:65
X509v3 Authority Key Identifier:
keyid:D1:A8:96:9D:7E:32:CB:F9:27:66:4B:2D:C4:36:B9:6E:71:49:A6:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0aiWnX4yy_knZkstxDa5bnFJpis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/J4osEdyK2x45JsCUMJHexFdk2GU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.78.0/23
Signature Algorithm: sha256WithRSAEncryption
96:92:36:c1:6a:0d:39:9c:68:16:ef:87:ad:33:af:a3:29:af:
82:ac:3f:22:2d:67:9f:8b:cd:bd:f2:10:07:aa:d2:e5:0a:ec:
dd:b6:69:1c:49:62:98:9c:07:54:75:67:83:c7:b4:69:1a:4d:
5b:61:03:11:32:7d:75:a9:ac:1b:fa:a0:2a:81:17:16:f1:49:
d4:25:25:91:ba:70:18:4f:eb:86:c7:93:b0:21:ce:fd:9b:8e:
79:e4:5d:cb:7a:55:8d:6b:23:94:4a:03:aa:c8:2b:44:cd:92:
12:f4:d2:c4:a5:56:0b:f6:58:cc:24:36:28:dd:59:9f:dd:20:
a2:ee:a6:92:09:6b:20:4d:12:e5:bb:91:25:16:7b:27:41:39:
7c:7e:7f:14:d8:c9:d8:6e:5e:7d:a7:e6:2d:60:0f:37:51:e2:
39:3f:0e:44:20:f1:f9:f0:fa:15:a3:17:9a:4a:a8:ed:bb:04:
5b:e1:97:4a:5e:8c:30:c5:e0:e3:c5:8c:ec:8c:0f:6c:b0:40:
35:3c:8a:b6:84:0d:24:01:29:5f:26:9b:4a:0b:24:b5:71:f8:
30:8f:58:05:2d:78:8d:0a:e5:8a:78:68:23:6b:9c:ad:93:5e:
b5:ce:ef:83:ba:97:a8:51:59:4f:84:60:52:36:a4:39:03:a3:
9a:bf:c6:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbkj3sbOBEkXkEjnUCUYXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYTg5NjlkN2UzMmNiZjkyNzY2NGIyZGM0MzZiOTZlNzE0
OWE2MmIwHhcNMjQwMTAxMTQyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzhhMmMxMWRjOGFkYjFlMzkyNmMwOTQzMDkxZGVjNDU3NjRkODY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlYXlkMsvOVrvmIzVpIPgo8QzrJx
pz0t2v4LBbNKr4g98xP98z1AX+blApg4hGGBlgW3AcmSt1r8nnxEaMvFPsKSUzP7
Xz8yT2QE8xvUa4pEl//pjbwNq3ccwtQynA/ja9Sx+RZAPxBZeJ5nMwfgv8SsvcrO
SdKy+ZVJwDQNXG+xujh3B2pNS8YktNMskZC6B/hZRI2Twv5b7yFUCpxhNsfLdRNe
F06AenJYHbDjkTrVBa64uTGE2T51K482M3OTbSDdp6NoXS2TmcL9ZLnzIuY+A9hy
7sCKwmHlja4SMj2ZeMroD/keMm4mq7rvtGgq+EP8er9ytuohNLLZf2/6+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCeKLBHcitseOSbAlDCR3sRXZNhlMB8GA1UdIwQY
MBaAFNGolp1+Msv5J2ZLLcQ2uW5xSaYrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGFpV25YNHl5X2tuWmtzdHhEYTVibkZKcGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yNzI5NGUtYjllNy00NjYwLTkzMmQt
MjEwNDhhNzM0YTQ2LzEvSjRvc0VkeUsyeDQ1SnNDVU1KSGV4RmRrMkdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yNzI5NGUtYjllNy00NjYwLTkzMmQtMjEwNDhhNzM0YTQ2
LzEvMGFpV25YNHl5X2tuWmtzdHhEYTVibkZKcGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW9lOMA0G
CSqGSIb3DQEBCwUAA4IBAQCWkjbBag05nGgW74etM6+jKa+CrD8iLWefi8298hAH
qtLlCuzdtmkcSWKYnAdUdWeDx7RpGk1bYQMRMn11qawb+qAqgRcW8UnUJSWRunAY
T+uGx5OwIc79m4555F3LelWNayOUSgOqyCtEzZIS9NLEpVYL9ljMJDYo3Vmf3SCi
7qaSCWsgTRLlu5ElFnsnQTl8fn8U2MnYbl59p+YtYA83UeI5Pw5EIPH58PoVoxea
SqjtuwRb4ZdKXowwxeDjxYzsjA9ssEA1PIq2hA0kASlfJptKCyS1cfgwj1gFLXiN
CuWKeGgja5ytk161zu+DupeoUVlPhGBSNqQ5A6Oav8YZ
-----END CERTIFICATE-----
Generated at Fri May 17 07:13:56 2024 by rpki-client on console-ams.rpki-client.org