Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9eedb9-e594-415b-b88a-de381db436ec/1/nDxjRmjDDBO2JWgOAzMnjjqzEf8.roa
File: nDxjRmjDDBO2JWgOAzMnjjqzEf8.roa (raw, json)
Hash identifier: rfF1fuFzl/sQxepNG6hHu9yz36Eel4vqO7WtA16PFkY=
Subject key identifier: 9C:3C:63:46:68:C3:0C:13:B6:25:68:0E:03:33:27:8E:3A:B3:11:FF
Certificate issuer: /CN=d977120937500eb46696428962e510e02c348e6c
Certificate serial: 018CC5000B43B0F2A89659B348592137D7E8
Authority key identifier: D9:77:12:09:37:50:0E:B4:66:96:42:89:62:E5:10:E0:2C:34:8E:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2XcSCTdQDrRmlkKJYuUQ4Cw0jmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9eedb9-e594-415b-b88a-de381db436ec/1/nDxjRmjDDBO2JWgOAzMnjjqzEf8.roa
Signing time: Mon 01 Jan 2024 12:29:23 +0000
ROA not before: Mon 01 Jan 2024 12:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47703
IP address blocks: 91.236.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/9eedb9-e594-415b-b88a-de381db436ec/1/2XcSCTdQDrRmlkKJYuUQ4Cw0jmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/9eedb9-e594-415b-b88a-de381db436ec/1/2XcSCTdQDrRmlkKJYuUQ4Cw0jmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2XcSCTdQDrRmlkKJYuUQ4Cw0jmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 21:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:0b:43:b0:f2:a8:96:59:b3:48:59:21:37:d7:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d977120937500eb46696428962e510e02c348e6c
Validity
Not Before: Jan 1 12:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c3c634668c30c13b625680e0333278e3ab311ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:65:36:9f:43:ec:5b:b6:76:10:6f:80:47:d2:
c0:22:f3:76:7d:8c:89:24:07:55:61:ae:07:b0:f1:
42:48:c2:74:6a:c5:97:38:d1:a4:89:5b:7c:b3:8b:
da:ea:90:4a:30:20:48:a6:b5:da:38:cf:fe:70:0f:
91:47:37:85:34:6d:f5:15:c8:6a:c8:10:30:50:88:
77:b0:12:a8:38:82:ee:38:0c:ce:e3:ad:67:0b:e8:
be:d9:44:c5:d9:42:cb:57:d5:52:1e:7c:53:fd:2b:
92:5f:2b:d8:83:6e:42:20:87:24:f1:20:9d:e9:f3:
b9:9d:0b:37:f6:3c:3c:e9:dc:b3:77:b1:28:b0:8d:
7d:27:76:c0:86:d9:3f:6d:2c:30:8e:08:f5:53:ec:
ee:f9:26:42:f2:f4:c4:ad:66:0e:14:ce:06:6b:c9:
4a:f2:d6:0f:91:34:a8:16:f3:03:eb:00:4e:7b:3f:
ac:52:4a:c5:26:cd:17:fb:b3:4c:81:32:3b:7d:c1:
f9:00:43:14:ac:fa:06:c9:9c:d3:8d:92:5e:65:2a:
41:80:78:1b:02:a8:6d:8b:da:1f:67:41:9d:9e:14:
a4:98:31:31:55:5a:ac:e2:f0:d5:2b:d9:b0:15:5e:
4f:67:eb:d4:ab:e6:68:18:26:ea:5b:7f:d8:58:e1:
a0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:3C:63:46:68:C3:0C:13:B6:25:68:0E:03:33:27:8E:3A:B3:11:FF
X509v3 Authority Key Identifier:
keyid:D9:77:12:09:37:50:0E:B4:66:96:42:89:62:E5:10:E0:2C:34:8E:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2XcSCTdQDrRmlkKJYuUQ4Cw0jmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9eedb9-e594-415b-b88a-de381db436ec/1/nDxjRmjDDBO2JWgOAzMnjjqzEf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9eedb9-e594-415b-b88a-de381db436ec/1/2XcSCTdQDrRmlkKJYuUQ4Cw0jmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.228.0/24
Signature Algorithm: sha256WithRSAEncryption
08:c3:5d:ba:8f:06:fe:c6:68:b7:6b:a2:80:17:1a:13:d0:91:
72:3c:fb:9e:df:85:ba:a1:af:ee:95:f9:47:d4:55:67:7c:7e:
42:0c:8d:dd:5f:c0:80:03:a6:8e:f4:72:81:4e:aa:54:78:a9:
35:9a:06:09:84:27:ea:05:0b:cf:ae:af:a4:a5:cf:3f:d1:0f:
3c:6a:c1:94:df:95:5b:b8:01:f0:85:00:34:ff:15:87:fe:43:
e0:9d:48:26:66:e4:3a:80:40:73:d7:5e:98:f4:99:59:aa:9b:
97:d0:8c:92:38:0e:7a:ef:9e:01:d8:9a:7b:78:70:3a:f3:4b:
00:06:4b:5c:32:d0:a4:c4:13:2d:b1:8d:f5:e4:b2:64:5f:d5:
91:ab:49:47:45:e4:66:fb:10:ed:83:6b:0a:dd:cd:10:f8:79:
2f:51:4d:a5:a0:79:0d:6b:eb:5b:61:0e:8e:12:2a:ea:1d:91:
1d:d3:b6:3f:76:42:ed:f5:b4:28:00:e7:ac:0f:bd:73:b9:36:
18:7a:d3:1d:43:c8:56:ba:e6:1e:37:f8:58:9b:43:70:24:2b:
73:c7:d7:d6:99:b8:2c:38:34:a5:60:0f:9c:86:d0:95:9a:97:
73:50:1a:81:06:fd:4d:4d:18:85:34:0b:dd:62:d7:30:4d:0f:
85:e5:5b:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAAtDsPKollmzSFkhN9foMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NzcxMjA5Mzc1MDBlYjQ2Njk2NDI4OTYyZTUxMGUwMmMz
NDhlNmMwHhcNMjQwMTAxMTIyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzNjNjM0NjY4YzMwYzEzYjYyNTY4MGUwMzMzMjc4ZTNhYjMxMWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2U2n0PsW7Z2EG+AR9LAIvN2fYyJ
JAdVYa4HsPFCSMJ0asWXONGkiVt8s4va6pBKMCBIprXaOM/+cA+RRzeFNG31Fchq
yBAwUIh3sBKoOILuOAzO461nC+i+2UTF2ULLV9VSHnxT/SuSXyvYg25CIIck8SCd
6fO5nQs39jw86dyzd7EosI19J3bAhtk/bSwwjgj1U+zu+SZC8vTErWYOFM4Ga8lK
8tYPkTSoFvMD6wBOez+sUkrFJs0X+7NMgTI7fcH5AEMUrPoGyZzTjZJeZSpBgHgb
Aqhti9ofZ0GdnhSkmDExVVqs4vDVK9mwFV5PZ+vUq+ZoGCbqW3/YWOGgxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJw8Y0ZowwwTtiVoDgMzJ446sxH/MB8GA1UdIwQY
MBaAFNl3Egk3UA60ZpZCiWLlEOAsNI5sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlhjU0NUZFFEclJtbGtLSll1VVE0Q3cwam13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZWVkYjktZTU5NC00MTViLWI4OGEt
ZGUzODFkYjQzNmVjLzEvbkR4alJtakREQk8ySldnT0F6TW5qanF6RWY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZWVkYjktZTU5NC00MTViLWI4OGEtZGUzODFkYjQzNmVj
LzEvMlhjU0NUZFFEclJtbGtLSll1VVE0Q3cwam13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+zkMA0G
CSqGSIb3DQEBCwUAA4IBAQAIw126jwb+xmi3a6KAFxoT0JFyPPue34W6oa/ulflH
1FVnfH5CDI3dX8CAA6aO9HKBTqpUeKk1mgYJhCfqBQvPrq+kpc8/0Q88asGU35Vb
uAHwhQA0/xWH/kPgnUgmZuQ6gEBz116Y9JlZqpuX0IySOA56754B2Jp7eHA680sA
BktcMtCkxBMtsY315LJkX9WRq0lHReRm+xDtg2sK3c0Q+HkvUU2loHkNa+tbYQ6O
EirqHZEd07Y/dkLt9bQoAOesD71zuTYYetMdQ8hWuuYeN/hYm0NwJCtzx9fWmbgs
ODSlYA+chtCVmpdzUBqBBv1NTRiFNAvdYtcwTQ+F5Vv0
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:44:40 2024 by rpki-client on console-fra.rpki-client.org