Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/f30c4d-b422-4581-bf04-c79d46a9239b/1/_AUP6rZeVHHNcKQ1VnoYrdPo4e8.roa
File: _AUP6rZeVHHNcKQ1VnoYrdPo4e8.roa (raw, json)
Hash identifier: OM7ZmUuvLCYRq9GxDsgqtI+sjd9HL+3RnmPWhRCDeUs=
Subject key identifier: FC:05:0F:EA:B6:5E:54:71:CD:70:A4:35:56:7A:18:AD:D3:E8:E1:EF
Certificate issuer: /CN=c5dcd8d0a2abae8c25391f23051cc3f0f24793aa
Certificate serial: 0192B38F2A02355087B937C9921AC0F2B5FF
Authority key identifier: C5:DC:D8:D0:A2:AB:AE:8C:25:39:1F:23:05:1C:C3:F0:F2:47:93:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xdzY0KKrrowlOR8jBRzD8PJHk6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/f30c4d-b422-4581-bf04-c79d46a9239b/1/_AUP6rZeVHHNcKQ1VnoYrdPo4e8.roa
Signing time: Tue 22 Oct 2024 09:29:16 +0000
ROA not before: Tue 22 Oct 2024 09:29:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2116
IP address blocks: 91.239.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/f30c4d-b422-4581-bf04-c79d46a9239b/1/xdzY0KKrrowlOR8jBRzD8PJHk6o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/f30c4d-b422-4581-bf04-c79d46a9239b/1/xdzY0KKrrowlOR8jBRzD8PJHk6o.mft
rsync://rpki.ripe.net/repository/DEFAULT/xdzY0KKrrowlOR8jBRzD8PJHk6o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:8f:2a:02:35:50:87:b9:37:c9:92:1a:c0:f2:b5:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5dcd8d0a2abae8c25391f23051cc3f0f24793aa
Validity
Not Before: Oct 22 09:29:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc050feab65e5471cd70a435567a18add3e8e1ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:83:5d:90:40:1f:16:24:54:ed:b7:95:b5:8d:
20:56:76:f3:a6:d8:20:23:75:c4:d4:5b:53:ee:12:
2c:38:cf:f0:bc:b8:81:56:fb:6a:37:f6:a5:16:13:
24:4f:56:a4:6c:84:ac:d7:71:fd:87:be:bf:0e:fd:
74:4c:09:af:f6:92:ad:5a:8b:68:5c:00:aa:5d:dc:
b2:ed:e8:d7:73:fe:20:2c:13:3f:03:71:04:7a:7f:
9e:ff:30:1a:bd:87:f3:83:ac:20:b8:46:02:d0:df:
49:c7:b6:54:e6:bd:b0:57:25:b2:19:d2:f8:cb:5d:
5a:90:0d:71:b0:8f:8d:14:c8:87:12:ba:7c:96:2f:
9d:4b:7a:ce:8b:64:df:ab:15:b7:93:47:f2:07:60:
ed:c8:52:42:25:91:52:55:cf:38:fd:d8:cd:e1:f3:
93:28:8e:26:a6:14:00:63:80:34:22:c4:ce:92:9d:
b0:f3:2f:1e:2b:64:76:76:79:a3:97:88:53:06:42:
5d:df:f4:a1:76:b7:34:4b:21:71:d3:0b:c9:fe:b2:
1d:6b:b4:54:90:40:21:a0:5c:f7:60:d3:65:66:62:
15:3d:a4:6f:c2:54:13:26:0d:52:1e:c6:c7:46:ff:
5a:86:9e:b7:e5:65:b7:4c:ed:82:bf:fb:af:81:55:
a9:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:05:0F:EA:B6:5E:54:71:CD:70:A4:35:56:7A:18:AD:D3:E8:E1:EF
X509v3 Authority Key Identifier:
keyid:C5:DC:D8:D0:A2:AB:AE:8C:25:39:1F:23:05:1C:C3:F0:F2:47:93:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xdzY0KKrrowlOR8jBRzD8PJHk6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/f30c4d-b422-4581-bf04-c79d46a9239b/1/_AUP6rZeVHHNcKQ1VnoYrdPo4e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/f30c4d-b422-4581-bf04-c79d46a9239b/1/xdzY0KKrrowlOR8jBRzD8PJHk6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.25.0/24
Signature Algorithm: sha256WithRSAEncryption
48:1c:32:6e:4d:73:ed:c6:ad:f5:bf:b0:50:7d:1e:6e:58:a1:
f0:3c:0d:66:3c:8e:78:30:87:fe:05:66:a1:f6:71:20:44:a2:
2a:18:3c:4f:90:31:0c:af:05:aa:e8:d0:4f:bb:d0:ed:98:ca:
25:c0:f5:01:11:b4:48:7d:e6:d4:71:1c:73:0f:12:4f:80:73:
11:81:3a:73:bc:8b:0d:0e:17:c1:42:3e:19:b1:78:25:a0:ce:
49:cc:36:64:be:90:b1:48:56:c8:98:50:4c:71:5a:f9:5c:0c:
f7:fc:f8:ee:da:ff:3d:c7:4d:21:40:06:d2:b4:5f:8a:97:2f:
7b:93:cc:57:87:c7:a5:b7:b2:3a:1a:d6:bd:6b:65:82:c2:e9:
f2:cb:f3:bd:20:7b:c6:79:59:56:79:97:aa:28:ca:29:32:5c:
01:46:dd:a0:1e:63:00:4f:cd:38:ec:fb:b0:c3:ea:e2:1a:19:
e8:06:d0:e9:6d:d9:12:11:e0:72:2c:c2:01:61:8b:4f:92:07:
41:9a:ff:e5:07:8c:e2:78:9b:39:54:4a:84:7f:0b:cc:f5:03:
a5:29:39:fc:99:25:ad:c2:74:6f:54:53:32:30:d7:f7:3e:c2:
19:aa:30:e4:ca:40:12:e6:36:48:d3:93:8f:7e:a9:00:b9:05:
2e:56:fa:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKzjyoCNVCHuTfJkhrA8rX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZGNkOGQwYTJhYmFlOGMyNTM5MWYyMzA1MWNjM2YwZjI0
NzkzYWEwHhcNMjQxMDIyMDkyOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzA1MGZlYWI2NWU1NDcxY2Q3MGE0MzU1NjdhMThhZGQzZThlMWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYNdkEAfFiRU7beVtY0gVnbzptgg
I3XE1FtT7hIsOM/wvLiBVvtqN/alFhMkT1akbISs13H9h76/Dv10TAmv9pKtWoto
XACqXdyy7ejXc/4gLBM/A3EEen+e/zAavYfzg6wguEYC0N9Jx7ZU5r2wVyWyGdL4
y11akA1xsI+NFMiHErp8li+dS3rOi2TfqxW3k0fyB2DtyFJCJZFSVc84/djN4fOT
KI4mphQAY4A0IsTOkp2w8y8eK2R2dnmjl4hTBkJd3/Shdrc0SyFx0wvJ/rIda7RU
kEAhoFz3YNNlZmIVPaRvwlQTJg1SHsbHRv9ahp635WW3TO2Cv/uvgVWp7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPwFD+q2XlRxzXCkNVZ6GK3T6OHvMB8GA1UdIwQY
MBaAFMXc2NCiq66MJTkfIwUcw/DyR5OqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGR6WTBLS3Jyb3dsT1I4akJSekQ4UEpIazZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9mMzBjNGQtYjQyMi00NTgxLWJmMDQt
Yzc5ZDQ2YTkyMzliLzEvX0FVUDZyWmVWSEhOY0tRMVZub1lyZFBvNGU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9mMzBjNGQtYjQyMi00NTgxLWJmMDQtYzc5ZDQ2YTkyMzli
LzEveGR6WTBLS3Jyb3dsT1I4akJSekQ4UEpIazZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+8ZMA0G
CSqGSIb3DQEBCwUAA4IBAQBIHDJuTXPtxq31v7BQfR5uWKHwPA1mPI54MIf+BWah
9nEgRKIqGDxPkDEMrwWq6NBPu9DtmMolwPUBEbRIfebUcRxzDxJPgHMRgTpzvIsN
DhfBQj4ZsXgloM5JzDZkvpCxSFbImFBMcVr5XAz3/Pju2v89x00hQAbStF+Kly97
k8xXh8elt7I6Gta9a2WCwunyy/O9IHvGeVlWeZeqKMopMlwBRt2gHmMAT8047Puw
w+riGhnoBtDpbdkSEeByLMIBYYtPkgdBmv/lB4zieJs5VEqEfwvM9QOlKTn8mSWt
wnRvVFMyMNf3PsIZqjDkykAS5jZI05OPfqkAuQUuVvq1
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:09:06 2024 by rpki-client on console-ams.rpki-client.org