Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/092fdc-c300-41a5-9015-662ec818d23d/1/xJRcbhv7dfDJS_d-ncpsxgHwvFA.roa
File: xJRcbhv7dfDJS_d-ncpsxgHwvFA.roa (raw, json)
Hash identifier: 6NEjPSsI31lTaCiZrK50TTkT7i5dQzCSDVmfqwCgzF0=
Subject key identifier: C4:94:5C:6E:1B:FB:75:F0:C9:4B:F7:7E:9D:CA:6C:C6:01:F0:BC:50
Certificate issuer: /CN=773ae663ad0a1a3072dbd867992b7d8df25a449a
Certificate serial: 018CC5DC1D6C42255CF3627B9C6FA5A3F4AA
Authority key identifier: 77:3A:E6:63:AD:0A:1A:30:72:DB:D8:67:99:2B:7D:8D:F2:5A:44:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dzrmY60KGjBy29hnmSt9jfJaRJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/092fdc-c300-41a5-9015-662ec818d23d/1/xJRcbhv7dfDJS_d-ncpsxgHwvFA.roa
Signing time: Mon 01 Jan 2024 16:29:46 +0000
ROA not before: Mon 01 Jan 2024 16:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49711
IP address blocks: 176.118.152.0/21 maxlen: 21
91.220.250.0/24 maxlen: 24
91.215.176.0/22 maxlen: 22
2001:67c:57c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/092fdc-c300-41a5-9015-662ec818d23d/1/dzrmY60KGjBy29hnmSt9jfJaRJo.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/092fdc-c300-41a5-9015-662ec818d23d/1/dzrmY60KGjBy29hnmSt9jfJaRJo.mft
rsync://rpki.ripe.net/repository/DEFAULT/dzrmY60KGjBy29hnmSt9jfJaRJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:1d:6c:42:25:5c:f3:62:7b:9c:6f:a5:a3:f4:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=773ae663ad0a1a3072dbd867992b7d8df25a449a
Validity
Not Before: Jan 1 16:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4945c6e1bfb75f0c94bf77e9dca6cc601f0bc50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a5:47:50:6e:64:11:e1:bf:72:48:3d:39:ed:
0c:4f:19:53:dc:a6:73:e3:5f:b9:7b:84:68:4f:03:
2a:a4:99:ce:58:af:1e:33:f1:2d:6f:bc:a7:25:03:
2f:18:1a:f4:86:3a:d8:a0:1e:8e:32:18:41:5b:56:
05:ed:0e:66:b1:0d:5d:b9:79:de:c0:90:3c:31:4a:
57:5b:bc:63:bb:35:85:39:4e:23:da:0c:ea:a0:c6:
ba:00:0c:0d:28:3c:47:f5:23:e5:01:a9:53:ea:bd:
8f:93:b2:19:23:19:91:1c:74:7d:53:22:1a:4b:a1:
41:05:45:87:96:17:90:dd:ea:91:c0:40:c1:b5:26:
fd:fc:9f:4e:be:ea:3f:57:16:81:ca:bc:d7:e3:0f:
e5:51:75:37:75:5f:d4:96:93:30:9e:d1:4c:86:d3:
6c:55:72:0c:f2:be:d7:e7:89:1d:95:3b:5e:a3:28:
57:65:ea:c3:aa:0a:9c:42:e2:bc:5b:6b:cb:92:70:
b3:1f:f0:ec:65:be:cd:a7:ed:77:2e:b6:0e:f2:54:
4a:1b:58:c7:0d:28:1e:43:7c:c1:25:48:05:7d:6c:
97:cc:c9:68:a0:c4:c4:55:d2:34:96:c9:6b:55:58:
12:63:c6:2e:1e:b3:bc:d1:c8:6e:d0:e5:2f:91:5d:
c2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:94:5C:6E:1B:FB:75:F0:C9:4B:F7:7E:9D:CA:6C:C6:01:F0:BC:50
X509v3 Authority Key Identifier:
keyid:77:3A:E6:63:AD:0A:1A:30:72:DB:D8:67:99:2B:7D:8D:F2:5A:44:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzrmY60KGjBy29hnmSt9jfJaRJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/092fdc-c300-41a5-9015-662ec818d23d/1/xJRcbhv7dfDJS_d-ncpsxgHwvFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/092fdc-c300-41a5-9015-662ec818d23d/1/dzrmY60KGjBy29hnmSt9jfJaRJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.176.0/22
91.220.250.0/24
176.118.152.0/21
IPv6:
2001:67c:57c::/48
Signature Algorithm: sha256WithRSAEncryption
87:85:33:da:af:4c:5e:41:6c:09:f2:d2:3e:c7:0b:ac:07:60:
d4:90:50:78:31:58:d9:3b:51:7e:da:7a:a1:db:12:23:56:1a:
e8:ec:1a:19:04:df:9b:d3:69:05:51:6a:03:1c:cf:13:b7:be:
f5:7c:0b:65:11:c9:66:74:bf:9c:56:18:06:ab:e4:c8:bf:e8:
5a:7b:fa:ac:87:f1:2a:60:f3:cd:03:69:3e:3a:08:e5:9f:c8:
af:be:dc:71:ea:55:07:62:de:c1:16:a7:82:fe:b3:7f:55:53:
44:5d:74:a7:c8:3a:b4:cc:37:b8:0c:fa:29:21:a8:60:40:f5:
47:6c:1a:65:b7:d2:03:01:58:62:71:2a:59:7e:96:ab:28:12:
64:4e:fb:0c:64:61:ed:2e:7e:92:7b:e9:e0:d8:14:52:5c:91:
03:30:42:d8:d1:89:60:0a:76:12:64:88:b9:4f:14:06:e1:3d:
24:9e:13:a8:ee:ba:e6:3f:c5:f5:6b:c2:90:49:cb:84:b0:ff:
38:50:66:75:9c:51:d2:3f:4f:e7:e6:28:3b:27:f9:4f:1e:77:
7d:59:b6:f0:a0:01:7e:d9:86:42:78:ab:ef:54:e1:90:20:54:
b3:19:e8:83:3c:59:f3:51:b8:13:e5:e5:fe:bb:a5:79:7e:ed:
4e:87:9b:88
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzF3B1sQiVc82J7nG+lo/SqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3M2FlNjYzYWQwYTFhMzA3MmRiZDg2Nzk5MmI3ZDhkZjI1
YTQ0OWEwHhcNMjQwMTAxMTYyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDk0NWM2ZTFiZmI3NWYwYzk0YmY3N2U5ZGNhNmNjNjAxZjBiYzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6VHUG5kEeG/ckg9Oe0MTxlT3KZz
41+5e4RoTwMqpJnOWK8eM/Etb7ynJQMvGBr0hjrYoB6OMhhBW1YF7Q5msQ1duXne
wJA8MUpXW7xjuzWFOU4j2gzqoMa6AAwNKDxH9SPlAalT6r2Pk7IZIxmRHHR9UyIa
S6FBBUWHlheQ3eqRwEDBtSb9/J9Ovuo/VxaByrzX4w/lUXU3dV/UlpMwntFMhtNs
VXIM8r7X54kdlTteoyhXZerDqgqcQuK8W2vLknCzH/DsZb7Np+13LrYO8lRKG1jH
DSgeQ3zBJUgFfWyXzMlooMTEVdI0lslrVVgSY8YuHrO80chu0OUvkV3CwQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFMSUXG4b+3XwyUv3fp3KbMYB8LxQMB8GA1UdIwQY
MBaAFHc65mOtChowctvYZ5krfY3yWkSaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHpybVk2MEtHakJ5Mjlobm1TdDlqZkphUkpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wOTJmZGMtYzMwMC00MWE1LTkwMTUt
NjYyZWM4MThkMjNkLzEveEpSY2JodjdkZkRKU19kLW5jcHN4Z0h3dkZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wOTJmZGMtYzMwMC00MWE1LTkwMTUtNjYyZWM4MThkMjNk
LzEvZHpybVk2MEtHakJ5Mjlobm1TdDlqZkphUkpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCW9ewAwQA
W9z6AwQDsHaYMA8EAgACMAkDBwAgAQZ8BXwwDQYJKoZIhvcNAQELBQADggEBAIeF
M9qvTF5BbAny0j7HC6wHYNSQUHgxWNk7UX7aeqHbEiNWGujsGhkE35vTaQVRagMc
zxO3vvV8C2URyWZ0v5xWGAar5Mi/6Fp7+qyH8Spg880DaT46COWfyK++3HHqVQdi
3sEWp4L+s39VU0RddKfIOrTMN7gM+ikhqGBA9UdsGmW30gMBWGJxKll+lqsoEmRO
+wxkYe0ufpJ76eDYFFJckQMwQtjRiWAKdhJkiLlPFAbhPSSeE6juuuY/xfVrwpBJ
y4Sw/zhQZnWcUdI/T+fmKDsn+U8ed31ZtvCgAX7ZhkJ4q+9U4ZAgVLMZ6IM8WfNR
uBPl5f67pXl+7U6Hm4g=
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:41:57 2024 by rpki-client on console-fra.rpki-client.org