Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/rem30q4QHCIzUfBSMkBg2vBRHlM.roa
File: rem30q4QHCIzUfBSMkBg2vBRHlM.roa (raw, json)
Hash identifier: jnMkpTFFIIhrmN52T3g7hb23JdWjMZkSU2naBcDFc9o=
Subject key identifier: AD:E9:B7:D2:AE:10:1C:22:33:51:F0:52:32:40:60:DA:F0:51:1E:53
Certificate issuer: /CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Certificate serial: 018E9E5AA8ACC2F7669230751CE0F4AD68C2
Authority key identifier: F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/rem30q4QHCIzUfBSMkBg2vBRHlM.roa
Signing time: Tue 02 Apr 2024 10:28:45 +0000
ROA not before: Tue 02 Apr 2024 10:28:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58172
IP address blocks: 91.239.101.0/24 maxlen: 24
128.127.98.0/24 maxlen: 24
128.127.99.0/24 maxlen: 24
128.127.100.0/24 maxlen: 24
128.127.101.0/24 maxlen: 24
128.127.102.0/24 maxlen: 24
128.127.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.mft
rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 07:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:5a:a8:ac:c2:f7:66:92:30:75:1c:e0:f4:ad:68:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Validity
Not Before: Apr 2 10:28:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ade9b7d2ae101c223351f052324060daf0511e53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:05:47:08:f0:27:78:ae:9a:57:7c:d0:aa:09:
c0:61:91:2e:b5:bc:21:d6:5a:40:d2:d2:4e:55:5e:
eb:fd:b0:d9:b5:f6:49:20:85:d0:97:fb:a0:85:56:
97:0c:fb:53:bd:98:fa:60:46:83:ce:51:e4:9e:89:
31:cb:f6:f6:a3:a2:dc:f0:12:88:2e:9a:e7:9e:02:
0c:27:24:83:8b:c5:6e:3b:c4:84:ab:64:54:bc:d4:
14:6f:33:94:fa:16:b9:16:19:85:2f:19:27:b0:1c:
17:c1:bf:aa:96:7f:b6:86:d3:93:81:3c:01:af:ff:
13:6d:bd:4b:c2:da:53:34:25:fe:e6:c4:33:77:12:
1b:d9:e9:2e:1c:cd:ce:44:a9:c5:81:d1:1e:9a:22:
6d:5b:07:7b:ca:a6:d7:63:96:48:22:aa:3e:31:b1:
ac:f7:7f:95:ae:ad:7e:7c:bf:3a:98:ea:49:a5:12:
cd:1c:f9:dd:f5:2f:a4:e7:0f:27:bc:87:b1:3f:33:
1d:09:f1:30:89:00:e2:65:fd:40:6a:ae:19:ca:f8:
94:6c:c1:4c:f6:56:96:0a:67:d0:28:53:3d:a1:6f:
a8:0c:07:52:ed:40:b7:15:ad:d9:af:f0:0d:f5:b9:
1f:a6:5b:d5:c9:de:fe:4b:11:96:bc:73:8f:bc:b9:
80:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:E9:B7:D2:AE:10:1C:22:33:51:F0:52:32:40:60:DA:F0:51:1E:53
X509v3 Authority Key Identifier:
keyid:F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/rem30q4QHCIzUfBSMkBg2vBRHlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.101.0/24
128.127.98.0-128.127.103.255
Signature Algorithm: sha256WithRSAEncryption
2b:8f:4d:25:84:d7:b2:f5:a3:f8:ee:b5:60:78:c7:1d:1c:ba:
d6:92:3f:5b:03:2e:58:b7:b4:2b:14:d8:f4:0c:73:21:b6:f6:
b0:e3:a5:59:76:ec:07:58:36:bd:cd:a0:62:b6:fe:f0:70:cd:
28:c2:63:6d:26:a1:48:00:dc:76:45:b0:fd:00:7f:fd:a5:18:
db:87:7e:bf:b0:ba:55:24:93:e2:1e:0e:dd:1e:17:55:51:18:
5e:84:7c:39:f9:16:c8:9b:fc:52:4d:e0:ed:30:85:69:fe:73:
af:28:74:d5:96:1c:33:11:36:d2:c0:d6:13:8a:f8:67:d6:c2:
a0:db:1e:4b:53:5a:ba:18:29:08:c0:39:85:58:8d:2a:ad:97:
27:3e:16:ad:6f:f5:db:8a:4c:e3:46:23:5d:2a:ac:4f:0f:8a:
c1:7e:c1:df:87:ef:12:40:ed:cb:ca:b5:50:a4:55:57:0b:b4:
9d:ee:ac:67:a2:a5:e3:a4:1b:62:96:7e:68:fe:14:06:45:b7:
81:bb:4a:52:b0:14:d7:42:d3:73:df:38:79:15:be:41:ac:96:
d1:b3:b0:21:94:f2:10:0a:9d:73:2c:5f:36:10:2a:d0:66:4c:
18:19:68:58:b6:01:15:8f:9b:46:bc:75:f5:1f:2a:d5:0a:7f:
ce:b2:47:54
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY6eWqiswvdmkjB1HOD0rWjCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzExMzQxM2QwZGY1YjhmYTA2OTAxMWVlYjEwOWYwNjdi
NTU3OWEwHhcNMjQwNDAyMTAyODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGU5YjdkMmFlMTAxYzIyMzM1MWYwNTIzMjQwNjBkYWYwNTExZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAVHCPAneK6aV3zQqgnAYZEutbwh
1lpA0tJOVV7r/bDZtfZJIIXQl/ughVaXDPtTvZj6YEaDzlHknokxy/b2o6Lc8BKI
LprnngIMJySDi8VuO8SEq2RUvNQUbzOU+ha5FhmFLxknsBwXwb+qln+2htOTgTwB
r/8Tbb1LwtpTNCX+5sQzdxIb2ekuHM3ORKnFgdEemiJtWwd7yqbXY5ZIIqo+MbGs
93+Vrq1+fL86mOpJpRLNHPnd9S+k5w8nvIexPzMdCfEwiQDiZf1Aaq4ZyviUbMFM
9laWCmfQKFM9oW+oDAdS7UC3Fa3Zr/AN9bkfplvVyd7+SxGWvHOPvLmAdQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFK3pt9KuEBwiM1HwUjJAYNrwUR5TMB8GA1UdIwQY
MBaAFPDBE0E9DfW4+gaQEe6xCfBntVeaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUt
NTAyNjFiMTE5MTZiLzEvcmVtMzBxNFFIQ0l6VWZCU01rQmcydkJSSGxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUtNTAyNjFiMTE5MTZi
LzEvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAW+9lMAwD
BAGAf2IDBAOAf2AwDQYJKoZIhvcNAQELBQADggEBACuPTSWE17L1o/jutWB4xx0c
utaSP1sDLli3tCsU2PQMcyG29rDjpVl27AdYNr3NoGK2/vBwzSjCY20moUgA3HZF
sP0Af/2lGNuHfr+wulUkk+IeDt0eF1VRGF6EfDn5Fsib/FJN4O0whWn+c68odNWW
HDMRNtLA1hOK+GfWwqDbHktTWroYKQjAOYVYjSqtlyc+Fq1v9duKTONGI10qrE8P
isF+wd+H7xJA7cvKtVCkVVcLtJ3urGeipeOkG2KWfmj+FAZFt4G7SlKwFNdC03Pf
OHkVvkGsltGzsCGU8hAKnXMsXzYQKtBmTBgZaFi2ARWPm0a8dfUfKtUKf86yR1Q=
-----END CERTIFICATE-----
Generated at Tue Jun 18 11:37:28 2024 by rpki-client on console-ams.rpki-client.org