Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/f4saC9ioyxme0e9zb_0tHqMZKec.roa
File: f4saC9ioyxme0e9zb_0tHqMZKec.roa (raw, json)
Hash identifier: eav0UM5DKKgusMR/LAZ+8CH0ZzHoZtPLS7sCYWWXOHM=
Subject key identifier: 7F:8B:1A:0B:D8:A8:CB:19:9E:D1:EF:73:6F:FD:2D:1E:A3:19:29:E7
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 018CC9BBCDEC9A21E494AADA519B336A5CA4
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/f4saC9ioyxme0e9zb_0tHqMZKec.roa
Signing time: Tue 02 Jan 2024 10:32:57 +0000
ROA not before: Tue 02 Jan 2024 10:32:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33973
IP address blocks: 91.120.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:cd:ec:9a:21:e4:94:aa:da:51:9b:33:6a:5c:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 10:32:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f8b1a0bd8a8cb199ed1ef736ffd2d1ea31929e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:12:7c:6c:ca:c0:41:40:ab:28:54:b1:f3:22:
91:7b:72:07:d7:11:4e:6f:cc:15:19:7a:46:13:d9:
b4:78:ae:6c:b2:65:20:20:43:ea:a5:ac:53:3c:e5:
c6:81:96:0f:d7:72:7b:1d:29:a7:0b:e3:c5:f2:bf:
52:ca:e9:dc:0a:c6:94:7e:93:41:67:70:26:b5:81:
b2:bd:52:4f:70:53:0a:8a:96:43:f7:59:fd:9a:e1:
16:ac:40:86:8a:e5:40:98:f0:2d:50:57:65:44:dd:
69:57:26:f0:12:b5:43:b1:0d:da:44:f3:2c:03:fd:
3e:df:ab:77:0b:c7:a7:01:cf:a4:ec:e1:1c:a4:b2:
be:49:e0:92:17:d4:d7:27:b7:9e:dd:35:20:d1:25:
7d:5a:bc:49:10:e5:7a:ee:90:37:80:0c:36:b2:4d:
2c:27:d2:66:71:ab:c1:a0:84:0b:1a:06:a6:3f:65:
c4:67:94:1e:e8:93:4b:2e:fe:24:0d:63:59:73:55:
ca:eb:ff:a1:2a:8e:f1:e6:82:92:bf:63:aa:f2:fa:
64:c5:8a:93:57:e0:fe:5c:3f:df:3c:f4:aa:e9:12:
76:fb:d2:25:6e:e9:99:ff:ed:9a:58:b2:81:53:19:
81:2a:10:c4:6e:d6:b9:ba:c3:d9:c6:32:a1:f8:5c:
f3:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:8B:1A:0B:D8:A8:CB:19:9E:D1:EF:73:6F:FD:2D:1E:A3:19:29:E7
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/f4saC9ioyxme0e9zb_0tHqMZKec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.120.43.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:9f:70:89:64:92:01:03:63:3f:9d:0e:9c:84:c4:8d:13:88:
42:d2:88:a7:b9:24:d7:92:db:52:ca:29:6d:76:9b:e3:c3:c1:
57:a3:62:e5:30:aa:d7:e2:a7:1a:6b:87:56:4d:f3:34:5f:4e:
61:55:5d:02:74:ae:09:de:bc:6e:b7:ce:59:e6:42:b2:67:10:
ca:9a:b3:5c:aa:ed:32:78:32:3d:cf:15:1c:95:08:cb:33:b9:
9a:a5:da:68:c6:4c:33:24:c9:d1:c7:cb:6c:f5:d6:b8:08:3e:
fb:7d:e0:44:10:a7:b6:ac:3d:e7:80:14:37:8a:53:a2:36:4d:
0c:19:e0:6b:d5:e8:2f:d7:4c:09:01:d5:36:c5:90:a5:68:d8:
a8:ca:f3:4f:19:63:fa:76:a4:ba:68:cf:a4:5d:47:ba:2a:64:
77:0c:97:2d:6f:46:72:b9:0a:0d:17:52:ba:27:02:52:03:1b:
fc:56:10:fd:00:ff:f2:25:84:ea:c1:68:89:e3:ec:27:cf:52:
f4:66:d5:03:36:d9:6f:5c:d1:19:ae:09:a9:5e:2f:91:f2:52:
72:f7:c7:b8:35:b7:6a:8b:40:4b:2d:0a:6a:fc:a9:65:ee:ca:
76:3c:24:01:9e:e9:d1:bf:6f:be:28:c0:d6:7d:18:d9:5d:89:
3c:48:88:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu83smiHklKraUZszalykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjQwMTAyMTAzMjU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjhiMWEwYmQ4YThjYjE5OWVkMWVmNzM2ZmZkMmQxZWEzMTkyOWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphJ8bMrAQUCrKFSx8yKRe3IH1xFO
b8wVGXpGE9m0eK5ssmUgIEPqpaxTPOXGgZYP13J7HSmnC+PF8r9SyuncCsaUfpNB
Z3AmtYGyvVJPcFMKipZD91n9muEWrECGiuVAmPAtUFdlRN1pVybwErVDsQ3aRPMs
A/0+36t3C8enAc+k7OEcpLK+SeCSF9TXJ7ee3TUg0SV9WrxJEOV67pA3gAw2sk0s
J9JmcavBoIQLGgamP2XEZ5Qe6JNLLv4kDWNZc1XK6/+hKo7x5oKSv2Oq8vpkxYqT
V+D+XD/fPPSq6RJ2+9IlbumZ/+2aWLKBUxmBKhDEbta5usPZxjKh+Fzz/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH+LGgvYqMsZntHvc2/9LR6jGSnnMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvZjRzYUM5aW95eG1lMGU5emJfMHRIcU1aS2VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW3grMA0G
CSqGSIb3DQEBCwUAA4IBAQBtn3CJZJIBA2M/nQ6chMSNE4hC0oinuSTXkttSyilt
dpvjw8FXo2LlMKrX4qcaa4dWTfM0X05hVV0CdK4J3rxut85Z5kKyZxDKmrNcqu0y
eDI9zxUclQjLM7mapdpoxkwzJMnRx8ts9da4CD77feBEEKe2rD3ngBQ3ilOiNk0M
GeBr1egv10wJAdU2xZClaNioyvNPGWP6dqS6aM+kXUe6KmR3DJctb0ZyuQoNF1K6
JwJSAxv8VhD9AP/yJYTqwWiJ4+wnz1L0ZtUDNtlvXNEZrgmpXi+R8lJy98e4Nbdq
i0BLLQpq/Kll7sp2PCQBnunRv2++KMDWfRjZXYk8SIh4
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:02:41 2024 by rpki-client on console-fra.rpki-client.org