Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/df9a4c-79fe-4004-9413-4b47e8f8c86f/1/ayM0rD_U9IcY2n8V9JKhGa8uKus.roa
File: ayM0rD_U9IcY2n8V9JKhGa8uKus.roa (raw, json)
Hash identifier: eHOvtWAy6Z1aJ/dxuMxWnbTIvZQlf3HofITlWmh6uzg=
Subject key identifier: 6B:23:34:AC:3F:D4:F4:87:18:DA:7F:15:F4:92:A1:19:AF:2E:2A:EB
Certificate issuer: /CN=200b3b2345710a096f6a34d7f089beb1e3fc5388
Certificate serial: 01905389223CAAFCEE4B4BAD74E633CF63B7
Authority key identifier: 20:0B:3B:23:45:71:0A:09:6F:6A:34:D7:F0:89:BE:B1:E3:FC:53:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IAs7I0VxCglvajTX8Im-seP8U4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/df9a4c-79fe-4004-9413-4b47e8f8c86f/1/ayM0rD_U9IcY2n8V9JKhGa8uKus.roa
Signing time: Wed 26 Jun 2024 07:53:34 +0000
ROA not before: Wed 26 Jun 2024 07:53:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48134
IP address blocks: 91.209.19.0/24 maxlen: 24
2a0e:58c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/df9a4c-79fe-4004-9413-4b47e8f8c86f/1/IAs7I0VxCglvajTX8Im-seP8U4g.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/df9a4c-79fe-4004-9413-4b47e8f8c86f/1/IAs7I0VxCglvajTX8Im-seP8U4g.mft
rsync://rpki.ripe.net/repository/DEFAULT/IAs7I0VxCglvajTX8Im-seP8U4g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 16:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:53:89:22:3c:aa:fc:ee:4b:4b:ad:74:e6:33:cf:63:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=200b3b2345710a096f6a34d7f089beb1e3fc5388
Validity
Not Before: Jun 26 07:53:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b2334ac3fd4f48718da7f15f492a119af2e2aeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:fb:36:a2:31:60:ac:dd:de:d7:e6:11:bb:bf:
58:a5:24:5f:f3:74:b3:0d:52:47:df:8e:cb:2d:c0:
64:6c:2c:08:d8:4d:a7:df:9e:36:f6:19:66:b7:f1:
b6:d1:86:99:0a:ea:67:4e:1a:90:28:11:01:1e:82:
87:98:08:9f:6c:7f:cc:b2:95:12:61:23:31:f9:ad:
40:fe:4f:ad:65:6f:31:2e:af:d1:34:f3:65:0e:29:
f2:47:5c:c3:69:9c:38:74:cd:6e:93:60:7e:33:63:
16:3d:97:05:06:11:48:5e:dd:a2:72:5a:e1:14:1d:
6a:1f:54:15:17:09:a4:8c:df:79:42:2e:74:a4:96:
14:79:47:66:3e:34:48:72:0f:e7:a6:0b:f6:04:ab:
aa:db:6a:7b:bf:b2:6b:d3:52:ca:da:ef:68:2f:72:
6c:fe:60:0b:1a:d3:06:cc:e1:d1:34:8c:d5:56:2f:
32:19:1e:6c:5b:6b:a1:12:6e:e4:b6:9e:d9:52:83:
23:b6:d4:74:b9:42:3d:a6:27:5f:23:ea:36:da:d1:
cf:e8:5e:c1:4b:a3:a5:2e:44:66:47:d9:95:91:fb:
c4:69:15:bf:68:2a:f2:55:a5:4e:0a:c4:b4:7f:d8:
f0:ac:8d:f8:2d:d0:ff:74:27:dc:a8:1b:aa:1c:b8:
bf:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:23:34:AC:3F:D4:F4:87:18:DA:7F:15:F4:92:A1:19:AF:2E:2A:EB
X509v3 Authority Key Identifier:
keyid:20:0B:3B:23:45:71:0A:09:6F:6A:34:D7:F0:89:BE:B1:E3:FC:53:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IAs7I0VxCglvajTX8Im-seP8U4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/df9a4c-79fe-4004-9413-4b47e8f8c86f/1/ayM0rD_U9IcY2n8V9JKhGa8uKus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/df9a4c-79fe-4004-9413-4b47e8f8c86f/1/IAs7I0VxCglvajTX8Im-seP8U4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.19.0/24
IPv6:
2a0e:58c0::/29
Signature Algorithm: sha256WithRSAEncryption
02:3c:c4:6d:9f:8a:e8:8d:40:82:7f:04:bc:33:fa:0f:65:e2:
a5:a5:eb:86:64:de:ea:61:09:73:2b:ea:01:3e:96:02:de:a9:
cd:29:92:91:b5:cb:00:23:11:1b:c3:a1:36:44:82:90:ec:15:
1e:fc:d5:ee:c5:b4:20:3d:80:3b:f9:7c:44:1e:26:a3:3e:4a:
55:1d:2a:ec:be:21:0f:e1:fb:86:f6:a0:a2:a6:8f:86:97:48:
12:87:15:ff:fd:e5:b1:de:f9:0b:e0:74:2c:cf:2c:bd:04:0e:
c9:72:a1:76:37:5e:71:3e:e9:e0:67:55:ad:8d:6b:b3:5a:4d:
a7:10:cf:98:c2:60:56:a6:08:3c:51:99:a9:06:b2:c2:98:cd:
09:86:29:bd:55:85:c6:99:cd:79:20:b9:e5:c7:ff:00:93:c1:
31:52:65:31:1b:05:7c:0d:06:0f:ce:f9:c1:d8:5a:11:f0:2e:
0a:4e:d6:2b:a0:f2:c6:73:7c:bd:e0:4c:36:3b:94:5b:07:11:
f3:f4:f1:4c:1d:fa:a2:cf:1f:9b:2e:f1:a9:c2:09:c9:8e:c3:
e4:de:9c:ea:f8:17:64:3f:f5:56:61:dc:7a:76:07:3d:b2:26:
f8:19:7c:43:7e:73:26:68:70:e9:af:be:68:6c:85:cd:24:2b:
c8:3e:a4:48
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZBTiSI8qvzuS0utdOYzz2O3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMGIzYjIzNDU3MTBhMDk2ZjZhMzRkN2YwODliZWIxZTNm
YzUzODgwHhcNMjQwNjI2MDc1MzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjIzMzRhYzNmZDRmNDg3MThkYTdmMTVmNDkyYTExOWFmMmUyYWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovs2ojFgrN3e1+YRu79YpSRf83Sz
DVJH347LLcBkbCwI2E2n35429hlmt/G20YaZCupnThqQKBEBHoKHmAifbH/MspUS
YSMx+a1A/k+tZW8xLq/RNPNlDinyR1zDaZw4dM1uk2B+M2MWPZcFBhFIXt2iclrh
FB1qH1QVFwmkjN95Qi50pJYUeUdmPjRIcg/npgv2BKuq22p7v7Jr01LK2u9oL3Js
/mALGtMGzOHRNIzVVi8yGR5sW2uhEm7ktp7ZUoMjttR0uUI9pidfI+o22tHP6F7B
S6OlLkRmR9mVkfvEaRW/aCryVaVOCsS0f9jwrI34LdD/dCfcqBuqHLi/iwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGsjNKw/1PSHGNp/FfSSoRmvLirrMB8GA1UdIwQY
MBaAFCALOyNFcQoJb2o01/CJvrHj/FOIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUFzN0kwVnhDZ2x2YWpUWDhJbS1zZVA4VTRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kZjlhNGMtNzlmZS00MDA0LTk0MTMt
NGI0N2U4ZjhjODZmLzEvYXlNMHJEX1U5SWNZMm44VjlKS2hHYTh1S3VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kZjlhNGMtNzlmZS00MDA0LTk0MTMtNGI0N2U4ZjhjODZm
LzEvSUFzN0kwVnhDZ2x2YWpUWDhJbS1zZVA4VTRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9ETMA0E
AgACMAcDBQMqDljAMA0GCSqGSIb3DQEBCwUAA4IBAQACPMRtn4rojUCCfwS8M/oP
ZeKlpeuGZN7qYQlzK+oBPpYC3qnNKZKRtcsAIxEbw6E2RIKQ7BUe/NXuxbQgPYA7
+XxEHiajPkpVHSrsviEP4fuG9qCipo+Gl0gShxX//eWx3vkL4HQszyy9BA7JcqF2
N15xPungZ1WtjWuzWk2nEM+YwmBWpgg8UZmpBrLCmM0Jhim9VYXGmc15ILnlx/8A
k8ExUmUxGwV8DQYPzvnB2FoR8C4KTtYroPLGc3y94Ew2O5RbBxHz9PFMHfqizx+b
LvGpwgnJjsPk3pzq+BdkP/VWYdx6dgc9sib4GXxDfnMmaHDpr75obIXNJCvIPqRI
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:45:52 2024 by rpki-client on console-fra.rpki-client.org