Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/9c6c0zV-ApSulGDyEVZSNQL9t3I.roa
File: 9c6c0zV-ApSulGDyEVZSNQL9t3I.roa (raw, json)
Hash identifier: p9St3posQLid8YK4WFZCiQzBxW/RCcqSsv1IrD/YGF0=
Subject key identifier: F5:CE:9C:D3:35:7E:02:94:AE:94:60:F2:11:56:52:35:02:FD:B7:72
Certificate issuer: /CN=9c1aed9913f8880af7557eef3ef02d6e0ff3fd49
Certificate serial: 018CC801A50616EEA08E95D32A7FC736AB7D
Authority key identifier: 9C:1A:ED:99:13:F8:88:0A:F7:55:7E:EF:3E:F0:2D:6E:0F:F3:FD:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nBrtmRP4iAr3VX7vPvAtbg_z_Uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/9c6c0zV-ApSulGDyEVZSNQL9t3I.roa
Signing time: Tue 02 Jan 2024 02:30:00 +0000
ROA not before: Tue 02 Jan 2024 02:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34773
IP address blocks: 91.233.121.0/24 maxlen: 24
2a0a:1b84::/32 maxlen: 32
2a0a:1b82::/32 maxlen: 32
2a0a:1b80::/32 maxlen: 32
2a0a:1b86::/32 maxlen: 32
2a0a:1b85::/32 maxlen: 32
2a0a:1b83::/32 maxlen: 32
2a0a:1b87::/32 maxlen: 32
2a0a:1b81::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/nBrtmRP4iAr3VX7vPvAtbg_z_Uk.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/nBrtmRP4iAr3VX7vPvAtbg_z_Uk.mft
rsync://rpki.ripe.net/repository/DEFAULT/nBrtmRP4iAr3VX7vPvAtbg_z_Uk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 10:01:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:a5:06:16:ee:a0:8e:95:d3:2a:7f:c7:36:ab:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c1aed9913f8880af7557eef3ef02d6e0ff3fd49
Validity
Not Before: Jan 2 02:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5ce9cd3357e0294ae9460f21156523502fdb772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:04:38:0c:3c:3f:79:a4:4e:a1:7e:6e:71:77:
17:a6:be:f2:1a:4c:a3:0b:04:76:df:c9:f9:53:14:
15:ce:0b:8c:c2:b8:2e:a8:76:6c:d0:0a:bb:cc:ba:
b2:f2:d7:71:28:07:b3:fc:8c:46:25:8c:de:20:bb:
50:bf:ae:52:8d:cd:59:1c:8f:36:01:44:68:b6:d3:
0d:25:9a:f8:ec:e2:a8:24:c7:9b:f1:3a:4c:4f:97:
ad:8d:fe:f2:ed:0d:cd:80:02:ea:f3:3a:28:52:e7:
ec:e5:7c:97:f1:10:19:eb:fa:07:a8:03:f6:aa:ed:
88:7f:42:9c:d9:66:b1:ce:66:dd:d8:63:e8:2c:6a:
42:93:c8:0c:63:6d:4c:79:d9:35:08:5c:9c:be:bf:
e5:61:08:2e:8d:18:6e:94:a5:4a:88:5d:29:00:56:
bf:80:70:63:09:b1:48:50:0b:d0:2e:34:70:be:1f:
fa:29:e1:e8:30:68:00:91:78:76:9e:07:37:54:62:
66:e3:11:a0:0f:88:58:07:fd:31:fb:8e:67:ed:df:
01:70:26:6c:86:eb:a0:8c:1f:5e:c0:d1:d4:d6:91:
32:4d:ed:1e:64:b6:63:f8:08:a0:46:a3:4a:1c:a0:
66:a6:82:cd:80:b1:26:ec:1f:c4:40:f5:f0:8a:0b:
1f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:CE:9C:D3:35:7E:02:94:AE:94:60:F2:11:56:52:35:02:FD:B7:72
X509v3 Authority Key Identifier:
keyid:9C:1A:ED:99:13:F8:88:0A:F7:55:7E:EF:3E:F0:2D:6E:0F:F3:FD:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nBrtmRP4iAr3VX7vPvAtbg_z_Uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/9c6c0zV-ApSulGDyEVZSNQL9t3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/nBrtmRP4iAr3VX7vPvAtbg_z_Uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.121.0/24
IPv6:
2a0a:1b80::/29
Signature Algorithm: sha256WithRSAEncryption
89:df:d1:71:19:96:1d:dc:3a:e9:0b:50:ec:00:7d:47:64:22:
df:4c:55:d0:b7:aa:a0:80:c6:c2:02:cd:45:77:67:6f:d9:25:
0e:48:e6:91:19:94:e9:90:2d:8e:62:ed:15:d7:1f:2f:f6:f2:
43:5b:e1:57:5f:59:78:80:6b:32:a7:5e:15:51:78:8b:40:90:
53:6f:4e:b7:7a:be:fb:46:24:2f:7b:33:bc:e0:32:94:d8:7b:
a6:ac:0a:06:a2:93:9b:4e:1c:85:aa:6e:c9:40:2e:41:3e:67:
1d:54:70:6e:99:4c:8f:4d:11:00:1b:33:58:77:a2:7a:34:73:
7e:2f:67:6c:97:c8:d1:bb:43:a9:2c:ea:d3:10:f1:f8:74:be:
b1:60:b6:5d:82:ed:04:ce:e2:f5:f8:55:63:d1:dd:c6:0f:d7:
fc:91:fe:a9:78:3b:e9:51:c3:86:6e:bc:e9:3d:80:b9:64:ae:
04:36:f1:15:0a:01:de:4c:78:b4:ad:b3:0a:4b:e4:e2:b9:dc:
a0:40:1d:6b:9d:63:81:0d:38:ba:79:fd:e1:87:ff:28:dd:b8:
bf:43:cf:a6:54:57:23:04:30:4e:99:75:72:05:db:f5:4c:19:
e2:cf:2b:97:38:be:20:c3:af:1a:b9:fc:1d:3c:9b:13:47:bf:
21:10:52:ea
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAaUGFu6gjpXTKn/HNqt9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMWFlZDk5MTNmODg4MGFmNzU1N2VlZjNlZjAyZDZlMGZm
M2ZkNDkwHhcNMjQwMTAyMDIzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWNlOWNkMzM1N2UwMjk0YWU5NDYwZjIxMTU2NTIzNTAyZmRiNzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQQ4DDw/eaROoX5ucXcXpr7yGkyj
CwR238n5UxQVzguMwrguqHZs0Aq7zLqy8tdxKAez/IxGJYzeILtQv65Sjc1ZHI82
AURottMNJZr47OKoJMeb8TpMT5etjf7y7Q3NgALq8zooUufs5XyX8RAZ6/oHqAP2
qu2If0Kc2Waxzmbd2GPoLGpCk8gMY21Medk1CFycvr/lYQgujRhulKVKiF0pAFa/
gHBjCbFIUAvQLjRwvh/6KeHoMGgAkXh2ngc3VGJm4xGgD4hYB/0x+45n7d8BcCZs
huugjB9ewNHU1pEyTe0eZLZj+AigRqNKHKBmpoLNgLEm7B/EQPXwigsfoQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPXOnNM1fgKUrpRg8hFWUjUC/bdyMB8GA1UdIwQY
MBaAFJwa7ZkT+IgK91V+7z7wLW4P8/1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkJydG1SUDRpQXIzVlg3dlB2QXRiZ196X1VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9mZjk0ZjEtYmE2My00MGQ2LWJlY2Et
NWU2MjRhMzAzOGNmLzEvOWM2YzB6Vi1BcFN1bEdEeUVWWlNOUUw5dDNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9mZjk0ZjEtYmE2My00MGQ2LWJlY2EtNWU2MjRhMzAzOGNm
LzEvbkJydG1SUDRpQXIzVlg3dlB2QXRiZ196X1VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW+l5MA0E
AgACMAcDBQMqChuAMA0GCSqGSIb3DQEBCwUAA4IBAQCJ39FxGZYd3DrpC1DsAH1H
ZCLfTFXQt6qggMbCAs1Fd2dv2SUOSOaRGZTpkC2OYu0V1x8v9vJDW+FXX1l4gGsy
p14VUXiLQJBTb063er77RiQvezO84DKU2HumrAoGopObThyFqm7JQC5BPmcdVHBu
mUyPTREAGzNYd6J6NHN+L2dsl8jRu0OpLOrTEPH4dL6xYLZdgu0EzuL1+FVj0d3G
D9f8kf6peDvpUcOGbrzpPYC5ZK4ENvEVCgHeTHi0rbMKS+TiudygQB1rnWOBDTi6
ef3hh/8o3bi/Q8+mVFcjBDBOmXVyBdv1TBnizyuXOL4gw68aufwdPJsTR78hEFLq
-----END CERTIFICATE-----
Generated at Sat May 18 14:13:09 2024 by rpki-client on console-ams.rpki-client.org