Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9209ed-4b98-4897-8e9b-3a042f77b738/1/1bNM4QMwQp2eONpbcD-bXdT1B3E.roa
File: 1bNM4QMwQp2eONpbcD-bXdT1B3E.roa (raw, json)
Hash identifier: rCvgBgSdi/13SW/sqSzVNRfR1/qAoy/qrhi5H17x0Tc=
Subject key identifier: D5:B3:4C:E1:03:30:42:9D:9E:38:DA:5B:70:3F:9B:5D:D4:F5:07:71
Certificate issuer: /CN=db59bce61ba9d2a0e355be01f1341b8df76aebdb
Certificate serial: 018CC6B943FBCD818AC78D0F6E284E7E9523
Authority key identifier: DB:59:BC:E6:1B:A9:D2:A0:E3:55:BE:01:F1:34:1B:8D:F7:6A:EB:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/21m85hup0qDjVb4B8TQbjfdq69s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9209ed-4b98-4897-8e9b-3a042f77b738/1/1bNM4QMwQp2eONpbcD-bXdT1B3E.roa
Signing time: Mon 01 Jan 2024 20:31:19 +0000
ROA not before: Mon 01 Jan 2024 20:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197600
IP address blocks: 91.223.160.0/24 maxlen: 24
2001:678:7b8::/48 maxlen: 48
2001:678:7bc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9209ed-4b98-4897-8e9b-3a042f77b738/1/21m85hup0qDjVb4B8TQbjfdq69s.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9209ed-4b98-4897-8e9b-3a042f77b738/1/21m85hup0qDjVb4B8TQbjfdq69s.mft
rsync://rpki.ripe.net/repository/DEFAULT/21m85hup0qDjVb4B8TQbjfdq69s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:43:fb:cd:81:8a:c7:8d:0f:6e:28:4e:7e:95:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db59bce61ba9d2a0e355be01f1341b8df76aebdb
Validity
Not Before: Jan 1 20:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5b34ce10330429d9e38da5b703f9b5dd4f50771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:bf:2f:49:04:96:f8:0d:20:96:ba:7b:b6:55:
d4:1d:99:ca:af:33:8f:27:cc:69:07:75:db:38:2c:
39:2b:2b:7d:b8:2f:92:3e:30:0e:60:e8:fd:4d:d2:
af:5b:f5:b7:49:19:55:6a:e0:9d:79:e5:ef:a6:48:
19:c8:08:19:a1:29:df:08:d4:9a:ec:5d:04:5d:a8:
83:9a:61:78:6f:b9:5c:6f:51:04:b2:b8:d7:9e:c1:
e5:27:ad:f1:12:da:62:50:7b:d1:95:3b:0c:9f:a9:
da:2d:9a:ca:df:8f:9d:3e:ac:ad:de:5c:a1:fd:30:
b2:e6:70:a4:b2:fc:f7:84:f6:f9:e1:32:92:89:98:
6e:86:c9:0d:ec:a8:96:1c:12:95:46:86:06:ff:ba:
e1:f7:ca:8e:12:e9:30:ab:72:22:9e:a9:69:84:cd:
ed:05:08:e0:e2:e2:e0:7a:21:07:91:54:b0:8f:27:
98:38:06:29:ee:66:39:da:0d:a3:9e:fb:3d:17:fe:
46:80:cb:f0:32:8a:48:46:1d:92:b0:20:fa:ec:94:
ee:77:80:e6:39:ee:6e:52:91:c2:26:91:27:38:e4:
aa:45:c0:9a:13:a4:46:62:45:b3:50:fb:7a:18:a0:
dd:c8:de:ef:2f:c1:09:f8:81:ff:28:5d:27:50:43:
bc:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:B3:4C:E1:03:30:42:9D:9E:38:DA:5B:70:3F:9B:5D:D4:F5:07:71
X509v3 Authority Key Identifier:
keyid:DB:59:BC:E6:1B:A9:D2:A0:E3:55:BE:01:F1:34:1B:8D:F7:6A:EB:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/21m85hup0qDjVb4B8TQbjfdq69s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9209ed-4b98-4897-8e9b-3a042f77b738/1/1bNM4QMwQp2eONpbcD-bXdT1B3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9209ed-4b98-4897-8e9b-3a042f77b738/1/21m85hup0qDjVb4B8TQbjfdq69s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.160.0/24
IPv6:
2001:678:7b8::/48
2001:678:7bc::/48
Signature Algorithm: sha256WithRSAEncryption
50:50:1d:5b:45:51:bd:cb:2c:55:55:ca:3a:4b:f5:6f:86:bd:
ce:2c:40:a9:ee:ac:12:4d:45:7c:dd:ae:db:54:9c:ca:cd:51:
36:22:c7:0c:9b:e5:cc:88:39:0b:98:cd:c9:d7:10:b6:63:65:
2e:9c:d3:b5:c0:46:9f:5c:1b:0d:56:9a:54:4c:28:3e:23:6d:
66:dc:08:67:f9:11:e5:81:74:7d:a8:d1:87:c8:2e:ba:54:53:
23:64:ac:e4:d3:4c:5b:0e:fb:a8:aa:67:78:52:a4:c6:42:1f:
29:ae:96:c5:09:9b:3d:2c:8c:1e:b0:d4:46:7d:6a:15:e6:85:
6b:48:dc:20:67:f9:33:79:6b:3b:ce:d6:a8:d6:76:a5:43:b1:
e4:53:48:e7:3f:3d:2b:43:fe:7d:eb:9a:ba:59:eb:0d:9f:9a:
8d:a8:38:5a:4f:ef:8f:46:13:f5:3a:06:4c:ef:b1:df:c2:ec:
1c:88:2d:61:c9:f3:84:2c:31:5f:18:13:99:85:9d:f3:42:36:
ca:b2:77:c3:d5:94:ee:0c:d2:9c:d3:07:a2:67:f8:5f:76:84:
8d:b6:17:27:22:08:09:5b:46:e9:67:9b:fa:9c:8c:61:04:92:
88:dc:fb:94:04:32:d7:5f:f6:6c:29:43:67:ac:22:87:f9:f9:
7b:0b:5a:87
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzGuUP7zYGKx40PbihOfpUjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNTliY2U2MWJhOWQyYTBlMzU1YmUwMWYxMzQxYjhkZjc2
YWViZGIwHhcNMjQwMTAxMjAzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWIzNGNlMTAzMzA0MjlkOWUzOGRhNWI3MDNmOWI1ZGQ0ZjUwNzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz78vSQSW+A0glrp7tlXUHZnKrzOP
J8xpB3XbOCw5Kyt9uC+SPjAOYOj9TdKvW/W3SRlVauCdeeXvpkgZyAgZoSnfCNSa
7F0EXaiDmmF4b7lcb1EEsrjXnsHlJ63xEtpiUHvRlTsMn6naLZrK34+dPqyt3lyh
/TCy5nCksvz3hPb54TKSiZhuhskN7KiWHBKVRoYG/7rh98qOEukwq3IinqlphM3t
BQjg4uLgeiEHkVSwjyeYOAYp7mY52g2jnvs9F/5GgMvwMopIRh2SsCD67JTud4Dm
Oe5uUpHCJpEnOOSqRcCaE6RGYkWzUPt6GKDdyN7vL8EJ+IH/KF0nUEO8OwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNWzTOEDMEKdnjjaW3A/m13U9QdxMB8GA1UdIwQY
MBaAFNtZvOYbqdKg41W+AfE0G433auvbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjFtODVodXAwcURqVmI0QjhUUWJqZmRxNjlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85MjA5ZWQtNGI5OC00ODk3LThlOWIt
M2EwNDJmNzdiNzM4LzEvMWJOTTRRTXdRcDJlT05wYmNELWJYZFQxQjNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85MjA5ZWQtNGI5OC00ODk3LThlOWItM2EwNDJmNzdiNzM4
LzEvMjFtODVodXAwcURqVmI0QjhUUWJqZmRxNjlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAW9+gMBgE
AgACMBIDBwAgAQZ4B7gDBwAgAQZ4B7wwDQYJKoZIhvcNAQELBQADggEBAFBQHVtF
Ub3LLFVVyjpL9W+Gvc4sQKnurBJNRXzdrttUnMrNUTYixwyb5cyIOQuYzcnXELZj
ZS6c07XARp9cGw1WmlRMKD4jbWbcCGf5EeWBdH2o0YfILrpUUyNkrOTTTFsO+6iq
Z3hSpMZCHymulsUJmz0sjB6w1EZ9ahXmhWtI3CBn+TN5azvO1qjWdqVDseRTSOc/
PStD/n3rmrpZ6w2fmo2oOFpP749GE/U6Bkzvsd/C7ByILWHJ84QsMV8YE5mFnfNC
Nsqyd8PVlO4M0pzTB6Jn+F92hI22FyciCAlbRulnm/qcjGEEkojc+5QEMtdf9mwp
Q2esIof5+XsLWoc=
-----END CERTIFICATE-----
Generated at Sun May 19 05:06:28 2024 by rpki-client on console-fra.rpki-client.org