Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b08a3a-d6b9-4a5d-9d37-371b9074887f/1/WIbPMtHhgEIpHqh23ZaGjjVbp8c.roa
File: WIbPMtHhgEIpHqh23ZaGjjVbp8c.roa (raw, json)
Hash identifier: a2OgNOEYcWSGV/wNsBNYO4YRIZDgeCN7JXpO7KJxBJI=
Subject key identifier: 58:86:CF:32:D1:E1:80:42:29:1E:A8:76:DD:96:86:8E:35:5B:A7:C7
Certificate issuer: /CN=d8f700eeb05274b31dc1daf30cd7c81310ab452d
Certificate serial: 018CC26D405614CE58423498497042CA7529
Authority key identifier: D8:F7:00:EE:B0:52:74:B3:1D:C1:DA:F3:0C:D7:C8:13:10:AB:45:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2PcA7rBSdLMdwdrzDNfIExCrRS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b08a3a-d6b9-4a5d-9d37-371b9074887f/1/WIbPMtHhgEIpHqh23ZaGjjVbp8c.roa
Signing time: Mon 01 Jan 2024 00:29:48 +0000
ROA not before: Mon 01 Jan 2024 00:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34858
IP address blocks: 195.238.246.0/24 maxlen: 24
91.195.100.0/23 maxlen: 23
2001:678:bf4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/b08a3a-d6b9-4a5d-9d37-371b9074887f/1/2PcA7rBSdLMdwdrzDNfIExCrRS0.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/b08a3a-d6b9-4a5d-9d37-371b9074887f/1/2PcA7rBSdLMdwdrzDNfIExCrRS0.mft
rsync://rpki.ripe.net/repository/DEFAULT/2PcA7rBSdLMdwdrzDNfIExCrRS0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:40:56:14:ce:58:42:34:98:49:70:42:ca:75:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8f700eeb05274b31dc1daf30cd7c81310ab452d
Validity
Not Before: Jan 1 00:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5886cf32d1e18042291ea876dd96868e355ba7c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:04:35:8c:a8:71:c8:5c:ae:61:06:fc:bc:53:
bb:bb:e6:0d:b5:12:27:c7:7e:5b:e5:cb:24:44:5d:
11:b1:c5:36:45:81:76:64:ce:4d:af:ba:c8:4b:ee:
fd:33:94:25:fe:43:b7:6c:5e:da:0b:40:fc:02:d2:
cc:b8:fa:c4:0e:61:7b:a8:a5:f9:1d:c3:36:b4:b5:
40:04:08:de:83:99:1f:7e:a7:b1:d0:5a:b3:24:39:
6d:f7:d5:fb:e9:bb:03:ed:e1:4d:98:66:3c:c4:fe:
b7:a4:53:af:c7:ff:24:88:25:ad:35:65:2f:ac:6f:
1d:a0:b9:e3:6e:06:65:74:c0:d2:fe:48:1d:9e:cd:
d8:56:3c:a9:99:02:ba:c4:7c:be:d9:f0:68:f0:9e:
20:9c:bd:21:44:9c:20:6e:88:18:f4:f6:ca:9f:74:
fe:ce:da:d7:8b:90:47:96:af:a3:26:94:b4:93:9c:
36:a0:e3:16:01:83:c9:9a:40:3f:8e:f7:17:3c:12:
7b:d4:8d:58:8c:4b:10:71:4a:e2:5e:2e:a1:09:bc:
22:00:ee:0c:63:4b:3c:b0:f2:e3:8f:77:09:dd:30:
35:15:80:36:fa:3c:f3:c0:49:9b:21:e6:ba:f3:10:
70:c1:20:ef:59:e2:70:d4:d7:3b:34:88:9f:00:53:
45:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:86:CF:32:D1:E1:80:42:29:1E:A8:76:DD:96:86:8E:35:5B:A7:C7
X509v3 Authority Key Identifier:
keyid:D8:F7:00:EE:B0:52:74:B3:1D:C1:DA:F3:0C:D7:C8:13:10:AB:45:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2PcA7rBSdLMdwdrzDNfIExCrRS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b08a3a-d6b9-4a5d-9d37-371b9074887f/1/WIbPMtHhgEIpHqh23ZaGjjVbp8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b08a3a-d6b9-4a5d-9d37-371b9074887f/1/2PcA7rBSdLMdwdrzDNfIExCrRS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.100.0/23
195.238.246.0/24
IPv6:
2001:678:bf4::/48
Signature Algorithm: sha256WithRSAEncryption
28:36:b0:09:08:13:38:d9:8b:ab:4b:7f:e0:a5:ef:a2:9f:1c:
eb:ab:dc:75:5c:2c:c5:a7:0c:5e:74:09:56:51:04:ec:a0:07:
11:40:cd:50:8d:90:63:16:59:9e:4e:66:75:20:8f:67:b0:c6:
5b:4a:5b:30:ac:1e:ac:75:93:95:f8:b2:9a:97:6d:a2:fe:db:
7b:f8:d5:9e:4d:9f:92:0d:67:92:63:b4:3a:85:5c:b3:15:7d:
12:6b:e2:f5:35:3f:c3:67:a5:98:d3:a1:13:9d:80:c6:8f:17:
87:38:14:1a:96:15:42:0c:9c:d8:80:e2:20:57:e8:e7:4b:bb:
c9:ca:43:51:05:27:df:3a:31:d6:2f:c8:ad:8f:4b:f1:04:82:
ce:38:1c:ea:c3:e6:fc:39:31:32:db:96:0e:91:c5:4b:1f:e2:
ea:00:a4:8d:60:e9:4f:19:a2:a2:8f:a1:02:5c:dd:16:c8:de:
dd:03:cd:fb:20:8c:01:de:39:fc:19:a8:43:b7:32:74:bf:76:
44:c7:26:cd:1f:ba:ca:91:30:15:b6:cd:7b:6c:16:12:4c:73:
cd:ab:73:29:f9:55:02:ab:52:ab:df:92:d8:a6:5a:38:a3:49:
56:84:df:a9:3a:2b:1f:35:04:8f:2e:7d:47:7c:79:79:5c:c6:
c7:02:91:d4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzCbUBWFM5YQjSYSXBCynUpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZjcwMGVlYjA1Mjc0YjMxZGMxZGFmMzBjZDdjODEzMTBh
YjQ1MmQwHhcNMjQwMTAxMDAyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODg2Y2YzMmQxZTE4MDQyMjkxZWE4NzZkZDk2ODY4ZTM1NWJhN2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngQ1jKhxyFyuYQb8vFO7u+YNtRIn
x35b5cskRF0RscU2RYF2ZM5Nr7rIS+79M5Ql/kO3bF7aC0D8AtLMuPrEDmF7qKX5
HcM2tLVABAjeg5kffqex0FqzJDlt99X76bsD7eFNmGY8xP63pFOvx/8kiCWtNWUv
rG8doLnjbgZldMDS/kgdns3YVjypmQK6xHy+2fBo8J4gnL0hRJwgbogY9PbKn3T+
ztrXi5BHlq+jJpS0k5w2oOMWAYPJmkA/jvcXPBJ71I1YjEsQcUriXi6hCbwiAO4M
Y0s8sPLjj3cJ3TA1FYA2+jzzwEmbIea68xBwwSDvWeJw1Nc7NIifAFNFDwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFiGzzLR4YBCKR6odt2Who41W6fHMB8GA1UdIwQY
MBaAFNj3AO6wUnSzHcHa8wzXyBMQq0UtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlBjQTdyQlNkTE1kd2RyekROZklFeENyUlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iMDhhM2EtZDZiOS00YTVkLTlkMzct
MzcxYjkwNzQ4ODdmLzEvV0liUE10SGhnRUlwSHFoMjNaYUdqalZicDhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iMDhhM2EtZDZiOS00YTVkLTlkMzctMzcxYjkwNzQ4ODdm
LzEvMlBjQTdyQlNkTE1kd2RyekROZklFeENyUlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBW8NkAwQA
w+72MA8EAgACMAkDBwAgAQZ4C/QwDQYJKoZIhvcNAQELBQADggEBACg2sAkIEzjZ
i6tLf+Cl76KfHOur3HVcLMWnDF50CVZRBOygBxFAzVCNkGMWWZ5OZnUgj2ewxltK
WzCsHqx1k5X4spqXbaL+23v41Z5Nn5INZ5JjtDqFXLMVfRJr4vU1P8NnpZjToROd
gMaPF4c4FBqWFUIMnNiA4iBX6OdLu8nKQ1EFJ986MdYvyK2PS/EEgs44HOrD5vw5
MTLblg6RxUsf4uoApI1g6U8ZoqKPoQJc3RbI3t0DzfsgjAHeOfwZqEO3MnS/dkTH
Js0fusqRMBW2zXtsFhJMc82rcyn5VQKrUqvfktimWjijSVaE36k6Kx81BI8ufUd8
eXlcxscCkdQ=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:23:34 2024 by rpki-client on console-ams.rpki-client.org