Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/05ab60-dea6-43a3-87ef-7bfaeb195445/1/XD0IOdIAc9z7i0eRQm6w5T3EWE8.roa
File: XD0IOdIAc9z7i0eRQm6w5T3EWE8.roa (raw, json)
Hash identifier: uJnt+XL2TQRMHj6WXyHuFtXB9bzM1kEpoa8aaBsCmnc=
Subject key identifier: 5C:3D:08:39:D2:00:73:DC:FB:8B:47:91:42:6E:B0:E5:3D:C4:58:4F
Certificate issuer: /CN=e0689340283794489e41ac86aafa4414f8a4d6be
Certificate serial: 018CC56E002CB767509E9588FB270632A42A
Authority key identifier: E0:68:93:40:28:37:94:48:9E:41:AC:86:AA:FA:44:14:F8:A4:D6:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4GiTQCg3lEieQayGqvpEFPik1r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/05ab60-dea6-43a3-87ef-7bfaeb195445/1/XD0IOdIAc9z7i0eRQm6w5T3EWE8.roa
Signing time: Mon 01 Jan 2024 14:29:29 +0000
ROA not before: Mon 01 Jan 2024 14:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12978
IP address blocks: 91.233.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/05ab60-dea6-43a3-87ef-7bfaeb195445/1/4GiTQCg3lEieQayGqvpEFPik1r4.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/05ab60-dea6-43a3-87ef-7bfaeb195445/1/4GiTQCg3lEieQayGqvpEFPik1r4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4GiTQCg3lEieQayGqvpEFPik1r4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:00:2c:b7:67:50:9e:95:88:fb:27:06:32:a4:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0689340283794489e41ac86aafa4414f8a4d6be
Validity
Not Before: Jan 1 14:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c3d0839d20073dcfb8b4791426eb0e53dc4584f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0e:1f:f6:8a:65:6d:d8:f4:00:d8:a9:81:78:
14:ea:86:62:e0:55:86:48:1f:5b:a6:3b:bb:c9:c5:
5c:77:42:2a:bb:12:70:97:a6:46:1b:13:66:ad:71:
9b:5c:64:1d:51:26:e8:85:89:33:ce:da:84:80:f1:
94:f6:17:62:30:69:92:77:d0:04:77:59:2f:c9:65:
ad:ce:df:f5:85:ee:8a:af:5b:06:e2:f8:2d:f8:f2:
49:8a:79:66:e0:ff:00:d8:42:54:55:01:21:59:e0:
6b:ae:04:a3:70:2f:0a:13:7d:2a:3f:04:c1:33:64:
4d:a5:a7:49:ba:01:d8:bf:45:38:8e:e2:25:91:2a:
13:0d:ec:d3:ed:be:3c:e1:65:2b:af:2d:08:7f:2a:
4d:69:8e:eb:93:06:c9:b1:01:fa:a6:19:22:cc:a7:
fa:d4:76:a5:dd:e7:f4:5c:a4:2c:01:94:67:e8:2f:
fd:fd:54:63:a3:56:4c:a2:16:9e:4b:6b:e2:e7:cd:
d0:5b:cb:c9:ff:d9:bb:b8:4f:68:f7:5e:2a:f2:3b:
40:c0:af:f2:8f:b8:ac:33:e6:ab:4e:f4:aa:23:ec:
39:38:3a:19:3b:ef:18:47:01:1a:59:cd:f9:fb:63:
14:8f:b6:02:b9:8e:e3:c1:6a:48:ba:5e:d6:4e:6f:
58:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:3D:08:39:D2:00:73:DC:FB:8B:47:91:42:6E:B0:E5:3D:C4:58:4F
X509v3 Authority Key Identifier:
keyid:E0:68:93:40:28:37:94:48:9E:41:AC:86:AA:FA:44:14:F8:A4:D6:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4GiTQCg3lEieQayGqvpEFPik1r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/05ab60-dea6-43a3-87ef-7bfaeb195445/1/XD0IOdIAc9z7i0eRQm6w5T3EWE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/05ab60-dea6-43a3-87ef-7bfaeb195445/1/4GiTQCg3lEieQayGqvpEFPik1r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.80.0/24
Signature Algorithm: sha256WithRSAEncryption
31:d8:a0:2c:dc:e3:09:08:39:d8:ac:aa:ab:1a:07:b1:b8:72:
c6:03:a0:c4:8c:31:c1:4f:88:61:e3:72:7c:55:69:c9:a5:20:
f1:47:a4:13:b9:f2:0e:87:7d:05:e8:70:1f:12:22:4e:80:95:
1d:f3:17:5c:40:37:47:24:0d:7c:bd:9e:bd:37:68:ea:f4:27:
14:fd:23:18:c4:be:fb:29:15:59:67:fe:af:fe:6f:d5:1e:7d:
72:3b:d7:6f:cd:ec:79:92:a8:a5:0e:91:fc:0e:e9:c7:b7:b4:
f1:65:20:00:c8:8a:c6:db:bf:b2:74:c8:fa:76:62:0b:84:62:
f9:19:b1:bf:b0:87:db:9a:3b:8c:26:5b:ff:86:4c:2b:85:ef:
57:7e:a8:79:9e:76:f1:41:eb:0f:f3:1e:00:27:d4:63:24:d7:
4d:af:16:c9:93:92:42:82:cb:90:70:ec:0a:95:55:18:a3:93:
1c:e8:e5:b2:88:d6:d9:6f:5f:b4:08:50:2c:3a:08:0a:09:69:
93:01:0c:ad:40:58:fa:f2:b2:3f:17:a9:e2:61:09:9a:73:c5:
65:3d:4e:59:5d:67:af:8b:7e:30:3d:c9:49:a6:4d:73:31:f4:
7f:a6:29:51:bb:fe:0d:34:ed:16:68:ca:92:1a:70:83:ea:6b:
69:c3:15:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbgAst2dQnpWI+ycGMqQqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNjg5MzQwMjgzNzk0NDg5ZTQxYWM4NmFhZmE0NDE0Zjhh
NGQ2YmUwHhcNMjQwMTAxMTQyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzNkMDgzOWQyMDA3M2RjZmI4YjQ3OTE0MjZlYjBlNTNkYzQ1ODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQ4f9oplbdj0ANipgXgU6oZi4FWG
SB9bpju7ycVcd0IquxJwl6ZGGxNmrXGbXGQdUSbohYkzztqEgPGU9hdiMGmSd9AE
d1kvyWWtzt/1he6Kr1sG4vgt+PJJinlm4P8A2EJUVQEhWeBrrgSjcC8KE30qPwTB
M2RNpadJugHYv0U4juIlkSoTDezT7b484WUrry0IfypNaY7rkwbJsQH6phkizKf6
1Hal3ef0XKQsAZRn6C/9/VRjo1ZMohaeS2vi583QW8vJ/9m7uE9o914q8jtAwK/y
j7isM+arTvSqI+w5ODoZO+8YRwEaWc35+2MUj7YCuY7jwWpIul7WTm9Y9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFw9CDnSAHPc+4tHkUJusOU9xFhPMB8GA1UdIwQY
MBaAFOBok0AoN5RInkGshqr6RBT4pNa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEdpVFFDZzNsRWllUWF5R3F2cEVGUGlrMXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8wNWFiNjAtZGVhNi00M2EzLTg3ZWYt
N2JmYWViMTk1NDQ1LzEvWEQwSU9kSUFjOXo3aTBlUlFtNnc1VDNFV0U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8wNWFiNjAtZGVhNi00M2EzLTg3ZWYtN2JmYWViMTk1NDQ1
LzEvNEdpVFFDZzNsRWllUWF5R3F2cEVGUGlrMXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+lQMA0G
CSqGSIb3DQEBCwUAA4IBAQAx2KAs3OMJCDnYrKqrGgexuHLGA6DEjDHBT4hh43J8
VWnJpSDxR6QTufIOh30F6HAfEiJOgJUd8xdcQDdHJA18vZ69N2jq9CcU/SMYxL77
KRVZZ/6v/m/VHn1yO9dvzex5kqilDpH8DunHt7TxZSAAyIrG27+ydMj6dmILhGL5
GbG/sIfbmjuMJlv/hkwrhe9Xfqh5nnbxQesP8x4AJ9RjJNdNrxbJk5JCgsuQcOwK
lVUYo5Mc6OWyiNbZb1+0CFAsOggKCWmTAQytQFj68rI/F6niYQmac8VlPU5ZXWev
i34wPclJpk1zMfR/pilRu/4NNO0WaMqSGnCD6mtpwxVe
-----END CERTIFICATE-----
Generated at Sat Sep 28 12:41:59 2024 by rpki-client on console-ams.rpki-client.org