Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/92352f-4051-450e-b3a6-2e0078cee182/1/_8DtE132Q7qweOyIVGjuEpTGEl4.roa
File: _8DtE132Q7qweOyIVGjuEpTGEl4.roa (raw, json)
Hash identifier: VuZcRvteetfHnI73jS/EOBtXzuxH9ZHmpBXT9aXPoXw=
Subject key identifier: FF:C0:ED:13:5D:F6:43:BA:B0:78:EC:88:54:68:EE:12:94:C6:12:5E
Certificate issuer: /CN=290cc4d0ad5dafc27aa4e342fa80e34814e845c3
Certificate serial: 019108B831477412BAC4DDB1941C351555B0
Authority key identifier: 29:0C:C4:D0:AD:5D:AF:C2:7A:A4:E3:42:FA:80:E3:48:14:E8:45:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQzE0K1dr8J6pONC-oDjSBToRcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/92352f-4051-450e-b3a6-2e0078cee182/1/_8DtE132Q7qweOyIVGjuEpTGEl4.roa
Signing time: Wed 31 Jul 2024 12:16:14 +0000
ROA not before: Wed 31 Jul 2024 12:16:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210579
IP address blocks: 91.227.138.0/23 maxlen: 23
217.13.104.0/23 maxlen: 23
217.13.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/92352f-4051-450e-b3a6-2e0078cee182/1/KQzE0K1dr8J6pONC-oDjSBToRcM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/92352f-4051-450e-b3a6-2e0078cee182/1/KQzE0K1dr8J6pONC-oDjSBToRcM.mft
rsync://rpki.ripe.net/repository/DEFAULT/KQzE0K1dr8J6pONC-oDjSBToRcM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:08:b8:31:47:74:12:ba:c4:dd:b1:94:1c:35:15:55:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=290cc4d0ad5dafc27aa4e342fa80e34814e845c3
Validity
Not Before: Jul 31 12:16:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffc0ed135df643bab078ec885468ee1294c6125e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:07:9d:0a:77:e6:55:ca:b7:73:27:05:e0:0a:
83:0d:51:5e:c8:cf:6a:01:fa:d4:78:f4:df:cc:50:
12:45:40:4f:15:3e:3c:32:ab:83:c1:d6:46:23:9e:
60:20:fc:e8:69:89:bf:7b:65:c7:98:ce:06:b8:0f:
63:ab:e2:d5:38:e8:07:7d:8a:f6:50:87:a6:6a:8c:
7e:3b:51:4b:78:44:ae:e3:61:bf:ea:04:05:bd:89:
c3:01:bc:9a:d6:20:da:57:07:53:e3:37:60:1e:35:
9d:ae:55:46:4d:73:bb:96:2f:30:74:bc:ba:3f:cc:
17:a8:e0:53:f1:aa:ae:4a:46:a5:c7:c5:ea:ca:b3:
2b:7f:e6:9a:c6:a7:00:9f:57:ad:02:fa:ba:93:ec:
39:ff:cf:60:0e:86:c7:56:15:36:76:26:3c:1a:db:
5c:dd:61:9e:21:4c:b6:89:6f:da:99:d3:20:a8:d4:
34:9f:51:89:ea:ee:85:c1:f2:58:bc:04:62:24:29:
3f:9d:8d:98:30:00:f3:ec:21:b6:94:cb:4c:67:df:
32:5b:11:b7:35:90:8c:2f:90:dd:d4:dc:7f:61:9c:
ef:b6:2a:9d:17:0a:e9:c6:a3:1e:4c:31:2e:fe:dc:
26:32:00:0b:e0:2a:af:4e:54:64:23:a8:80:45:09:
0f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:C0:ED:13:5D:F6:43:BA:B0:78:EC:88:54:68:EE:12:94:C6:12:5E
X509v3 Authority Key Identifier:
keyid:29:0C:C4:D0:AD:5D:AF:C2:7A:A4:E3:42:FA:80:E3:48:14:E8:45:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQzE0K1dr8J6pONC-oDjSBToRcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/92352f-4051-450e-b3a6-2e0078cee182/1/_8DtE132Q7qweOyIVGjuEpTGEl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/92352f-4051-450e-b3a6-2e0078cee182/1/KQzE0K1dr8J6pONC-oDjSBToRcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.138.0/23
217.13.104.0/23
217.13.111.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:3f:fd:da:5f:f9:e0:f4:df:7d:d4:9f:b9:63:30:47:ed:75:
a2:c1:0b:da:37:7c:b6:0c:b5:31:39:6a:31:de:e3:1a:27:9c:
b4:17:8c:2d:67:88:c0:a6:a1:36:c1:80:c4:32:c8:cc:c0:e7:
61:0e:76:0c:e2:e3:67:3b:9d:53:5f:f6:f6:3b:02:d2:4d:e1:
56:d8:a2:c8:7f:e5:ab:52:9b:3e:03:c1:6a:a4:03:83:7b:a3:
bc:19:23:7c:69:3b:69:ec:3d:4f:e3:e8:a8:e8:db:dc:e5:c8:
bf:90:58:f8:f8:d6:1d:58:59:82:72:d3:2e:5e:c8:5c:72:5c:
45:48:ef:f8:0e:d0:f0:53:04:8d:f1:35:53:fc:14:dc:a9:be:
9a:e8:18:1b:8b:a1:c3:56:25:73:c8:2f:15:f8:67:d8:bf:fa:
96:f6:b7:38:b1:61:d8:44:28:1b:0b:75:35:6d:8e:a0:9e:56:
f7:7a:8a:26:54:72:86:f1:a9:50:4c:d3:ab:0a:45:bf:a7:14:
0d:71:98:71:9d:bc:ef:12:8b:78:46:3c:3e:67:74:6f:4f:8b:
86:80:13:2a:79:8a:f8:39:0d:66:d0:22:cb:da:5d:97:20:57:
8e:42:de:c3:1a:7c:ff:0a:fd:83:9a:0e:9c:f4:78:f9:70:4e:
9f:16:85:d6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZEIuDFHdBK6xN2xlBw1FVWwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MGNjNGQwYWQ1ZGFmYzI3YWE0ZTM0MmZhODBlMzQ4MTRl
ODQ1YzMwHhcNMjQwNzMxMTIxNjE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmMwZWQxMzVkZjY0M2JhYjA3OGVjODg1NDY4ZWUxMjk0YzYxMjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgedCnfmVcq3cycF4AqDDVFeyM9q
AfrUePTfzFASRUBPFT48MquDwdZGI55gIPzoaYm/e2XHmM4GuA9jq+LVOOgHfYr2
UIemaox+O1FLeESu42G/6gQFvYnDAbya1iDaVwdT4zdgHjWdrlVGTXO7li8wdLy6
P8wXqOBT8aquSkalx8XqyrMrf+aaxqcAn1etAvq6k+w5/89gDobHVhU2diY8Gttc
3WGeIUy2iW/amdMgqNQ0n1GJ6u6FwfJYvARiJCk/nY2YMADz7CG2lMtMZ98yWxG3
NZCML5Dd1Nx/YZzvtiqdFwrpxqMeTDEu/twmMgAL4CqvTlRkI6iARQkPUQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP/A7RNd9kO6sHjsiFRo7hKUxhJeMB8GA1UdIwQY
MBaAFCkMxNCtXa/CeqTjQvqA40gU6EXDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1F6RTBLMWRyOEo2cE9OQy1vRGpTQlRvUmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS85MjM1MmYtNDA1MS00NTBlLWIzYTYt
MmUwMDc4Y2VlMTgyLzEvXzhEdEUxMzJRN3F3ZU95SVZHanVFcFRHRWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS85MjM1MmYtNDA1MS00NTBlLWIzYTYtMmUwMDc4Y2VlMTgy
LzEvS1F6RTBLMWRyOEo2cE9OQy1vRGpTQlRvUmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW+OKAwQB
2Q1oAwQA2Q1vMA0GCSqGSIb3DQEBCwUAA4IBAQCzP/3aX/ng9N991J+5YzBH7XWi
wQvaN3y2DLUxOWox3uMaJ5y0F4wtZ4jApqE2wYDEMsjMwOdhDnYM4uNnO51TX/b2
OwLSTeFW2KLIf+WrUps+A8FqpAODe6O8GSN8aTtp7D1P4+io6Nvc5ci/kFj4+NYd
WFmCctMuXshcclxFSO/4DtDwUwSN8TVT/BTcqb6a6Bgbi6HDViVzyC8V+GfYv/qW
9rc4sWHYRCgbC3U1bY6gnlb3eoomVHKG8alQTNOrCkW/pxQNcZhxnbzvEot4Rjw+
Z3RvT4uGgBMqeYr4OQ1m0CLL2l2XIFeOQt7DGnz/Cv2Dmg6c9Hj5cE6fFoXW
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:49:58 2024 by rpki-client on console-ams.rpki-client.org