Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/dXxPvcEY1lDUifBdUW5FdHmRhZA.roa
File: dXxPvcEY1lDUifBdUW5FdHmRhZA.roa (raw, json)
Hash identifier: CE2SrsqfPBy0sNSaxmPpJVQtfsb7CD+SuCxcyck7z70=
Subject key identifier: 75:7C:4F:BD:C1:18:D6:50:D4:89:F0:5D:51:6E:45:74:79:91:85:90
Certificate issuer: /CN=601dc00f9a481b415086b143a7dd4cda1ffb2470
Certificate serial: 018CC94E5C86459C7EF1EAC0FA095D9412EF
Authority key identifier: 60:1D:C0:0F:9A:48:1B:41:50:86:B1:43:A7:DD:4C:DA:1F:FB:24:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YB3AD5pIG0FQhrFDp91M2h_7JHA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/dXxPvcEY1lDUifBdUW5FdHmRhZA.roa
Signing time: Tue 02 Jan 2024 08:33:25 +0000
ROA not before: Tue 02 Jan 2024 08:33:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57354
IP address blocks: 91.231.218.0/23 maxlen: 32
185.228.132.0/22 maxlen: 32
2a0d:1600::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/YB3AD5pIG0FQhrFDp91M2h_7JHA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/YB3AD5pIG0FQhrFDp91M2h_7JHA.mft
rsync://rpki.ripe.net/repository/DEFAULT/YB3AD5pIG0FQhrFDp91M2h_7JHA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:5c:86:45:9c:7e:f1:ea:c0:fa:09:5d:94:12:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=601dc00f9a481b415086b143a7dd4cda1ffb2470
Validity
Not Before: Jan 2 08:33:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=757c4fbdc118d650d489f05d516e457479918590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:70:00:56:fa:64:9f:14:e4:74:19:16:0a:d1:
79:f0:c8:96:a7:44:13:50:cb:b3:50:7e:82:4b:b6:
f5:e2:b6:d8:16:82:1e:3a:97:76:73:4b:c2:53:c0:
0d:ee:af:7d:8a:30:23:37:98:c0:8c:37:e4:aa:b2:
18:7b:10:0d:ef:20:ce:4d:8b:60:75:46:01:58:36:
b5:47:a4:df:c0:0a:89:45:b0:05:16:a8:9d:45:02:
d7:73:d8:06:b9:74:5c:5b:75:3b:17:ae:62:33:c9:
6b:58:21:38:af:19:1a:77:95:41:6d:ee:0e:18:31:
5e:91:a3:18:e4:9d:b7:82:39:ec:d7:7e:2e:81:07:
57:34:f3:e9:30:fb:25:64:b9:79:7c:7f:38:d4:ee:
22:02:67:12:f2:ea:48:0a:bd:c9:2d:00:c5:8c:29:
20:7e:18:f0:8a:ed:aa:de:5b:7a:7c:80:23:7a:f0:
86:ec:a4:11:c3:d7:0f:93:4e:ff:03:04:1f:7c:8b:
18:ca:a3:fb:69:21:cc:5a:a1:a6:58:e0:69:9f:34:
7e:bb:68:1f:1a:b5:de:0b:9e:b3:0f:df:50:c9:a9:
3d:e0:93:7d:7e:b7:51:ee:f2:74:fc:ae:50:e3:44:
58:d1:88:fa:0f:ca:d0:de:f1:6e:9e:65:46:51:64:
28:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:7C:4F:BD:C1:18:D6:50:D4:89:F0:5D:51:6E:45:74:79:91:85:90
X509v3 Authority Key Identifier:
keyid:60:1D:C0:0F:9A:48:1B:41:50:86:B1:43:A7:DD:4C:DA:1F:FB:24:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YB3AD5pIG0FQhrFDp91M2h_7JHA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/dXxPvcEY1lDUifBdUW5FdHmRhZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/YB3AD5pIG0FQhrFDp91M2h_7JHA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.218.0/23
185.228.132.0/22
IPv6:
2a0d:1600::/32
Signature Algorithm: sha256WithRSAEncryption
6b:b2:d7:ae:6c:be:e8:dd:83:37:69:3a:f2:5e:b7:77:8b:00:
b5:d9:a3:41:f9:e4:0d:d3:31:d7:4e:e5:44:92:70:f0:f6:0b:
4d:bc:f8:55:6e:f4:46:d7:be:39:56:be:c2:73:8f:93:07:c5:
88:d7:e4:6a:a5:09:a0:00:9e:99:26:9d:b7:3f:f1:d1:bb:80:
d8:8b:52:d8:52:b9:29:5a:aa:16:82:dd:0c:14:41:c6:6b:c9:
05:e5:09:6e:1b:56:1c:77:45:d8:aa:07:14:97:7c:39:02:4f:
ff:59:5e:2c:77:f3:45:25:aa:eb:80:78:65:08:96:c1:0e:c4:
f7:38:f3:2d:22:58:75:da:06:f7:b5:cd:95:cd:25:0f:1b:a2:
3e:64:f5:ad:74:fa:76:71:f0:04:b4:61:b4:ad:36:30:f3:68:
08:61:0a:b0:f9:c9:15:a0:ec:12:9f:1d:f7:20:d0:69:c0:25:
97:74:51:f1:40:22:49:ef:4c:d8:24:b1:94:74:12:6a:f2:c4:
9c:e2:96:d7:c1:2b:fc:4e:91:75:ad:58:33:15:7a:d6:7c:62:
09:7d:21:f1:ac:eb:53:51:4a:a8:f9:c0:a7:6f:bc:dd:8f:2f:
53:f3:ce:33:e4:e9:71:17:5b:c1:31:3f:0f:2e:cf:d7:f9:5e:
55:1b:a6:7d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJTlyGRZx+8erA+gldlBLvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMWRjMDBmOWE0ODFiNDE1MDg2YjE0M2E3ZGQ0Y2RhMWZm
YjI0NzAwHhcNMjQwMTAyMDgzMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTdjNGZiZGMxMThkNjUwZDQ4OWYwNWQ1MTZlNDU3NDc5OTE4NTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3AAVvpknxTkdBkWCtF58MiWp0QT
UMuzUH6CS7b14rbYFoIeOpd2c0vCU8AN7q99ijAjN5jAjDfkqrIYexAN7yDOTYtg
dUYBWDa1R6TfwAqJRbAFFqidRQLXc9gGuXRcW3U7F65iM8lrWCE4rxkad5VBbe4O
GDFekaMY5J23gjns134ugQdXNPPpMPslZLl5fH841O4iAmcS8upICr3JLQDFjCkg
fhjwiu2q3lt6fIAjevCG7KQRw9cPk07/AwQffIsYyqP7aSHMWqGmWOBpnzR+u2gf
GrXeC56zD99Qyak94JN9frdR7vJ0/K5Q40RY0Yj6D8rQ3vFunmVGUWQo1wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHV8T73BGNZQ1InwXVFuRXR5kYWQMB8GA1UdIwQY
MBaAFGAdwA+aSBtBUIaxQ6fdTNof+yRwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUIzQUQ1cElHMEZRaHJGRHA5MU0yaF83SkhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9hYjJiMjUtMmExMy00MWYwLWI5YzUt
ZmJhNDliMGNkZGVkLzEvZFh4UHZjRVkxbERVaWZCZFVXNUZkSG1SaFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9hYjJiMjUtMmExMy00MWYwLWI5YzUtZmJhNDliMGNkZGVk
LzEvWUIzQUQ1cElHMEZRaHJGRHA5MU0yaF83SkhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBW+faAwQC
ueSEMA0EAgACMAcDBQAqDRYAMA0GCSqGSIb3DQEBCwUAA4IBAQBrsteubL7o3YM3
aTryXrd3iwC12aNB+eQN0zHXTuVEknDw9gtNvPhVbvRG1745Vr7Cc4+TB8WI1+Rq
pQmgAJ6ZJp23P/HRu4DYi1LYUrkpWqoWgt0MFEHGa8kF5QluG1Ycd0XYqgcUl3w5
Ak//WV4sd/NFJarrgHhlCJbBDsT3OPMtIlh12gb3tc2VzSUPG6I+ZPWtdPp2cfAE
tGG0rTYw82gIYQqw+ckVoOwSnx33INBpwCWXdFHxQCJJ70zYJLGUdBJq8sSc4pbX
wSv8TpF1rVgzFXrWfGIJfSHxrOtTUUqo+cCnb7zdjy9T884z5OlxF1vBMT8PLs/X
+V5VG6Z9
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:11:34 2024 by rpki-client on console-fra.rpki-client.org