Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/00dcdf-ec9d-4446-905e-556347a5f056/1/0QXJBLKyOd-ZI0g8nHb7U-kpdrQ.roa
File: 0QXJBLKyOd-ZI0g8nHb7U-kpdrQ.roa (raw, json)
Hash identifier: 7gpAlSfanZv57qjD3+hyqBtgfGo/+Y0oIk0BcysEQEw=
Subject key identifier: D1:05:C9:04:B2:B2:39:DF:99:23:48:3C:9C:76:FB:53:E9:29:76:B4
Certificate issuer: /CN=b1c3ec539f23ee031aa396ac5ced42563884b7b3
Certificate serial: 018CC6B830AD3BAC4ECBBAF7FC522D99718B
Authority key identifier: B1:C3:EC:53:9F:23:EE:03:1A:A3:96:AC:5C:ED:42:56:38:84:B7:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/scPsU58j7gMao5asXO1CVjiEt7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/00dcdf-ec9d-4446-905e-556347a5f056/1/0QXJBLKyOd-ZI0g8nHb7U-kpdrQ.roa
Signing time: Mon 01 Jan 2024 20:30:08 +0000
ROA not before: Mon 01 Jan 2024 20:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207366
IP address blocks: 91.220.231.0/24 maxlen: 24
2a0a:ed80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/00dcdf-ec9d-4446-905e-556347a5f056/1/scPsU58j7gMao5asXO1CVjiEt7M.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/00dcdf-ec9d-4446-905e-556347a5f056/1/scPsU58j7gMao5asXO1CVjiEt7M.mft
rsync://rpki.ripe.net/repository/DEFAULT/scPsU58j7gMao5asXO1CVjiEt7M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:30:ad:3b:ac:4e:cb:ba:f7:fc:52:2d:99:71:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1c3ec539f23ee031aa396ac5ced42563884b7b3
Validity
Not Before: Jan 1 20:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d105c904b2b239df9923483c9c76fb53e92976b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:aa:cc:f7:19:28:0a:75:52:46:b5:c0:fd:ac:
30:6d:91:0c:78:92:d3:36:ca:7d:ff:1a:e7:2b:58:
dc:a7:0d:b6:c3:df:25:54:74:f3:d3:e1:d4:73:b1:
98:2a:7e:ec:5b:a6:ed:93:54:36:36:a8:ba:d8:60:
71:6f:62:ef:b0:82:20:8e:1a:90:c9:60:8f:f0:24:
54:bb:2c:c7:7e:c3:bb:6a:54:3e:4d:8b:7c:8a:4d:
7a:4a:66:03:d4:d8:be:fe:94:4d:d6:63:40:50:c6:
8f:a8:3b:8e:63:41:4b:bc:e1:74:05:3f:36:60:9d:
f4:12:66:f4:d7:21:2b:ea:05:56:73:9d:c3:93:ce:
cf:ba:c4:15:14:ec:6a:ca:ef:8c:cf:76:ed:4d:b9:
80:0b:96:f5:62:1c:1a:68:0c:17:d7:e9:09:92:af:
0f:2c:46:fb:d1:ea:97:e1:0f:de:ed:27:87:84:cd:
2c:74:62:b0:8a:3d:c7:66:10:43:1f:52:2c:15:60:
d6:4c:f8:78:4c:f4:92:23:ce:e1:0c:03:e1:d1:79:
22:69:3f:e9:ee:79:5c:bb:f3:cf:69:51:2e:22:5d:
be:c4:9e:5b:25:f6:ec:d1:7b:f3:77:d5:de:0f:2e:
2b:6b:70:55:5e:ee:cd:2d:da:f2:11:d6:b6:9f:a0:
36:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:05:C9:04:B2:B2:39:DF:99:23:48:3C:9C:76:FB:53:E9:29:76:B4
X509v3 Authority Key Identifier:
keyid:B1:C3:EC:53:9F:23:EE:03:1A:A3:96:AC:5C:ED:42:56:38:84:B7:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/scPsU58j7gMao5asXO1CVjiEt7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/00dcdf-ec9d-4446-905e-556347a5f056/1/0QXJBLKyOd-ZI0g8nHb7U-kpdrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/00dcdf-ec9d-4446-905e-556347a5f056/1/scPsU58j7gMao5asXO1CVjiEt7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.231.0/24
IPv6:
2a0a:ed80::/29
Signature Algorithm: sha256WithRSAEncryption
9e:c6:12:6c:e5:0f:eb:6c:fe:57:a3:4e:70:99:b1:e3:1c:6c:
03:e8:26:a8:08:1c:92:f7:3b:97:d6:3c:16:47:8b:28:10:27:
bd:64:5e:ee:4f:28:65:3a:fb:5f:6e:c5:e7:69:3b:76:f3:51:
60:bf:5e:d9:fb:3b:93:64:85:33:f0:be:8c:e1:53:60:82:e4:
20:43:8b:4e:5a:c1:0c:45:8f:43:5d:f6:52:ff:0d:2e:e0:8d:
ec:1d:49:86:6c:fd:de:48:7e:be:09:76:f6:cd:92:a8:03:27:
a1:dc:cb:c7:98:8f:b8:64:63:9e:d4:91:b7:da:6f:11:27:f8:
8a:f7:e5:45:ac:9f:50:6b:03:6c:87:19:3d:55:3b:ba:f4:01:
79:62:a7:60:a0:a5:5f:a6:a3:44:e9:95:e1:bd:0c:b0:0a:07:
96:c1:ff:f1:14:94:f3:bc:77:bf:d1:d9:a0:f5:fb:50:f5:36:
d3:b0:9e:50:8a:3e:19:3b:92:c7:53:01:dc:bc:3c:e0:ee:a1:
92:b0:f7:05:e1:18:0e:ce:64:15:1d:87:32:cc:d8:65:c3:7c:
af:b2:03:1d:5d:e1:5a:e6:07:f7:aa:27:18:0c:e4:44:dd:82:
af:09:30:60:83:b1:b8:de:04:78:06:a1:a5:89:87:85:a0:45:
3d:fa:e9:91
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuDCtO6xOy7r3/FItmXGLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYzNlYzUzOWYyM2VlMDMxYWEzOTZhYzVjZWQ0MjU2Mzg4
NGI3YjMwHhcNMjQwMTAxMjAzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTA1YzkwNGIyYjIzOWRmOTkyMzQ4M2M5Yzc2ZmI1M2U5Mjk3NmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqrM9xkoCnVSRrXA/awwbZEMeJLT
Nsp9/xrnK1jcpw22w98lVHTz0+HUc7GYKn7sW6btk1Q2Nqi62GBxb2LvsIIgjhqQ
yWCP8CRUuyzHfsO7alQ+TYt8ik16SmYD1Ni+/pRN1mNAUMaPqDuOY0FLvOF0BT82
YJ30Emb01yEr6gVWc53Dk87PusQVFOxqyu+Mz3btTbmAC5b1YhwaaAwX1+kJkq8P
LEb70eqX4Q/e7SeHhM0sdGKwij3HZhBDH1IsFWDWTPh4TPSSI87hDAPh0XkiaT/p
7nlcu/PPaVEuIl2+xJ5bJfbs0Xvzd9XeDy4ra3BVXu7NLdryEda2n6A2ZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNEFyQSysjnfmSNIPJx2+1PpKXa0MB8GA1UdIwQY
MBaAFLHD7FOfI+4DGqOWrFztQlY4hLezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2NQc1U1OGo3Z01hbzVhc1hPMUNWamlFdDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8wMGRjZGYtZWM5ZC00NDQ2LTkwNWUt
NTU2MzQ3YTVmMDU2LzEvMFFYSkJMS3lPZC1aSTBnOG5IYjdVLWtwZHJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8wMGRjZGYtZWM5ZC00NDQ2LTkwNWUtNTU2MzQ3YTVmMDU2
LzEvc2NQc1U1OGo3Z01hbzVhc1hPMUNWamlFdDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9znMA0E
AgACMAcDBQMqCu2AMA0GCSqGSIb3DQEBCwUAA4IBAQCexhJs5Q/rbP5Xo05wmbHj
HGwD6CaoCByS9zuX1jwWR4soECe9ZF7uTyhlOvtfbsXnaTt281Fgv17Z+zuTZIUz
8L6M4VNgguQgQ4tOWsEMRY9DXfZS/w0u4I3sHUmGbP3eSH6+CXb2zZKoAyeh3MvH
mI+4ZGOe1JG32m8RJ/iK9+VFrJ9QawNshxk9VTu69AF5YqdgoKVfpqNE6ZXhvQyw
CgeWwf/xFJTzvHe/0dmg9ftQ9TbTsJ5Qij4ZO5LHUwHcvDzg7qGSsPcF4RgOzmQV
HYcyzNhlw3yvsgMdXeFa5gf3qicYDORE3YKvCTBgg7G43gR4BqGliYeFoEU9+umR
-----END CERTIFICATE-----
Generated at Tue Nov 26 09:30:13 2024 by rpki-client on console-fra.rpki-client.org