Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/699704-8004-4614-b44c-2ca492f6d7a8/1/11N2uChb-eRUSTh_EW_jvHomG4Y.roa
File: 11N2uChb-eRUSTh_EW_jvHomG4Y.roa (raw, json)
Hash identifier: tYl4S5OmWiTFdI2jM3LWKatk1muGLX/G7JttDQnrgTA=
Subject key identifier: D7:53:76:B8:28:5B:F9:E4:54:49:38:7F:11:6F:E3:BC:7A:26:1B:86
Certificate issuer: /CN=74a4f3c0b66a4c93e80ff5f6d89ad8673e943c5f
Certificate serial: 018CC8DEA4D0C693C8CE4BBC64B2604A9ED8
Authority key identifier: 74:A4:F3:C0:B6:6A:4C:93:E8:0F:F5:F6:D8:9A:D8:67:3E:94:3C:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dKTzwLZqTJPoD_X22JrYZz6UPF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/699704-8004-4614-b44c-2ca492f6d7a8/1/11N2uChb-eRUSTh_EW_jvHomG4Y.roa
Signing time: Tue 02 Jan 2024 06:31:23 +0000
ROA not before: Tue 02 Jan 2024 06:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50213
IP address blocks: 91.213.203.0/24 maxlen: 24
2001:67c:398::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/699704-8004-4614-b44c-2ca492f6d7a8/1/dKTzwLZqTJPoD_X22JrYZz6UPF8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/699704-8004-4614-b44c-2ca492f6d7a8/1/dKTzwLZqTJPoD_X22JrYZz6UPF8.mft
rsync://rpki.ripe.net/repository/DEFAULT/dKTzwLZqTJPoD_X22JrYZz6UPF8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:a4:d0:c6:93:c8:ce:4b:bc:64:b2:60:4a:9e:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74a4f3c0b66a4c93e80ff5f6d89ad8673e943c5f
Validity
Not Before: Jan 2 06:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d75376b8285bf9e45449387f116fe3bc7a261b86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:04:ee:60:bf:59:b3:26:f2:4a:27:90:3c:88:
d9:e7:3c:75:71:b2:0c:35:2e:6b:c3:97:5a:7e:be:
35:88:88:41:85:6c:bc:ac:d9:5f:a9:63:36:21:0f:
49:2d:f2:a4:d3:3a:4d:d3:e7:15:73:ee:87:ee:56:
ff:d1:32:6b:26:a5:36:d0:5c:b7:e4:4d:83:55:6d:
26:4f:b2:b8:38:f9:0e:e8:3a:34:e6:45:6f:2a:6f:
07:64:1e:ac:94:34:c1:59:c0:31:27:2e:50:60:6a:
72:98:05:18:60:10:15:c6:ff:5b:2c:32:6b:70:5e:
c8:35:11:82:be:fb:3f:db:14:46:7c:e4:19:1f:70:
ad:eb:91:dd:7e:2f:e4:e1:7c:66:ee:5e:f6:33:dc:
28:17:d0:d8:fe:4e:48:6a:35:3b:f3:cd:ec:f1:a7:
26:e5:62:83:82:be:85:c6:5c:30:bd:64:4a:37:92:
aa:0f:ea:22:5c:c3:ce:ac:85:57:3b:13:25:88:b7:
8a:7e:b9:ae:d2:27:61:fc:17:5f:40:99:1b:e6:e7:
80:fe:27:16:bd:03:e9:05:cb:36:56:0b:12:89:79:
e7:3b:d3:12:8d:3d:4c:6a:b3:2b:35:01:07:05:94:
23:6e:55:75:83:49:70:a3:40:1d:b3:cc:57:0a:be:
17:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:53:76:B8:28:5B:F9:E4:54:49:38:7F:11:6F:E3:BC:7A:26:1B:86
X509v3 Authority Key Identifier:
keyid:74:A4:F3:C0:B6:6A:4C:93:E8:0F:F5:F6:D8:9A:D8:67:3E:94:3C:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dKTzwLZqTJPoD_X22JrYZz6UPF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/699704-8004-4614-b44c-2ca492f6d7a8/1/11N2uChb-eRUSTh_EW_jvHomG4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/699704-8004-4614-b44c-2ca492f6d7a8/1/dKTzwLZqTJPoD_X22JrYZz6UPF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.203.0/24
IPv6:
2001:67c:398::/48
Signature Algorithm: sha256WithRSAEncryption
99:e8:9b:70:00:e8:99:c8:59:d4:e0:01:49:9a:57:a7:06:2d:
0d:7d:3e:c3:ab:46:47:2d:78:91:c5:d2:d2:ed:58:25:9a:e7:
be:b1:4d:42:80:94:c5:77:05:03:27:9b:45:7c:80:59:22:87:
0e:71:99:c3:31:db:cc:32:c0:87:0e:50:7e:ae:ed:57:53:e5:
a8:bb:0f:c8:8e:04:a9:bc:ed:02:c6:e2:11:8e:e6:3c:48:d9:
15:9a:ed:c8:d3:bd:09:d8:96:67:a2:50:ba:62:56:14:5a:9d:
c5:b4:40:cc:63:13:21:69:cc:eb:32:dc:72:6a:10:12:47:23:
4c:31:c6:86:55:ba:f0:e9:19:98:b4:c3:98:a7:9a:68:b2:31:
e2:3a:93:02:15:58:4a:8c:c3:4c:e1:55:c8:99:a2:cd:06:44:
f8:ec:b7:6f:3c:4c:4f:7a:2c:ce:a4:aa:1f:8b:3a:b2:1e:9a:
c0:78:5f:5f:2f:a1:3e:f7:9d:fe:0e:bc:e2:f1:df:61:88:4c:
ea:d5:f9:33:3e:ed:81:ed:8d:85:7c:98:4a:a9:bf:66:62:63:
f1:39:ad:1e:bf:de:98:79:3f:cc:3d:55:5a:96:36:c1:56:d3:
70:21:ea:07:cb:7f:fc:08:6f:de:71:be:43:4d:ca:56:01:70:
90:ad:de:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzI3qTQxpPIzku8ZLJgSp7YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YTRmM2MwYjY2YTRjOTNlODBmZjVmNmQ4OWFkODY3M2U5
NDNjNWYwHhcNMjQwMTAyMDYzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzUzNzZiODI4NWJmOWU0NTQ0OTM4N2YxMTZmZTNiYzdhMjYxYjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQTuYL9ZsybySieQPIjZ5zx1cbIM
NS5rw5dafr41iIhBhWy8rNlfqWM2IQ9JLfKk0zpN0+cVc+6H7lb/0TJrJqU20Fy3
5E2DVW0mT7K4OPkO6Do05kVvKm8HZB6slDTBWcAxJy5QYGpymAUYYBAVxv9bLDJr
cF7INRGCvvs/2xRGfOQZH3Ct65Hdfi/k4Xxm7l72M9woF9DY/k5IajU7883s8acm
5WKDgr6FxlwwvWRKN5KqD+oiXMPOrIVXOxMliLeKfrmu0idh/BdfQJkb5ueA/icW
vQPpBcs2VgsSiXnnO9MSjT1MarMrNQEHBZQjblV1g0lwo0Ads8xXCr4XoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNdTdrgoW/nkVEk4fxFv47x6JhuGMB8GA1UdIwQY
MBaAFHSk88C2akyT6A/19tia2Gc+lDxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEtUendMWnFUSlBvRF9YMjJKcllaejZVUEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi82OTk3MDQtODAwNC00NjE0LWI0NGMt
MmNhNDkyZjZkN2E4LzEvMTFOMnVDaGItZVJVU1RoX0VXX2p2SG9tRzRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi82OTk3MDQtODAwNC00NjE0LWI0NGMtMmNhNDkyZjZkN2E4
LzEvZEtUendMWnFUSlBvRF9YMjJKcllaejZVUEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9XLMA8E
AgACMAkDBwAgAQZ8A5gwDQYJKoZIhvcNAQELBQADggEBAJnom3AA6JnIWdTgAUma
V6cGLQ19PsOrRkcteJHF0tLtWCWa576xTUKAlMV3BQMnm0V8gFkihw5xmcMx28wy
wIcOUH6u7VdT5ai7D8iOBKm87QLG4hGO5jxI2RWa7cjTvQnYlmeiULpiVhRancW0
QMxjEyFpzOsy3HJqEBJHI0wxxoZVuvDpGZi0w5inmmiyMeI6kwIVWEqMw0zhVciZ
os0GRPjst288TE96LM6kqh+LOrIemsB4X18voT73nf4OvOLx32GITOrV+TM+7YHt
jYV8mEqpv2ZiY/E5rR6/3ph5P8w9VVqWNsFW03Ah6gfLf/wIb95xvkNNylYBcJCt
3vQ=
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:16:22 2024 by rpki-client on console-fra.rpki-client.org