Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/1-4UDbocNFtvjg9nQIp4alXwEFg.roa
File: 1-4UDbocNFtvjg9nQIp4alXwEFg.roa (raw, json)
Hash identifier: VMrDtB/HNh/gS6gEEiyGZJ6tAZbb29qnml2ItOCl1R8=
Subject key identifier: D7:EE:14:0D:BA:1C:34:5B:6F:8E:0F:67:40:8A:78:6A:55:F0:10:58
Certificate issuer: /CN=2bc8695772f0e64f3b9a1621733cc02506f74702
Certificate serial: 018CCEE5AF3DA6600B8F8A191EA39246309F
Authority key identifier: 2B:C8:69:57:72:F0:E6:4F:3B:9A:16:21:73:3C:C0:25:06:F7:47:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K8hpV3Lw5k87mhYhczzAJQb3RwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/1-4UDbocNFtvjg9nQIp4alXwEFg.roa
Signing time: Wed 03 Jan 2024 10:36:48 +0000
ROA not before: Wed 03 Jan 2024 10:36:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13044
IP address blocks: 91.188.209.0/24 maxlen: 24
91.188.210.0/24 maxlen: 24
91.188.211.0/24 maxlen: 24
91.188.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/K8hpV3Lw5k87mhYhczzAJQb3RwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/K8hpV3Lw5k87mhYhczzAJQb3RwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/K8hpV3Lw5k87mhYhczzAJQb3RwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ce:e5:af:3d:a6:60:0b:8f:8a:19:1e:a3:92:46:30:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bc8695772f0e64f3b9a1621733cc02506f74702
Validity
Not Before: Jan 3 10:36:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7ee140dba1c345b6f8e0f67408a786a55f01058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:55:66:02:28:8d:24:31:12:d4:ee:57:48:c8:
e9:0c:90:90:d7:49:69:9e:76:b3:9c:e7:4a:e2:18:
bd:da:63:2e:2d:6a:20:08:50:32:43:fb:f0:45:cf:
c6:60:25:e0:c4:68:2c:a2:b0:69:3d:9f:64:4e:bb:
3b:81:6c:ba:62:37:a6:b2:b4:2c:f9:29:6c:8f:ad:
13:cd:94:9c:ab:39:c5:56:95:de:22:84:3c:4e:da:
3a:ea:7c:56:dc:90:a9:9d:13:5e:fe:65:db:ac:e0:
04:10:57:82:40:ed:df:52:6e:be:17:e4:15:2d:38:
9f:1b:62:e0:ad:6b:aa:60:84:a7:7f:39:9e:7d:17:
70:db:5c:3c:36:ca:6d:9a:a3:c5:8d:41:99:78:d4:
11:8a:b6:d1:ba:5e:13:24:22:37:d1:56:f8:b2:13:
72:3a:c9:70:70:10:a9:63:46:30:f2:b6:46:aa:37:
29:5c:04:81:76:46:5c:9b:d5:30:ab:f4:08:f5:2b:
27:06:e7:da:ed:24:15:77:8d:45:40:d6:eb:56:bc:
20:a2:01:22:71:49:ff:ed:71:c1:28:88:be:c2:8f:
f9:8c:63:12:82:08:5d:3f:c6:f7:50:ac:ee:13:3b:
c1:3d:c0:77:40:1c:d3:a2:55:d0:4b:c3:c8:69:ad:
e1:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:EE:14:0D:BA:1C:34:5B:6F:8E:0F:67:40:8A:78:6A:55:F0:10:58
X509v3 Authority Key Identifier:
keyid:2B:C8:69:57:72:F0:E6:4F:3B:9A:16:21:73:3C:C0:25:06:F7:47:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K8hpV3Lw5k87mhYhczzAJQb3RwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/1-4UDbocNFtvjg9nQIp4alXwEFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/K8hpV3Lw5k87mhYhczzAJQb3RwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.208.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:5c:1b:83:f3:7a:5f:ef:ca:fc:d5:eb:de:2d:d4:d6:b8:89:
21:5a:53:a7:96:88:4e:f4:d8:fb:79:a2:a1:8a:e3:3b:71:c3:
4b:f5:ac:be:bf:d8:71:e4:95:17:62:5d:0b:44:14:55:be:cb:
ec:50:7d:ef:23:ff:0a:ad:97:8e:66:0f:9a:01:20:c3:e3:84:
2d:d5:f0:c0:dc:c5:ea:ba:ba:b9:e8:a3:cc:05:3f:7e:4e:11:
fe:87:bb:6e:4b:02:23:d8:51:ae:1a:a2:d0:2e:89:fb:a0:fe:
2f:0a:6d:54:cd:e5:5b:5e:d3:57:b6:e0:98:0b:07:9b:ff:cc:
c5:bd:b7:45:10:df:e0:06:62:db:f0:e3:7a:fb:4c:3d:ef:ef:
7d:4d:d3:ed:53:e7:a1:cb:84:5c:78:f3:a6:19:89:a5:9a:54:
2e:8d:4f:15:80:d0:9e:d0:5a:88:ca:90:db:65:de:56:fe:80:
f6:04:f4:a4:ae:7c:c1:9a:de:6f:e0:1f:89:f4:40:36:e4:79:
34:6c:6a:c4:37:37:25:e4:c6:e6:0e:8e:b4:d9:5b:88:bf:af:
c5:df:77:7b:2f:54:3d:ab:56:de:70:f7:fd:9a:a9:5c:d6:89:
b3:b0:59:9d:fe:63:12:a2:30:8d:57:1f:29:05:dc:cc:08:1f:
bb:82:d7:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzO5a89pmALj4oZHqOSRjCfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYzg2OTU3NzJmMGU2NGYzYjlhMTYyMTczM2NjMDI1MDZm
NzQ3MDIwHhcNMjQwMTAzMTAzNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2VlMTQwZGJhMWMzNDViNmY4ZTBmNjc0MDhhNzg2YTU1ZjAxMDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1VmAiiNJDES1O5XSMjpDJCQ10lp
nnaznOdK4hi92mMuLWogCFAyQ/vwRc/GYCXgxGgsorBpPZ9kTrs7gWy6YjemsrQs
+Slsj60TzZScqznFVpXeIoQ8Tto66nxW3JCpnRNe/mXbrOAEEFeCQO3fUm6+F+QV
LTifG2LgrWuqYISnfzmefRdw21w8NsptmqPFjUGZeNQRirbRul4TJCI30Vb4shNy
OslwcBCpY0Yw8rZGqjcpXASBdkZcm9Uwq/QI9SsnBufa7SQVd41FQNbrVrwgogEi
cUn/7XHBKIi+wo/5jGMSgghdP8b3UKzuEzvBPcB3QBzTolXQS8PIaa3hrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNfuFA26HDRbb44PZ0CKeGpV8BBYMB8GA1UdIwQY
MBaAFCvIaVdy8OZPO5oWIXM8wCUG90cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzhocFYzTHc1azg3bWhZaGN6ekFKUWIzUndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9jYmZhOWItMDI5MS00OGUzLTgwNWMt
NDNkNjZhMDMzMWVjLzEvMS00VURib2NORnR2amc5blFJcDRhbFh3RUZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9jYmZhOWItMDI5MS00OGUzLTgwNWMtNDNkNjZhMDMzMWVj
LzEvSzhocFYzTHc1azg3bWhZaGN6ekFKUWIzUndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW7zQMA0G
CSqGSIb3DQEBCwUAA4IBAQAuXBuD83pf78r81eveLdTWuIkhWlOnlohO9Nj7eaKh
iuM7ccNL9ay+v9hx5JUXYl0LRBRVvsvsUH3vI/8KrZeOZg+aASDD44Qt1fDA3MXq
urq56KPMBT9+ThH+h7tuSwIj2FGuGqLQLon7oP4vCm1UzeVbXtNXtuCYCweb/8zF
vbdFEN/gBmLb8ON6+0w97+99TdPtU+ehy4RcePOmGYmlmlQujU8VgNCe0FqIypDb
Zd5W/oD2BPSkrnzBmt5v4B+J9EA25Hk0bGrENzcl5MbmDo602VuIv6/F33d7L1Q9
q1becPf9mqlc1omzsFmd/mMSojCNVx8pBdzMCB+7gtfM
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:42:33 2024 by rpki-client on console-ams.rpki-client.org