Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/6645d5-d193-4a63-85e6-2ca0e5c104fd/1/tIMpWPVD50yE7oK5wo8PnlH4fJQ.roa
File: tIMpWPVD50yE7oK5wo8PnlH4fJQ.roa (raw, json)
Hash identifier: AkF6hewIhPhy1fwn3jpcjjc0FIUT8NUD6KUNXUsNVJg=
Subject key identifier: B4:83:29:58:F5:43:E7:4C:84:EE:82:B9:C2:8F:0F:9E:51:F8:7C:94
Certificate issuer: /CN=be18e2d9f509c9d3b455112aa288d336185801a0
Certificate serial: 018FE7E1D358FA65D0A31D52D6565A789629
Authority key identifier: BE:18:E2:D9:F5:09:C9:D3:B4:55:11:2A:A2:88:D3:36:18:58:01:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vhji2fUJydO0VREqoojTNhhYAaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/6645d5-d193-4a63-85e6-2ca0e5c104fd/1/tIMpWPVD50yE7oK5wo8PnlH4fJQ.roa
Signing time: Wed 05 Jun 2024 10:11:27 +0000
ROA not before: Wed 05 Jun 2024 10:11:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211425
IP address blocks: 91.151.85.0/24 maxlen: 24
91.151.92.0/24 maxlen: 24
193.56.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/6645d5-d193-4a63-85e6-2ca0e5c104fd/1/vhji2fUJydO0VREqoojTNhhYAaA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/6645d5-d193-4a63-85e6-2ca0e5c104fd/1/vhji2fUJydO0VREqoojTNhhYAaA.mft
rsync://rpki.ripe.net/repository/DEFAULT/vhji2fUJydO0VREqoojTNhhYAaA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e7:e1:d3:58:fa:65:d0:a3:1d:52:d6:56:5a:78:96:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be18e2d9f509c9d3b455112aa288d336185801a0
Validity
Not Before: Jun 5 10:11:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4832958f543e74c84ee82b9c28f0f9e51f87c94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:dc:0c:e3:01:95:7d:e3:00:0b:03:f2:31:e2:
be:a4:69:ae:b7:1f:8e:f7:49:5e:6a:c9:0a:05:64:
c3:9d:9a:f4:a0:4d:27:1a:b1:d9:07:fc:f7:fa:7f:
bd:24:dc:36:d2:d7:ca:08:e2:5c:4c:74:b3:40:31:
cf:64:b5:a4:69:14:37:04:bd:2b:af:69:38:dd:be:
af:dd:51:78:38:f5:d1:10:d1:7f:47:fa:a6:6a:6d:
bb:bc:ba:02:0d:04:d9:96:fa:66:ae:b0:ad:65:a8:
26:7d:54:7d:61:1f:90:00:27:06:b8:a6:98:df:d0:
66:9b:63:fc:ab:ef:87:f4:92:09:1d:44:4d:5a:b4:
fc:19:80:ca:3f:00:97:88:8c:46:3c:42:a4:17:a5:
22:e4:0e:27:32:bc:1d:40:99:2d:a1:9d:1e:79:84:
2c:de:42:75:b2:f8:ab:2a:91:10:60:13:1b:27:4e:
21:b1:69:33:66:c6:c0:04:ea:79:cf:de:9c:61:79:
f8:4a:91:5b:84:4d:34:69:5b:c0:f2:d5:e4:3e:76:
52:93:8e:12:eb:73:e9:4b:eb:d3:ba:a7:4f:93:e3:
5e:af:b4:71:3f:f4:8a:89:6e:09:6d:1d:7e:2f:79:
5f:58:09:1d:db:63:8c:91:cc:69:7c:a8:46:bf:55:
90:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:83:29:58:F5:43:E7:4C:84:EE:82:B9:C2:8F:0F:9E:51:F8:7C:94
X509v3 Authority Key Identifier:
keyid:BE:18:E2:D9:F5:09:C9:D3:B4:55:11:2A:A2:88:D3:36:18:58:01:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vhji2fUJydO0VREqoojTNhhYAaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6645d5-d193-4a63-85e6-2ca0e5c104fd/1/tIMpWPVD50yE7oK5wo8PnlH4fJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6645d5-d193-4a63-85e6-2ca0e5c104fd/1/vhji2fUJydO0VREqoojTNhhYAaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.85.0/24
91.151.92.0/24
193.56.0.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:ca:8e:ce:32:9a:34:7a:80:1e:1a:11:a1:37:4c:77:2a:17:
2e:63:30:93:27:e2:23:f6:17:cc:f8:4f:15:37:0a:2e:0e:07:
0b:f6:aa:22:aa:5b:4d:96:8e:64:9f:88:fc:85:c9:2c:62:9a:
99:14:72:40:55:a7:b8:9e:3a:43:f0:57:23:a9:01:16:ae:4d:
bf:56:4d:1d:de:12:74:ea:92:19:2e:50:3a:7d:8f:c5:af:47:
40:5f:02:1b:62:28:83:51:d2:b5:da:f5:76:b9:b1:b9:e1:d7:
0d:c7:7b:ec:21:83:99:10:dc:6d:d6:5f:74:2f:12:c1:1d:f7:
cf:b6:85:10:da:e8:88:fb:64:95:cc:df:6e:90:48:af:ec:a2:
a2:6e:3a:60:b9:55:f6:a2:53:f6:f2:70:2e:c1:e4:f3:88:10:
5f:7b:96:b7:f3:d4:2d:d8:c5:50:4d:7b:0e:45:89:73:99:db:
a6:30:c4:cc:5a:cd:1f:ee:f2:14:4b:d8:9d:d1:f3:f7:69:b5:
9a:89:52:de:c1:ef:8c:79:c0:0c:90:eb:29:bc:8f:59:30:c0:
9b:e3:d6:f6:a6:e7:29:e4:ad:b0:3f:cf:8b:d6:d5:53:cc:90:
c7:af:fe:f9:85:b2:92:33:5f:a9:fc:9b:dc:e0:a9:9f:83:06:
1d:e1:50:0c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/n4dNY+mXQox1S1lZaeJYpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMThlMmQ5ZjUwOWM5ZDNiNDU1MTEyYWEyODhkMzM2MTg1
ODAxYTAwHhcNMjQwNjA1MTAxMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDgzMjk1OGY1NDNlNzRjODRlZTgyYjljMjhmMGY5ZTUxZjg3Yzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9wM4wGVfeMACwPyMeK+pGmutx+O
90leaskKBWTDnZr0oE0nGrHZB/z3+n+9JNw20tfKCOJcTHSzQDHPZLWkaRQ3BL0r
r2k43b6v3VF4OPXRENF/R/qmam27vLoCDQTZlvpmrrCtZagmfVR9YR+QACcGuKaY
39Bmm2P8q++H9JIJHURNWrT8GYDKPwCXiIxGPEKkF6Ui5A4nMrwdQJktoZ0eeYQs
3kJ1svirKpEQYBMbJ04hsWkzZsbABOp5z96cYXn4SpFbhE00aVvA8tXkPnZSk44S
63PpS+vTuqdPk+Ner7RxP/SKiW4JbR1+L3lfWAkd22OMkcxpfKhGv1WQ+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLSDKVj1Q+dMhO6CucKPD55R+HyUMB8GA1UdIwQY
MBaAFL4Y4tn1CcnTtFURKqKI0zYYWAGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmhqaTJmVUp5ZE8wVlJFcW9valROaGhZQWFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82NjQ1ZDUtZDE5My00YTYzLTg1ZTYt
MmNhMGU1YzEwNGZkLzEvdElNcFdQVkQ1MHlFN29LNXdvOFBubEg0ZkpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82NjQ1ZDUtZDE5My00YTYzLTg1ZTYtMmNhMGU1YzEwNGZk
LzEvdmhqaTJmVUp5ZE8wVlJFcW9valROaGhZQWFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW5dVAwQA
W5dcAwQAwTgAMA0GCSqGSIb3DQEBCwUAA4IBAQCqyo7OMpo0eoAeGhGhN0x3Khcu
YzCTJ+Ij9hfM+E8VNwouDgcL9qoiqltNlo5kn4j8hcksYpqZFHJAVae4njpD8Fcj
qQEWrk2/Vk0d3hJ06pIZLlA6fY/Fr0dAXwIbYiiDUdK12vV2ubG54dcNx3vsIYOZ
ENxt1l90LxLBHffPtoUQ2uiI+2SVzN9ukEiv7KKibjpguVX2olP28nAuweTziBBf
e5a389Qt2MVQTXsORYlzmdumMMTMWs0f7vIUS9id0fP3abWaiVLewe+MecAMkOsp
vI9ZMMCb49b2pucp5K2wP8+L1tVTzJDHr/75hbKSM1+p/Jvc4KmfgwYd4VAM
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:56:42 2024 by rpki-client on console-fra.rpki-client.org