Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/Ca0WFketL5hpuFocqhamKViUnT8.roa
File: Ca0WFketL5hpuFocqhamKViUnT8.roa (raw, json)
Hash identifier: pgsuHNvSm3bCVnJtMa/zSfgMaoCv52BfvrtZrsFHnRw=
Subject key identifier: 09:AD:16:16:47:AD:2F:98:69:B8:5A:1C:AA:16:A6:29:58:94:9D:3F
Certificate issuer: /CN=035e5285dedc35ab63527048b366ee553806ce04
Certificate serial: 018CC7259CFF0E16DB5A9BAF0E4F31F9BEA0
Authority key identifier: 03:5E:52:85:DE:DC:35:AB:63:52:70:48:B3:66:EE:55:38:06:CE:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A15Shd7cNatjUnBIs2buVTgGzgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/Ca0WFketL5hpuFocqhamKViUnT8.roa
Signing time: Mon 01 Jan 2024 22:29:40 +0000
ROA not before: Mon 01 Jan 2024 22:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31463
IP address blocks: 91.213.208.0/24 maxlen: 24
91.213.217.0/24 maxlen: 24
91.213.215.0/24 maxlen: 24
91.213.220.0/24 maxlen: 24
2a0f:64c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/A15Shd7cNatjUnBIs2buVTgGzgQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/A15Shd7cNatjUnBIs2buVTgGzgQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/A15Shd7cNatjUnBIs2buVTgGzgQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 14:51:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:9c:ff:0e:16:db:5a:9b:af:0e:4f:31:f9:be:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=035e5285dedc35ab63527048b366ee553806ce04
Validity
Not Before: Jan 1 22:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09ad161647ad2f9869b85a1caa16a62958949d3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:3a:79:10:c8:90:bb:f9:1f:37:cd:5b:9c:05:
16:42:56:ca:d3:21:f5:6a:7a:f4:03:a3:0c:e3:43:
ca:89:5c:3e:84:cc:f5:06:2c:36:a3:9b:36:e5:35:
e0:80:2f:d0:a0:e8:9d:8b:40:e1:6d:07:b7:33:9d:
30:52:0d:b3:cb:bf:e8:b0:e3:e0:d8:1a:f2:5f:03:
29:fe:ce:30:5b:b2:02:b6:70:19:f0:58:99:3a:6c:
b0:4f:f7:ff:06:df:01:cc:72:65:46:1c:97:47:92:
07:d1:2f:c2:94:db:da:4c:35:0d:27:31:f8:f8:66:
bf:f0:00:aa:65:ac:78:a4:c4:e9:32:0d:73:7b:68:
d0:5a:0d:86:c2:51:27:b1:c1:eb:9f:5f:20:80:7a:
07:84:61:41:c9:7c:79:94:43:23:7f:99:0a:0c:40:
c9:68:21:2f:ca:5a:d7:30:a4:43:37:39:5c:f4:b8:
6a:95:7f:84:cb:1f:34:0a:e0:3d:d4:4b:e0:59:a8:
1d:94:16:98:d1:6b:dd:08:7a:12:1b:a5:cd:71:5d:
cc:e7:cd:0c:33:fb:43:96:b9:3a:61:0b:48:53:fb:
27:33:8f:49:3a:c0:41:9d:78:04:40:b9:c7:9e:ff:
0a:9e:5e:d9:39:7b:ed:62:9c:51:19:8d:72:bd:87:
f3:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:AD:16:16:47:AD:2F:98:69:B8:5A:1C:AA:16:A6:29:58:94:9D:3F
X509v3 Authority Key Identifier:
keyid:03:5E:52:85:DE:DC:35:AB:63:52:70:48:B3:66:EE:55:38:06:CE:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A15Shd7cNatjUnBIs2buVTgGzgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/Ca0WFketL5hpuFocqhamKViUnT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/A15Shd7cNatjUnBIs2buVTgGzgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.208.0/24
91.213.215.0/24
91.213.217.0/24
91.213.220.0/24
IPv6:
2a0f:64c0::/29
Signature Algorithm: sha256WithRSAEncryption
26:3a:22:c1:4c:e4:df:1e:c9:69:08:af:17:4e:e7:b8:1f:97:
4e:c0:a3:88:e4:10:35:df:fb:e8:5f:97:78:73:73:e0:a5:66:
01:26:ee:2c:72:c3:1a:1b:2f:46:db:a0:64:f7:e9:49:38:a2:
98:13:33:16:4e:03:f0:58:67:fc:85:18:9e:86:89:c2:6e:6c:
ab:dd:99:a2:2c:c7:df:85:41:5b:1a:30:79:5a:43:89:71:32:
42:06:9f:26:54:53:07:f6:30:52:7f:43:29:8f:7f:5d:79:a9:
89:4e:0c:5f:16:c0:49:5f:34:2f:4d:29:6c:a2:3c:47:e7:24:
4e:f7:aa:53:d0:bf:17:3f:90:35:02:51:8f:39:ea:16:6d:98:
b8:14:a8:b3:df:a5:b5:5b:94:42:e6:55:b6:9e:6e:ee:4b:54:
8f:c1:55:d6:84:7a:f7:88:0d:b9:99:17:8b:09:c8:cf:98:ba:
ba:85:f3:13:3a:1a:c4:b0:22:81:52:5f:c9:a6:0b:cf:ed:3d:
3c:ce:2f:bd:d8:81:a9:19:4a:12:69:e8:85:17:e6:ca:73:2c:
2b:ab:78:26:fe:16:21:ab:e7:11:84:e1:8b:78:fd:6c:4e:a3:
40:4e:91:33:3a:5d:1b:3a:ba:b4:af:e8:2c:d1:e8:cd:b6:19:
3a:7c:f2:c6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzHJZz/DhbbWpuvDk8x+b6gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNWU1Mjg1ZGVkYzM1YWI2MzUyNzA0OGIzNjZlZTU1Mzgw
NmNlMDQwHhcNMjQwMTAxMjIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWFkMTYxNjQ3YWQyZjk4NjliODVhMWNhYTE2YTYyOTU4OTQ5ZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjp5EMiQu/kfN81bnAUWQlbK0yH1
anr0A6MM40PKiVw+hMz1Biw2o5s25TXggC/QoOidi0DhbQe3M50wUg2zy7/osOPg
2BryXwMp/s4wW7ICtnAZ8FiZOmywT/f/Bt8BzHJlRhyXR5IH0S/ClNvaTDUNJzH4
+Ga/8ACqZax4pMTpMg1ze2jQWg2GwlEnscHrn18ggHoHhGFByXx5lEMjf5kKDEDJ
aCEvylrXMKRDNzlc9LhqlX+Eyx80CuA91EvgWagdlBaY0WvdCHoSG6XNcV3M580M
M/tDlrk6YQtIU/snM49JOsBBnXgEQLnHnv8Knl7ZOXvtYpxRGY1yvYfzOwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAmtFhZHrS+YabhaHKoWpilYlJ0/MB8GA1UdIwQY
MBaAFANeUoXe3DWrY1JwSLNm7lU4Bs4EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTE1U2hkN2NOYXRqVW5CSXMyYnVWVGdHemdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mMTk0NGItMTAxYS00MTgxLWEzNmIt
MmMyNzA3NzM2ZmRiLzEvQ2EwV0ZrZXRMNWhwdUZvY3FoYW1LVmlVblQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mMTk0NGItMTAxYS00MTgxLWEzNmItMmMyNzA3NzM2ZmRi
LzEvQTE1U2hkN2NOYXRqVW5CSXMyYnVWVGdHemdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9XQAwQA
W9XXAwQAW9XZAwQAW9XcMA0EAgACMAcDBQMqD2TAMA0GCSqGSIb3DQEBCwUAA4IB
AQAmOiLBTOTfHslpCK8XTue4H5dOwKOI5BA13/voX5d4c3PgpWYBJu4scsMaGy9G
26Bk9+lJOKKYEzMWTgPwWGf8hRiehonCbmyr3ZmiLMffhUFbGjB5WkOJcTJCBp8m
VFMH9jBSf0Mpj39deamJTgxfFsBJXzQvTSlsojxH5yRO96pT0L8XP5A1AlGPOeoW
bZi4FKiz36W1W5RC5lW2nm7uS1SPwVXWhHr3iA25mReLCcjPmLq6hfMTOhrEsCKB
Ul/JpgvP7T08zi+92IGpGUoSaeiFF+bKcywrq3gm/hYhq+cRhOGLeP1sTqNATpEz
Ol0bOrq0r+gs0ejNthk6fPLG
-----END CERTIFICATE-----
Generated at Wed May 15 23:17:25 2024 by rpki-client on console-fra.rpki-client.org