Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/i_E0d0B1QGXWbME7s1N8ZS6s38I.roa
File: i_E0d0B1QGXWbME7s1N8ZS6s38I.roa (raw, json)
Hash identifier: RHGdwXFbO08/GStOGMb1rtutKEEfYQmcf3FgT01XFdc=
Subject key identifier: 8B:F1:34:77:40:75:40:65:D6:6C:C1:3B:B3:53:7C:65:2E:AC:DF:C2
Certificate issuer: /CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Certificate serial: 018CC8013C7EE8B859D8FE456E2E648ED57D
Authority key identifier: 46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/i_E0d0B1QGXWbME7s1N8ZS6s38I.roa
Signing time: Tue 02 Jan 2024 02:29:33 +0000
ROA not before: Tue 02 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205036
IP address blocks: 91.209.58.0/24 maxlen: 24
2a0f:5fc0:beef::/48 maxlen: 48
2a0f:5fc0:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/RtcTrajavPd2gcDKQtmWnkR8jqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/RtcTrajavPd2gcDKQtmWnkR8jqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:3c:7e:e8:b8:59:d8:fe:45:6e:2e:64:8e:d5:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Validity
Not Before: Jan 2 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8bf1347740754065d66cc13bb3537c652eacdfc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b8:99:b5:87:41:fc:2d:1e:6a:a2:8c:42:87:
04:99:8f:c5:18:9f:0b:2f:65:f1:b8:21:ef:fd:99:
27:7b:66:43:22:56:17:4c:18:b8:d4:13:58:5b:be:
5c:01:5f:78:57:15:2f:a3:bb:e2:83:c5:df:cc:95:
63:cf:11:60:ac:c2:1c:3e:32:18:45:5a:9d:9f:f4:
f7:2f:7f:26:a1:7f:6b:de:da:2e:1e:2d:46:9d:e0:
28:81:fd:73:86:01:e8:c9:49:07:69:c6:8d:c4:d7:
21:f9:44:3a:66:86:1c:d4:a1:6c:0b:45:e2:e9:e3:
1d:49:9d:a9:a0:a2:c7:b8:89:8b:37:9a:74:22:1c:
29:80:1c:de:56:c2:21:a9:0d:39:82:1c:39:69:00:
44:82:a0:a0:c8:64:67:dc:19:8f:2c:78:10:c4:54:
1f:d0:c3:b1:a7:68:94:3a:c4:58:8e:f8:a2:47:21:
d3:dc:8e:ad:fe:6b:3f:aa:49:bb:7d:f5:d3:6f:51:
0f:35:90:84:ed:bc:db:ae:a3:e1:ab:6b:18:34:1c:
57:13:24:eb:32:5c:0c:2b:36:ee:42:fb:e5:8b:86:
70:16:03:65:00:e1:7e:14:30:29:e0:c4:df:21:d3:
72:a2:71:93:4b:11:9e:b2:c3:c8:8f:b4:5e:9d:a7:
50:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:F1:34:77:40:75:40:65:D6:6C:C1:3B:B3:53:7C:65:2E:AC:DF:C2
X509v3 Authority Key Identifier:
keyid:46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/i_E0d0B1QGXWbME7s1N8ZS6s38I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/RtcTrajavPd2gcDKQtmWnkR8jqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.58.0/24
IPv6:
2a0f:5fc0:b00b::/48
2a0f:5fc0:beef::/48
Signature Algorithm: sha256WithRSAEncryption
01:e0:33:ea:e3:77:69:48:03:34:f5:d9:fe:a9:0d:96:c8:2d:
92:ca:43:50:ad:11:45:7c:cd:1f:73:fc:e4:d1:1b:5a:a8:69:
a5:06:48:bd:38:c2:62:18:78:c6:66:1c:ca:a8:d2:00:2c:68:
1c:37:a8:cd:44:99:81:95:aa:f7:a4:65:d0:7b:ed:71:46:bc:
0e:39:af:40:07:5c:da:c5:76:49:0f:27:e7:f9:d3:44:f3:aa:
a3:18:a6:d1:63:82:bd:57:39:ca:6d:ab:5b:b1:48:a9:43:b3:
ce:98:87:e1:ba:a9:8e:e8:7e:c0:c8:4c:d5:eb:73:06:cd:1b:
43:ac:00:7f:12:b6:bf:f2:6f:c0:d8:d5:0b:69:7a:07:29:77:
7e:a3:b5:e5:cb:6f:f9:96:25:34:76:bc:56:3b:50:c5:be:b1:
95:ef:5a:e3:12:7b:38:dc:43:6a:f3:c7:71:d3:e3:69:3a:b8:
83:0a:b3:93:67:cd:68:fd:1a:df:57:d7:9c:fa:52:38:2e:40:
5c:96:6c:47:25:39:4b:97:a0:8a:81:b3:83:48:e2:de:5a:11:
86:09:a8:b0:40:e4:2e:5f:be:5a:71:58:23:80:6a:50:d9:ab:
81:5c:00:4f:0c:ed:f4:d3:57:3a:78:1f:db:03:fa:f7:98:23:
d3:2d:bf:fe
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzIATx+6LhZ2P5Fbi5kjtV9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZDcxM2FkYThkYWJjZjc3NjgxYzBjYTQyZDk5NjllNDQ3
YzhlYTcwHhcNMjQwMTAyMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmYxMzQ3NzQwNzU0MDY1ZDY2Y2MxM2JiMzUzN2M2NTJlYWNkZmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7iZtYdB/C0eaqKMQocEmY/FGJ8L
L2XxuCHv/Zkne2ZDIlYXTBi41BNYW75cAV94VxUvo7vig8XfzJVjzxFgrMIcPjIY
RVqdn/T3L38moX9r3touHi1GneAogf1zhgHoyUkHacaNxNch+UQ6ZoYc1KFsC0Xi
6eMdSZ2poKLHuImLN5p0IhwpgBzeVsIhqQ05ghw5aQBEgqCgyGRn3BmPLHgQxFQf
0MOxp2iUOsRYjviiRyHT3I6t/ms/qkm7ffXTb1EPNZCE7bzbrqPhq2sYNBxXEyTr
MlwMKzbuQvvli4ZwFgNlAOF+FDAp4MTfIdNyonGTSxGessPIj7RenadQ4wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIvxNHdAdUBl1mzBO7NTfGUurN/CMB8GA1UdIwQY
MBaAFEbXE62o2rz3doHAykLZlp5EfI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQt
YmUyMThjZWY0YTExLzEvaV9FMGQwQjFRR1hXYk1FN3MxTjhaUzZzMzhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQtYmUyMThjZWY0YTEx
LzEvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAW9E6MBgE
AgACMBIDBwAqD1/AsAsDBwAqD1/Avu8wDQYJKoZIhvcNAQELBQADggEBAAHgM+rj
d2lIAzT12f6pDZbILZLKQ1CtEUV8zR9z/OTRG1qoaaUGSL04wmIYeMZmHMqo0gAs
aBw3qM1EmYGVqvekZdB77XFGvA45r0AHXNrFdkkPJ+f500TzqqMYptFjgr1XOcpt
q1uxSKlDs86Yh+G6qY7ofsDITNXrcwbNG0OsAH8Str/yb8DY1Qtpegcpd36jteXL
b/mWJTR2vFY7UMW+sZXvWuMSezjcQ2rzx3HT42k6uIMKs5NnzWj9Gt9X15z6Ujgu
QFyWbEclOUuXoIqBs4NI4t5aEYYJqLBA5C5fvlpxWCOAalDZq4FcAE8M7fTTVzp4
H9sD+veYI9Mtv/4=
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:17:51 2024 by rpki-client on console-fra.rpki-client.org