Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/d67522-6e21-437b-bd24-689a4d976f95/1/1KU8ZrQonkpVgI9JI6vF7_XRmu8.roa
File: 1KU8ZrQonkpVgI9JI6vF7_XRmu8.roa (raw, json)
Hash identifier: tNFJay4/EO0rIYy7o57ROVrAdBfAImMgBd0FPMzEHtI=
Subject key identifier: D4:A5:3C:66:B4:28:9E:4A:55:80:8F:49:23:AB:C5:EF:F5:D1:9A:EF
Certificate issuer: /CN=705ee67d4a12d53c44e701cbd896a48575eb2503
Certificate serial: 018CC56E05301299FA4687E5A212C93B3980
Authority key identifier: 70:5E:E6:7D:4A:12:D5:3C:44:E7:01:CB:D8:96:A4:85:75:EB:25:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cF7mfUoS1TxE5wHL2JakhXXrJQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/d67522-6e21-437b-bd24-689a4d976f95/1/1KU8ZrQonkpVgI9JI6vF7_XRmu8.roa
Signing time: Mon 01 Jan 2024 14:29:30 +0000
ROA not before: Mon 01 Jan 2024 14:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 91.240.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/d67522-6e21-437b-bd24-689a4d976f95/1/cF7mfUoS1TxE5wHL2JakhXXrJQM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/d67522-6e21-437b-bd24-689a4d976f95/1/cF7mfUoS1TxE5wHL2JakhXXrJQM.mft
rsync://rpki.ripe.net/repository/DEFAULT/cF7mfUoS1TxE5wHL2JakhXXrJQM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:05:30:12:99:fa:46:87:e5:a2:12:c9:3b:39:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=705ee67d4a12d53c44e701cbd896a48575eb2503
Validity
Not Before: Jan 1 14:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4a53c66b4289e4a55808f4923abc5eff5d19aef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ff:58:bb:82:8e:dd:b1:ad:aa:94:9e:ea:64:
68:2d:36:39:9b:fb:c2:0a:1e:e9:7b:6c:38:88:fa:
df:14:63:34:41:f1:e3:98:f2:c0:2d:29:57:c6:d8:
28:b0:38:02:5e:74:f9:c8:88:cc:72:f0:02:2c:fe:
21:db:5a:09:b3:65:d2:06:7c:61:b1:22:e9:03:21:
e5:54:fe:3d:c5:87:8c:f7:0a:35:0d:e9:c1:19:95:
ff:a2:dd:c0:7b:46:cd:c8:5f:e3:ac:22:22:af:68:
97:40:98:fb:af:39:7e:0c:ab:bc:0b:6e:76:19:19:
f4:bc:d6:b0:72:2a:b8:de:96:15:2d:05:f0:32:d0:
2f:39:ed:69:65:5d:0e:7b:31:37:5f:68:7a:f5:a1:
39:8c:39:e4:68:e9:85:eb:ee:8a:c2:66:f3:2b:58:
b9:10:27:11:b3:a1:31:6b:69:8d:bb:1d:00:e7:79:
7a:06:f3:bc:5e:c4:ca:5d:8c:f0:b6:6d:24:f1:a1:
4a:c1:81:80:06:4e:79:df:11:0d:ca:66:cd:47:70:
69:b4:bf:ce:fa:31:a3:73:92:7a:98:5f:f6:4d:1a:
ab:fe:2d:9b:13:b2:e3:3e:1c:50:3d:8a:5a:2e:0c:
48:ef:ce:84:e3:6e:28:0f:bc:bb:bf:7a:4b:a3:1d:
97:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:A5:3C:66:B4:28:9E:4A:55:80:8F:49:23:AB:C5:EF:F5:D1:9A:EF
X509v3 Authority Key Identifier:
keyid:70:5E:E6:7D:4A:12:D5:3C:44:E7:01:CB:D8:96:A4:85:75:EB:25:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cF7mfUoS1TxE5wHL2JakhXXrJQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/d67522-6e21-437b-bd24-689a4d976f95/1/1KU8ZrQonkpVgI9JI6vF7_XRmu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/d67522-6e21-437b-bd24-689a4d976f95/1/cF7mfUoS1TxE5wHL2JakhXXrJQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.254.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:36:f2:b7:bd:8c:aa:ff:70:db:0b:74:da:ac:06:bc:98:37:
03:88:e6:aa:2c:a6:f1:32:c4:6e:57:46:6e:3e:c4:9e:87:2b:
f6:d5:ea:7d:b5:df:da:b9:3c:60:cc:fd:df:19:69:c2:80:eb:
2a:b2:58:45:d3:03:b1:fd:21:3b:67:b1:0d:b2:31:ad:b5:64:
16:0f:2c:d9:e1:67:a9:93:e2:c2:24:b8:fe:f5:45:22:35:5b:
98:5c:5a:42:59:08:27:88:14:2a:93:71:83:04:12:75:5d:a2:
b7:a1:46:df:c3:5b:08:83:26:d8:f0:fc:3a:1c:af:66:0f:5a:
d0:e1:54:8e:0f:4b:cd:bd:1b:49:eb:ae:21:b1:29:05:81:25:
85:2f:98:70:fd:ea:b5:b5:bf:e7:a1:e7:3d:24:76:51:9a:a0:
77:02:7c:3b:93:b2:80:38:d2:16:f2:ed:9a:6c:bb:63:dc:2f:
a5:69:4c:65:b9:64:8a:bf:41:84:78:2a:67:f4:73:f1:6b:17:
5d:63:28:1b:5d:0b:da:bc:a8:5d:d2:9e:33:3c:ba:25:6a:c4:
43:74:63:d6:4a:ef:40:ea:0a:9f:24:c2:bb:7c:8e:3f:4c:91:
0a:3f:92:a2:9c:56:76:d4:de:59:e8:3a:37:0a:17:25:71:bf:
0d:3f:e7:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbgUwEpn6RoflohLJOzmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNWVlNjdkNGExMmQ1M2M0NGU3MDFjYmQ4OTZhNDg1NzVl
YjI1MDMwHhcNMjQwMTAxMTQyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGE1M2M2NmI0Mjg5ZTRhNTU4MDhmNDkyM2FiYzVlZmY1ZDE5YWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/9Yu4KO3bGtqpSe6mRoLTY5m/vC
Ch7pe2w4iPrfFGM0QfHjmPLALSlXxtgosDgCXnT5yIjMcvACLP4h21oJs2XSBnxh
sSLpAyHlVP49xYeM9wo1DenBGZX/ot3Ae0bNyF/jrCIir2iXQJj7rzl+DKu8C252
GRn0vNawciq43pYVLQXwMtAvOe1pZV0OezE3X2h69aE5jDnkaOmF6+6KwmbzK1i5
ECcRs6Exa2mNux0A53l6BvO8XsTKXYzwtm0k8aFKwYGABk553xENymbNR3BptL/O
+jGjc5J6mF/2TRqr/i2bE7LjPhxQPYpaLgxI786E424oD7y7v3pLox2X/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNSlPGa0KJ5KVYCPSSOrxe/10ZrvMB8GA1UdIwQY
MBaAFHBe5n1KEtU8ROcBy9iWpIV16yUDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0Y3bWZVb1MxVHhFNXdITDJKYWtoWFhySlFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kNjc1MjItNmUyMS00MzdiLWJkMjQt
Njg5YTRkOTc2Zjk1LzEvMUtVOFpyUW9ua3BWZ0k5Skk2dkY3X1hSbXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kNjc1MjItNmUyMS00MzdiLWJkMjQtNjg5YTRkOTc2Zjk1
LzEvY0Y3bWZVb1MxVHhFNXdITDJKYWtoWFhySlFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/D+MA0G
CSqGSIb3DQEBCwUAA4IBAQCbNvK3vYyq/3DbC3TarAa8mDcDiOaqLKbxMsRuV0Zu
PsSehyv21ep9td/auTxgzP3fGWnCgOsqslhF0wOx/SE7Z7ENsjGttWQWDyzZ4Wep
k+LCJLj+9UUiNVuYXFpCWQgniBQqk3GDBBJ1XaK3oUbfw1sIgybY8Pw6HK9mD1rQ
4VSOD0vNvRtJ664hsSkFgSWFL5hw/eq1tb/noec9JHZRmqB3Anw7k7KAONIW8u2a
bLtj3C+laUxluWSKv0GEeCpn9HPxaxddYygbXQvavKhd0p4zPLolasRDdGPWSu9A
6gqfJMK7fI4/TJEKP5KinFZ21N5Z6Do3Chclcb8NP+eu
-----END CERTIFICATE-----
Generated at Sat Jun 1 03:50:32 2024 by rpki-client on console-fra.rpki-client.org