Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/riK7r_WAtzaz81meXqknQd2QvwU.roa
File: riK7r_WAtzaz81meXqknQd2QvwU.roa (raw, json)
Hash identifier: Q7tJgFu0BM49y2qbW33vhADFIxABRdydihRpc98U4Rk=
Subject key identifier: AE:22:BB:AF:F5:80:B7:36:B3:F3:59:9E:5E:A9:27:41:DD:90:BF:05
Certificate issuer: /CN=59a06c187953cfc8133b2beee5f01a15e45da078
Certificate serial: 018CC94BD9AEB2CE94663C88642386CC88AB
Authority key identifier: 59:A0:6C:18:79:53:CF:C8:13:3B:2B:EE:E5:F0:1A:15:E4:5D:A0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WaBsGHlTz8gTOyvu5fAaFeRdoHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/riK7r_WAtzaz81meXqknQd2QvwU.roa
Signing time: Tue 02 Jan 2024 08:30:40 +0000
ROA not before: Tue 02 Jan 2024 08:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 91.233.120.0/24 maxlen: 24
194.104.235.0/24 maxlen: 24
2a11:6740::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/WaBsGHlTz8gTOyvu5fAaFeRdoHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/WaBsGHlTz8gTOyvu5fAaFeRdoHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/WaBsGHlTz8gTOyvu5fAaFeRdoHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 02:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4b:d9:ae:b2:ce:94:66:3c:88:64:23:86:cc:88:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59a06c187953cfc8133b2beee5f01a15e45da078
Validity
Not Before: Jan 2 08:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae22bbaff580b736b3f3599e5ea92741dd90bf05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:fd:10:58:14:ea:9b:7c:c9:d7:2d:b0:58:00:
39:72:f5:1e:07:44:ff:32:9c:c2:bd:44:ab:bf:8b:
1c:28:b3:4e:01:97:77:4f:e7:45:45:6f:31:28:b6:
8c:a1:59:e5:3f:68:44:55:33:3f:18:b1:a8:13:9c:
d9:fa:8d:6f:64:f3:0b:6c:a8:ea:f1:61:68:8d:b8:
bd:2f:94:c1:98:ef:21:5d:da:45:96:0e:53:c3:85:
9b:b8:39:d9:2f:68:48:4d:ec:07:c3:e4:b1:fe:6e:
f0:33:28:e4:9f:95:2e:f1:04:0b:86:46:eb:18:b5:
0b:53:72:c6:3e:ea:39:be:4c:25:48:75:dc:7a:70:
3d:f4:a1:41:41:40:7e:29:e1:65:f5:89:59:76:a1:
65:2b:7a:88:24:8b:e9:ef:e0:57:19:38:3c:77:18:
30:8b:71:47:c4:e8:24:47:58:06:49:13:88:d4:04:
f9:d1:c1:6a:6d:8e:e4:9e:0a:1e:ad:58:a0:b7:dd:
bb:42:b7:2e:ee:e1:30:0c:1e:94:23:5b:2c:f9:62:
20:04:fe:75:5c:5e:6f:fb:73:6b:39:4e:a6:98:67:
4e:39:9c:6b:38:c4:1f:ef:a2:b1:56:9c:de:56:35:
71:34:7f:cd:cb:0e:31:5f:49:57:3b:3d:7b:17:d7:
bc:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:22:BB:AF:F5:80:B7:36:B3:F3:59:9E:5E:A9:27:41:DD:90:BF:05
X509v3 Authority Key Identifier:
keyid:59:A0:6C:18:79:53:CF:C8:13:3B:2B:EE:E5:F0:1A:15:E4:5D:A0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WaBsGHlTz8gTOyvu5fAaFeRdoHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/riK7r_WAtzaz81meXqknQd2QvwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/WaBsGHlTz8gTOyvu5fAaFeRdoHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.120.0/24
194.104.235.0/24
IPv6:
2a11:6740::/29
Signature Algorithm: sha256WithRSAEncryption
42:0d:16:8b:8f:ef:88:c4:ad:35:12:b6:5d:ed:e6:2e:a3:77:
95:09:32:e4:73:f0:c0:d9:4c:20:e0:f6:47:3e:66:cc:e1:3f:
65:9e:c4:4b:86:52:e9:70:52:62:8e:ae:72:7d:61:3c:e6:fc:
7f:f6:a1:a9:24:ff:38:34:94:39:86:55:1a:ed:16:21:e6:63:
46:4d:b2:8a:d9:cc:ca:fc:1b:05:3d:14:23:39:ac:3a:cb:5c:
65:df:52:0b:e4:8c:34:1a:3a:e0:26:02:c1:f8:bb:78:99:17:
1d:3c:e4:0a:36:07:46:db:c6:d9:d0:07:2c:f7:44:1d:2d:c0:
43:e9:84:89:ba:50:c1:7c:04:26:d5:69:22:f1:f7:b1:3c:f9:
0c:b3:39:4d:88:d4:a5:24:b0:1d:51:94:7a:f7:d7:c7:d2:37:
4c:ba:6f:9b:2c:2d:30:ff:6d:8c:79:9c:92:d9:ff:b8:5f:b9:
07:7a:f7:70:94:65:fb:5c:70:7e:cd:86:09:bc:b3:8b:20:4a:
bd:d4:0f:d0:51:73:0d:02:69:e1:88:d8:7c:97:de:4d:12:d4:
87:9b:4e:67:45:20:bb:66:af:51:38:ba:f8:aa:58:23:41:60:
f5:21:e6:51:5c:7d:62:e9:ad:02:f9:38:c2:f7:e7:ab:c1:ad:
af:65:6c:b1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJS9muss6UZjyIZCOGzIirMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5YTA2YzE4Nzk1M2NmYzgxMzNiMmJlZWU1ZjAxYTE1ZTQ1
ZGEwNzgwHhcNMjQwMTAyMDgzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTIyYmJhZmY1ODBiNzM2YjNmMzU5OWU1ZWE5Mjc0MWRkOTBiZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/0QWBTqm3zJ1y2wWAA5cvUeB0T/
MpzCvUSrv4scKLNOAZd3T+dFRW8xKLaMoVnlP2hEVTM/GLGoE5zZ+o1vZPMLbKjq
8WFojbi9L5TBmO8hXdpFlg5Tw4WbuDnZL2hITewHw+Sx/m7wMyjkn5Uu8QQLhkbr
GLULU3LGPuo5vkwlSHXcenA99KFBQUB+KeFl9YlZdqFlK3qIJIvp7+BXGTg8dxgw
i3FHxOgkR1gGSROI1AT50cFqbY7kngoerVigt927Qrcu7uEwDB6UI1ss+WIgBP51
XF5v+3NrOU6mmGdOOZxrOMQf76KxVpzeVjVxNH/Nyw4xX0lXOz17F9e8iwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK4iu6/1gLc2s/NZnl6pJ0HdkL8FMB8GA1UdIwQY
MBaAFFmgbBh5U8/IEzsr7uXwGhXkXaB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2FCc0dIbFR6OGdUT3l2dTVmQWFGZVJkb0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi85MTcwZTMtZTliMy00ZDZkLTg3ODct
ZTQ2ZWE4OWJmODQ5LzEvcmlLN3JfV0F0emF6ODFtZVhxa25RZDJRdndVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi85MTcwZTMtZTliMy00ZDZkLTg3ODctZTQ2ZWE4OWJmODQ5
LzEvV2FCc0dIbFR6OGdUT3l2dTVmQWFGZVJkb0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW+l4AwQA
wmjrMA0EAgACMAcDBQMqEWdAMA0GCSqGSIb3DQEBCwUAA4IBAQBCDRaLj++IxK01
ErZd7eYuo3eVCTLkc/DA2Uwg4PZHPmbM4T9lnsRLhlLpcFJijq5yfWE85vx/9qGp
JP84NJQ5hlUa7RYh5mNGTbKK2czK/BsFPRQjOaw6y1xl31IL5Iw0GjrgJgLB+Lt4
mRcdPOQKNgdG28bZ0Acs90QdLcBD6YSJulDBfAQm1Wki8fexPPkMszlNiNSlJLAd
UZR699fH0jdMum+bLC0w/22MeZyS2f+4X7kHevdwlGX7XHB+zYYJvLOLIEq91A/Q
UXMNAmnhiNh8l95NEtSHm05nRSC7Zq9ROLr4qlgjQWD1IeZRXH1i6a0C+TjC9+er
wa2vZWyx
-----END CERTIFICATE-----
Generated at Thu May 2 11:13:31 2024 by rpki-client on console-ams.rpki-client.org