Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/404e64-f981-45b5-9cae-4fb4ef91a82f/1/JTeBdfhvNNWyvYw_lgBQCNmyoDY.roa
File: JTeBdfhvNNWyvYw_lgBQCNmyoDY.roa (raw, json)
Hash identifier: zNrLy5uajH39Ak68nFy4JN2TAmMGhlJcWGKCJGG88r4=
Subject key identifier: 25:37:81:75:F8:6F:34:D5:B2:BD:8C:3F:96:00:50:08:D9:B2:A0:36
Certificate issuer: /CN=798e0da4f91007b224768acb4d131f12517d2b7a
Certificate serial: 018CC3B722A8EA6F3E306E74AB9F382F9683
Authority key identifier: 79:8E:0D:A4:F9:10:07:B2:24:76:8A:CB:4D:13:1F:12:51:7D:2B:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY4NpPkQB7IkdorLTRMfElF9K3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/404e64-f981-45b5-9cae-4fb4ef91a82f/1/JTeBdfhvNNWyvYw_lgBQCNmyoDY.roa
Signing time: Mon 01 Jan 2024 06:30:08 +0000
ROA not before: Mon 01 Jan 2024 06:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 91.202.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/404e64-f981-45b5-9cae-4fb4ef91a82f/1/eY4NpPkQB7IkdorLTRMfElF9K3o.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/404e64-f981-45b5-9cae-4fb4ef91a82f/1/eY4NpPkQB7IkdorLTRMfElF9K3o.mft
rsync://rpki.ripe.net/repository/DEFAULT/eY4NpPkQB7IkdorLTRMfElF9K3o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:22:a8:ea:6f:3e:30:6e:74:ab:9f:38:2f:96:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798e0da4f91007b224768acb4d131f12517d2b7a
Validity
Not Before: Jan 1 06:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25378175f86f34d5b2bd8c3f96005008d9b2a036
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:84:31:6e:aa:6c:85:00:e2:d0:2f:b9:56:9e:
b5:3f:b9:6e:06:c1:3e:be:8a:52:0c:46:f2:5c:11:
fa:d6:8b:d5:f3:be:a5:ba:3d:8e:ff:81:33:f4:77:
38:c0:4a:78:a0:76:37:39:9c:91:0c:d8:81:f9:b6:
03:c8:84:fe:c6:47:ee:fa:40:09:0f:f6:fb:6e:7d:
2a:89:55:37:97:1c:02:cc:ec:27:49:ec:ec:c5:76:
5c:ee:2a:99:55:04:05:cb:6c:14:c3:1a:95:86:21:
10:82:87:c1:4a:da:b5:f5:24:34:e8:cf:08:94:85:
c4:72:14:07:3d:a3:97:fe:e5:9e:7e:b3:1a:af:f8:
62:87:f7:63:77:66:18:bc:a9:1a:e0:85:c9:48:f2:
ad:e7:e9:7f:f1:94:dc:c6:b7:ac:e1:e2:16:07:fa:
56:fe:f5:04:a1:98:ee:49:59:05:48:b2:a7:88:be:
66:d7:f3:6f:1f:69:14:f6:d8:81:c1:94:e4:84:20:
a0:ee:fb:77:12:38:5a:5b:4b:2e:93:a8:10:59:ce:
a2:29:cf:e8:11:80:3e:67:61:fc:f6:54:06:24:bf:
48:7a:28:a7:81:bc:ce:1c:47:8b:a6:a3:fe:38:8a:
7d:51:d1:59:46:fe:fd:f7:d8:60:a7:ff:ff:66:c3:
26:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:37:81:75:F8:6F:34:D5:B2:BD:8C:3F:96:00:50:08:D9:B2:A0:36
X509v3 Authority Key Identifier:
keyid:79:8E:0D:A4:F9:10:07:B2:24:76:8A:CB:4D:13:1F:12:51:7D:2B:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY4NpPkQB7IkdorLTRMfElF9K3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/404e64-f981-45b5-9cae-4fb4ef91a82f/1/JTeBdfhvNNWyvYw_lgBQCNmyoDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/404e64-f981-45b5-9cae-4fb4ef91a82f/1/eY4NpPkQB7IkdorLTRMfElF9K3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.103.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:26:07:0d:9c:37:33:14:e8:d9:d2:aa:60:e7:6e:ee:81:15:
bb:9f:70:c4:23:a4:31:e5:ee:52:2b:69:ce:fe:00:49:3f:88:
70:35:51:1d:18:c4:9b:4c:35:6d:fc:50:6b:ad:9f:31:d8:96:
33:3c:c7:4c:19:08:f5:f3:30:31:60:35:00:12:87:44:39:e7:
04:98:33:84:ee:d8:30:f6:84:42:84:8e:14:34:95:5a:f8:f1:
57:d8:dc:b0:08:a3:0a:c7:bd:15:76:19:f4:55:2a:02:92:ff:
66:a5:c8:b4:98:6c:b6:e1:6e:82:8e:63:93:ac:29:d2:93:19:
a9:ec:5d:31:21:4b:81:09:83:df:11:1e:ac:e3:bb:cf:81:29:
bf:fc:05:91:7c:e1:2a:61:25:45:09:15:9e:65:96:83:91:fd:
ed:26:0e:13:1b:c4:43:84:84:03:75:e9:9a:20:2d:8d:87:bf:
6d:98:46:2f:56:77:c3:b0:0a:4a:72:91:84:ed:19:b5:59:c3:
4e:ea:31:87:46:65:36:99:c4:20:cd:63:c5:1f:28:a8:63:00:
89:80:d8:b9:6f:e2:70:10:e6:9a:92:a8:25:00:cc:07:9e:77:
72:e8:b9:6b:e7:e8:d8:e6:42:ea:7a:49:0d:49:25:e2:e3:3d:
a1:0b:1d:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtyKo6m8+MG50q584L5aDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGUwZGE0ZjkxMDA3YjIyNDc2OGFjYjRkMTMxZjEyNTE3
ZDJiN2EwHhcNMjQwMTAxMDYzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTM3ODE3NWY4NmYzNGQ1YjJiZDhjM2Y5NjAwNTAwOGQ5YjJhMDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloQxbqpshQDi0C+5Vp61P7luBsE+
vopSDEbyXBH61ovV876luj2O/4Ez9Hc4wEp4oHY3OZyRDNiB+bYDyIT+xkfu+kAJ
D/b7bn0qiVU3lxwCzOwnSezsxXZc7iqZVQQFy2wUwxqVhiEQgofBStq19SQ06M8I
lIXEchQHPaOX/uWefrMar/hih/djd2YYvKka4IXJSPKt5+l/8ZTcxres4eIWB/pW
/vUEoZjuSVkFSLKniL5m1/NvH2kU9tiBwZTkhCCg7vt3EjhaW0suk6gQWc6iKc/o
EYA+Z2H89lQGJL9IeiingbzOHEeLpqP+OIp9UdFZRv7999hgp///ZsMmWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCU3gXX4bzTVsr2MP5YAUAjZsqA2MB8GA1UdIwQY
MBaAFHmODaT5EAeyJHaKy00THxJRfSt6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk0TnBQa1FCN0lrZG9yTFRSTWZFbEY5SzNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MDRlNjQtZjk4MS00NWI1LTljYWUt
NGZiNGVmOTFhODJmLzEvSlRlQmRmaHZOTld5dll3X2xnQlFDTm15b0RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MDRlNjQtZjk4MS00NWI1LTljYWUtNGZiNGVmOTFhODJm
LzEvZVk0TnBQa1FCN0lrZG9yTFRSTWZFbEY5SzNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8pnMA0G
CSqGSIb3DQEBCwUAA4IBAQAtJgcNnDczFOjZ0qpg527ugRW7n3DEI6Qx5e5SK2nO
/gBJP4hwNVEdGMSbTDVt/FBrrZ8x2JYzPMdMGQj18zAxYDUAEodEOecEmDOE7tgw
9oRChI4UNJVa+PFX2NywCKMKx70Vdhn0VSoCkv9mpci0mGy24W6CjmOTrCnSkxmp
7F0xIUuBCYPfER6s47vPgSm//AWRfOEqYSVFCRWeZZaDkf3tJg4TG8RDhIQDdema
IC2Nh79tmEYvVnfDsApKcpGE7Rm1WcNO6jGHRmU2mcQgzWPFHyioYwCJgNi5b+Jw
EOaakqglAMwHnndy6Llr5+jY5kLqekkNSSXi4z2hCx1T
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:35:47 2024 by rpki-client on console-fra.rpki-client.org