Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/14f9f5-25d7-45e8-bc24-9a688080a579/1/_1o-GhtBZFcAgbhScAoD5vEasmQ.roa
File: _1o-GhtBZFcAgbhScAoD5vEasmQ.roa (raw, json)
Hash identifier: hliosRBkZ7AL4CNN84jAwrq4t8AZqql2Jlh0fzMSX8E=
Subject key identifier: FF:5A:3E:1A:1B:41:64:57:00:81:B8:52:70:0A:03:E6:F1:1A:B2:64
Certificate issuer: /CN=34cb956ec3a14f6f5e4b76d54342fa98d59c77a6
Certificate serial: 018CC94AC61AE7692D8719316289AF499E66
Authority key identifier: 34:CB:95:6E:C3:A1:4F:6F:5E:4B:76:D5:43:42:FA:98:D5:9C:77:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NMuVbsOhT29eS3bVQ0L6mNWcd6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/14f9f5-25d7-45e8-bc24-9a688080a579/1/_1o-GhtBZFcAgbhScAoD5vEasmQ.roa
Signing time: Tue 02 Jan 2024 08:29:29 +0000
ROA not before: Tue 02 Jan 2024 08:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211600
IP address blocks: 91.195.150.0/23 maxlen: 24
2001:678:2e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/14f9f5-25d7-45e8-bc24-9a688080a579/1/NMuVbsOhT29eS3bVQ0L6mNWcd6Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/14f9f5-25d7-45e8-bc24-9a688080a579/1/NMuVbsOhT29eS3bVQ0L6mNWcd6Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/NMuVbsOhT29eS3bVQ0L6mNWcd6Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:c6:1a:e7:69:2d:87:19:31:62:89:af:49:9e:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34cb956ec3a14f6f5e4b76d54342fa98d59c77a6
Validity
Not Before: Jan 2 08:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff5a3e1a1b4164570081b852700a03e6f11ab264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7e:4c:73:47:17:9e:bd:17:19:da:d6:fc:d1:
88:d1:45:a9:0a:5d:77:13:bb:b8:72:9b:96:f1:fc:
90:71:e6:b3:24:4f:fc:39:d4:06:16:f8:92:bb:3e:
71:e5:1f:96:ab:bb:a7:3f:cf:cd:d4:a9:1c:3f:2c:
43:c4:b4:71:e7:d4:6c:9b:c0:fc:e5:cf:26:48:a5:
50:fa:1d:78:b3:9c:ee:a1:48:c4:f3:e1:5d:a6:85:
70:f7:f1:c8:51:ad:9d:73:50:72:50:b5:53:e3:41:
1d:d1:4f:aa:3c:9f:8d:41:23:78:01:d2:82:b6:91:
d9:ac:af:1c:50:4c:6e:4b:ed:fd:58:40:68:09:6b:
41:a4:58:14:5b:ad:46:9d:f7:ae:4d:35:24:be:9c:
83:2a:65:4f:cd:02:a8:de:64:0e:04:83:75:60:13:
59:f5:a5:0e:41:dc:83:5a:18:69:0a:65:da:99:78:
4b:c0:9b:09:db:99:30:75:68:a5:32:e2:e9:44:b9:
f7:8a:d8:a2:1a:49:78:1a:ed:af:ab:71:f8:37:1c:
a0:4a:3f:41:14:55:3e:ad:58:05:fc:da:e6:cd:89:
1a:e4:2a:84:ba:7e:47:75:6b:66:cc:48:05:a7:c9:
74:f0:63:e9:7c:c2:f3:d6:f8:f1:6f:df:1a:ff:6c:
c3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:5A:3E:1A:1B:41:64:57:00:81:B8:52:70:0A:03:E6:F1:1A:B2:64
X509v3 Authority Key Identifier:
keyid:34:CB:95:6E:C3:A1:4F:6F:5E:4B:76:D5:43:42:FA:98:D5:9C:77:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NMuVbsOhT29eS3bVQ0L6mNWcd6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/14f9f5-25d7-45e8-bc24-9a688080a579/1/_1o-GhtBZFcAgbhScAoD5vEasmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/14f9f5-25d7-45e8-bc24-9a688080a579/1/NMuVbsOhT29eS3bVQ0L6mNWcd6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.150.0/23
IPv6:
2001:678:2e0::/48
Signature Algorithm: sha256WithRSAEncryption
31:33:75:8a:89:d7:93:a8:6f:3c:29:e3:05:ae:14:f2:5b:28:
02:88:b1:36:df:3b:d6:e4:ea:b6:7d:e4:4e:49:6d:7c:a3:4a:
2a:9a:79:a2:b3:9e:e6:8e:3e:cd:5d:2d:08:0f:28:13:79:da:
c3:ca:0a:26:9d:6c:b4:75:51:f9:f9:97:6a:01:4f:2b:77:ec:
27:a1:f4:0a:0a:55:67:f0:da:c6:ac:59:b0:62:33:a8:40:ab:
f8:20:72:31:f8:e7:b4:10:1e:59:5c:24:1d:a3:bc:08:14:db:
9c:3c:a0:32:50:ba:a0:07:2d:dd:30:5c:6e:87:50:e8:49:cf:
ed:8e:f0:a0:71:6b:45:f1:9b:f0:7f:55:21:0a:cb:02:94:ab:
14:5c:aa:6f:48:42:a1:96:99:46:08:40:4b:73:63:ca:a8:dd:
d0:14:73:b6:6c:ef:c8:57:21:e8:bf:45:f8:28:ac:3a:86:00:
d6:34:9c:e7:9f:23:9b:e9:5f:40:b0:de:ca:d8:d0:08:cc:2b:
dd:ba:e0:f3:68:9c:05:ad:44:44:66:4b:e6:7b:88:28:aa:41:
11:f4:3b:93:ac:41:8c:70:76:e6:8b:37:34:a4:1a:33:d5:8b:
cf:ba:d1:e5:f5:1e:f3:53:68:a1:09:02:be:f7:2e:1a:09:f2:
d9:19:84:5b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJSsYa52kthxkxYomvSZ5mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0Y2I5NTZlYzNhMTRmNmY1ZTRiNzZkNTQzNDJmYTk4ZDU5
Yzc3YTYwHhcNMjQwMTAyMDgyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjVhM2UxYTFiNDE2NDU3MDA4MWI4NTI3MDBhMDNlNmYxMWFiMjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvH5Mc0cXnr0XGdrW/NGI0UWpCl13
E7u4cpuW8fyQceazJE/8OdQGFviSuz5x5R+Wq7unP8/N1KkcPyxDxLRx59Rsm8D8
5c8mSKVQ+h14s5zuoUjE8+FdpoVw9/HIUa2dc1ByULVT40Ed0U+qPJ+NQSN4AdKC
tpHZrK8cUExuS+39WEBoCWtBpFgUW61GnfeuTTUkvpyDKmVPzQKo3mQOBIN1YBNZ
9aUOQdyDWhhpCmXamXhLwJsJ25kwdWilMuLpRLn3itiiGkl4Gu2vq3H4NxygSj9B
FFU+rVgF/NrmzYka5CqEun5HdWtmzEgFp8l08GPpfMLz1vjxb98a/2zDbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP9aPhobQWRXAIG4UnAKA+bxGrJkMB8GA1UdIwQY
MBaAFDTLlW7DoU9vXkt21UNC+pjVnHemMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk11VmJzT2hUMjllUzNiVlEwTDZtTldjZDZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xNGY5ZjUtMjVkNy00NWU4LWJjMjQt
OWE2ODgwODBhNTc5LzEvXzFvLUdodEJaRmNBZ2JoU2NBb0Q1dkVhc21RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xNGY5ZjUtMjVkNy00NWU4LWJjMjQtOWE2ODgwODBhNTc5
LzEvTk11VmJzT2hUMjllUzNiVlEwTDZtTldjZDZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW8OWMA8E
AgACMAkDBwAgAQZ4AuAwDQYJKoZIhvcNAQELBQADggEBADEzdYqJ15Oobzwp4wWu
FPJbKAKIsTbfO9bk6rZ95E5JbXyjSiqaeaKznuaOPs1dLQgPKBN52sPKCiadbLR1
Ufn5l2oBTyt37Ceh9AoKVWfw2sasWbBiM6hAq/ggcjH457QQHllcJB2jvAgU25w8
oDJQuqAHLd0wXG6HUOhJz+2O8KBxa0Xxm/B/VSEKywKUqxRcqm9IQqGWmUYIQEtz
Y8qo3dAUc7Zs78hXIei/RfgorDqGANY0nOefI5vpX0Cw3srY0AjMK9264PNonAWt
RERmS+Z7iCiqQRH0O5OsQYxwduaLNzSkGjPVi8+60eX1HvNTaKEJAr73LhoJ8tkZ
hFs=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:13:23 2024 by rpki-client on console-fra.rpki-client.org