Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/4624fc-634f-40cd-a607-5efda468a200/1/eAX4pfjuajF0rtbLPjqEPN3Hw4A.roa
File: eAX4pfjuajF0rtbLPjqEPN3Hw4A.roa (raw, json)
Hash identifier: mdFu/Hbhfo8GUTtbX+r4URTvp/+HwOu6P+HchCmTfAY=
Subject key identifier: 78:05:F8:A5:F8:EE:6A:31:74:AE:D6:CB:3E:3A:84:3C:DD:C7:C3:80
Certificate issuer: /CN=1137c23453b88eba455c4208c6df5b3e1bbc245f
Certificate serial: 018CC5DC7D422896650C174AA57D3CEF3130
Authority key identifier: 11:37:C2:34:53:B8:8E:BA:45:5C:42:08:C6:DF:5B:3E:1B:BC:24:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ETfCNFO4jrpFXEIIxt9bPhu8JF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/4624fc-634f-40cd-a607-5efda468a200/1/eAX4pfjuajF0rtbLPjqEPN3Hw4A.roa
Signing time: Mon 01 Jan 2024 16:30:10 +0000
ROA not before: Mon 01 Jan 2024 16:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47127
IP address blocks: 91.209.191.0/24 maxlen: 24
2001:67c:2b3c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/4624fc-634f-40cd-a607-5efda468a200/1/ETfCNFO4jrpFXEIIxt9bPhu8JF8.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/4624fc-634f-40cd-a607-5efda468a200/1/ETfCNFO4jrpFXEIIxt9bPhu8JF8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ETfCNFO4jrpFXEIIxt9bPhu8JF8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:7d:42:28:96:65:0c:17:4a:a5:7d:3c:ef:31:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1137c23453b88eba455c4208c6df5b3e1bbc245f
Validity
Not Before: Jan 1 16:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7805f8a5f8ee6a3174aed6cb3e3a843cddc7c380
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:14:88:08:53:64:be:1d:62:f0:ba:83:1a:a9:
9d:2c:2f:64:07:e3:4a:dd:c7:cd:c5:a9:3c:4f:4c:
05:fe:9c:2d:46:dd:04:04:ba:65:ee:f2:87:30:84:
0a:e2:e6:d4:0b:ae:ce:ad:cb:20:56:fb:23:55:02:
aa:6c:1a:f8:7e:c7:ef:54:d4:2a:b2:5e:31:1e:51:
9a:7a:b6:4d:9b:b5:3a:1e:f9:ae:c2:9f:c6:86:b8:
eb:7c:7a:af:c8:b8:77:45:5d:95:5e:50:d5:76:da:
40:54:cb:38:85:e1:94:2f:80:e3:07:bc:d6:fa:09:
f1:a1:ec:80:41:fc:20:cf:ec:37:17:d5:e1:e1:4b:
c8:3b:fc:81:8a:5b:71:c0:85:1e:d7:59:6d:ae:8b:
ca:65:17:73:7d:9b:d3:ea:8e:83:8e:88:68:3d:23:
5b:26:d8:ac:d7:0d:07:fe:25:06:32:0c:96:1b:2d:
86:81:ac:d0:63:6e:e0:d5:99:e3:08:e4:55:18:4c:
b8:cf:6e:b2:9b:5f:37:6d:07:33:60:fb:65:23:4d:
69:37:5f:b4:39:58:e8:c5:3a:29:38:80:b4:6f:7b:
a6:70:d8:7b:42:c7:e4:63:c9:b2:8b:43:90:8c:0a:
1b:ce:2e:34:8d:37:0a:90:01:56:2a:08:ae:4b:ab:
62:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:05:F8:A5:F8:EE:6A:31:74:AE:D6:CB:3E:3A:84:3C:DD:C7:C3:80
X509v3 Authority Key Identifier:
keyid:11:37:C2:34:53:B8:8E:BA:45:5C:42:08:C6:DF:5B:3E:1B:BC:24:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ETfCNFO4jrpFXEIIxt9bPhu8JF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/4624fc-634f-40cd-a607-5efda468a200/1/eAX4pfjuajF0rtbLPjqEPN3Hw4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/4624fc-634f-40cd-a607-5efda468a200/1/ETfCNFO4jrpFXEIIxt9bPhu8JF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.191.0/24
IPv6:
2001:67c:2b3c::/48
Signature Algorithm: sha256WithRSAEncryption
44:7c:e6:50:1f:10:e2:a3:ac:66:72:cf:f5:87:10:b0:b3:8c:
4a:83:c8:74:97:73:b2:d2:91:1d:1a:79:8d:f1:0d:b6:e8:ae:
1d:a3:bc:a1:19:96:da:81:77:87:1f:87:ce:34:83:f4:bc:cb:
5a:83:40:76:86:5d:dd:e8:19:86:50:c2:1a:8b:61:32:e2:0b:
c6:ff:bd:ef:34:6e:1d:bf:d5:c0:d3:92:e1:83:d5:c6:31:c6:
18:b7:aa:a9:9a:cf:bc:87:be:b9:0f:1d:16:5f:8e:4f:70:88:
15:65:4b:ae:f0:01:e6:2d:d5:e5:8c:dd:43:30:93:6e:ac:da:
94:c3:60:eb:31:00:16:13:d8:08:1c:2c:ac:b1:38:ea:17:f7:
ac:2b:53:40:e0:e0:28:fe:97:48:37:98:98:5a:48:d3:4a:79:
a0:5a:38:f0:aa:71:55:d1:4a:dc:a3:f1:a3:d7:38:75:77:84:
98:ad:d1:aa:0b:c0:04:39:29:e8:ab:d9:a1:97:17:1f:84:f2:
4d:ce:f1:e8:ea:ac:4b:71:b3:5b:29:e1:8b:0b:c0:91:fa:0d:
02:1c:89:d6:5e:da:5b:dd:6b:30:22:e2:17:b8:4e:03:dd:15:
45:37:d8:65:d9:36:0f:c2:7b:4a:15:0a:8b:2e:b4:85:14:e6:
eb:73:4c:c8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzF3H1CKJZlDBdKpX087zEwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMzdjMjM0NTNiODhlYmE0NTVjNDIwOGM2ZGY1YjNlMWJi
YzI0NWYwHhcNMjQwMTAxMTYzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODA1ZjhhNWY4ZWU2YTMxNzRhZWQ2Y2IzZTNhODQzY2RkYzdjMzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRSICFNkvh1i8LqDGqmdLC9kB+NK
3cfNxak8T0wF/pwtRt0EBLpl7vKHMIQK4ubUC67OrcsgVvsjVQKqbBr4fsfvVNQq
sl4xHlGaerZNm7U6Hvmuwp/GhrjrfHqvyLh3RV2VXlDVdtpAVMs4heGUL4DjB7zW
+gnxoeyAQfwgz+w3F9Xh4UvIO/yBiltxwIUe11ltrovKZRdzfZvT6o6DjohoPSNb
Jtis1w0H/iUGMgyWGy2GgazQY27g1ZnjCORVGEy4z26ym183bQczYPtlI01pN1+0
OVjoxTopOIC0b3umcNh7QsfkY8myi0OQjAobzi40jTcKkAFWKgiuS6timwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHgF+KX47moxdK7Wyz46hDzdx8OAMB8GA1UdIwQY
MBaAFBE3wjRTuI66RVxCCMbfWz4bvCRfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVRmQ05GTzRqcnBGWEVJSXh0OWJQaHU4SkY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi80NjI0ZmMtNjM0Zi00MGNkLWE2MDct
NWVmZGE0NjhhMjAwLzEvZUFYNHBmanVhakYwcnRiTFBqcUVQTjNIdzRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi80NjI0ZmMtNjM0Zi00MGNkLWE2MDctNWVmZGE0NjhhMjAw
LzEvRVRmQ05GTzRqcnBGWEVJSXh0OWJQaHU4SkY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9G/MA8E
AgACMAkDBwAgAQZ8KzwwDQYJKoZIhvcNAQELBQADggEBAER85lAfEOKjrGZyz/WH
ELCzjEqDyHSXc7LSkR0aeY3xDbborh2jvKEZltqBd4cfh840g/S8y1qDQHaGXd3o
GYZQwhqLYTLiC8b/ve80bh2/1cDTkuGD1cYxxhi3qqmaz7yHvrkPHRZfjk9wiBVl
S67wAeYt1eWM3UMwk26s2pTDYOsxABYT2AgcLKyxOOoX96wrU0Dg4Cj+l0g3mJha
SNNKeaBaOPCqcVXRStyj8aPXOHV3hJit0aoLwAQ5Keir2aGXFx+E8k3O8ejqrEtx
s1sp4YsLwJH6DQIcidZe2lvdazAi4he4TgPdFUU32GXZNg/Ce0oVCosutIUU5utz
TMg=
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:52:29 2024 by rpki-client on console-fra.rpki-client.org