Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/xfAr5Ajt95pkgsmUWNXDVcDdAO0.roa
File: xfAr5Ajt95pkgsmUWNXDVcDdAO0.roa (raw, json)
Hash identifier: 64JwlnQ3/+4hIQ96GKgmZQ6/DCjccjOelVOpfyAAuM8=
Subject key identifier: C5:F0:2B:E4:08:ED:F7:9A:64:82:C9:94:58:D5:C3:55:C0:DD:00:ED
Certificate issuer: /CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Certificate serial: 018CCA2B6436470485CBFF195BC48ED68936
Authority key identifier: F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/xfAr5Ajt95pkgsmUWNXDVcDdAO0.roa
Signing time: Tue 02 Jan 2024 12:34:50 +0000
ROA not before: Tue 02 Jan 2024 12:34:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39342
IP address blocks: 91.245.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/8FIRKM9jSqavp-9S1THz_NVWKPk.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/8FIRKM9jSqavp-9S1THz_NVWKPk.mft
rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:02:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:64:36:47:04:85:cb:ff:19:5b:c4:8e:d6:89:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Validity
Not Before: Jan 2 12:34:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5f02be408edf79a6482c99458d5c355c0dd00ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fd:80:cc:16:d2:cd:49:91:1d:75:e5:0d:93:
b2:10:98:60:e4:36:ca:5d:58:1f:d1:d5:a9:21:c3:
3e:ef:41:25:b7:37:43:53:1c:b9:bd:81:0d:5b:53:
38:2b:98:54:bf:bb:1e:30:de:15:d8:6f:62:44:ba:
35:4b:1c:06:45:6a:04:3b:85:9d:6d:ad:b5:11:84:
55:9c:51:29:f4:d5:25:27:98:01:8f:4f:19:46:06:
6d:80:25:9e:79:c8:58:89:d6:ce:31:66:08:4d:52:
dd:0a:1e:5e:df:23:43:2c:49:6e:72:7e:7e:d6:54:
49:44:26:fe:b4:11:30:94:c4:ff:13:d8:37:fb:29:
71:87:12:b5:bb:b1:cc:35:05:c4:36:b0:d4:93:e4:
bd:f5:17:83:f3:fc:85:64:5a:31:54:dd:4e:a7:75:
a6:ac:bd:ae:a2:b8:86:8b:8e:06:20:4b:b6:8e:dd:
58:90:41:74:9a:f5:b5:c2:c2:de:63:22:fc:1d:41:
5d:cd:f6:86:ee:13:b5:ce:46:91:e1:58:5e:1e:6c:
e5:90:b6:b5:fe:cc:e6:35:9d:90:9e:24:02:e0:cc:
24:df:6e:55:51:0c:26:eb:a3:81:a4:e9:75:a8:6d:
8a:b2:3c:f9:91:ad:c3:e4:7a:f5:cb:a8:9d:b4:97:
13:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:F0:2B:E4:08:ED:F7:9A:64:82:C9:94:58:D5:C3:55:C0:DD:00:ED
X509v3 Authority Key Identifier:
keyid:F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/xfAr5Ajt95pkgsmUWNXDVcDdAO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/8FIRKM9jSqavp-9S1THz_NVWKPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.245.232.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:53:33:cf:c9:71:6f:8c:d3:ae:95:6b:30:2f:cc:2b:65:9b:
06:a0:9a:08:89:aa:de:a9:31:8a:98:4b:8f:47:22:8b:63:0b:
c7:11:fe:e3:a0:21:db:13:92:62:17:42:e9:98:e1:f7:de:c3:
d8:c0:70:fb:29:9f:00:90:b4:3c:2c:51:44:97:74:09:a9:e5:
77:ca:bb:95:71:a7:2b:46:3f:3d:33:85:13:6a:c4:65:06:6f:
85:dc:64:6b:c3:bb:46:e3:a7:fd:0f:87:57:a9:1b:ad:03:00:
80:cf:c9:48:cb:6e:44:ec:aa:0f:2d:b4:a3:7a:6b:00:ef:6f:
85:2b:78:e0:18:3c:3c:ef:e3:08:eb:80:8a:20:b0:7c:16:1a:
1f:07:f5:83:d5:e0:85:26:aa:35:fd:14:b7:03:3f:a4:db:a0:
db:05:bb:59:5e:c1:5e:40:b6:ff:51:ef:d3:af:0e:78:72:6b:
a8:5b:f4:6b:66:fb:15:f3:7d:14:33:a4:82:58:3f:fb:ff:8e:
67:19:ef:e2:e7:91:df:08:f0:93:f4:a9:1c:36:1d:f8:d7:ae:
8a:62:58:42:bd:d4:21:70:ca:5b:43:c9:75:28:a7:d1:a9:30:
37:20:2f:ca:03:ce:70:19:69:6d:f2:44:94:c1:3f:b9:78:17:
35:98:2f:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK2Q2RwSFy/8ZW8SO1ok2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNTIxMTI4Y2Y2MzRhYTZhZmE3ZWY1MmQ1MzFmM2ZjZDU1
NjI4ZjkwHhcNMjQwMTAyMTIzNDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWYwMmJlNDA4ZWRmNzlhNjQ4MmM5OTQ1OGQ1YzM1NWMwZGQwMGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyP2AzBbSzUmRHXXlDZOyEJhg5DbK
XVgf0dWpIcM+70EltzdDUxy5vYENW1M4K5hUv7seMN4V2G9iRLo1SxwGRWoEO4Wd
ba21EYRVnFEp9NUlJ5gBj08ZRgZtgCWeechYidbOMWYITVLdCh5e3yNDLElucn5+
1lRJRCb+tBEwlMT/E9g3+ylxhxK1u7HMNQXENrDUk+S99ReD8/yFZFoxVN1Op3Wm
rL2uoriGi44GIEu2jt1YkEF0mvW1wsLeYyL8HUFdzfaG7hO1zkaR4VheHmzlkLa1
/szmNZ2QniQC4Mwk325VUQwm66OBpOl1qG2Ksjz5ka3D5Hr1y6idtJcTYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMXwK+QI7feaZILJlFjVw1XA3QDtMB8GA1UdIwQY
MBaAFPBSESjPY0qmr6fvUtUx8/zVVij5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEZJUktNOWpTcWF2cC05UzFUSHpfTlZXS1BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iNGIxNTAtZGJiOC00NjVmLTgxNTUt
ZTQ0MTliNjQyMTJlLzEveGZBcjVBanQ5NXBrZ3NtVVdOWERWY0RkQU8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9iNGIxNTAtZGJiOC00NjVmLTgxNTUtZTQ0MTliNjQyMTJl
LzEvOEZJUktNOWpTcWF2cC05UzFUSHpfTlZXS1BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/XoMA0G
CSqGSIb3DQEBCwUAA4IBAQA8UzPPyXFvjNOulWswL8wrZZsGoJoIiareqTGKmEuP
RyKLYwvHEf7joCHbE5JiF0LpmOH33sPYwHD7KZ8AkLQ8LFFEl3QJqeV3yruVcacr
Rj89M4UTasRlBm+F3GRrw7tG46f9D4dXqRutAwCAz8lIy25E7KoPLbSjemsA72+F
K3jgGDw87+MI64CKILB8FhofB/WD1eCFJqo1/RS3Az+k26DbBbtZXsFeQLb/Ue/T
rw54cmuoW/RrZvsV830UM6SCWD/7/45nGe/i55HfCPCT9KkcNh34166KYlhCvdQh
cMpbQ8l1KKfRqTA3IC/KA85wGWlt8kSUwT+5eBc1mC8R
-----END CERTIFICATE-----
Generated at Fri May 17 18:45:23 2024 by rpki-client on console-ams.rpki-client.org