Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/vGCrQ6WGY4rw-gTm5lU79V8wTD8.roa
File: vGCrQ6WGY4rw-gTm5lU79V8wTD8.roa (raw, json)
Hash identifier: x7cJZioH3R+9iaY4BtxYhJMQlkhFgyMhcDdtYIrqt3M=
Subject key identifier: BC:60:AB:43:A5:86:63:8A:F0:FA:04:E6:E6:55:3B:F5:5F:30:4C:3F
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 019178724E6EA47E7AC1CBE699F320DBCC44
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/vGCrQ6WGY4rw-gTm5lU79V8wTD8.roa
Signing time: Thu 22 Aug 2024 04:57:22 +0000
ROA not before: Thu 22 Aug 2024 04:57:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400529
IP address blocks: 91.229.114.0/24 maxlen: 24
193.243.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:78:72:4e:6e:a4:7e:7a:c1:cb:e6:99:f3:20:db:cc:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Aug 22 04:57:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc60ab43a586638af0fa04e6e6553bf55f304c3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:16:81:2a:d4:2e:0e:3b:80:24:ef:15:7a:a1:
89:e8:02:0b:0d:22:7f:5d:80:f1:4d:79:1a:8e:97:
1e:59:d9:7a:1f:38:d8:cd:67:e6:63:df:94:52:e0:
55:e3:e0:2b:3c:6c:a8:bb:b5:82:a2:31:4b:ea:cc:
8f:02:f0:62:78:75:0c:0e:57:cc:8f:2d:3a:c9:ce:
31:90:55:6a:47:4d:38:33:07:94:ab:85:d7:1b:94:
80:22:25:da:e9:ba:b5:a5:18:79:44:a3:55:fc:32:
06:0c:20:1b:52:c7:8e:e1:d9:d0:3a:90:fc:8e:ad:
f5:a4:72:f4:34:23:c5:1b:7e:93:15:21:00:73:a6:
ab:c3:d6:3a:54:51:49:2f:dd:66:90:87:cd:7a:e7:
f2:56:bd:d2:dd:7f:8c:bd:49:65:39:bd:41:52:8b:
2e:7f:8d:3b:bd:e9:a5:c2:07:09:13:35:f5:84:9c:
ec:a5:00:71:a5:34:37:3b:fb:15:7a:4f:3b:95:27:
7e:5e:0c:91:09:f3:1f:8b:0a:3c:f4:89:a1:50:bb:
d5:11:36:0f:ad:dc:28:a9:a3:0d:40:7c:86:ee:8d:
fa:2b:1f:06:00:55:0f:87:bf:86:c3:f6:42:ff:ee:
2d:44:45:93:cb:27:a9:fb:b5:0c:aa:1a:fd:cd:65:
f9:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:60:AB:43:A5:86:63:8A:F0:FA:04:E6:E6:55:3B:F5:5F:30:4C:3F
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/vGCrQ6WGY4rw-gTm5lU79V8wTD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.114.0/24
193.243.190.0/24
Signature Algorithm: sha256WithRSAEncryption
94:30:b7:ba:e0:e9:e3:07:67:19:bc:af:de:44:15:fc:5f:29:
da:0e:f6:29:b6:0c:89:c6:35:c6:e4:f2:bb:2a:d9:fb:ad:01:
d8:b6:23:ed:a4:1a:ef:c1:b0:0e:36:81:83:6a:a8:20:37:d2:
c6:11:74:1b:52:78:8c:6a:7e:bf:14:10:27:b4:f7:12:92:5d:
1f:df:7a:5e:5d:de:ce:46:c6:5e:8f:f1:0b:50:84:9e:3b:41:
57:41:7c:4e:8a:95:2f:7c:02:88:c1:29:ce:70:83:40:ff:8c:
5b:dc:f1:3a:a6:13:d0:60:08:bd:f4:f7:a7:d8:be:e8:02:98:
f4:b8:16:4b:9d:12:23:13:e8:70:70:77:be:e9:5d:b7:e0:36:
c1:81:72:f3:e6:f2:2e:ac:34:d8:c4:5b:6e:6d:f7:5f:a6:e6:
d4:6a:86:24:65:84:72:7f:91:4d:ff:17:f4:49:db:89:0e:72:
ce:99:1d:b7:34:4f:b2:3f:9c:96:74:f4:2c:57:d0:90:d9:5f:
0e:05:d8:31:89:2b:4d:96:61:a6:86:8a:4b:d0:53:ad:ac:5c:
91:1c:a5:76:02:d2:e7:5e:c5:e8:0f:72:eb:b1:24:4b:a9:53:
50:a7:b1:15:d8:66:c6:24:80:68:72:6c:4a:48:ff:1d:9f:24:
ee:cc:00:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZF4ck5upH56wcvmmfMg28xEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjQwODIyMDQ1NzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzYwYWI0M2E1ODY2MzhhZjBmYTA0ZTZlNjU1M2JmNTVmMzA0YzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhaBKtQuDjuAJO8VeqGJ6AILDSJ/
XYDxTXkajpceWdl6HzjYzWfmY9+UUuBV4+ArPGyou7WCojFL6syPAvBieHUMDlfM
jy06yc4xkFVqR004MweUq4XXG5SAIiXa6bq1pRh5RKNV/DIGDCAbUseO4dnQOpD8
jq31pHL0NCPFG36TFSEAc6arw9Y6VFFJL91mkIfNeufyVr3S3X+MvUllOb1BUosu
f407vemlwgcJEzX1hJzspQBxpTQ3O/sVek87lSd+XgyRCfMfiwo89ImhULvVETYP
rdwoqaMNQHyG7o36Kx8GAFUPh7+Gw/ZC/+4tREWTyyep+7UMqhr9zWX5/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLxgq0OlhmOK8PoE5uZVO/VfMEw/MB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvdkdDclE2V0dZNHJ3LWdUbTVsVTc5Vjh3VEQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+VyAwQA
wfO+MA0GCSqGSIb3DQEBCwUAA4IBAQCUMLe64OnjB2cZvK/eRBX8XynaDvYptgyJ
xjXG5PK7Ktn7rQHYtiPtpBrvwbAONoGDaqggN9LGEXQbUniMan6/FBAntPcSkl0f
33peXd7ORsZej/ELUISeO0FXQXxOipUvfAKIwSnOcINA/4xb3PE6phPQYAi99Pen
2L7oApj0uBZLnRIjE+hwcHe+6V234DbBgXLz5vIurDTYxFtubfdfpubUaoYkZYRy
f5FN/xf0SduJDnLOmR23NE+yP5yWdPQsV9CQ2V8OBdgxiStNlmGmhopL0FOtrFyR
HKV2AtLnXsXoD3LrsSRLqVNQp7EV2GbGJIBocmxKSP8dnyTuzAB8
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:56:57 2024 by rpki-client on console-ams.rpki-client.org