Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/k3kjNvMvBenh1AyNmcQSjGvYDbQ.roa
File: k3kjNvMvBenh1AyNmcQSjGvYDbQ.roa (raw, json)
Hash identifier: jARnTSCipnJFRZiBu5yZN5cDi9shMHcX6gkB2LU6NLA=
Subject key identifier: 93:79:23:36:F3:2F:05:E9:E1:D4:0C:8D:99:C4:12:8C:6B:D8:0D:B4
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC5011F6FFEC6AD197991E7171DFD47DA
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/k3kjNvMvBenh1AyNmcQSjGvYDbQ.roa
Signing time: Mon 01 Jan 2024 12:30:34 +0000
ROA not before: Mon 01 Jan 2024 12:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198352
IP address blocks: 91.190.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:1f:6f:fe:c6:ad:19:79:91:e7:17:1d:fd:47:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93792336f32f05e9e1d40c8d99c4128c6bd80db4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:22:c2:a2:3f:26:67:30:32:60:59:9e:8e:84:
81:66:79:82:69:de:2e:12:d2:7a:8a:69:54:77:19:
db:30:82:08:c3:14:45:c0:5d:a2:39:62:3e:be:b1:
17:46:46:a5:d8:b6:07:d3:45:ca:0e:ca:49:6d:5d:
51:a3:3f:0f:0b:9f:71:6a:7a:b6:40:53:ad:71:a5:
e2:85:f4:ce:9e:ef:9e:cb:02:bf:d8:b8:49:09:7f:
0e:d0:78:b6:c2:f4:00:ee:00:92:74:83:fe:0b:df:
92:17:18:a2:b1:be:03:ac:3e:1e:f0:f4:12:cd:69:
2e:d6:27:24:65:e4:fb:9e:2e:0f:2b:67:99:95:77:
73:96:2a:ec:b5:5f:65:23:8d:06:c5:2f:a7:a1:7b:
b8:d5:28:c1:76:0b:5b:06:18:89:39:be:ae:33:5a:
2d:33:23:3b:0e:6f:fb:e8:4b:23:67:b7:f0:07:96:
72:40:0a:28:1a:85:87:ba:d1:62:94:ee:c0:39:f1:
16:d0:d5:56:19:08:8c:52:87:25:36:e2:f3:12:4f:
f5:77:70:60:00:95:fb:60:73:2b:e1:bc:8f:68:1a:
08:b2:0a:97:c6:6a:dc:b2:66:80:94:d0:4a:4f:78:
1f:c6:20:27:d8:d3:8a:2b:4e:1b:06:05:cf:bc:b7:
9f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:79:23:36:F3:2F:05:E9:E1:D4:0C:8D:99:C4:12:8C:6B:D8:0D:B4
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/k3kjNvMvBenh1AyNmcQSjGvYDbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.98.0/24
Signature Algorithm: sha256WithRSAEncryption
32:47:e6:6f:df:f0:8d:29:1f:e6:40:00:16:00:57:97:68:ac:
4f:17:99:c5:ed:55:6a:b9:67:4f:2e:53:f4:ae:fe:a0:f4:3d:
40:49:3e:81:d6:86:d2:4b:d9:9a:92:63:f8:68:4a:33:b7:73:
88:a9:77:00:cf:c2:12:74:0a:64:91:c6:dc:44:f8:05:87:7f:
fb:2e:d2:6c:9b:d4:fd:56:ad:05:1f:df:67:ce:b0:13:86:e1:
a2:ec:93:df:60:12:4f:4d:87:47:11:14:87:2a:1a:e8:7a:81:
e6:cd:29:6b:d6:29:6c:1f:35:b9:35:94:81:ce:c7:10:bc:0b:
a2:c8:b2:6f:91:8b:b1:df:86:a9:56:d0:c9:97:18:d4:50:00:
fa:c6:c6:8b:ea:c8:22:48:5d:75:8c:e8:61:72:35:37:04:6d:
e0:e2:9c:f7:23:4b:35:c7:a7:33:68:2d:81:a5:4f:1b:30:34:
b2:af:79:b2:b1:d1:0d:3a:e7:41:64:b7:10:f2:d0:31:cd:9a:
47:9c:ea:a0:68:46:e2:aa:1f:a5:9c:14:04:4d:04:c0:81:6f:
70:59:a2:e4:aa:22:e8:42:29:b1:5a:5e:c4:fb:d2:03:cd:c4:
64:66:27:9a:58:8f:33:57:ce:1c:7e:46:1e:52:b6:86:7f:9d:
a5:dd:92:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAR9v/satGXmR5xcd/UfaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mzc5MjMzNmYzMmYwNWU5ZTFkNDBjOGQ5OWM0MTI4YzZiZDgwZGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSLCoj8mZzAyYFmejoSBZnmCad4u
EtJ6imlUdxnbMIIIwxRFwF2iOWI+vrEXRkal2LYH00XKDspJbV1Roz8PC59xanq2
QFOtcaXihfTOnu+eywK/2LhJCX8O0Hi2wvQA7gCSdIP+C9+SFxiisb4DrD4e8PQS
zWku1ickZeT7ni4PK2eZlXdzlirstV9lI40GxS+noXu41SjBdgtbBhiJOb6uM1ot
MyM7Dm/76EsjZ7fwB5ZyQAooGoWHutFilO7AOfEW0NVWGQiMUoclNuLzEk/1d3Bg
AJX7YHMr4byPaBoIsgqXxmrcsmaAlNBKT3gfxiAn2NOKK04bBgXPvLefWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJN5IzbzLwXp4dQMjZnEEoxr2A20MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvazNrak52TXZCZW5oMUF5Tm1jUVNqR3ZZRGJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW75iMA0G
CSqGSIb3DQEBCwUAA4IBAQAyR+Zv3/CNKR/mQAAWAFeXaKxPF5nF7VVquWdPLlP0
rv6g9D1AST6B1obSS9makmP4aEozt3OIqXcAz8ISdApkkcbcRPgFh3/7LtJsm9T9
Vq0FH99nzrAThuGi7JPfYBJPTYdHERSHKhroeoHmzSlr1ilsHzW5NZSBzscQvAui
yLJvkYux34apVtDJlxjUUAD6xsaL6sgiSF11jOhhcjU3BG3g4pz3I0s1x6czaC2B
pU8bMDSyr3mysdENOudBZLcQ8tAxzZpHnOqgaEbiqh+lnBQETQTAgW9wWaLkqiLo
QimxWl7E+9IDzcRkZieaWI8zV84cfkYeUraGf52l3ZJL
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:08:05 2024 by rpki-client on console-fra.rpki-client.org