Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/WN2xDupGKIx9nCtbS27igEXDwUk.roa
File: WN2xDupGKIx9nCtbS27igEXDwUk.roa (raw, json)
Hash identifier: Km53IdYf4oetmNCnPTcUgrTDzqb19yNtxEuTeHgFwEU=
Subject key identifier: 58:DD:B1:0E:EA:46:28:8C:7D:9C:2B:5B:4B:6E:E2:80:45:C3:C1:49
Certificate issuer: /CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Certificate serial: 01911E9FA72D2C15C7204DD41E1F8A53BCB0
Authority key identifier: DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/WN2xDupGKIx9nCtbS27igEXDwUk.roa
Signing time: Sun 04 Aug 2024 18:21:04 +0000
ROA not before: Sun 04 Aug 2024 18:21:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2876
IP address blocks: 91.195.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.mft
rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:1e:9f:a7:2d:2c:15:c7:20:4d:d4:1e:1f:8a:53:bc:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Validity
Not Before: Aug 4 18:21:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58ddb10eea46288c7d9c2b5b4b6ee28045c3c149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:31:4e:be:7e:f8:8f:65:2c:2d:ec:f6:e7:71:
83:74:d6:f2:8b:79:d3:f5:b5:5e:45:21:7e:8c:5a:
0b:bb:5d:9e:b9:ee:d5:e4:ac:30:5d:e8:a8:20:51:
8b:3c:91:ce:fb:6d:c0:a3:9f:58:16:38:1a:a6:d3:
4e:eb:f4:f1:b0:4e:d2:06:af:ec:76:b2:1b:6a:51:
70:3a:38:15:57:4e:b7:a3:bb:2f:1e:24:11:18:b2:
75:c4:ce:d1:58:05:38:f1:69:a6:bd:20:72:0c:a6:
2e:71:e2:f1:74:af:71:7e:b3:64:2f:3b:b9:a5:06:
d3:62:dd:92:db:4b:9a:1a:96:ee:12:c5:20:2f:e6:
80:4c:ec:15:02:28:25:13:97:1f:b7:c9:d8:58:44:
b3:34:e5:71:8a:83:c3:9a:04:8f:9f:e8:cd:0d:11:
be:2a:76:5c:5c:25:6d:c5:33:54:8c:0c:21:c3:d0:
bc:57:a6:d7:1d:b2:02:58:51:f3:47:9f:e3:8d:59:
59:04:4a:b7:86:26:b8:60:9b:b3:c6:fc:a5:d0:9e:
0c:1b:3b:a8:71:c8:cb:1f:39:95:66:58:10:e0:4d:
39:d2:99:24:02:3f:ba:ca:eb:a0:ca:34:ca:ba:78:
28:3a:99:cb:80:99:50:ea:2e:f5:4d:a2:ba:e5:34:
eb:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:DD:B1:0E:EA:46:28:8C:7D:9C:2B:5B:4B:6E:E2:80:45:C3:C1:49
X509v3 Authority Key Identifier:
keyid:DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/WN2xDupGKIx9nCtbS27igEXDwUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.195.0/24
Signature Algorithm: sha256WithRSAEncryption
75:b3:2a:47:c6:8b:73:9b:38:ca:b4:ce:2f:0d:4d:ae:87:da:
0d:c3:37:58:3d:fc:d5:8a:33:45:a3:b7:1b:28:1a:a5:8c:4c:
b7:33:4a:4e:32:4d:73:73:66:50:68:f4:5b:fb:33:5b:bf:42:
b8:d7:6c:c3:7d:f0:81:de:55:de:93:77:90:b1:7c:6e:e7:03:
f0:34:16:bb:16:f0:1c:c9:62:14:ed:26:63:61:42:96:7b:ef:
18:73:86:d9:12:fd:a2:ce:d0:51:72:b3:8e:b7:46:55:91:c1:
ab:a7:ab:15:da:35:1f:92:eb:2d:d1:de:3c:b5:c4:05:13:47:
7d:72:6d:2f:2c:23:9e:61:d7:a4:5f:e7:73:42:5b:7c:70:7a:
53:f2:9f:e5:84:7d:5d:78:db:a8:51:3f:62:28:33:c0:8b:70:
f3:7d:59:ee:ad:56:0e:9c:d4:3b:34:b0:55:4c:16:b1:88:c7:
4b:3c:54:51:c5:ef:26:99:6e:df:72:22:2e:1a:18:d9:43:ca:
66:d3:95:9c:03:5f:95:ef:b5:f1:89:ad:eb:0a:34:f6:76:3c:
43:8c:65:94:4d:d0:92:cf:af:d8:d7:1d:fd:b3:50:ca:7b:e9:
7e:d8:c8:fa:e1:3c:9f:10:b3:19:2c:d7:4e:04:42:b4:6d:10:
1e:1c:c7:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEen6ctLBXHIE3UHh+KU7ywMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzgyMWUxYmNiZjZlMDc0ZWE0ODE0YWFhNWM2M2UzYmE4
MTNjNWYwHhcNMjQwODA0MTgyMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGRkYjEwZWVhNDYyODhjN2Q5YzJiNWI0YjZlZTI4MDQ1YzNjMTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizFOvn74j2UsLez253GDdNbyi3nT
9bVeRSF+jFoLu12eue7V5KwwXeioIFGLPJHO+23Ao59YFjgaptNO6/TxsE7SBq/s
drIbalFwOjgVV063o7svHiQRGLJ1xM7RWAU48WmmvSByDKYuceLxdK9xfrNkLzu5
pQbTYt2S20uaGpbuEsUgL+aATOwVAiglE5cft8nYWESzNOVxioPDmgSPn+jNDRG+
KnZcXCVtxTNUjAwhw9C8V6bXHbICWFHzR5/jjVlZBEq3hia4YJuzxvyl0J4MGzuo
ccjLHzmVZlgQ4E050pkkAj+6yuugyjTKungoOpnLgJlQ6i71TaK65TTrVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFjdsQ7qRiiMfZwrW0tu4oBFw8FJMB8GA1UdIwQY
MBaAFNx4IeG8v24HTqSBSqpcY+O6gTxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYt
ZDQ4YjQyZWYxNTliLzEvV04yeER1cEdLSXg5bkN0YlMyN2lnRVhEd1VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYtZDQ4YjQyZWYxNTli
LzEvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8PDMA0G
CSqGSIb3DQEBCwUAA4IBAQB1sypHxotzmzjKtM4vDU2uh9oNwzdYPfzVijNFo7cb
KBqljEy3M0pOMk1zc2ZQaPRb+zNbv0K412zDffCB3lXek3eQsXxu5wPwNBa7FvAc
yWIU7SZjYUKWe+8Yc4bZEv2iztBRcrOOt0ZVkcGrp6sV2jUfkust0d48tcQFE0d9
cm0vLCOeYdekX+dzQlt8cHpT8p/lhH1deNuoUT9iKDPAi3DzfVnurVYOnNQ7NLBV
TBaxiMdLPFRRxe8mmW7fciIuGhjZQ8pm05WcA1+V77Xxia3rCjT2djxDjGWUTdCS
z6/Y1x39s1DKe+l+2Mj64TyfELMZLNdOBEK0bRAeHMfx
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:43:10 2024 by rpki-client on console-fra.rpki-client.org