Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/1_sC_dFMZeLIllxzzCom8m3oC24.roa
File: 1_sC_dFMZeLIllxzzCom8m3oC24.roa (raw, json)
Hash identifier: hHyEwXOx5apAecqLil1HW8G3SfPzzCRgg7SGbki0S9c=
Subject key identifier: D7:FB:02:FD:D1:4C:65:E2:C8:96:5C:73:CC:2A:26:F2:6D:E8:0B:6E
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 018CC7958F0DCD7BCCBD06233DEE28E1E54C
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/1_sC_dFMZeLIllxzzCom8m3oC24.roa
Signing time: Tue 02 Jan 2024 00:31:56 +0000
ROA not before: Tue 02 Jan 2024 00:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61135
IP address blocks: 91.151.93.0/24 maxlen: 32
91.151.90.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.mft
rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:8f:0d:cd:7b:cc:bd:06:23:3d:ee:28:e1:e5:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jan 2 00:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7fb02fdd14c65e2c8965c73cc2a26f26de80b6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:62:ef:50:ee:3e:ec:fc:25:b3:5e:1e:b4:64:
3c:1e:49:b7:81:5d:97:ba:24:2e:8a:cb:c1:02:59:
e8:20:cb:6d:44:92:1b:dc:f2:b3:c3:77:08:e7:8d:
4f:d0:99:09:2f:ae:7f:2c:27:2a:f6:83:3f:af:e2:
2e:b7:02:ac:bf:46:96:ca:62:f9:6a:e3:3b:bd:ef:
77:98:87:2f:47:c5:02:66:d3:2d:9e:11:eb:69:37:
12:4e:6c:72:f3:69:8f:48:08:c0:17:04:a9:0a:8a:
6c:f7:df:19:0f:74:8d:61:62:b3:1f:c0:00:e6:66:
b3:f1:c1:64:bb:a4:81:65:77:9a:df:8b:01:03:e4:
28:47:03:0c:97:30:68:78:08:a0:08:eb:ab:d1:15:
ae:77:10:65:1a:37:70:c0:c3:d5:4a:cf:85:a8:ee:
86:0f:2d:f9:ca:3b:e9:66:59:54:41:12:cc:e8:0d:
33:45:03:22:54:59:87:99:eb:60:98:e5:46:13:23:
47:10:33:22:6d:6a:6e:a0:f1:61:16:7e:87:ad:39:
31:6c:4e:4f:f2:cf:e2:56:ba:46:73:61:58:18:9a:
e5:0f:1d:95:0f:0a:e2:d3:57:53:fb:a4:c3:fe:1e:
86:01:23:e5:a8:48:7f:1c:24:20:5b:84:50:4a:46:
63:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:FB:02:FD:D1:4C:65:E2:C8:96:5C:73:CC:2A:26:F2:6D:E8:0B:6E
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/1_sC_dFMZeLIllxzzCom8m3oC24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.90.0/24
91.151.93.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:b1:18:54:dc:5d:21:74:67:2c:fa:d6:ec:36:11:5c:3d:c8:
eb:86:ea:f8:4d:90:25:30:32:71:8a:7c:00:2d:0e:4f:18:f2:
05:f7:46:d8:f8:7b:d2:f2:70:b1:c3:95:08:01:e4:b7:9e:da:
38:f7:c5:b6:48:d1:6d:43:9e:ef:89:40:17:25:90:ec:3c:5c:
7b:1a:cf:54:55:86:65:7c:67:b0:c0:02:dc:95:ea:84:3e:e6:
72:a8:f3:29:42:1a:8b:79:fc:61:13:3d:4b:44:fa:84:4d:73:
e6:25:23:60:fa:f9:88:32:69:aa:77:76:ce:ce:37:21:fd:c8:
98:54:66:f0:3d:0d:57:da:bc:e1:57:6e:81:77:98:c9:35:81:
60:0d:ef:59:5d:78:ce:a2:7f:35:3f:2d:02:a6:dc:1e:2f:83:
4f:03:9b:54:18:d6:bb:fe:1e:db:b8:de:75:7d:35:9e:a9:2e:
c9:00:4b:56:3d:01:f6:03:ff:e8:ae:b0:b4:ad:3b:50:d2:04:
e1:d7:99:b7:fb:0a:36:73:9a:33:76:7d:86:79:7b:46:db:82:
7c:57:4d:6e:4e:43:bc:a8:c8:c1:33:6f:da:1f:47:6c:ac:2e:
1d:6d:8e:75:53:b9:41:09:c6:44:ed:ff:b9:4c:1b:d5:ec:f4:
f0:90:9b:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlY8NzXvMvQYjPe4o4eVMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjQwMTAyMDAzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2ZiMDJmZGQxNGM2NWUyYzg5NjVjNzNjYzJhMjZmMjZkZTgwYjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmLvUO4+7Pwls14etGQ8Hkm3gV2X
uiQuisvBAlnoIMttRJIb3PKzw3cI541P0JkJL65/LCcq9oM/r+IutwKsv0aWymL5
auM7ve93mIcvR8UCZtMtnhHraTcSTmxy82mPSAjAFwSpCops998ZD3SNYWKzH8AA
5maz8cFku6SBZXea34sBA+QoRwMMlzBoeAigCOur0RWudxBlGjdwwMPVSs+FqO6G
Dy35yjvpZllUQRLM6A0zRQMiVFmHmetgmOVGEyNHEDMibWpuoPFhFn6HrTkxbE5P
8s/iVrpGc2FYGJrlDx2VDwri01dT+6TD/h6GASPlqEh/HCQgW4RQSkZj5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNf7Av3RTGXiyJZcc8wqJvJt6AtuMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvMV9zQ19kRk1aZUxJbGx4enpDb204bTNvQzI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW5daAwQA
W5ddMA0GCSqGSIb3DQEBCwUAA4IBAQBPsRhU3F0hdGcs+tbsNhFcPcjrhur4TZAl
MDJxinwALQ5PGPIF90bY+HvS8nCxw5UIAeS3nto498W2SNFtQ57viUAXJZDsPFx7
Gs9UVYZlfGewwALcleqEPuZyqPMpQhqLefxhEz1LRPqETXPmJSNg+vmIMmmqd3bO
zjch/ciYVGbwPQ1X2rzhV26Bd5jJNYFgDe9ZXXjOon81Py0CptweL4NPA5tUGNa7
/h7buN51fTWeqS7JAEtWPQH2A//orrC0rTtQ0gTh15m3+wo2c5ozdn2GeXtG24J8
V01uTkO8qMjBM2/aH0dsrC4dbY51U7lBCcZE7f+5TBvV7PTwkJsR
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:48:10 2024 by rpki-client on console-ams.rpki-client.org