Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/8603e1-9b6b-43a6-b95e-36878f657e12/1/21v58EpJxaUPzR-CRZJW-dpIuOg.roa
File: 21v58EpJxaUPzR-CRZJW-dpIuOg.roa (raw, json)
Hash identifier: RsvgQs+wnAX2kAkh/2MDzUzyL798yaBsHBO0KwCazOo=
Subject key identifier: DB:5B:F9:F0:4A:49:C5:A5:0F:CD:1F:82:45:92:56:F9:DA:48:B8:E8
Certificate issuer: /CN=a898496b8d1dd825b487038fb87ca199b13b93df
Certificate serial: 019301F7DD1659BCC1A293EFCD9488072FDF
Authority key identifier: A8:98:49:6B:8D:1D:D8:25:B4:87:03:8F:B8:7C:A1:99:B1:3B:93:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qJhJa40d2CW0hwOPuHyhmbE7k98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/8603e1-9b6b-43a6-b95e-36878f657e12/1/21v58EpJxaUPzR-CRZJW-dpIuOg.roa
Signing time: Wed 06 Nov 2024 14:54:01 +0000
ROA not before: Wed 06 Nov 2024 14:54:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48866
IP address blocks: 91.223.178.0/24 maxlen: 24
193.218.186.0/24 maxlen: 24
195.191.40.0/24 maxlen: 24
195.191.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/8603e1-9b6b-43a6-b95e-36878f657e12/1/qJhJa40d2CW0hwOPuHyhmbE7k98.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/8603e1-9b6b-43a6-b95e-36878f657e12/1/qJhJa40d2CW0hwOPuHyhmbE7k98.mft
rsync://rpki.ripe.net/repository/DEFAULT/qJhJa40d2CW0hwOPuHyhmbE7k98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:01:f7:dd:16:59:bc:c1:a2:93:ef:cd:94:88:07:2f:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a898496b8d1dd825b487038fb87ca199b13b93df
Validity
Not Before: Nov 6 14:54:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db5bf9f04a49c5a50fcd1f82459256f9da48b8e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6a:91:26:d2:0f:a4:0b:2d:ff:49:89:60:2c:
cf:ac:16:87:a2:cf:5b:7e:8a:fd:98:4e:00:9a:58:
75:e5:da:1c:2e:b4:a7:58:2e:f9:92:fd:40:e0:2b:
e7:90:b1:a5:29:c4:13:f2:db:9c:46:40:d6:be:a5:
41:f3:18:99:cd:c7:a7:18:3e:7a:b5:30:58:dc:62:
7a:5f:3f:d7:b5:83:8e:6b:25:ed:74:af:04:b2:98:
af:aa:57:8d:09:04:32:87:9e:bd:43:b3:17:5a:60:
52:00:94:00:fd:c6:62:82:36:de:4d:d8:31:30:f7:
e3:3f:33:ba:ea:ca:de:60:6f:07:29:b2:de:a7:09:
ab:e6:1b:54:fc:41:81:93:40:c4:9f:f9:08:56:a0:
59:49:20:4e:10:47:76:75:3c:b6:58:50:39:1d:9c:
8e:bf:12:b6:38:53:70:6c:74:3f:97:6a:61:76:f0:
6d:d5:db:56:cb:72:f4:76:12:7d:ad:06:7b:ce:b8:
f7:eb:7a:75:9e:ed:c3:5a:c2:2f:bc:27:f0:86:e8:
dc:71:59:5a:dc:e3:91:f0:22:e4:ba:cf:11:28:2c:
d3:14:73:62:21:65:f5:cd:7b:46:f3:df:72:40:b0:
c2:a0:79:69:9b:c4:37:c3:0d:03:91:c4:02:e3:0f:
9d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:5B:F9:F0:4A:49:C5:A5:0F:CD:1F:82:45:92:56:F9:DA:48:B8:E8
X509v3 Authority Key Identifier:
keyid:A8:98:49:6B:8D:1D:D8:25:B4:87:03:8F:B8:7C:A1:99:B1:3B:93:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qJhJa40d2CW0hwOPuHyhmbE7k98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/8603e1-9b6b-43a6-b95e-36878f657e12/1/21v58EpJxaUPzR-CRZJW-dpIuOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/8603e1-9b6b-43a6-b95e-36878f657e12/1/qJhJa40d2CW0hwOPuHyhmbE7k98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.178.0/24
193.218.186.0/24
195.191.40.0/23
Signature Algorithm: sha256WithRSAEncryption
14:c6:29:3c:53:05:5c:d5:2c:c0:f1:77:6f:4f:11:50:66:d9:
35:9c:37:c7:46:ea:82:cb:c4:81:c4:9a:44:f5:64:62:50:9a:
69:89:51:ff:2e:92:a3:2c:78:55:93:8e:72:ca:55:f4:bc:35:
8f:fb:c3:49:35:e6:f5:94:34:9e:04:26:2d:05:68:25:8d:01:
a6:5b:0d:28:e8:7e:a2:46:67:36:6e:e4:a4:4b:8d:1f:97:5c:
e7:cb:e5:81:14:9f:a4:32:96:59:4a:a0:20:e1:f8:6b:37:50:
9e:46:5d:16:60:d1:ac:74:07:77:28:5f:ac:f1:53:94:d6:f6:
16:f5:5b:d0:33:04:66:bb:56:44:78:9b:0e:d2:bc:4d:1d:f2:
50:e8:7a:49:a7:11:df:0c:cf:b8:21:b9:ca:1c:37:d7:47:58:
ab:83:53:a0:09:d3:a9:29:52:6f:6c:a3:9a:e4:77:0d:cf:bf:
23:74:09:c6:10:15:2e:c4:60:82:55:b3:88:87:f2:e7:8a:fe:
e6:e9:fc:f3:c0:41:af:17:c0:38:0e:cb:20:87:e5:1a:8d:e7:
e8:c8:76:46:c1:ed:4a:a1:f7:c4:95:6a:aa:24:aa:bf:3b:73:
3e:da:1e:9e:b0:cf:5d:c0:94:fe:c5:d9:93:83:bd:24:78:7f:
e6:b7:5e:a5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZMB990WWbzBopPvzZSIBy/fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4OTg0OTZiOGQxZGQ4MjViNDg3MDM4ZmI4N2NhMTk5YjEz
YjkzZGYwHhcNMjQxMTA2MTQ1NDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjViZjlmMDRhNDljNWE1MGZjZDFmODI0NTkyNTZmOWRhNDhiOGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmqRJtIPpAst/0mJYCzPrBaHos9b
for9mE4Amlh15docLrSnWC75kv1A4CvnkLGlKcQT8tucRkDWvqVB8xiZzcenGD56
tTBY3GJ6Xz/XtYOOayXtdK8EspivqleNCQQyh569Q7MXWmBSAJQA/cZigjbeTdgx
MPfjPzO66sreYG8HKbLepwmr5htU/EGBk0DEn/kIVqBZSSBOEEd2dTy2WFA5HZyO
vxK2OFNwbHQ/l2phdvBt1dtWy3L0dhJ9rQZ7zrj363p1nu3DWsIvvCfwhujccVla
3OOR8CLkus8RKCzTFHNiIWX1zXtG899yQLDCoHlpm8Q3ww0DkcQC4w+dZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNtb+fBKScWlD80fgkWSVvnaSLjoMB8GA1UdIwQY
MBaAFKiYSWuNHdgltIcDj7h8oZmxO5PfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUpoSmE0MGQyQ1cwaHdPUHVIeWhtYkU3azk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84NjAzZTEtOWI2Yi00M2E2LWI5NWUt
MzY4NzhmNjU3ZTEyLzEvMjF2NThFcEp4YVVQelItQ1JaSlctZHBJdU9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84NjAzZTEtOWI2Yi00M2E2LWI5NWUtMzY4NzhmNjU3ZTEy
LzEvcUpoSmE0MGQyQ1cwaHdPUHVIeWhtYkU3azk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9+yAwQA
wdq6AwQBw78oMA0GCSqGSIb3DQEBCwUAA4IBAQAUxik8UwVc1SzA8XdvTxFQZtk1
nDfHRuqCy8SBxJpE9WRiUJppiVH/LpKjLHhVk45yylX0vDWP+8NJNeb1lDSeBCYt
BWgljQGmWw0o6H6iRmc2buSkS40fl1zny+WBFJ+kMpZZSqAg4fhrN1CeRl0WYNGs
dAd3KF+s8VOU1vYW9VvQMwRmu1ZEeJsO0rxNHfJQ6HpJpxHfDM+4IbnKHDfXR1ir
g1OgCdOpKVJvbKOa5HcNz78jdAnGEBUuxGCCVbOIh/Lniv7m6fzzwEGvF8A4Dssg
h+UajefoyHZGwe1KoffElWqqJKq/O3M+2h6esM9dwJT+xdmTg70keH/mt16l
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:00:33 2024 by rpki-client on console-fra.rpki-client.org