Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/rn50XeIuWAj4jXB9KEwyi5wkbrU.roa
File: rn50XeIuWAj4jXB9KEwyi5wkbrU.roa (raw, json)
Hash identifier: 44hhLOp7cpDtE1xTjfF8MQWHPg/ahFc55Pjw+ECL/B8=
Subject key identifier: AE:7E:74:5D:E2:2E:58:08:F8:8D:70:7D:28:4C:32:8B:9C:24:6E:B5
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018CC56DDF8921CD2E544F39E3C079BE3558
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/rn50XeIuWAj4jXB9KEwyi5wkbrU.roa
Signing time: Mon 01 Jan 2024 14:29:21 +0000
ROA not before: Mon 01 Jan 2024 14:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13075
IP address blocks: 91.213.104.0/24 maxlen: 24
83.149.14.0/24 maxlen: 24
83.149.13.0/24 maxlen: 24
2a03:d000:9000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:df:89:21:cd:2e:54:4f:39:e3:c0:79:be:35:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 14:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae7e745de22e5808f88d707d284c328b9c246eb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5d:6d:08:15:4f:23:7e:a9:d8:bb:c9:1b:7f:
3c:d3:8e:73:6a:57:c9:a9:63:f4:7f:d0:dc:ef:f2:
4a:ed:f0:ff:95:52:11:56:f7:a5:36:f9:6d:26:0a:
b2:6d:97:1a:c1:1c:51:4c:f8:4e:d0:45:fa:61:77:
f3:c2:74:47:2c:25:f6:6c:3c:d1:71:7d:b3:78:83:
40:d3:06:0d:bb:34:9e:ff:61:6f:30:3c:a5:5d:d0:
62:d1:7a:fb:19:6a:e6:cd:86:c3:42:24:1d:87:ad:
fd:f1:8f:ad:9c:6e:c6:a5:54:52:c0:b9:21:66:de:
b0:9f:33:41:0a:65:38:c9:10:6d:2d:58:24:58:32:
aa:37:f3:b9:fc:e0:21:89:fd:79:d1:62:a0:cb:4b:
82:a4:d8:29:33:2b:c0:e4:eb:f4:bd:50:40:c1:0d:
54:cf:76:79:fb:a1:cd:1c:e4:69:9f:e3:93:bd:5c:
51:e8:ee:45:d5:2a:f0:6c:bb:74:46:50:52:22:40:
84:6f:5e:c0:9b:04:2a:76:e8:6a:84:88:71:83:26:
57:85:36:20:50:9f:ea:44:3f:41:04:d6:86:aa:5b:
78:0c:07:66:ee:63:11:a3:25:11:c9:64:f0:ac:93:
c2:f4:2b:f8:b4:26:c5:d4:77:ce:ff:27:df:c6:e4:
30:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:7E:74:5D:E2:2E:58:08:F8:8D:70:7D:28:4C:32:8B:9C:24:6E:B5
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/rn50XeIuWAj4jXB9KEwyi5wkbrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.149.13.0-83.149.14.255
91.213.104.0/24
IPv6:
2a03:d000:9000::/48
Signature Algorithm: sha256WithRSAEncryption
39:94:13:e4:49:d7:09:2e:b1:af:84:91:d9:1e:86:c0:81:f7:
09:2f:1e:18:05:39:c5:53:9f:32:5d:f3:31:47:7c:52:b4:8e:
72:3f:a7:64:62:8d:db:67:91:4c:2d:d6:42:6c:2d:fa:89:0f:
2b:d2:6d:d4:55:7d:6b:22:3f:30:2a:a1:b5:33:7a:0c:38:d5:
ac:d1:09:f7:c9:3d:23:8a:9f:86:25:61:07:13:36:26:d2:38:
7f:88:8b:2c:99:62:8f:5e:d1:45:6a:a5:d1:8b:ab:bd:73:9d:
ef:88:00:bf:bc:c1:72:f7:bf:fb:3d:09:3d:e1:81:21:c7:28:
c2:b8:cc:3f:09:84:31:d6:df:ac:c4:c6:55:81:6a:e7:fa:79:
c4:08:c4:96:30:10:68:60:7a:63:70:7b:1e:1b:6f:94:fc:08:
74:c4:98:b7:67:36:c6:6d:84:58:ff:7c:7f:65:69:22:e3:3a:
38:1d:69:4a:42:f7:74:a9:ca:3b:5d:aa:67:63:6b:bf:86:78:
31:e7:c0:15:a3:f7:c0:66:10:bb:6f:46:16:8e:05:48:a0:9e:
52:92:fd:5a:c7:c4:25:6a:a1:e3:71:58:00:53:34:59:39:5d:
8f:de:e0:e5:bf:ce:ec:8b:4f:ea:7f:92:98:c4:0e:7b:a2:48:
0a:f6:9f:e3
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzFbd+JIc0uVE8548B5vjVYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjQwMTAxMTQyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTdlNzQ1ZGUyMmU1ODA4Zjg4ZDcwN2QyODRjMzI4YjljMjQ2ZWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmV1tCBVPI36p2LvJG388045zalfJ
qWP0f9Dc7/JK7fD/lVIRVvelNvltJgqybZcawRxRTPhO0EX6YXfzwnRHLCX2bDzR
cX2zeINA0wYNuzSe/2FvMDylXdBi0Xr7GWrmzYbDQiQdh6398Y+tnG7GpVRSwLkh
Zt6wnzNBCmU4yRBtLVgkWDKqN/O5/OAhif150WKgy0uCpNgpMyvA5Ov0vVBAwQ1U
z3Z5+6HNHORpn+OTvVxR6O5F1SrwbLt0RlBSIkCEb17AmwQqduhqhIhxgyZXhTYg
UJ/qRD9BBNaGqlt4DAdm7mMRoyURyWTwrJPC9Cv4tCbF1HfO/yffxuQwYwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFK5+dF3iLlgI+I1wfShMMoucJG61MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvcm41MFhlSXVXQWo0alhCOUtFd3lpNXdrYnJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBABTlQ0D
BABTlQ4DBABb1WgwDwQCAAIwCQMHACoD0ACQADANBgkqhkiG9w0BAQsFAAOCAQEA
OZQT5EnXCS6xr4SR2R6GwIH3CS8eGAU5xVOfMl3zMUd8UrSOcj+nZGKN22eRTC3W
Qmwt+okPK9Jt1FV9ayI/MCqhtTN6DDjVrNEJ98k9I4qfhiVhBxM2JtI4f4iLLJli
j17RRWql0YurvXOd74gAv7zBcve/+z0JPeGBIccowrjMPwmEMdbfrMTGVYFq5/p5
xAjEljAQaGB6Y3B7HhtvlPwIdMSYt2c2xm2EWP98f2VpIuM6OB1pSkL3dKnKO12q
Z2Nrv4Z4MefAFaP3wGYQu29GFo4FSKCeUpL9WsfEJWqh43FYAFM0WTldj97g5b/O
7ItP6n+SmMQOe6JICvaf4w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:42:28 2024 by rpki-client on console-fra.rpki-client.org