Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/ddf1e1-f07e-4bad-84a8-fe27359fd7ea/1/1-arrEgj5LmKdT47Pm86qEshvyGY.roa
File: 1-arrEgj5LmKdT47Pm86qEshvyGY.roa (raw, json)
Hash identifier: zUPqjnWJZw40De4R6HEefs+zPqcFq65dn63Ktvj7c88=
Subject key identifier: F9:AA:EB:12:08:F9:2E:62:9D:4F:8E:CF:9B:CE:AA:12:C8:6F:C8:66
Certificate issuer: /CN=e45d0adc294dd366df6ada880134dbd0e688ccf7
Certificate serial: 018CC2DB19788B88EDE6A82A6B727359FD76
Authority key identifier: E4:5D:0A:DC:29:4D:D3:66:DF:6A:DA:88:01:34:DB:D0:E6:88:CC:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5F0K3ClN02bfatqIATTb0OaIzPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/ddf1e1-f07e-4bad-84a8-fe27359fd7ea/1/1-arrEgj5LmKdT47Pm86qEshvyGY.roa
Signing time: Mon 01 Jan 2024 02:29:47 +0000
ROA not before: Mon 01 Jan 2024 02:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57007
IP address blocks: 91.229.252.0/22 maxlen: 22
2001:678:84c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/ddf1e1-f07e-4bad-84a8-fe27359fd7ea/1/5F0K3ClN02bfatqIATTb0OaIzPc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/ddf1e1-f07e-4bad-84a8-fe27359fd7ea/1/5F0K3ClN02bfatqIATTb0OaIzPc.mft
rsync://rpki.ripe.net/repository/DEFAULT/5F0K3ClN02bfatqIATTb0OaIzPc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:19:78:8b:88:ed:e6:a8:2a:6b:72:73:59:fd:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e45d0adc294dd366df6ada880134dbd0e688ccf7
Validity
Not Before: Jan 1 02:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9aaeb1208f92e629d4f8ecf9bceaa12c86fc866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:81:13:78:1e:7e:5a:ff:39:54:4c:7c:4c:8a:
10:8d:0e:c9:d1:67:9b:64:2c:33:53:2f:90:ff:76:
c5:31:08:f2:2b:a3:cf:7e:9b:f7:95:0d:68:e1:f6:
68:1b:86:aa:65:0d:4b:ef:02:e3:e8:a0:2e:7e:15:
97:44:77:ef:0b:d0:1a:2e:b8:eb:8f:99:9b:d0:1e:
b5:4b:f1:a4:c8:11:76:0e:0b:c3:32:2d:2d:c5:89:
2c:66:9c:e4:c2:83:07:af:9d:39:da:11:3f:0c:93:
ef:07:7b:bc:79:6b:95:ac:7f:9f:ff:f0:82:cf:1a:
d8:67:72:87:ee:49:ae:81:35:30:90:57:84:35:53:
84:06:a4:ef:38:39:7b:f0:de:43:45:0a:01:e1:76:
be:ab:c0:f5:fb:b0:2f:b7:04:cb:ff:b1:db:c8:f5:
4b:a5:08:97:da:49:35:a1:0f:bb:f2:28:5d:8a:25:
9d:be:11:ee:48:90:77:be:25:7b:70:f5:63:bd:99:
2b:65:91:2d:fd:19:29:63:a8:e3:c3:b0:2a:d0:75:
99:5c:10:60:75:4c:8d:9c:f6:ae:37:a6:fd:1a:55:
76:99:a3:6c:d0:a6:57:00:ad:72:6c:5e:b2:01:f0:
cb:17:75:ef:cf:98:52:d4:c8:76:90:e6:56:63:77:
ac:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:AA:EB:12:08:F9:2E:62:9D:4F:8E:CF:9B:CE:AA:12:C8:6F:C8:66
X509v3 Authority Key Identifier:
keyid:E4:5D:0A:DC:29:4D:D3:66:DF:6A:DA:88:01:34:DB:D0:E6:88:CC:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5F0K3ClN02bfatqIATTb0OaIzPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/ddf1e1-f07e-4bad-84a8-fe27359fd7ea/1/1-arrEgj5LmKdT47Pm86qEshvyGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/ddf1e1-f07e-4bad-84a8-fe27359fd7ea/1/5F0K3ClN02bfatqIATTb0OaIzPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.252.0/22
IPv6:
2001:678:84c::/48
Signature Algorithm: sha256WithRSAEncryption
80:01:1b:99:38:80:de:90:05:40:69:75:87:23:e5:73:48:07:
92:67:6e:bf:89:e2:11:9c:4a:e1:89:0a:3a:3c:67:47:bf:78:
5e:4c:a5:f5:23:4f:f0:a4:97:a6:3c:aa:61:0a:61:8c:79:31:
fc:75:cb:a3:20:d2:d7:05:88:e3:ee:84:81:a5:c6:b0:f0:ba:
82:f4:fa:a8:3a:03:7d:32:ce:28:b5:cd:5e:7c:11:be:5c:82:
ea:ac:10:e3:aa:0a:56:ca:c8:26:37:dd:6b:27:51:ea:ee:48:
56:20:3b:9f:f8:55:5d:6a:4c:a2:65:5f:00:40:e3:0e:9f:c1:
c8:26:be:21:c6:f1:a8:28:50:53:95:99:f5:13:d1:af:4c:f3:
16:08:b1:f6:bc:7a:6d:42:1c:a4:b9:30:7a:2b:0d:24:ae:91:
2c:08:b8:7c:61:bf:68:20:2e:a8:ae:82:16:46:28:06:f4:b7:
74:0d:3e:dc:bc:75:a8:b5:1f:29:28:73:9a:15:3b:d2:7c:a1:
fc:6e:28:da:88:f6:23:c7:1f:af:3b:f1:11:71:cb:cb:29:27:
ff:8e:71:7d:0f:3d:66:b1:3e:79:bd:65:92:37:87:41:80:44:
84:7a:6f:8b:d1:98:fd:f7:01:87:06:ee:55:d1:a6:38:c3:b8:
b2:78:16:49
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzC2xl4i4jt5qgqa3JzWf12MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NWQwYWRjMjk0ZGQzNjZkZjZhZGE4ODAxMzRkYmQwZTY4
OGNjZjcwHhcNMjQwMTAxMDIyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWFhZWIxMjA4ZjkyZTYyOWQ0ZjhlY2Y5YmNlYWExMmM4NmZjODY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4ETeB5+Wv85VEx8TIoQjQ7J0Web
ZCwzUy+Q/3bFMQjyK6PPfpv3lQ1o4fZoG4aqZQ1L7wLj6KAufhWXRHfvC9AaLrjr
j5mb0B61S/GkyBF2DgvDMi0txYksZpzkwoMHr5052hE/DJPvB3u8eWuVrH+f//CC
zxrYZ3KH7kmugTUwkFeENVOEBqTvODl78N5DRQoB4Xa+q8D1+7AvtwTL/7HbyPVL
pQiX2kk1oQ+78ihdiiWdvhHuSJB3viV7cPVjvZkrZZEt/RkpY6jjw7Aq0HWZXBBg
dUyNnPauN6b9GlV2maNs0KZXAK1ybF6yAfDLF3Xvz5hS1Mh2kOZWY3esFwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPmq6xII+S5inU+Oz5vOqhLIb8hmMB8GA1UdIwQY
MBaAFORdCtwpTdNm32raiAE029DmiMz3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUYwSzNDbE4wMmJmYXRxSUFUVGIwT2FJelBjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kZGYxZTEtZjA3ZS00YmFkLTg0YTgt
ZmUyNzM1OWZkN2VhLzEvMS1hcnJFZ2o1TG1LZFQ0N1BtODZxRXNodnlHWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2QvZGRmMWUxLWYwN2UtNGJhZC04NGE4LWZlMjczNTlmZDdl
YS8xLzVGMEszQ2xOMDJiZmF0cUlBVFRiME9hSXpQYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAlvl/DAP
BAIAAjAJAwcAIAEGeAhMMA0GCSqGSIb3DQEBCwUAA4IBAQCAARuZOIDekAVAaXWH
I+VzSAeSZ26/ieIRnErhiQo6PGdHv3heTKX1I0/wpJemPKphCmGMeTH8dcujINLX
BYjj7oSBpcaw8LqC9PqoOgN9Ms4otc1efBG+XILqrBDjqgpWysgmN91rJ1Hq7khW
IDuf+FVdakyiZV8AQOMOn8HIJr4hxvGoKFBTlZn1E9GvTPMWCLH2vHptQhykuTB6
Kw0krpEsCLh8Yb9oIC6oroIWRigG9Ld0DT7cvHWotR8pKHOaFTvSfKH8bijaiPYj
xx+vO/ERccvLKSf/jnF9Dz1msT55vWWSN4dBgESEem+L0Zj99wGHBu5V0aY4w7iy
eBZJ
-----END CERTIFICATE-----
Generated at Fri Dec 27 23:54:41 2024 by rpki-client on console-fra.rpki-client.org