Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/367748-885c-4621-b44c-1195fe050de1/1/XBzZyIG8kn6q8p-NdmjKwJMgy_k.roa
File: XBzZyIG8kn6q8p-NdmjKwJMgy_k.roa (raw, json)
Hash identifier: /tQRFvIHtA8tTIsKx/psa8bQCraIFIMLtK5n1XSTFgw=
Subject key identifier: 5C:1C:D9:C8:81:BC:92:7E:AA:F2:9F:8D:76:68:CA:C0:93:20:CB:F9
Certificate issuer: /CN=4be919a84e1a229f789d939d1aaa712a4d3c399d
Certificate serial: 018FDDAB14D116D92700AF669B044D5041F0
Authority key identifier: 4B:E9:19:A8:4E:1A:22:9F:78:9D:93:9D:1A:AA:71:2A:4D:3C:39:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S-kZqE4aIp94nZOdGqpxKk08OZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/367748-885c-4621-b44c-1195fe050de1/1/XBzZyIG8kn6q8p-NdmjKwJMgy_k.roa
Signing time: Mon 03 Jun 2024 10:35:27 +0000
ROA not before: Mon 03 Jun 2024 10:35:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198746
IP address blocks: 91.238.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/367748-885c-4621-b44c-1195fe050de1/1/S-kZqE4aIp94nZOdGqpxKk08OZ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/367748-885c-4621-b44c-1195fe050de1/1/S-kZqE4aIp94nZOdGqpxKk08OZ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/S-kZqE4aIp94nZOdGqpxKk08OZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dd:ab:14:d1:16:d9:27:00:af:66:9b:04:4d:50:41:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4be919a84e1a229f789d939d1aaa712a4d3c399d
Validity
Not Before: Jun 3 10:35:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c1cd9c881bc927eaaf29f8d7668cac09320cbf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:42:6f:38:fc:97:51:99:14:06:88:3a:39:3e:
5f:b1:f8:d0:87:dc:ba:df:92:ee:44:b9:49:92:a6:
56:91:2c:7f:43:8f:42:1d:40:58:76:64:8b:69:db:
4f:3c:c2:3f:21:92:d6:19:20:ef:c7:d5:e9:1f:c6:
50:6c:9e:49:d7:a1:d0:05:3f:03:e2:b3:5d:c0:6b:
4c:fb:ca:ae:3a:21:54:ac:b6:6e:55:cc:ca:e6:f4:
3a:4f:a8:d6:12:e0:b9:74:8c:32:25:84:13:ff:77:
3f:62:02:98:be:a5:81:71:b5:0c:42:77:02:dd:2d:
e9:ce:7b:01:3b:e8:83:9a:a7:d5:65:37:7d:9f:78:
96:00:44:79:1e:e3:7e:4d:27:ee:c2:57:1a:d0:70:
80:da:3f:a5:40:e4:42:16:ae:e8:7f:f4:de:48:af:
e2:88:cc:21:26:00:4c:87:2a:7c:01:f5:7b:f9:20:
27:44:68:ec:cf:d9:53:7d:12:e2:4a:00:f6:f5:49:
4e:a8:55:b0:8c:33:07:a5:d7:3f:f1:f5:84:a5:ab:
71:1b:cf:15:1d:72:a6:45:4f:3b:7c:5a:04:2c:8a:
4e:b3:e2:27:2a:3a:b0:8a:a3:32:7e:40:86:57:8f:
2b:a2:7c:cf:81:09:35:9e:16:33:b9:94:84:5f:09:
af:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:1C:D9:C8:81:BC:92:7E:AA:F2:9F:8D:76:68:CA:C0:93:20:CB:F9
X509v3 Authority Key Identifier:
keyid:4B:E9:19:A8:4E:1A:22:9F:78:9D:93:9D:1A:AA:71:2A:4D:3C:39:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S-kZqE4aIp94nZOdGqpxKk08OZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/367748-885c-4621-b44c-1195fe050de1/1/XBzZyIG8kn6q8p-NdmjKwJMgy_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/367748-885c-4621-b44c-1195fe050de1/1/S-kZqE4aIp94nZOdGqpxKk08OZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.254.0/24
Signature Algorithm: sha256WithRSAEncryption
58:4e:3f:ca:56:1e:e6:79:3a:de:b6:2b:54:9a:6f:b0:46:14:
46:0f:3a:1c:50:38:45:18:8b:d3:3b:06:64:e3:75:01:f4:7f:
8d:67:a3:81:53:6e:da:09:a1:64:fc:88:4d:dc:30:d3:d9:06:
f2:c6:63:b4:f1:38:10:17:3f:38:c7:46:26:b7:6a:97:71:0b:
38:64:3c:f7:c5:11:a8:cf:67:0f:f4:bf:0d:77:6a:a5:ff:8f:
6b:c0:b5:88:a1:51:e6:89:89:25:7a:b0:3b:0f:f6:11:44:28:
b0:29:d3:b1:90:3f:0e:65:3f:68:af:80:f6:2b:8d:a6:1b:f5:
03:56:fc:02:dc:8b:b3:85:3c:24:b0:96:c9:5e:6e:32:05:cf:
b6:c5:5c:69:ae:dc:ef:38:9b:8b:05:f6:a4:74:61:c4:8f:5a:
16:c2:3b:bb:28:1f:0a:23:d3:53:36:9d:a3:af:be:8e:e9:f4:
cf:b9:99:46:52:2d:54:39:8d:c3:dc:ce:3b:2d:76:72:6c:c3:
6f:79:14:47:ef:03:9e:dc:82:f7:69:28:25:f0:f7:25:5c:ec:
37:42:fc:f3:f5:12:c4:62:17:87:30:ec:4a:02:92:db:51:b2:
40:dd:db:6c:bd:64:07:ba:a9:49:06:49:b7:85:65:7b:a3:ba:
ad:ef:40:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/dqxTRFtknAK9mmwRNUEHwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZTkxOWE4NGUxYTIyOWY3ODlkOTM5ZDFhYWE3MTJhNGQz
YzM5OWQwHhcNMjQwNjAzMTAzNTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzFjZDljODgxYmM5MjdlYWFmMjlmOGQ3NjY4Y2FjMDkzMjBjYmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0JvOPyXUZkUBog6OT5fsfjQh9y6
35LuRLlJkqZWkSx/Q49CHUBYdmSLadtPPMI/IZLWGSDvx9XpH8ZQbJ5J16HQBT8D
4rNdwGtM+8quOiFUrLZuVczK5vQ6T6jWEuC5dIwyJYQT/3c/YgKYvqWBcbUMQncC
3S3pznsBO+iDmqfVZTd9n3iWAER5HuN+TSfuwlca0HCA2j+lQORCFq7of/TeSK/i
iMwhJgBMhyp8AfV7+SAnRGjsz9lTfRLiSgD29UlOqFWwjDMHpdc/8fWEpatxG88V
HXKmRU87fFoELIpOs+InKjqwiqMyfkCGV48ronzPgQk1nhYzuZSEXwmvzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFwc2ciBvJJ+qvKfjXZoysCTIMv5MB8GA1UdIwQY
MBaAFEvpGahOGiKfeJ2TnRqqcSpNPDmdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUy1rWnFFNGFJcDk0blpPZEdxcHhLazA4T1owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8zNjc3NDgtODg1Yy00NjIxLWI0NGMt
MTE5NWZlMDUwZGUxLzEvWEJ6WnlJRzhrbjZxOHAtTmRtakt3Sk1neV9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8zNjc3NDgtODg1Yy00NjIxLWI0NGMtMTE5NWZlMDUwZGUx
LzEvUy1rWnFFNGFJcDk0blpPZEdxcHhLazA4T1owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+7+MA0G
CSqGSIb3DQEBCwUAA4IBAQBYTj/KVh7meTretitUmm+wRhRGDzocUDhFGIvTOwZk
43UB9H+NZ6OBU27aCaFk/IhN3DDT2QbyxmO08TgQFz84x0Ymt2qXcQs4ZDz3xRGo
z2cP9L8Nd2ql/49rwLWIoVHmiYklerA7D/YRRCiwKdOxkD8OZT9or4D2K42mG/UD
VvwC3IuzhTwksJbJXm4yBc+2xVxprtzvOJuLBfakdGHEj1oWwju7KB8KI9NTNp2j
r76O6fTPuZlGUi1UOY3D3M47LXZybMNveRRH7wOe3IL3aSgl8PclXOw3Qvzz9RLE
YheHMOxKApLbUbJA3dtsvWQHuqlJBkm3hWV7o7qt70DQ
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:15:24 2024 by rpki-client on console-fra.rpki-client.org