Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/c72abe-32dc-4f18-905f-c1ff056fc76f/1/0JgVQnL8yQxdZwvyPDdGA9Pcwsg.roa
File: 0JgVQnL8yQxdZwvyPDdGA9Pcwsg.roa (raw, json)
Hash identifier: jn9CvIpFPQ5FhI1aFRqIOUY/lNWzu7Sz/mlYX3pLJMg=
Subject key identifier: D0:98:15:42:72:FC:C9:0C:5D:67:0B:F2:3C:37:46:03:D3:DC:C2:C8
Certificate issuer: /CN=4c33c0e14d57eabc3b65e38a7736bebe49092e9e
Certificate serial: 018CC42456CD0F667DF24B7C7061DF6894AD
Authority key identifier: 4C:33:C0:E1:4D:57:EA:BC:3B:65:E3:8A:77:36:BE:BE:49:09:2E:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDPA4U1X6rw7ZeOKdza-vkkJLp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/c72abe-32dc-4f18-905f-c1ff056fc76f/1/0JgVQnL8yQxdZwvyPDdGA9Pcwsg.roa
Signing time: Mon 01 Jan 2024 08:29:24 +0000
ROA not before: Mon 01 Jan 2024 08:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 91.212.121.0/24 maxlen: 24
2a12:89c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/c72abe-32dc-4f18-905f-c1ff056fc76f/1/TDPA4U1X6rw7ZeOKdza-vkkJLp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/c72abe-32dc-4f18-905f-c1ff056fc76f/1/TDPA4U1X6rw7ZeOKdza-vkkJLp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/TDPA4U1X6rw7ZeOKdza-vkkJLp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:56:cd:0f:66:7d:f2:4b:7c:70:61:df:68:94:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c33c0e14d57eabc3b65e38a7736bebe49092e9e
Validity
Not Before: Jan 1 08:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d098154272fcc90c5d670bf23c374603d3dcc2c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9e:2a:7e:ec:a1:42:d5:a1:61:97:32:ad:a7:
c6:d6:c7:f1:31:ea:6c:56:25:3f:51:13:bb:d3:01:
6f:d8:f2:ec:20:5d:8f:3c:28:29:9c:c5:5d:21:dd:
a2:35:cb:67:ab:4a:3e:51:f4:b6:eb:69:88:3b:1c:
18:42:e9:de:27:4e:f8:80:26:02:69:f2:6c:d5:4e:
59:60:45:83:b6:4a:2f:97:05:f4:95:66:0a:49:5e:
76:a9:68:07:4e:c3:03:ee:7b:63:e4:8f:d2:55:b7:
ec:61:c5:cb:f1:29:f2:fa:66:57:c8:d2:87:df:85:
e8:b3:21:14:3b:49:92:8d:01:f7:65:63:d9:e1:ce:
98:66:21:6d:c3:d4:81:77:c8:d3:7a:67:e6:29:38:
0c:92:47:64:2b:a7:0c:33:20:1a:b7:05:a8:ce:65:
e9:23:8f:81:b1:9d:82:d2:44:9c:4d:fb:b2:fb:ea:
f7:1b:04:47:43:80:dc:e2:f1:30:a9:82:b3:4a:6a:
d9:17:89:5d:f0:45:a2:03:14:08:43:0d:eb:48:ad:
8e:ba:24:44:33:e5:74:06:19:9c:6a:70:79:71:58:
15:a9:a1:7d:ab:ee:8d:b4:59:17:c5:10:02:4f:02:
11:9a:d2:ea:4d:73:df:f3:93:b7:ab:f4:52:bd:32:
7f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:98:15:42:72:FC:C9:0C:5D:67:0B:F2:3C:37:46:03:D3:DC:C2:C8
X509v3 Authority Key Identifier:
keyid:4C:33:C0:E1:4D:57:EA:BC:3B:65:E3:8A:77:36:BE:BE:49:09:2E:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDPA4U1X6rw7ZeOKdza-vkkJLp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/c72abe-32dc-4f18-905f-c1ff056fc76f/1/0JgVQnL8yQxdZwvyPDdGA9Pcwsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/c72abe-32dc-4f18-905f-c1ff056fc76f/1/TDPA4U1X6rw7ZeOKdza-vkkJLp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.121.0/24
IPv6:
2a12:89c0::/29
Signature Algorithm: sha256WithRSAEncryption
63:77:58:31:ca:96:ed:28:57:e6:99:17:b9:81:62:39:f3:6c:
d3:95:21:87:e4:a6:97:33:0c:5d:f5:0e:b6:96:5c:9f:92:bf:
41:d2:d0:46:4e:db:73:56:e7:d8:01:74:9a:9a:65:63:f5:ed:
2e:8b:91:87:1c:18:95:01:34:39:0f:27:4f:36:f1:90:5a:b5:
a8:2f:b3:bf:39:e5:30:dd:f7:03:10:f0:cc:a8:ed:0c:78:87:
73:08:10:37:f3:6f:bc:5b:4a:a0:16:d6:12:42:dc:00:b5:23:
f4:22:74:21:2c:05:00:e6:65:ff:70:05:79:5e:79:92:d5:f0:
68:24:a0:76:43:fb:56:44:1b:b0:d9:b8:a0:f0:93:8a:ba:a0:
67:30:e2:7a:f5:28:5b:37:f6:11:71:3c:81:f5:a5:f8:14:7a:
15:0b:bc:be:c6:00:f0:94:c5:25:6e:fd:5e:dd:9a:6d:54:c8:
4b:e0:09:55:33:a1:cb:f1:e9:f9:e8:dc:f3:29:21:23:98:e2:
3d:82:8c:d9:6b:fc:9d:87:be:16:81:6a:b2:9a:43:9c:55:e2:
7f:a8:0c:f4:79:b1:69:e0:37:d8:b6:3d:20:05:81:61:33:c6:
cd:dc:79:63:45:76:20:64:fd:3c:13:95:81:3f:a2:95:55:b4:
a5:25:87:60
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJFbND2Z98kt8cGHfaJStMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzNjMGUxNGQ1N2VhYmMzYjY1ZTM4YTc3MzZiZWJlNDkw
OTJlOWUwHhcNMjQwMTAxMDgyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDk4MTU0MjcyZmNjOTBjNWQ2NzBiZjIzYzM3NDYwM2QzZGNjMmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZ4qfuyhQtWhYZcyrafG1sfxMeps
ViU/URO70wFv2PLsIF2PPCgpnMVdId2iNctnq0o+UfS262mIOxwYQuneJ074gCYC
afJs1U5ZYEWDtkovlwX0lWYKSV52qWgHTsMD7ntj5I/SVbfsYcXL8Sny+mZXyNKH
34XosyEUO0mSjQH3ZWPZ4c6YZiFtw9SBd8jTemfmKTgMkkdkK6cMMyAatwWozmXp
I4+BsZ2C0kScTfuy++r3GwRHQ4Dc4vEwqYKzSmrZF4ld8EWiAxQIQw3rSK2OuiRE
M+V0BhmcanB5cVgVqaF9q+6NtFkXxRACTwIRmtLqTXPf85O3q/RSvTJ/EQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNCYFUJy/MkMXWcL8jw3RgPT3MLIMB8GA1UdIwQY
MBaAFEwzwOFNV+q8O2Xjinc2vr5JCS6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERQQTRVMVg2cnc3WmVPS2R6YS12a2tKTHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9jNzJhYmUtMzJkYy00ZjE4LTkwNWYt
YzFmZjA1NmZjNzZmLzEvMEpnVlFuTDh5UXhkWnd2eVBEZEdBOVBjd3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9jNzJhYmUtMzJkYy00ZjE4LTkwNWYtYzFmZjA1NmZjNzZm
LzEvVERQQTRVMVg2cnc3WmVPS2R6YS12a2tKTHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9R5MA0E
AgACMAcDBQMqEonAMA0GCSqGSIb3DQEBCwUAA4IBAQBjd1gxypbtKFfmmRe5gWI5
82zTlSGH5KaXMwxd9Q62llyfkr9B0tBGTttzVufYAXSammVj9e0ui5GHHBiVATQ5
DydPNvGQWrWoL7O/OeUw3fcDEPDMqO0MeIdzCBA382+8W0qgFtYSQtwAtSP0InQh
LAUA5mX/cAV5XnmS1fBoJKB2Q/tWRBuw2big8JOKuqBnMOJ69ShbN/YRcTyB9aX4
FHoVC7y+xgDwlMUlbv1e3ZptVMhL4AlVM6HL8en56NzzKSEjmOI9gozZa/ydh74W
gWqymkOcVeJ/qAz0ebFp4DfYtj0gBYFhM8bN3HljRXYgZP08E5WBP6KVVbSlJYdg
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:50:24 2024 by rpki-client on console-fra.rpki-client.org