Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/f636c6-10d2-4f6f-b418-50b9d52361c3/1/d-h2LOkgUI5DR5f4h1C4rCCNJdQ.roa
File: d-h2LOkgUI5DR5f4h1C4rCCNJdQ.roa (raw, json)
Hash identifier: XUt0Ozmc1D5ACc5JW3tgj8hp613qy6tqdwSjh+Wou9U=
Subject key identifier: 77:E8:76:2C:E9:20:50:8E:43:47:97:F8:87:50:B8:AC:20:8D:25:D4
Certificate issuer: /CN=d9c91317283276937d436f4b216dcda3efbe2a88
Certificate serial: 018CC9BC4D8C38ABC128ED42D927B9B739CE
Authority key identifier: D9:C9:13:17:28:32:76:93:7D:43:6F:4B:21:6D:CD:A3:EF:BE:2A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ckTFygydpN9Q29LIW3No---Kog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/f636c6-10d2-4f6f-b418-50b9d52361c3/1/d-h2LOkgUI5DR5f4h1C4rCCNJdQ.roa
Signing time: Tue 02 Jan 2024 10:33:30 +0000
ROA not before: Tue 02 Jan 2024 10:33:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57693
IP address blocks: 91.217.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/f636c6-10d2-4f6f-b418-50b9d52361c3/1/2ckTFygydpN9Q29LIW3No---Kog.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/f636c6-10d2-4f6f-b418-50b9d52361c3/1/2ckTFygydpN9Q29LIW3No---Kog.mft
rsync://rpki.ripe.net/repository/DEFAULT/2ckTFygydpN9Q29LIW3No---Kog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:4d:8c:38:ab:c1:28:ed:42:d9:27:b9:b7:39:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9c91317283276937d436f4b216dcda3efbe2a88
Validity
Not Before: Jan 2 10:33:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77e8762ce920508e434797f88750b8ac208d25d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e9:c1:d1:f9:98:83:6c:0c:b6:3e:4a:96:ba:
73:79:ce:69:64:47:27:9b:75:ff:2b:ab:d6:27:60:
93:3a:4e:06:69:14:23:ad:76:0e:36:7a:7f:f8:df:
d8:9f:3e:36:7b:93:39:4a:0b:c8:0b:3a:83:a0:c6:
e6:7e:cd:a4:e3:e5:e9:90:e9:92:d1:7a:1a:6a:85:
78:a7:e1:34:8e:cf:d2:aa:ba:70:22:8e:63:4d:a1:
e7:7d:2b:d1:52:fd:14:11:1f:dd:ad:1f:c6:38:81:
43:5d:69:75:77:f0:ca:3d:14:ff:30:90:cc:b5:bb:
71:79:65:78:c5:58:c9:fa:80:85:b4:36:b0:2f:2d:
a5:92:ee:d3:df:d1:d8:53:dd:72:97:6b:d5:a6:84:
42:88:11:14:f6:81:1c:0f:b4:6d:45:7b:29:f9:3b:
3f:9f:95:7d:f3:15:59:2c:d1:13:c3:6d:7d:f3:75:
01:dc:ed:05:cb:a3:cb:e8:78:dc:6f:de:4b:9a:0f:
04:2f:6e:65:53:2d:f7:c7:73:55:80:67:9d:d8:e2:
d7:d8:be:f2:ba:f9:28:05:ea:1f:99:97:49:ca:34:
e1:6b:1e:35:2a:7a:5f:24:d6:c6:22:6c:7c:fb:55:
23:2c:bb:e4:cb:9c:0a:86:7b:a7:9a:a8:7a:50:53:
a9:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:E8:76:2C:E9:20:50:8E:43:47:97:F8:87:50:B8:AC:20:8D:25:D4
X509v3 Authority Key Identifier:
keyid:D9:C9:13:17:28:32:76:93:7D:43:6F:4B:21:6D:CD:A3:EF:BE:2A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ckTFygydpN9Q29LIW3No---Kog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/f636c6-10d2-4f6f-b418-50b9d52361c3/1/d-h2LOkgUI5DR5f4h1C4rCCNJdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/f636c6-10d2-4f6f-b418-50b9d52361c3/1/2ckTFygydpN9Q29LIW3No---Kog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.229.0/24
Signature Algorithm: sha256WithRSAEncryption
26:73:05:88:73:83:c2:f4:31:16:3b:5a:24:61:c1:a1:c4:5b:
5e:f8:e2:16:86:e1:b3:07:f8:7f:89:a7:a7:4a:12:2a:b1:12:
fd:b2:ea:47:59:d9:cf:ae:4c:6f:10:7a:c9:1b:c8:96:4e:ef:
b1:93:5f:f7:61:c0:c5:10:4e:fb:b6:2a:51:40:db:ad:11:f6:
ac:13:38:8d:12:81:7f:ab:03:42:fb:42:d6:09:45:01:81:2c:
32:a0:3a:b5:bc:7d:be:de:80:25:16:91:77:b1:0c:00:3c:f8:
ab:03:3d:d4:22:20:42:8e:2a:93:68:dc:c4:cb:97:52:3a:f2:
56:38:71:e2:3a:c1:0c:7f:37:96:54:1f:85:0f:38:fc:8a:1a:
7c:6e:ee:6d:62:f8:b3:40:77:3e:58:7c:1c:30:cd:a3:f4:68:
51:45:3b:b7:75:71:51:cd:09:3f:5a:62:29:39:ee:1e:f8:8c:
be:df:d1:98:65:3d:a9:59:59:78:eb:f7:fa:e7:92:53:ae:2e:
da:33:7f:5f:19:40:07:b7:2a:57:c1:d5:a6:c4:f7:33:c2:a2:
20:d1:95:7d:fd:c8:cf:6a:d8:97:b0:de:fc:7e:fd:b4:1d:b6:
6f:f2:46:48:8e:b3:ce:6d:31:2c:eb:6e:a1:7c:3d:cd:4c:ef:
49:75:3d:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvE2MOKvBKO1C2Se5tznOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YzkxMzE3MjgzMjc2OTM3ZDQzNmY0YjIxNmRjZGEzZWZi
ZTJhODgwHhcNMjQwMTAyMTAzMzMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2U4NzYyY2U5MjA1MDhlNDM0Nzk3Zjg4NzUwYjhhYzIwOGQyNWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+nB0fmYg2wMtj5Klrpzec5pZEcn
m3X/K6vWJ2CTOk4GaRQjrXYONnp/+N/Ynz42e5M5SgvICzqDoMbmfs2k4+XpkOmS
0XoaaoV4p+E0js/SqrpwIo5jTaHnfSvRUv0UER/drR/GOIFDXWl1d/DKPRT/MJDM
tbtxeWV4xVjJ+oCFtDawLy2lku7T39HYU91yl2vVpoRCiBEU9oEcD7RtRXsp+Ts/
n5V98xVZLNETw21983UB3O0Fy6PL6Hjcb95Lmg8EL25lUy33x3NVgGed2OLX2L7y
uvkoBeofmZdJyjThax41KnpfJNbGImx8+1UjLLvky5wKhnunmqh6UFOpZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHfodizpIFCOQ0eX+IdQuKwgjSXUMB8GA1UdIwQY
MBaAFNnJExcoMnaTfUNvSyFtzaPvviqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmNrVEZ5Z3lkcE45UTI5TElXM05vLS0tS29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9mNjM2YzYtMTBkMi00ZjZmLWI0MTgt
NTBiOWQ1MjM2MWMzLzEvZC1oMkxPa2dVSTVEUjVmNGgxQzRyQ0NOSmRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9mNjM2YzYtMTBkMi00ZjZmLWI0MTgtNTBiOWQ1MjM2MWMz
LzEvMmNrVEZ5Z3lkcE45UTI5TElXM05vLS0tS29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9nlMA0G
CSqGSIb3DQEBCwUAA4IBAQAmcwWIc4PC9DEWO1okYcGhxFte+OIWhuGzB/h/iaen
ShIqsRL9supHWdnPrkxvEHrJG8iWTu+xk1/3YcDFEE77tipRQNutEfasEziNEoF/
qwNC+0LWCUUBgSwyoDq1vH2+3oAlFpF3sQwAPPirAz3UIiBCjiqTaNzEy5dSOvJW
OHHiOsEMfzeWVB+FDzj8ihp8bu5tYvizQHc+WHwcMM2j9GhRRTu3dXFRzQk/WmIp
Oe4e+Iy+39GYZT2pWVl46/f655JTri7aM39fGUAHtypXwdWmxPczwqIg0ZV9/cjP
atiXsN78fv20HbZv8kZIjrPObTEs626hfD3NTO9JdT3S
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:42:33 2024 by rpki-client on console-fra.rpki-client.org