Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/t25OJGV5NvLRgoxXnJz-deTU6uc.roa
File: t25OJGV5NvLRgoxXnJz-deTU6uc.roa (raw, json)
Hash identifier: OWcOgM2TqA6qWlRTloEiAGZOkiX5O95wBt/dIiERHpM=
Subject key identifier: B7:6E:4E:24:65:79:36:F2:D1:82:8C:57:9C:9C:FE:75:E4:D4:EA:E7
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 018CC500B117C62C0686C47EF2D322439B01
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/t25OJGV5NvLRgoxXnJz-deTU6uc.roa
Signing time: Mon 01 Jan 2024 12:30:06 +0000
ROA not before: Mon 01 Jan 2024 12:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 92.61.104.0/24 maxlen: 24
91.190.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:b1:17:c6:2c:06:86:c4:7e:f2:d3:22:43:9b:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Jan 1 12:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b76e4e24657936f2d1828c579c9cfe75e4d4eae7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:52:31:c5:d6:f5:71:22:fb:cf:6e:65:a6:36:
eb:34:c8:dd:1e:ae:43:66:1e:da:b2:6b:7b:46:43:
db:2c:56:8a:b7:a0:aa:b7:7b:c9:e2:ab:7d:2a:ca:
50:24:0f:2c:d9:b3:2e:ce:e2:c0:c5:50:78:b6:68:
d7:c2:3b:d7:26:3e:dc:f6:19:d9:8f:14:3a:7b:40:
ff:a3:cc:98:40:c0:7f:23:3f:92:0a:16:82:bd:4f:
67:28:b2:c4:4c:dc:eb:36:d5:92:b3:00:15:c7:99:
9c:f6:15:67:a9:9e:04:03:37:2f:b6:57:0e:ec:d0:
fd:12:fd:21:60:bf:10:a0:e8:23:2a:ec:77:a6:20:
8f:02:65:d7:a4:61:07:50:fe:14:7c:3d:34:45:37:
3d:86:8f:e5:8b:76:16:ba:21:d9:61:96:52:82:93:
85:eb:38:65:33:91:5c:c1:fa:0e:8e:a9:94:83:59:
f0:2c:55:83:a4:af:58:0f:05:6e:67:7f:6c:77:49:
52:f9:6a:eb:6f:bc:fc:b6:c6:ae:04:69:b1:7e:4d:
3f:43:37:c0:0e:ba:14:1e:1e:d5:cb:57:52:b1:c3:
68:ef:c5:b2:bd:ed:6c:e5:2f:b2:83:c8:82:c6:66:
76:94:da:d5:b7:88:22:64:25:be:69:9e:ad:85:cc:
f7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:6E:4E:24:65:79:36:F2:D1:82:8C:57:9C:9C:FE:75:E4:D4:EA:E7
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/t25OJGV5NvLRgoxXnJz-deTU6uc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.189.0/24
92.61.104.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:f4:eb:52:a1:73:3d:0d:2f:86:7e:63:02:be:84:92:47:0f:
e2:97:c2:c9:5a:78:ad:ad:9b:1e:29:a8:54:b4:f9:07:15:c9:
4c:12:a8:30:63:03:e8:61:79:44:b8:39:5d:cb:45:36:1b:7a:
11:28:5f:55:e1:ca:9d:c8:7b:37:7b:fb:15:71:22:df:de:e5:
f4:db:f5:fb:71:06:4f:8d:8d:fd:e4:71:ea:93:f3:1f:9f:1c:
7f:cc:8a:dc:ad:79:d6:7c:66:f1:0e:5e:e3:05:88:6e:92:3d:
5a:fb:06:26:7c:94:eb:5d:ec:9b:01:28:73:b6:30:ad:e5:aa:
20:7c:52:b1:80:5a:56:e6:5a:5b:5a:08:45:be:75:07:8d:1d:
df:a7:4b:ed:f1:1b:07:ee:ab:bb:24:93:23:ce:b5:64:93:90:
1a:94:c5:56:27:cf:24:87:eb:43:c5:ab:da:d8:04:44:c9:66:
f9:5a:86:a5:34:92:92:bc:d7:83:b8:be:a4:26:82:61:88:67:
f7:93:99:4f:3d:17:30:64:ff:f6:9c:5c:13:54:55:9d:24:fa:
ea:9b:67:5c:28:50:fc:e7:df:71:e0:3e:78:10:93:c4:74:23:
b5:7d:00:20:41:38:89:51:b4:e8:03:86:e0:96:47:bf:19:88:
34:5e:c2:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFALEXxiwGhsR+8tMiQ5sBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjQwMTAxMTIzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzZlNGUyNDY1NzkzNmYyZDE4MjhjNTc5YzljZmU3NWU0ZDRlYWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFIxxdb1cSL7z25lpjbrNMjdHq5D
Zh7asmt7RkPbLFaKt6Cqt3vJ4qt9KspQJA8s2bMuzuLAxVB4tmjXwjvXJj7c9hnZ
jxQ6e0D/o8yYQMB/Iz+SChaCvU9nKLLETNzrNtWSswAVx5mc9hVnqZ4EAzcvtlcO
7ND9Ev0hYL8QoOgjKux3piCPAmXXpGEHUP4UfD00RTc9ho/li3YWuiHZYZZSgpOF
6zhlM5FcwfoOjqmUg1nwLFWDpK9YDwVuZ39sd0lS+Wrrb7z8tsauBGmxfk0/QzfA
DroUHh7Vy1dSscNo78Wyve1s5S+yg8iCxmZ2lNrVt4giZCW+aZ6thcz3YQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLduTiRleTby0YKMV5yc/nXk1OrnMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvdDI1T0pHVjVOdkxSZ294WG5Kei1kZVRVNnVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW769AwQA
XD1oMA0GCSqGSIb3DQEBCwUAA4IBAQC/9OtSoXM9DS+GfmMCvoSSRw/il8LJWnit
rZseKahUtPkHFclMEqgwYwPoYXlEuDldy0U2G3oRKF9V4cqdyHs3e/sVcSLf3uX0
2/X7cQZPjY395HHqk/Mfnxx/zIrcrXnWfGbxDl7jBYhukj1a+wYmfJTrXeybAShz
tjCt5aogfFKxgFpW5lpbWghFvnUHjR3fp0vt8RsH7qu7JJMjzrVkk5AalMVWJ88k
h+tDxava2AREyWb5WoalNJKSvNeDuL6kJoJhiGf3k5lPPRcwZP/2nFwTVFWdJPrq
m2dcKFD8599x4D54EJPEdCO1fQAgQTiJUbToA4bglke/GYg0XsIR
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:50:31 2024 by rpki-client on console-fra.rpki-client.org