Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/e7b1d7-3d7a-46ab-810f-eddf23c1ba6d/1/1-4bdPO79jaJZ43jmAoEP_zjOA8w.roa
File: 1-4bdPO79jaJZ43jmAoEP_zjOA8w.roa (raw, json)
Hash identifier: ZKb9/sgRp+pbjQOwrtPGJkPGIS3eFpQtXo91AezjOzA=
Subject key identifier: FB:86:DD:3C:EE:FD:8D:A2:59:E3:78:E6:02:81:0F:FF:38:CE:03:CC
Certificate issuer: /CN=18caeb14a01ee16d836565e14fa53b4ab3c3cd26
Certificate serial: 018CC9BC95F7B3188AD24C3AB068EDE6AE54
Authority key identifier: 18:CA:EB:14:A0:1E:E1:6D:83:65:65:E1:4F:A5:3B:4A:B3:C3:CD:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GMrrFKAe4W2DZWXhT6U7SrPDzSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/e7b1d7-3d7a-46ab-810f-eddf23c1ba6d/1/1-4bdPO79jaJZ43jmAoEP_zjOA8w.roa
Signing time: Tue 02 Jan 2024 10:33:48 +0000
ROA not before: Tue 02 Jan 2024 10:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206915
IP address blocks: 91.217.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/e7b1d7-3d7a-46ab-810f-eddf23c1ba6d/1/GMrrFKAe4W2DZWXhT6U7SrPDzSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/e7b1d7-3d7a-46ab-810f-eddf23c1ba6d/1/GMrrFKAe4W2DZWXhT6U7SrPDzSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/GMrrFKAe4W2DZWXhT6U7SrPDzSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:95:f7:b3:18:8a:d2:4c:3a:b0:68:ed:e6:ae:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18caeb14a01ee16d836565e14fa53b4ab3c3cd26
Validity
Not Before: Jan 2 10:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb86dd3ceefd8da259e378e602810fff38ce03cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:3a:8a:44:c8:e3:c4:9b:9c:6e:e4:57:8a:72:
52:e8:30:d3:d0:3f:74:e3:0a:bd:86:21:7e:cf:80:
da:8a:f7:19:6e:05:d9:71:ff:fb:d2:a1:a1:e5:13:
56:a9:02:fb:0a:53:50:62:87:f3:f1:85:27:89:66:
d8:4f:75:41:8c:ab:47:8c:60:68:c4:b0:4d:14:ce:
0f:fc:e1:c7:5e:cc:1f:72:ef:cd:5c:54:f6:43:20:
12:45:5a:3b:7a:03:f9:17:ed:64:7a:52:b0:45:ce:
58:54:9b:9f:f7:c8:6d:f0:d1:08:d6:dc:0a:24:64:
29:5a:0b:d7:3e:45:f1:69:0d:47:54:52:28:2d:ca:
7f:cc:a7:e4:af:48:fd:40:80:ac:e1:46:5d:95:2a:
b9:74:14:3f:46:98:c4:40:6c:3f:b6:86:ec:ca:cf:
c5:35:6b:14:bd:c3:79:d5:18:d2:70:14:6e:31:f2:
55:9f:db:be:5e:34:d4:b8:3a:f4:7f:41:00:ee:50:
ab:de:a6:1e:1e:e6:68:12:6d:28:6b:7d:d2:8d:02:
66:6c:4b:3b:58:41:19:30:5a:e9:09:fb:ca:28:6d:
c3:5a:b7:47:73:7d:fb:09:f8:34:49:f0:41:ab:23:
07:eb:85:14:77:fb:9b:ff:6c:89:eb:44:30:d3:67:
6d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:86:DD:3C:EE:FD:8D:A2:59:E3:78:E6:02:81:0F:FF:38:CE:03:CC
X509v3 Authority Key Identifier:
keyid:18:CA:EB:14:A0:1E:E1:6D:83:65:65:E1:4F:A5:3B:4A:B3:C3:CD:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GMrrFKAe4W2DZWXhT6U7SrPDzSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/e7b1d7-3d7a-46ab-810f-eddf23c1ba6d/1/1-4bdPO79jaJZ43jmAoEP_zjOA8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/e7b1d7-3d7a-46ab-810f-eddf23c1ba6d/1/GMrrFKAe4W2DZWXhT6U7SrPDzSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.26.0/24
Signature Algorithm: sha256WithRSAEncryption
39:e1:ab:2b:cb:0c:13:0a:97:83:51:37:b6:4b:d2:c5:e3:f2:
18:31:3e:f3:62:e9:e6:a4:95:40:8f:7a:e4:8c:4d:39:56:1e:
9c:93:29:5d:af:9c:78:bb:5b:b4:f8:8b:99:f7:01:12:f2:0e:
65:8d:5f:c1:8a:eb:a5:89:dc:c4:20:37:a2:f6:16:eb:19:18:
69:1d:ba:75:13:15:67:7e:06:14:2a:3b:cb:11:53:80:8f:57:
d6:12:5f:99:94:f4:c0:d1:8b:0e:11:f0:df:80:ee:7c:90:fb:
94:ba:5a:f3:39:84:37:76:4e:63:b2:6d:6c:ed:39:4f:34:df:
bc:0d:66:04:57:05:c9:ee:82:ba:06:c5:5d:eb:0a:97:1c:f4:
3a:89:9b:42:ad:98:7f:91:b0:9f:f3:72:35:e4:2b:77:06:6f:
d9:52:cc:5d:17:99:f6:a6:20:34:71:90:51:2e:4d:55:2c:19:
bb:d1:27:c5:2a:6f:86:20:59:49:18:8f:58:2b:b4:ae:44:3f:
73:fb:f1:24:3e:5f:d7:d0:da:de:20:f6:57:4c:7e:c2:a0:13:
39:da:e6:57:dd:4e:25:69:24:9c:93:a7:0d:a3:49:2b:ca:ab:
87:ae:cf:53:cb:c2:bb:03:a0:1e:77:15:47:15:ac:4f:68:d2:
1f:f5:8f:3d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzJvJX3sxiK0kw6sGjt5q5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4Y2FlYjE0YTAxZWUxNmQ4MzY1NjVlMTRmYTUzYjRhYjNj
M2NkMjYwHhcNMjQwMTAyMTAzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjg2ZGQzY2VlZmQ4ZGEyNTllMzc4ZTYwMjgxMGZmZjM4Y2UwM2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTqKRMjjxJucbuRXinJS6DDT0D90
4wq9hiF+z4DaivcZbgXZcf/70qGh5RNWqQL7ClNQYofz8YUniWbYT3VBjKtHjGBo
xLBNFM4P/OHHXswfcu/NXFT2QyASRVo7egP5F+1kelKwRc5YVJuf98ht8NEI1twK
JGQpWgvXPkXxaQ1HVFIoLcp/zKfkr0j9QICs4UZdlSq5dBQ/RpjEQGw/tobsys/F
NWsUvcN51RjScBRuMfJVn9u+XjTUuDr0f0EA7lCr3qYeHuZoEm0oa33SjQJmbEs7
WEEZMFrpCfvKKG3DWrdHc337Cfg0SfBBqyMH64UUd/ub/2yJ60Qw02dt7wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPuG3Tzu/Y2iWeN45gKBD/84zgPMMB8GA1UdIwQY
MBaAFBjK6xSgHuFtg2Vl4U+lO0qzw80mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR01yckZLQWU0VzJEWldYaFQ2VTdTclBEelNZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9lN2IxZDctM2Q3YS00NmFiLTgxMGYt
ZWRkZjIzYzFiYTZkLzEvMS00YmRQTzc5amFKWjQzam1Bb0VQX3pqT0E4dy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDUvZTdiMWQ3LTNkN2EtNDZhYi04MTBmLWVkZGYyM2MxYmE2
ZC8xL0dNcnJGS0FlNFcyRFpXWGhUNlU3U3JQRHpTWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvZGjAN
BgkqhkiG9w0BAQsFAAOCAQEAOeGrK8sMEwqXg1E3tkvSxePyGDE+82Lp5qSVQI96
5IxNOVYenJMpXa+ceLtbtPiLmfcBEvIOZY1fwYrrpYncxCA3ovYW6xkYaR26dRMV
Z34GFCo7yxFTgI9X1hJfmZT0wNGLDhHw34DufJD7lLpa8zmEN3ZOY7JtbO05TzTf
vA1mBFcFye6CugbFXesKlxz0OombQq2Yf5Gwn/NyNeQrdwZv2VLMXReZ9qYgNHGQ
US5NVSwZu9EnxSpvhiBZSRiPWCu0rkQ/c/vxJD5f19Da3iD2V0x+wqATOdrmV91O
JWkknJOnDaNJK8qrh67PU8vCuwOgHncVRxWsT2jSH/WPPQ==
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:53:03 2024 by rpki-client on console-fra.rpki-client.org