Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/721745-cfe5-4161-b405-069996c630f0/1/qOMfHbWZ1ZJEkZ9laxP6GOEEwFg.roa
File: qOMfHbWZ1ZJEkZ9laxP6GOEEwFg.roa (raw, json)
Hash identifier: wOp2FnOM9U6oc1ZA3ZJErlaVfIFRdOrnBNbaEOjPnuo=
Subject key identifier: A8:E3:1F:1D:B5:99:D5:92:44:91:9F:65:6B:13:FA:18:E1:04:C0:58
Certificate issuer: /CN=18abae0e1f216a321973ccc9c6537ec6197dab18
Certificate serial: 018CC2DB4CAAB4D1A638FF9BB62A33C916D0
Authority key identifier: 18:AB:AE:0E:1F:21:6A:32:19:73:CC:C9:C6:53:7E:C6:19:7D:AB:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GKuuDh8hajIZc8zJxlN-xhl9qxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/721745-cfe5-4161-b405-069996c630f0/1/qOMfHbWZ1ZJEkZ9laxP6GOEEwFg.roa
Signing time: Mon 01 Jan 2024 02:30:01 +0000
ROA not before: Mon 01 Jan 2024 02:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35393
IP address blocks: 91.198.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/721745-cfe5-4161-b405-069996c630f0/1/GKuuDh8hajIZc8zJxlN-xhl9qxg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/721745-cfe5-4161-b405-069996c630f0/1/GKuuDh8hajIZc8zJxlN-xhl9qxg.mft
rsync://rpki.ripe.net/repository/DEFAULT/GKuuDh8hajIZc8zJxlN-xhl9qxg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:4c:aa:b4:d1:a6:38:ff:9b:b6:2a:33:c9:16:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18abae0e1f216a321973ccc9c6537ec6197dab18
Validity
Not Before: Jan 1 02:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8e31f1db599d59244919f656b13fa18e104c058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:0d:3d:be:86:c7:b6:50:11:8c:5b:95:21:d1:
21:43:60:ca:af:6f:ba:15:11:14:12:a7:39:0c:30:
53:36:dc:49:2b:61:1f:87:b2:75:46:6c:28:24:e8:
5c:4d:21:6a:96:f7:e4:f2:3f:6d:b5:34:ea:d5:fe:
70:2a:79:b5:56:2e:da:71:59:60:c5:d1:45:c5:b3:
b4:c1:57:34:65:ea:3f:dd:36:79:9f:47:37:2c:d9:
80:75:40:68:2a:55:2e:e3:da:28:02:a8:ce:ba:bc:
fe:56:da:4d:87:c2:9e:16:b3:dd:cf:ea:69:cd:14:
ef:18:86:97:82:24:d1:b2:22:48:40:75:a0:5e:04:
18:46:1c:f3:fb:09:99:79:f0:08:08:a0:a6:86:72:
58:e8:77:be:e5:fb:c0:5f:81:95:c3:db:6e:2d:90:
6d:ea:a5:ba:00:e5:88:f3:fb:5a:72:18:d9:8d:55:
c9:a2:b3:8b:64:66:72:20:40:af:91:b4:8a:39:e1:
a0:77:b9:0e:da:9e:97:f2:48:ad:04:92:95:76:f0:
ba:36:bb:45:69:6d:9f:ee:c1:0a:0a:8d:5a:a2:36:
14:e8:f6:ca:52:9c:14:b1:cf:3b:9d:4e:2b:48:dc:
0c:7e:09:8e:42:fb:09:56:1e:07:89:9b:05:9f:6b:
a6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E3:1F:1D:B5:99:D5:92:44:91:9F:65:6B:13:FA:18:E1:04:C0:58
X509v3 Authority Key Identifier:
keyid:18:AB:AE:0E:1F:21:6A:32:19:73:CC:C9:C6:53:7E:C6:19:7D:AB:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GKuuDh8hajIZc8zJxlN-xhl9qxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/721745-cfe5-4161-b405-069996c630f0/1/qOMfHbWZ1ZJEkZ9laxP6GOEEwFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/721745-cfe5-4161-b405-069996c630f0/1/GKuuDh8hajIZc8zJxlN-xhl9qxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.105.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:ac:5f:f3:78:95:0b:1b:08:41:64:83:9f:fc:99:ea:07:95:
98:c5:3c:e9:50:13:22:c4:9c:4e:00:66:a1:a7:a9:46:cd:cf:
8d:b8:42:fd:1e:91:11:39:12:89:6e:42:ba:90:36:a5:1d:ae:
50:2a:6a:d1:6f:7e:48:20:13:28:1b:93:f9:c1:29:12:33:2b:
55:46:b9:2a:07:89:b3:5d:cd:9a:a1:62:d7:53:ba:e4:49:a6:
11:3a:3a:d6:f4:85:8c:88:e0:75:4b:32:b2:75:f2:da:7c:a3:
07:e8:18:55:43:7b:35:20:1f:b1:6a:fa:9e:bf:80:56:a3:59:
eb:09:7a:6a:46:f5:b1:08:59:c6:7e:9e:ed:81:33:66:0a:68:
84:75:40:93:09:5f:c1:96:81:72:5d:5a:21:7e:73:26:95:c8:
7d:09:e2:43:23:c8:fd:e1:77:30:2d:19:cd:cd:15:45:a4:53:
0f:ba:7a:8c:e8:5b:51:b9:23:02:4e:7c:96:1a:1d:b3:10:6f:
48:53:20:f7:c3:f4:36:c3:fa:67:51:70:a0:5e:ca:d5:20:57:
84:f9:df:bc:f8:39:7d:08:a1:77:02:81:f0:61:0f:a9:33:54:
e7:af:4e:dd:88:fb:94:96:d9:3e:c0:12:d3:14:22:86:f8:ff:
f1:63:47:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC20yqtNGmOP+btiozyRbQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4YWJhZTBlMWYyMTZhMzIxOTczY2NjOWM2NTM3ZWM2MTk3
ZGFiMTgwHhcNMjQwMTAxMDIzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGUzMWYxZGI1OTlkNTkyNDQ5MTlmNjU2YjEzZmExOGUxMDRjMDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0g09vobHtlARjFuVIdEhQ2DKr2+6
FREUEqc5DDBTNtxJK2Efh7J1RmwoJOhcTSFqlvfk8j9ttTTq1f5wKnm1Vi7acVlg
xdFFxbO0wVc0Zeo/3TZ5n0c3LNmAdUBoKlUu49ooAqjOurz+VtpNh8KeFrPdz+pp
zRTvGIaXgiTRsiJIQHWgXgQYRhzz+wmZefAICKCmhnJY6He+5fvAX4GVw9tuLZBt
6qW6AOWI8/tachjZjVXJorOLZGZyIECvkbSKOeGgd7kO2p6X8kitBJKVdvC6NrtF
aW2f7sEKCo1aojYU6PbKUpwUsc87nU4rSNwMfgmOQvsJVh4HiZsFn2um5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKjjHx21mdWSRJGfZWsT+hjhBMBYMB8GA1UdIwQY
MBaAFBirrg4fIWoyGXPMycZTfsYZfasYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0t1dURoOGhhaklaYzh6SnhsTi14aGw5cXhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy83MjE3NDUtY2ZlNS00MTYxLWI0MDUt
MDY5OTk2YzYzMGYwLzEvcU9NZkhiV1oxWkpFa1o5bGF4UDZHT0VFd0ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy83MjE3NDUtY2ZlNS00MTYxLWI0MDUtMDY5OTk2YzYzMGYw
LzEvR0t1dURoOGhhaklaYzh6SnhsTi14aGw5cXhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8ZpMA0G
CSqGSIb3DQEBCwUAA4IBAQCMrF/zeJULGwhBZIOf/JnqB5WYxTzpUBMixJxOAGah
p6lGzc+NuEL9HpERORKJbkK6kDalHa5QKmrRb35IIBMoG5P5wSkSMytVRrkqB4mz
Xc2aoWLXU7rkSaYROjrW9IWMiOB1SzKydfLafKMH6BhVQ3s1IB+xavqev4BWo1nr
CXpqRvWxCFnGfp7tgTNmCmiEdUCTCV/BloFyXVohfnMmlch9CeJDI8j94XcwLRnN
zRVFpFMPunqM6FtRuSMCTnyWGh2zEG9IUyD3w/Q2w/pnUXCgXsrVIFeE+d+8+Dl9
CKF3AoHwYQ+pM1Tnr07diPuUltk+wBLTFCKG+P/xY0ch
-----END CERTIFICATE-----
Generated at Sun May 19 15:43:16 2024 by rpki-client on console-ams.rpki-client.org