Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/L1wkwd75L3kHT3kTXjpM7C79ar0.roa
File: L1wkwd75L3kHT3kTXjpM7C79ar0.roa (raw, json)
Hash identifier: qqbF2XHNLHVxVx5TLE1A6r08JxFU4w687ub768rWzhs=
Subject key identifier: 2F:5C:24:C1:DE:F9:2F:79:07:4F:79:13:5E:3A:4C:EC:2E:FD:6A:BD
Certificate issuer: /CN=0321ea39508e0e17a651fe92ac29ea38832d0bff
Certificate serial: 018CC726FDDCFDF2B4B260758B7F294D5131
Authority key identifier: 03:21:EA:39:50:8E:0E:17:A6:51:FE:92:AC:29:EA:38:83:2D:0B:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyHqOVCODhemUf6SrCnqOIMtC_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/L1wkwd75L3kHT3kTXjpM7C79ar0.roa
Signing time: Mon 01 Jan 2024 22:31:10 +0000
ROA not before: Mon 01 Jan 2024 22:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31027
IP address blocks: 91.198.144.0/24 maxlen: 24
78.31.32.0/21 maxlen: 21
85.202.64.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/AyHqOVCODhemUf6SrCnqOIMtC_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/AyHqOVCODhemUf6SrCnqOIMtC_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/AyHqOVCODhemUf6SrCnqOIMtC_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 08:02:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:fd:dc:fd:f2:b4:b2:60:75:8b:7f:29:4d:51:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0321ea39508e0e17a651fe92ac29ea38832d0bff
Validity
Not Before: Jan 1 22:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f5c24c1def92f79074f79135e3a4cec2efd6abd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f5:4a:f1:c1:23:32:c0:11:88:04:bf:95:f6:
84:de:21:63:ab:8c:c6:48:dd:49:f5:61:27:03:5c:
02:6e:d5:e7:9d:00:f7:07:92:88:9a:b4:a4:08:7f:
8d:31:9f:6e:96:a8:57:62:46:d8:75:14:6a:12:12:
b1:29:9f:08:24:c6:37:9c:74:1d:db:51:7f:f4:64:
8b:9f:4e:a0:43:0c:e7:12:bd:f6:77:5d:5d:88:41:
d3:2c:47:10:f1:07:2a:58:b7:ed:04:e3:b9:d3:7b:
2e:33:29:0a:8c:8d:f3:43:eb:02:5c:2b:69:db:3f:
01:89:8e:b5:44:8d:58:2d:67:c8:a2:39:d4:b6:38:
02:0f:7e:c8:bf:a5:f3:55:8c:97:fd:28:71:6d:3c:
2f:97:28:7b:83:df:e1:25:44:8d:9b:b2:d8:10:d9:
6d:9c:17:2a:5e:3d:ed:9e:b7:b9:5b:69:37:bd:c4:
6a:c6:66:26:a0:c6:8c:45:77:76:e9:71:68:4c:5a:
26:ae:b0:bf:12:a0:28:4a:5e:ab:81:76:d0:c3:d9:
d7:75:77:62:05:45:92:72:32:34:33:91:95:c1:56:
be:17:a9:e9:76:c1:eb:7b:5b:ca:e9:13:70:a3:0b:
c3:2c:74:94:55:3b:ed:42:1b:dd:ad:93:c5:cd:cd:
e3:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:5C:24:C1:DE:F9:2F:79:07:4F:79:13:5E:3A:4C:EC:2E:FD:6A:BD
X509v3 Authority Key Identifier:
keyid:03:21:EA:39:50:8E:0E:17:A6:51:FE:92:AC:29:EA:38:83:2D:0B:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyHqOVCODhemUf6SrCnqOIMtC_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/L1wkwd75L3kHT3kTXjpM7C79ar0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/AyHqOVCODhemUf6SrCnqOIMtC_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.32.0/21
85.202.64.0/20
91.198.144.0/24
Signature Algorithm: sha256WithRSAEncryption
65:e6:ec:6d:94:98:b5:70:6f:2f:78:3b:4a:49:09:fc:cc:33:
3b:d6:f2:40:92:17:40:13:a9:cc:27:0f:14:05:da:00:f4:a9:
35:30:f6:18:21:ef:b8:04:3a:ac:75:ab:b0:33:e7:d2:38:29:
c2:55:ea:e4:7d:48:d3:0a:d1:2e:c2:e4:5b:dd:f3:8f:6d:7b:
15:dd:c9:e6:c3:06:20:f1:a6:10:07:fd:98:f5:4b:e1:89:98:
03:18:17:7a:d5:dc:17:07:ef:7a:04:da:76:f8:39:fe:5f:7f:
c5:e1:da:8e:fd:c2:be:be:44:7f:bf:cf:e6:f1:10:b1:58:00:
0c:07:2c:02:3b:04:11:c9:20:87:e1:00:ab:6c:13:3e:19:a4:
23:54:3f:64:04:d9:d0:4e:95:44:94:46:25:ab:01:1b:5c:3d:
dd:e3:76:3c:0c:a1:28:5d:07:45:4c:d2:d1:f2:07:0f:74:0a:
b6:ba:5a:74:b9:60:01:e7:59:0a:ce:f6:95:52:77:0a:86:31:
d3:62:9a:92:9d:03:97:50:04:ec:01:cf:17:af:3b:f9:8e:a0:
36:be:3f:be:a9:3b:b7:5b:64:23:43:f3:40:fe:db:00:c3:a0:
0d:31:39:2d:c1:1a:94:89:21:89:a7:02:e8:b4:b2:98:80:90:
38:21:39:c7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJv3c/fK0smB1i38pTVExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMjFlYTM5NTA4ZTBlMTdhNjUxZmU5MmFjMjllYTM4ODMy
ZDBiZmYwHhcNMjQwMTAxMjIzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjVjMjRjMWRlZjkyZjc5MDc0Zjc5MTM1ZTNhNGNlYzJlZmQ2YWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPVK8cEjMsARiAS/lfaE3iFjq4zG
SN1J9WEnA1wCbtXnnQD3B5KImrSkCH+NMZ9ulqhXYkbYdRRqEhKxKZ8IJMY3nHQd
21F/9GSLn06gQwznEr32d11diEHTLEcQ8QcqWLftBOO503suMykKjI3zQ+sCXCtp
2z8BiY61RI1YLWfIojnUtjgCD37Iv6XzVYyX/ShxbTwvlyh7g9/hJUSNm7LYENlt
nBcqXj3tnre5W2k3vcRqxmYmoMaMRXd26XFoTFomrrC/EqAoSl6rgXbQw9nXdXdi
BUWScjI0M5GVwVa+F6npdsHre1vK6RNwowvDLHSUVTvtQhvdrZPFzc3j8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC9cJMHe+S95B095E146TOwu/Wq9MB8GA1UdIwQY
MBaAFAMh6jlQjg4XplH+kqwp6jiDLQv/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXlIcU9WQ09EaGVtVWY2U3JDbnFPSU10Q184LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNDgxN2UtODI4MS00MmY3LTlmNGQt
OGNmODA1NTExMDAyLzEvTDF3a3dkNzVMM2tIVDNrVFhqcE03Qzc5YXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNDgxN2UtODI4MS00MmY3LTlmNGQtOGNmODA1NTExMDAy
LzEvQXlIcU9WQ09EaGVtVWY2U3JDbnFPSU10Q184LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDTh8gAwQE
VcpAAwQAW8aQMA0GCSqGSIb3DQEBCwUAA4IBAQBl5uxtlJi1cG8veDtKSQn8zDM7
1vJAkhdAE6nMJw8UBdoA9Kk1MPYYIe+4BDqsdauwM+fSOCnCVerkfUjTCtEuwuRb
3fOPbXsV3cnmwwYg8aYQB/2Y9UvhiZgDGBd61dwXB+96BNp2+Dn+X3/F4dqO/cK+
vkR/v8/m8RCxWAAMBywCOwQRySCH4QCrbBM+GaQjVD9kBNnQTpVElEYlqwEbXD3d
43Y8DKEoXQdFTNLR8gcPdAq2ulp0uWAB51kKzvaVUncKhjHTYpqSnQOXUATsAc8X
rzv5jqA2vj++qTu3W2QjQ/NA/tsAw6ANMTktwRqUiSGJpwLotLKYgJA4ITnH
-----END CERTIFICATE-----
Generated at Thu May 9 14:12:15 2024 by rpki-client on console-ams.rpki-client.org