Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/36cb82-0399-436c-b952-9eda57c23edf/1/82UkyvKrYHJN1R4bBvOPzg1xk0w.roa
File: 82UkyvKrYHJN1R4bBvOPzg1xk0w.roa (raw, json)
Hash identifier: V0KUh5EKL1cFNhLQl5CU1TDdjxET9DyCFpcyAuqxhVA=
Subject key identifier: F3:65:24:CA:F2:AB:60:72:4D:D5:1E:1B:06:F3:8F:CE:0D:71:93:4C
Certificate issuer: /CN=0c2f9b2e8a30508d39192afd5b34ee56f775979e
Certificate serial: 018CC6B8E667FAA146356B213927ABDA3C2C
Authority key identifier: 0C:2F:9B:2E:8A:30:50:8D:39:19:2A:FD:5B:34:EE:56:F7:75:97:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DC-bLoowUI05GSr9WzTuVvd1l54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/36cb82-0399-436c-b952-9eda57c23edf/1/82UkyvKrYHJN1R4bBvOPzg1xk0w.roa
Signing time: Mon 01 Jan 2024 20:30:55 +0000
ROA not before: Mon 01 Jan 2024 20:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62254
IP address blocks: 91.233.141.0/24 maxlen: 24
2a0e:e180::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/36cb82-0399-436c-b952-9eda57c23edf/1/DC-bLoowUI05GSr9WzTuVvd1l54.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/36cb82-0399-436c-b952-9eda57c23edf/1/DC-bLoowUI05GSr9WzTuVvd1l54.mft
rsync://rpki.ripe.net/repository/DEFAULT/DC-bLoowUI05GSr9WzTuVvd1l54.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:e6:67:fa:a1:46:35:6b:21:39:27:ab:da:3c:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c2f9b2e8a30508d39192afd5b34ee56f775979e
Validity
Not Before: Jan 1 20:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f36524caf2ab60724dd51e1b06f38fce0d71934c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:36:4b:c3:ee:fd:99:e9:8f:e4:d3:11:08:82:
b5:65:40:16:76:0f:4b:e8:fa:fb:63:79:7b:8b:73:
63:71:59:b2:6a:af:e8:49:89:7b:03:3a:d8:02:73:
b2:1c:5e:b0:91:90:1d:46:33:ec:65:c7:3a:a4:b6:
ec:5c:80:7f:46:28:f8:52:c0:57:c9:7c:cb:53:32:
d9:62:0d:65:91:6b:77:dd:e1:f2:eb:13:b5:bd:dd:
00:af:ba:f7:ca:fd:ee:a0:46:5b:23:02:7f:1f:a7:
ff:e9:b8:75:e8:41:81:2b:13:30:dd:1d:7f:01:e8:
dd:75:44:bc:e6:7c:0e:a8:6d:f2:37:7d:e1:45:7e:
d3:50:e7:70:71:4e:26:7a:45:7d:c8:77:75:11:0b:
ad:35:2b:62:cc:6e:ce:f6:6c:f3:c8:b2:af:a9:f0:
63:16:99:49:32:a8:98:b1:dd:b0:35:7b:7f:e0:7d:
46:09:c6:61:a8:8e:21:58:88:6a:65:c2:f4:cf:96:
3a:09:01:df:be:97:c7:ec:f3:53:d8:7a:d1:fe:e6:
0c:39:11:e7:8e:d4:26:83:ad:b1:36:a0:c7:3e:17:
f9:da:a0:2f:8f:2d:f5:93:db:6d:3c:37:06:e7:dd:
32:51:02:30:dd:47:87:51:db:1a:7d:64:99:2a:53:
63:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:65:24:CA:F2:AB:60:72:4D:D5:1E:1B:06:F3:8F:CE:0D:71:93:4C
X509v3 Authority Key Identifier:
keyid:0C:2F:9B:2E:8A:30:50:8D:39:19:2A:FD:5B:34:EE:56:F7:75:97:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DC-bLoowUI05GSr9WzTuVvd1l54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/36cb82-0399-436c-b952-9eda57c23edf/1/82UkyvKrYHJN1R4bBvOPzg1xk0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/36cb82-0399-436c-b952-9eda57c23edf/1/DC-bLoowUI05GSr9WzTuVvd1l54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.141.0/24
IPv6:
2a0e:e180::/29
Signature Algorithm: sha256WithRSAEncryption
a2:22:e8:6a:80:ad:37:83:f0:01:41:d9:1b:e9:68:01:a9:8b:
63:57:17:a5:0b:99:1c:ac:43:a6:e3:49:a6:bb:b6:c7:a6:d0:
80:2e:a7:0a:8d:70:1b:f8:3a:20:4e:55:01:60:87:b0:e7:13:
5c:46:79:e7:4b:46:49:b0:76:39:55:e9:90:e0:c7:54:49:83:
4b:27:51:93:f3:59:55:3a:39:09:de:2a:89:0e:f2:04:e5:86:
a3:85:d4:42:a7:77:a5:4f:6e:bd:1c:82:c8:1c:f4:c4:1a:88:
75:dd:89:88:88:ce:17:66:e1:e6:95:7c:c0:ae:d5:2e:27:7e:
c8:ee:36:16:d9:df:b2:e9:22:a2:75:0d:70:f4:a0:12:27:56:
49:54:12:07:fe:b2:53:32:4e:60:73:8f:9f:30:24:d2:bc:39:
d9:34:7d:71:c9:6f:20:39:19:0a:17:b7:00:2e:4b:67:77:68:
97:0f:14:ca:81:52:c1:9e:2c:41:2a:f4:03:63:79:03:7b:57:
71:78:fe:85:3b:bb:e2:c0:83:12:14:ab:2e:1e:91:00:d2:15:
72:03:de:af:c8:ae:d5:d0:40:c5:fa:6a:e8:ce:bf:1e:d2:e1:
3b:c7:68:ce:19:d5:66:b9:a4:ad:58:62:12:66:b2:c3:c8:13:
6b:b3:81:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuOZn+qFGNWshOSer2jwsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMmY5YjJlOGEzMDUwOGQzOTE5MmFmZDViMzRlZTU2Zjc3
NTk3OWUwHhcNMjQwMTAxMjAzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzY1MjRjYWYyYWI2MDcyNGRkNTFlMWIwNmYzOGZjZTBkNzE5MzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDZLw+79memP5NMRCIK1ZUAWdg9L
6Pr7Y3l7i3NjcVmyaq/oSYl7AzrYAnOyHF6wkZAdRjPsZcc6pLbsXIB/Rij4UsBX
yXzLUzLZYg1lkWt33eHy6xO1vd0Ar7r3yv3uoEZbIwJ/H6f/6bh16EGBKxMw3R1/
AejddUS85nwOqG3yN33hRX7TUOdwcU4mekV9yHd1EQutNStizG7O9mzzyLKvqfBj
FplJMqiYsd2wNXt/4H1GCcZhqI4hWIhqZcL0z5Y6CQHfvpfH7PNT2HrR/uYMORHn
jtQmg62xNqDHPhf52qAvjy31k9ttPDcG590yUQIw3UeHUdsafWSZKlNjtQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPNlJMryq2ByTdUeGwbzj84NcZNMMB8GA1UdIwQY
MBaAFAwvmy6KMFCNORkq/Vs07lb3dZeeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREMtYkxvb3dVSTA1R1NyOVd6VHVWdmQxbDU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zNmNiODItMDM5OS00MzZjLWI5NTIt
OWVkYTU3YzIzZWRmLzEvODJVa3l2S3JZSEpOMVI0YkJ2T1B6ZzF4azB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zNmNiODItMDM5OS00MzZjLWI5NTItOWVkYTU3YzIzZWRm
LzEvREMtYkxvb3dVSTA1R1NyOVd6VHVWdmQxbDU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW+mNMA0E
AgACMAcDBQMqDuGAMA0GCSqGSIb3DQEBCwUAA4IBAQCiIuhqgK03g/ABQdkb6WgB
qYtjVxelC5kcrEOm40mmu7bHptCALqcKjXAb+DogTlUBYIew5xNcRnnnS0ZJsHY5
VemQ4MdUSYNLJ1GT81lVOjkJ3iqJDvIE5YajhdRCp3elT269HILIHPTEGoh13YmI
iM4XZuHmlXzArtUuJ37I7jYW2d+y6SKidQ1w9KASJ1ZJVBIH/rJTMk5gc4+fMCTS
vDnZNH1xyW8gORkKF7cALktnd2iXDxTKgVLBnixBKvQDY3kDe1dxeP6FO7viwIMS
FKsuHpEA0hVyA96vyK7V0EDF+mrozr8e0uE7x2jOGdVmuaStWGISZrLDyBNrs4GL
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:01:13 2024 by rpki-client on console-fra.rpki-client.org