Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fdb641-d1a3-4dda-bf91-be7c828c3693/1/Ne6N-hwSPPCXOB8vueVyXlAfWd8.roa
File: Ne6N-hwSPPCXOB8vueVyXlAfWd8.roa (raw, json)
Hash identifier: kDuKUnFulvMmoG+X1Cr4d107zp848NrW0Eyb0wzF7+4=
Subject key identifier: 35:EE:8D:FA:1C:12:3C:F0:97:38:1F:2F:B9:E5:72:5E:50:1F:59:DF
Certificate issuer: /CN=c9e0e4c9acbf701f930149b325ce042cf9f92a59
Certificate serial: 018CC5014612EBE3220111B7CCE3D28EF378
Authority key identifier: C9:E0:E4:C9:AC:BF:70:1F:93:01:49:B3:25:CE:04:2C:F9:F9:2A:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yeDkyay_cB-TAUmzJc4ELPn5Klk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fdb641-d1a3-4dda-bf91-be7c828c3693/1/Ne6N-hwSPPCXOB8vueVyXlAfWd8.roa
Signing time: Mon 01 Jan 2024 12:30:44 +0000
ROA not before: Mon 01 Jan 2024 12:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 91.213.126.0/24 maxlen: 24
2a12:7280::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/fdb641-d1a3-4dda-bf91-be7c828c3693/1/yeDkyay_cB-TAUmzJc4ELPn5Klk.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/fdb641-d1a3-4dda-bf91-be7c828c3693/1/yeDkyay_cB-TAUmzJc4ELPn5Klk.mft
rsync://rpki.ripe.net/repository/DEFAULT/yeDkyay_cB-TAUmzJc4ELPn5Klk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:46:12:eb:e3:22:01:11:b7:cc:e3:d2:8e:f3:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9e0e4c9acbf701f930149b325ce042cf9f92a59
Validity
Not Before: Jan 1 12:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35ee8dfa1c123cf097381f2fb9e5725e501f59df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:22:31:5e:19:eb:3a:17:7e:02:1f:e2:23:39:
bc:c3:9e:19:04:3b:37:33:1d:ef:ab:f6:bd:dc:0c:
f4:d0:83:0e:d2:4c:39:4f:4d:77:49:6d:15:98:09:
36:2d:f3:3c:de:b8:fd:df:95:f1:c5:dc:58:f5:dc:
a1:2a:1d:58:31:0b:1d:b1:ea:b8:2d:1f:83:00:ef:
27:00:69:85:bd:29:1b:63:a3:01:3d:6f:29:4f:07:
7f:85:d7:d6:c3:89:14:32:a5:55:f4:57:38:f2:ca:
c8:9a:46:a5:32:50:ac:51:1e:44:11:07:a5:3e:b3:
0b:6d:69:2b:e8:15:7e:36:9f:13:5d:ef:72:e3:27:
90:29:39:65:16:c2:ee:e3:79:80:93:a2:49:b1:73:
9c:b7:03:61:87:6f:cb:17:a8:a3:76:d4:3c:42:d4:
8c:d5:04:f3:17:01:ed:0b:f3:a3:08:f4:5d:c0:a6:
d5:69:81:1b:f0:76:50:93:4d:70:81:31:6d:9f:e6:
19:e8:23:44:e4:88:03:d7:39:96:73:2d:f3:71:26:
b2:69:51:9a:a7:65:18:f5:1d:37:7c:5e:7a:55:d6:
3b:de:52:00:7d:57:9f:c2:0a:e6:18:a6:05:8e:c3:
be:66:33:02:10:ae:4e:c2:7e:96:26:fa:93:fe:e3:
35:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:EE:8D:FA:1C:12:3C:F0:97:38:1F:2F:B9:E5:72:5E:50:1F:59:DF
X509v3 Authority Key Identifier:
keyid:C9:E0:E4:C9:AC:BF:70:1F:93:01:49:B3:25:CE:04:2C:F9:F9:2A:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yeDkyay_cB-TAUmzJc4ELPn5Klk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fdb641-d1a3-4dda-bf91-be7c828c3693/1/Ne6N-hwSPPCXOB8vueVyXlAfWd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fdb641-d1a3-4dda-bf91-be7c828c3693/1/yeDkyay_cB-TAUmzJc4ELPn5Klk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.126.0/24
IPv6:
2a12:7280::/29
Signature Algorithm: sha256WithRSAEncryption
14:32:73:8a:9f:a5:ab:5e:37:72:18:a2:7a:1e:dc:7c:d5:24:
de:97:42:e9:39:d9:38:77:03:9c:ee:5f:14:25:dd:68:14:a0:
98:7e:dd:5b:a6:f2:fb:c4:20:4d:17:ee:ef:ce:f1:60:5d:ce:
4c:b2:ac:d4:6f:36:99:86:e7:d5:46:94:34:22:8e:f2:c4:df:
50:64:da:9c:73:b1:0a:d9:d8:c0:bd:2a:db:c2:76:81:d4:07:
b1:21:fd:82:44:20:c2:6c:88:a0:be:07:d4:f4:f5:f9:a2:33:
a1:89:45:ac:1a:c3:9a:0a:ea:9c:22:a6:a2:8c:e5:3b:27:da:
31:6e:50:21:e4:cc:da:36:33:ad:66:cd:f0:3b:07:c6:af:f7:
86:fc:ac:36:d5:05:e3:2d:51:bb:f9:a4:de:cb:45:9c:bc:d7:
f9:ed:e8:01:ba:b4:d2:6b:48:d5:98:71:ad:3b:27:c3:61:cf:
db:c6:42:37:6e:d6:46:89:d6:dd:53:cf:92:5a:f5:c4:3f:cf:
c5:6c:5b:86:51:48:38:71:c6:fe:29:0f:03:ca:62:83:0d:c0:
1c:8b:95:f9:5c:64:e7:36:a9:89:a0:eb:27:ac:b4:3f:e5:8a:
ae:9d:ad:bf:eb:d0:d7:28:c2:50:4d:ad:0e:6b:09:20:c9:52:
82:3e:f3:47
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAUYS6+MiARG3zOPSjvN4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZTBlNGM5YWNiZjcwMWY5MzAxNDliMzI1Y2UwNDJjZjlm
OTJhNTkwHhcNMjQwMTAxMTIzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWVlOGRmYTFjMTIzY2YwOTczODFmMmZiOWU1NzI1ZTUwMWY1OWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCIxXhnrOhd+Ah/iIzm8w54ZBDs3
Mx3vq/a93Az00IMO0kw5T013SW0VmAk2LfM83rj935XxxdxY9dyhKh1YMQsdseq4
LR+DAO8nAGmFvSkbY6MBPW8pTwd/hdfWw4kUMqVV9Fc48srImkalMlCsUR5EEQel
PrMLbWkr6BV+Np8TXe9y4yeQKTllFsLu43mAk6JJsXOctwNhh2/LF6ijdtQ8QtSM
1QTzFwHtC/OjCPRdwKbVaYEb8HZQk01wgTFtn+YZ6CNE5IgD1zmWcy3zcSayaVGa
p2UY9R03fF56VdY73lIAfVefwgrmGKYFjsO+ZjMCEK5Own6WJvqT/uM1XwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDXujfocEjzwlzgfL7nlcl5QH1nfMB8GA1UdIwQY
MBaAFMng5Mmsv3AfkwFJsyXOBCz5+SpZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWVEa3lheV9jQi1UQVVtekpjNEVMUG41S2xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGI2NDEtZDFhMy00ZGRhLWJmOTEt
YmU3YzgyOGMzNjkzLzEvTmU2Ti1od1NQUENYT0I4dnVlVnlYbEFmV2Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGI2NDEtZDFhMy00ZGRhLWJmOTEtYmU3YzgyOGMzNjkz
LzEveWVEa3lheV9jQi1UQVVtekpjNEVMUG41S2xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9V+MA0E
AgACMAcDBQMqEnKAMA0GCSqGSIb3DQEBCwUAA4IBAQAUMnOKn6WrXjdyGKJ6Htx8
1STel0LpOdk4dwOc7l8UJd1oFKCYft1bpvL7xCBNF+7vzvFgXc5MsqzUbzaZhufV
RpQ0Io7yxN9QZNqcc7EK2djAvSrbwnaB1AexIf2CRCDCbIigvgfU9PX5ojOhiUWs
GsOaCuqcIqaijOU7J9oxblAh5MzaNjOtZs3wOwfGr/eG/Kw21QXjLVG7+aTey0Wc
vNf57egBurTSa0jVmHGtOyfDYc/bxkI3btZGidbdU8+SWvXEP8/FbFuGUUg4ccb+
KQ8DymKDDcAci5X5XGTnNqmJoOsnrLQ/5Yquna2/69DXKMJQTa0OawkgyVKCPvNH
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:32:34 2024 by rpki-client on console-ams.rpki-client.org