Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/MTv0NStI3nbBEi3LpYY7Z8j49is.roa
File: MTv0NStI3nbBEi3LpYY7Z8j49is.roa (raw, json)
Hash identifier: EfubS3RI+COmE9GgwR4x3Zems1+GzP6zc10LGarML9Y=
Subject key identifier: 31:3B:F4:35:2B:48:DE:76:C1:12:2D:CB:A5:86:3B:67:C8:F8:F6:2B
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 018CC79528D64450AB3EDFDB1D5ABA358A38
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/MTv0NStI3nbBEi3LpYY7Z8j49is.roa
Signing time: Tue 02 Jan 2024 00:31:30 +0000
ROA not before: Tue 02 Jan 2024 00:31:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201786
IP address blocks: 91.239.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:25:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:28:d6:44:50:ab:3e:df:db:1d:5a:ba:35:8a:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Jan 2 00:31:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=313bf4352b48de76c1122dcba5863b67c8f8f62b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f7:70:e1:1b:9f:f9:1c:73:b8:c0:8b:95:34:
e3:5b:be:44:83:52:23:26:27:41:3b:e0:ed:c4:b4:
f8:3e:1d:2a:38:8f:bc:a7:1e:cf:64:23:5f:4c:54:
6c:32:6c:cd:98:9a:77:95:f4:6c:a4:45:50:a2:42:
b4:84:04:9f:6d:8d:40:d6:ef:31:4c:b2:eb:7d:e9:
6f:aa:69:d6:4b:57:c5:59:9d:c5:5f:10:f7:46:80:
75:72:24:a2:13:01:1c:a0:e0:60:7b:3e:00:b7:55:
9b:f2:26:53:bf:1f:7e:78:5a:1a:1a:61:40:7a:46:
8b:87:c0:1f:c3:5a:56:f4:88:aa:aa:28:d8:2d:56:
ec:15:5f:c2:7d:12:51:e4:07:bd:d4:57:a6:d4:49:
aa:aa:16:94:e1:26:90:0b:cc:77:ec:0c:c5:3b:3e:
dd:cd:30:22:00:08:6f:8d:a4:e0:a8:c1:3d:71:f1:
2b:27:41:7b:b8:71:97:c9:43:2d:4f:74:76:03:1d:
32:7c:cf:8e:bb:6c:1c:6b:f3:48:1a:66:f5:a2:4f:
a3:eb:8c:f5:b8:85:2f:1a:cd:bc:f3:c5:e1:fb:13:
e1:99:7f:80:07:42:81:40:73:62:5b:0e:be:26:a9:
dd:80:ff:12:7a:23:ce:7c:57:9f:6e:91:a5:f1:3b:
50:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:3B:F4:35:2B:48:DE:76:C1:12:2D:CB:A5:86:3B:67:C8:F8:F6:2B
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/MTv0NStI3nbBEi3LpYY7Z8j49is.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.227.0/24
Signature Algorithm: sha256WithRSAEncryption
28:b8:f6:86:28:69:49:d5:3b:1a:ec:96:10:b3:d6:74:55:cf:
f8:0e:ef:17:6b:bd:87:f0:3f:77:24:56:71:4d:28:4b:a4:e1:
13:77:b6:49:08:a0:18:48:76:96:8c:40:41:dd:24:65:77:86:
bc:e0:ba:ae:f5:c1:6b:0d:91:ec:1d:4d:4b:a8:5e:46:e6:6d:
48:dc:d2:35:ae:f4:63:9b:20:2f:4e:37:00:92:a0:40:95:ba:
71:64:e5:13:1c:99:36:ad:14:02:91:66:4e:b4:da:ff:36:e6:
5c:8a:d9:8a:49:d0:58:b0:44:45:a0:cd:ea:7c:96:3a:60:d2:
ac:9d:90:e4:ee:15:9f:3a:1d:da:91:cf:38:d3:43:bc:b9:05:
85:f6:48:8e:82:46:65:5c:fe:95:53:b2:6d:87:87:7a:4b:14:
c4:08:6c:3c:93:b0:33:63:bf:2f:2d:ec:a9:b1:c5:7b:78:ce:
e3:d3:c2:a3:cf:12:68:48:e8:14:36:47:84:4a:bc:b1:8f:c3:
cd:c5:08:49:92:82:e9:38:23:60:73:c1:d1:4f:ee:71:37:3d:
eb:eb:39:19:32:40:3b:ef:72:3a:33:3a:2c:7f:a1:21:72:af:
bb:3a:ce:5d:67:a6:66:45:4e:c9:7f:38:00:aa:31:fd:f5:e6:
02:6a:be:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlSjWRFCrPt/bHVq6NYo4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjQwMTAyMDAzMTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTNiZjQzNTJiNDhkZTc2YzExMjJkY2JhNTg2M2I2N2M4ZjhmNjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvdw4Ruf+RxzuMCLlTTjW75Eg1Ij
JidBO+DtxLT4Ph0qOI+8px7PZCNfTFRsMmzNmJp3lfRspEVQokK0hASfbY1A1u8x
TLLrfelvqmnWS1fFWZ3FXxD3RoB1ciSiEwEcoOBgez4At1Wb8iZTvx9+eFoaGmFA
ekaLh8Afw1pW9IiqqijYLVbsFV/CfRJR5Ae91Fem1EmqqhaU4SaQC8x37AzFOz7d
zTAiAAhvjaTgqME9cfErJ0F7uHGXyUMtT3R2Ax0yfM+Ou2wca/NIGmb1ok+j64z1
uIUvGs2888Xh+xPhmX+AB0KBQHNiWw6+JqndgP8SeiPOfFefbpGl8TtQEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDE79DUrSN52wRIty6WGO2fI+PYrMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvTVR2ME5TdEkzbmJCRWkzTHBZWTdaOGo0OWlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+/jMA0G
CSqGSIb3DQEBCwUAA4IBAQAouPaGKGlJ1Tsa7JYQs9Z0Vc/4Du8Xa72H8D93JFZx
TShLpOETd7ZJCKAYSHaWjEBB3SRld4a84Lqu9cFrDZHsHU1LqF5G5m1I3NI1rvRj
myAvTjcAkqBAlbpxZOUTHJk2rRQCkWZOtNr/NuZcitmKSdBYsERFoM3qfJY6YNKs
nZDk7hWfOh3akc8400O8uQWF9kiOgkZlXP6VU7Jth4d6SxTECGw8k7AzY78vLeyp
scV7eM7j08KjzxJoSOgUNkeESryxj8PNxQhJkoLpOCNgc8HRT+5xNz3r6zkZMkA7
73I6Mzosf6Ehcq+7Os5dZ6ZmRU7JfzgAqjH99eYCar6o
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:56:35 2024 by rpki-client on console-ams.rpki-client.org