Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/6e7437-7b10-4ed1-bd3b-be56d1cf73c4/1/1-_fifNqSA6A9Pw_nLwr3o963EIQ.roa
File: 1-_fifNqSA6A9Pw_nLwr3o963EIQ.roa (raw, json)
Hash identifier: cpsPH1VkLU0s5gWfXpHcgQDpqP7Fth9+U2GXwplZeuE=
Subject key identifier: FB:F7:E2:7C:DA:92:03:A0:3D:3F:0F:E7:2F:0A:F7:A3:DE:B7:10:84
Certificate issuer: /CN=e40b9ed33e8a343296829e8fa4a9aba88a0d93d3
Certificate serial: 018EC9504F17FFF2A077091DFD877E12FE21
Authority key identifier: E4:0B:9E:D3:3E:8A:34:32:96:82:9E:8F:A4:A9:AB:A8:8A:0D:93:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Aue0z6KNDKWgp6PpKmrqIoNk9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/6e7437-7b10-4ed1-bd3b-be56d1cf73c4/1/1-_fifNqSA6A9Pw_nLwr3o963EIQ.roa
Signing time: Wed 10 Apr 2024 18:41:07 +0000
ROA not before: Wed 10 Apr 2024 18:41:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12414
IP address blocks: 91.212.184.0/24 maxlen: 24
2001:67c:874::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/6e7437-7b10-4ed1-bd3b-be56d1cf73c4/1/5Aue0z6KNDKWgp6PpKmrqIoNk9M.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/6e7437-7b10-4ed1-bd3b-be56d1cf73c4/1/5Aue0z6KNDKWgp6PpKmrqIoNk9M.mft
rsync://rpki.ripe.net/repository/DEFAULT/5Aue0z6KNDKWgp6PpKmrqIoNk9M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c9:50:4f:17:ff:f2:a0:77:09:1d:fd:87:7e:12:fe:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e40b9ed33e8a343296829e8fa4a9aba88a0d93d3
Validity
Not Before: Apr 10 18:41:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbf7e27cda9203a03d3f0fe72f0af7a3deb71084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:fb:ad:0b:a0:95:5e:00:72:45:04:12:4a:dc:
96:d3:1c:71:90:81:6e:53:f1:4b:7c:71:51:db:e6:
d1:5b:61:ba:56:99:2c:51:8e:3f:e9:ac:75:9d:c7:
37:cc:05:81:b6:91:dc:ba:48:4a:60:c1:87:63:36:
9e:f3:dd:05:8a:d8:72:2a:09:09:5d:81:c8:3d:d1:
a0:c4:b9:dc:88:5d:5c:11:b0:9e:16:f9:91:e6:68:
64:33:e4:fc:57:8e:0c:06:7c:46:f5:af:93:eb:7d:
ad:63:cb:64:45:cb:c6:3b:e1:d3:bc:d3:f3:58:cc:
55:5d:1e:4c:ad:97:50:00:f4:6b:b1:83:ba:93:13:
1d:2c:ad:74:3f:c3:66:8c:4e:02:af:22:2b:df:08:
e6:e2:1c:9e:de:b0:ce:ff:ae:ea:83:aa:ae:38:74:
b5:f7:ce:77:36:af:91:e5:db:37:e7:c4:e0:f9:d3:
38:c7:b7:37:59:ac:6a:66:15:0f:b3:19:3e:2e:7d:
14:e2:2e:87:d9:af:1e:5c:5a:f7:6e:0f:fe:bd:fa:
f4:ce:85:c7:7a:5e:26:70:2f:f1:df:de:bc:ed:5c:
18:39:af:eb:17:c6:65:ec:15:d5:0b:1b:c3:61:80:
cf:68:8c:c8:9b:9d:b9:07:b5:7f:f4:c0:76:39:3d:
71:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:F7:E2:7C:DA:92:03:A0:3D:3F:0F:E7:2F:0A:F7:A3:DE:B7:10:84
X509v3 Authority Key Identifier:
keyid:E4:0B:9E:D3:3E:8A:34:32:96:82:9E:8F:A4:A9:AB:A8:8A:0D:93:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Aue0z6KNDKWgp6PpKmrqIoNk9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6e7437-7b10-4ed1-bd3b-be56d1cf73c4/1/1-_fifNqSA6A9Pw_nLwr3o963EIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6e7437-7b10-4ed1-bd3b-be56d1cf73c4/1/5Aue0z6KNDKWgp6PpKmrqIoNk9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.184.0/24
IPv6:
2001:67c:874::/48
Signature Algorithm: sha256WithRSAEncryption
68:8e:37:aa:51:62:a3:79:52:d6:8d:f4:d7:7b:45:e4:da:72:
76:fc:59:2f:f8:05:4b:20:7e:bb:1e:bc:9d:f3:18:f0:b4:bf:
f7:8a:4d:22:ce:43:16:3d:27:47:a1:64:bf:c0:ae:cc:44:23:
0b:91:f0:9f:fe:28:50:8c:4f:23:e3:9a:58:f9:87:84:f5:8f:
87:b2:a7:57:1b:91:3a:7a:dc:7c:4e:9a:1c:3c:a9:cd:75:67:
68:fc:ed:46:6c:e4:99:73:89:c6:d9:96:89:49:62:a6:78:0b:
4e:08:df:76:0e:b3:bd:fb:db:77:ac:4f:7c:44:6f:ca:fc:b6:
9a:ec:b5:c0:04:4b:a8:9b:0f:09:f5:dd:cc:7a:e0:41:33:59:
8b:2a:b7:6b:88:20:db:7b:a0:d5:d2:1c:44:3f:ad:b9:7a:99:
a0:d5:70:9f:5d:65:b7:57:d7:ac:e8:58:47:bd:ed:20:bd:f9:
3f:14:e4:cf:59:51:5d:85:01:9e:7d:4d:b0:a8:d3:fc:97:ae:
3f:3e:b8:9c:40:86:db:c3:bc:86:f7:8a:81:37:93:94:dd:c8:
3c:f6:45:d1:f2:8a:40:57:ef:e9:ce:ab:6b:79:5e:c7:4c:20:
f0:c3:28:07:25:8a:93:f1:fd:b5:e0:ea:4d:f9:ed:34:59:13:
ee:56:e0:80
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY7JUE8X//Kgdwkd/Yd+Ev4hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MGI5ZWQzM2U4YTM0MzI5NjgyOWU4ZmE0YTlhYmE4OGEw
ZDkzZDMwHhcNMjQwNDEwMTg0MTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmY3ZTI3Y2RhOTIwM2EwM2QzZjBmZTcyZjBhZjdhM2RlYjcxMDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPutC6CVXgByRQQSStyW0xxxkIFu
U/FLfHFR2+bRW2G6VpksUY4/6ax1ncc3zAWBtpHcukhKYMGHYzae890FithyKgkJ
XYHIPdGgxLnciF1cEbCeFvmR5mhkM+T8V44MBnxG9a+T632tY8tkRcvGO+HTvNPz
WMxVXR5MrZdQAPRrsYO6kxMdLK10P8NmjE4CryIr3wjm4hye3rDO/67qg6quOHS1
9853Nq+R5ds358Tg+dM4x7c3WaxqZhUPsxk+Ln0U4i6H2a8eXFr3bg/+vfr0zoXH
el4mcC/x39687VwYOa/rF8Zl7BXVCxvDYYDPaIzIm525B7V/9MB2OT1xRwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPv34nzakgOgPT8P5y8K96PetxCEMB8GA1UdIwQY
MBaAFOQLntM+ijQyloKej6Spq6iKDZPTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUF1ZTB6NktOREtXZ3A2UHBLbXJxSW9OazlNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC82ZTc0MzctN2IxMC00ZWQxLWJkM2It
YmU1NmQxY2Y3M2M0LzEvMS1fZmlmTnFTQTZBOVB3X25Md3Izbzk2M0VJUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTQvNmU3NDM3LTdiMTAtNGVkMS1iZDNiLWJlNTZkMWNmNzNj
NC8xLzVBdWUwejZLTkRLV2dwNlBwS21ycUlvTms5TS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAFvUuDAP
BAIAAjAJAwcAIAEGfAh0MA0GCSqGSIb3DQEBCwUAA4IBAQBojjeqUWKjeVLWjfTX
e0Xk2nJ2/Fkv+AVLIH67Hryd8xjwtL/3ik0izkMWPSdHoWS/wK7MRCMLkfCf/ihQ
jE8j45pY+YeE9Y+HsqdXG5E6etx8TpocPKnNdWdo/O1GbOSZc4nG2ZaJSWKmeAtO
CN92DrO9+9t3rE98RG/K/Laa7LXABEuomw8J9d3MeuBBM1mLKrdriCDbe6DV0hxE
P625epmg1XCfXWW3V9es6FhHve0gvfk/FOTPWVFdhQGefU2wqNP8l64/PricQIbb
w7yG94qBN5OU3cg89kXR8opAV+/pzqtreV7HTCDwwygHJYqT8f214OpN+e00WRPu
VuCA
-----END CERTIFICATE-----
Generated at Sun May 19 10:31:56 2024 by rpki-client on console-ams.rpki-client.org