Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/73c15a-352b-4c09-9af1-3b82e43cf293/1/1YvZ3HmGUBflg7Tyw2cx-VayPcg.roa
File: 1YvZ3HmGUBflg7Tyw2cx-VayPcg.roa (raw, json)
Hash identifier: 0znicQ82KwpbqBMTtCi29xQu48z8jC+t2SYrc2cMr7Y=
Subject key identifier: D5:8B:D9:DC:79:86:50:17:E5:83:B4:F2:C3:67:31:F9:56:B2:3D:C8
Certificate issuer: /CN=51f2045386969d11c741c3b545e02a00c1252f71
Certificate serial: 019423D6CBE70D3B6B48594726F2CC747A04
Authority key identifier: 51:F2:04:53:86:96:9D:11:C7:41:C3:B5:45:E0:2A:00:C1:25:2F:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UfIEU4aWnRHHQcO1ReAqAMElL3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/73c15a-352b-4c09-9af1-3b82e43cf293/1/1YvZ3HmGUBflg7Tyw2cx-VayPcg.roa
Signing time: Wed 01 Jan 2025 21:47:46 +0000
ROA not before: Wed 01 Jan 2025 21:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56744
IP address blocks: 91.238.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/73c15a-352b-4c09-9af1-3b82e43cf293/1/UfIEU4aWnRHHQcO1ReAqAMElL3E.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/73c15a-352b-4c09-9af1-3b82e43cf293/1/UfIEU4aWnRHHQcO1ReAqAMElL3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/UfIEU4aWnRHHQcO1ReAqAMElL3E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:cb:e7:0d:3b:6b:48:59:47:26:f2:cc:74:7a:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51f2045386969d11c741c3b545e02a00c1252f71
Validity
Not Before: Jan 1 21:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d58bd9dc79865017e583b4f2c36731f956b23dc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:fe:ca:3d:4a:5f:bd:21:88:77:48:8c:32:e9:
a4:77:34:3c:2e:f3:57:09:73:02:86:0b:91:5a:85:
9f:2e:0d:52:65:ce:32:bc:15:45:e9:50:60:dc:d9:
ed:51:70:fa:ca:61:f1:40:2f:22:2c:26:42:a6:02:
19:ef:79:51:66:28:f9:6c:af:f7:0f:c9:4b:ce:26:
c1:36:c5:ab:6f:83:7b:f9:d5:c5:a8:35:0e:af:01:
03:be:40:75:fc:00:9a:c4:25:07:00:34:2b:66:f8:
49:42:a0:b2:df:cf:41:96:81:15:0b:a7:a5:a2:5e:
27:f8:2d:7b:f7:77:56:96:75:ac:18:af:00:37:32:
a8:e1:b0:e0:f2:0d:f9:6d:4b:11:10:e5:b9:8e:d2:
e8:4d:ef:4e:31:52:da:29:76:8a:57:6b:12:27:3c:
6b:98:dd:ed:b5:58:88:de:3b:2c:57:f1:4f:a5:87:
a6:3e:61:95:74:19:50:e3:76:59:79:4b:f8:a8:88:
1c:a0:39:9b:cf:0b:23:ce:a0:86:20:cf:85:49:ca:
9b:14:da:0f:7d:b0:da:6a:46:d3:a3:97:74:59:d5:
45:10:37:8e:38:05:58:15:38:d7:10:44:a6:9e:dc:
6b:65:e9:f1:dc:8e:92:59:9c:9f:b6:51:7b:90:58:
c9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:8B:D9:DC:79:86:50:17:E5:83:B4:F2:C3:67:31:F9:56:B2:3D:C8
X509v3 Authority Key Identifier:
keyid:51:F2:04:53:86:96:9D:11:C7:41:C3:B5:45:E0:2A:00:C1:25:2F:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UfIEU4aWnRHHQcO1ReAqAMElL3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/73c15a-352b-4c09-9af1-3b82e43cf293/1/1YvZ3HmGUBflg7Tyw2cx-VayPcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/73c15a-352b-4c09-9af1-3b82e43cf293/1/UfIEU4aWnRHHQcO1ReAqAMElL3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.218.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:ad:89:f7:9c:fa:5e:74:8b:01:4d:5c:de:c2:72:ad:06:92:
9a:ad:fd:3e:22:9c:73:df:f2:8f:49:3b:6f:b3:5e:ae:6f:94:
d4:fa:15:b9:9d:cd:8f:1b:4f:65:03:f3:1d:14:e5:7b:87:36:
5a:d9:11:67:41:12:a0:60:76:b9:59:a1:49:7d:07:af:54:12:
d2:cd:c9:49:da:a2:70:2f:d1:cb:75:b9:c4:50:ee:62:fc:48:
97:61:a0:15:c0:23:fa:57:c7:3f:4e:e7:fe:01:3a:16:a8:46:
0c:a5:c3:60:b4:6c:17:88:6e:62:0a:4b:34:a1:f0:b0:42:be:
f6:68:e1:4f:9f:b9:39:6b:26:21:8d:6e:cc:30:a5:45:81:b1:
a4:d8:17:34:e4:a2:49:c5:bb:56:e4:1a:09:9a:68:f3:c1:3e:
11:e8:e2:ca:61:70:c5:b4:3c:59:f7:82:ab:1e:b4:70:0a:a5:
6f:28:3d:92:ca:c0:61:3e:f6:8f:29:a6:a8:e7:a1:98:5c:0a:
4c:6b:aa:62:e1:71:76:d0:a2:dc:f0:97:94:92:b7:d7:09:c8:
d2:63:32:22:88:33:ac:ab:b4:13:ea:6a:a7:84:07:65:de:3f:
4f:13:44:51:bd:94:de:05:57:b3:ea:a2:ca:55:dd:59:4c:d8:
41:29:11:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1svnDTtrSFlHJvLMdHoEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZjIwNDUzODY5NjlkMTFjNzQxYzNiNTQ1ZTAyYTAwYzEy
NTJmNzEwHhcNMjUwMTAxMjE0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNThiZDlkYzc5ODY1MDE3ZTU4M2I0ZjJjMzY3MzFmOTU2YjIzZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0v7KPUpfvSGId0iMMumkdzQ8LvNX
CXMChguRWoWfLg1SZc4yvBVF6VBg3NntUXD6ymHxQC8iLCZCpgIZ73lRZij5bK/3
D8lLzibBNsWrb4N7+dXFqDUOrwEDvkB1/ACaxCUHADQrZvhJQqCy389BloEVC6el
ol4n+C1793dWlnWsGK8ANzKo4bDg8g35bUsREOW5jtLoTe9OMVLaKXaKV2sSJzxr
mN3ttViI3jssV/FPpYemPmGVdBlQ43ZZeUv4qIgcoDmbzwsjzqCGIM+FScqbFNoP
fbDaakbTo5d0WdVFEDeOOAVYFTjXEESmntxrZenx3I6SWZyftlF7kFjJgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNWL2dx5hlAX5YO08sNnMflWsj3IMB8GA1UdIwQY
MBaAFFHyBFOGlp0Rx0HDtUXgKgDBJS9xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWZJRVU0YVduUkhIUWNPMVJlQXFBTUVsTDNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC83M2MxNWEtMzUyYi00YzA5LTlhZjEt
M2I4MmU0M2NmMjkzLzEvMVl2WjNIbUdVQmZsZzdUeXcyY3gtVmF5UGNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC83M2MxNWEtMzUyYi00YzA5LTlhZjEtM2I4MmU0M2NmMjkz
LzEvVWZJRVU0YVduUkhIUWNPMVJlQXFBTUVsTDNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+7aMA0G
CSqGSIb3DQEBCwUAA4IBAQCNrYn3nPpedIsBTVzewnKtBpKarf0+Ipxz3/KPSTtv
s16ub5TU+hW5nc2PG09lA/MdFOV7hzZa2RFnQRKgYHa5WaFJfQevVBLSzclJ2qJw
L9HLdbnEUO5i/EiXYaAVwCP6V8c/Tuf+AToWqEYMpcNgtGwXiG5iCks0ofCwQr72
aOFPn7k5ayYhjW7MMKVFgbGk2Bc05KJJxbtW5BoJmmjzwT4R6OLKYXDFtDxZ94Kr
HrRwCqVvKD2SysBhPvaPKaao56GYXApMa6pi4XF20KLc8JeUkrfXCcjSYzIiiDOs
q7QT6mqnhAdl3j9PE0RRvZTeBVez6qLKVd1ZTNhBKRHc
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:04:33 2025 by rpki-client