Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/87f8dc-9fce-41ab-8e75-228e3ffa5ba9/1/CNSTQYD0npEDZ-KnXtle_aBg--w.roa
File: CNSTQYD0npEDZ-KnXtle_aBg--w.roa (raw, json)
Hash identifier: Ql1VCVC7vVk3lE34mILUZZ4rEF0rN5mS6yO1qvHfvKg=
Subject key identifier: 08:D4:93:41:80:F4:9E:91:03:67:E2:A7:5E:D9:5E:FD:A0:60:FB:EC
Certificate issuer: /CN=184177b76891013ba027b35e6edfc1e9f8295cec
Certificate serial: 018CC26D080A038F73AF10B748756C82A194
Authority key identifier: 18:41:77:B7:68:91:01:3B:A0:27:B3:5E:6E:DF:C1:E9:F8:29:5C:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GEF3t2iRATugJ7Nebt_B6fgpXOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/87f8dc-9fce-41ab-8e75-228e3ffa5ba9/1/CNSTQYD0npEDZ-KnXtle_aBg--w.roa
Signing time: Mon 01 Jan 2024 00:29:34 +0000
ROA not before: Mon 01 Jan 2024 00:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199612
IP address blocks: 91.223.43.0/24 maxlen: 24
2001:67c:16c4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/87f8dc-9fce-41ab-8e75-228e3ffa5ba9/1/GEF3t2iRATugJ7Nebt_B6fgpXOw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/87f8dc-9fce-41ab-8e75-228e3ffa5ba9/1/GEF3t2iRATugJ7Nebt_B6fgpXOw.mft
rsync://rpki.ripe.net/repository/DEFAULT/GEF3t2iRATugJ7Nebt_B6fgpXOw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:08:0a:03:8f:73:af:10:b7:48:75:6c:82:a1:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=184177b76891013ba027b35e6edfc1e9f8295cec
Validity
Not Before: Jan 1 00:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08d4934180f49e910367e2a75ed95efda060fbec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:7f:dc:b7:ca:6b:7c:12:e1:ab:d9:51:d7:f3:
8f:33:13:99:87:fe:64:39:6d:f8:77:ca:93:9f:ff:
11:12:04:f2:fc:05:1e:a2:c0:32:00:f4:d6:53:2e:
e8:3f:35:1f:10:75:82:d5:f3:9e:b2:71:3f:ab:d7:
d3:82:bd:e9:a3:53:a2:b7:83:02:8f:72:f6:1a:8b:
ad:86:fd:58:7a:db:45:a2:8a:fb:71:9f:ab:25:60:
1d:21:d2:11:28:f8:57:96:7e:57:d1:45:98:01:cf:
cb:fd:87:92:85:5d:8e:78:e8:55:50:30:cc:06:70:
a3:0a:ec:bf:bb:06:38:b4:da:ae:53:72:66:b8:05:
d9:72:0b:02:d7:15:54:a4:8e:da:8f:6c:4d:20:e2:
62:68:b3:0b:22:2f:87:2c:c4:af:eb:40:da:a4:b7:
73:09:f9:fb:38:ba:1e:1f:e5:fb:cb:2e:57:32:7a:
7a:c5:55:a4:a9:02:ef:60:96:0e:3b:23:1c:af:66:
c1:a0:d9:aa:56:0b:c6:8d:e2:9c:fe:ad:22:a5:89:
33:37:48:86:5f:84:16:5b:60:46:5e:f7:3d:b4:e1:
0a:41:94:78:61:ad:b6:63:8f:5a:5a:bb:0a:8b:ba:
b0:49:13:ec:ee:33:1b:ba:ac:12:b2:cb:e4:b0:b4:
b2:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D4:93:41:80:F4:9E:91:03:67:E2:A7:5E:D9:5E:FD:A0:60:FB:EC
X509v3 Authority Key Identifier:
keyid:18:41:77:B7:68:91:01:3B:A0:27:B3:5E:6E:DF:C1:E9:F8:29:5C:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEF3t2iRATugJ7Nebt_B6fgpXOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/87f8dc-9fce-41ab-8e75-228e3ffa5ba9/1/CNSTQYD0npEDZ-KnXtle_aBg--w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/87f8dc-9fce-41ab-8e75-228e3ffa5ba9/1/GEF3t2iRATugJ7Nebt_B6fgpXOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.43.0/24
IPv6:
2001:67c:16c4::/48
Signature Algorithm: sha256WithRSAEncryption
58:dd:e4:39:83:d2:07:2a:e2:cd:b9:d6:5e:1d:d6:a6:b9:f6:
77:02:5b:78:22:49:74:5b:e4:ed:7d:c3:9d:20:e0:ec:c3:14:
7d:27:a3:c9:b5:2b:0c:bb:75:49:c5:d5:e7:56:ba:ef:a0:c2:
51:f0:2e:34:7c:9a:e6:42:05:61:dd:b4:62:73:8c:85:96:8b:
bb:80:00:f9:f6:3c:95:fe:1d:1e:c5:2f:d9:b7:84:f7:15:f1:
d2:b6:e0:38:6d:6d:5d:21:78:86:84:95:95:53:e7:fd:2f:be:
38:f3:5b:8c:be:3e:be:20:dd:19:ee:44:7b:be:85:96:10:e7:
be:76:d8:d5:97:67:09:70:d3:46:b8:31:12:37:72:aa:5a:33:
45:14:38:b8:ad:89:4b:a1:42:10:c0:fd:a0:81:42:64:32:8a:
18:2a:8d:ed:1b:a9:dd:6a:28:3b:9d:8e:da:cb:96:5c:0f:d5:
c6:d6:c7:48:f2:ad:4e:47:15:9f:81:35:08:b1:d1:15:56:b1:
77:f0:ea:f9:01:be:8e:56:ff:5e:91:c6:92:4b:23:4a:f0:50:
c0:48:18:91:8a:43:b3:d2:f6:74:d2:b7:58:19:3c:78:84:5f:
5a:2c:c5:3f:46:96:b2:ef:3c:2e:44:e9:77:cc:11:8c:95:ec:
03:d8:78:c8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCbQgKA49zrxC3SHVsgqGUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDE3N2I3Njg5MTAxM2JhMDI3YjM1ZTZlZGZjMWU5Zjgy
OTVjZWMwHhcNMjQwMTAxMDAyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGQ0OTM0MTgwZjQ5ZTkxMDM2N2UyYTc1ZWQ5NWVmZGEwNjBmYmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlX/ct8prfBLhq9lR1/OPMxOZh/5k
OW34d8qTn/8REgTy/AUeosAyAPTWUy7oPzUfEHWC1fOesnE/q9fTgr3po1Oit4MC
j3L2Gouthv1YettFoor7cZ+rJWAdIdIRKPhXln5X0UWYAc/L/YeShV2OeOhVUDDM
BnCjCuy/uwY4tNquU3JmuAXZcgsC1xVUpI7aj2xNIOJiaLMLIi+HLMSv60DapLdz
Cfn7OLoeH+X7yy5XMnp6xVWkqQLvYJYOOyMcr2bBoNmqVgvGjeKc/q0ipYkzN0iG
X4QWW2BGXvc9tOEKQZR4Ya22Y49aWrsKi7qwSRPs7jMbuqwSssvksLSyLwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAjUk0GA9J6RA2fip17ZXv2gYPvsMB8GA1UdIwQY
MBaAFBhBd7dokQE7oCezXm7fwen4KVzsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VGM3QyaVJBVHVnSjdOZWJ0X0I2ZmdwWE93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC84N2Y4ZGMtOWZjZS00MWFiLThlNzUt
MjI4ZTNmZmE1YmE5LzEvQ05TVFFZRDBucEVEWi1Lblh0bGVfYUJnLS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC84N2Y4ZGMtOWZjZS00MWFiLThlNzUtMjI4ZTNmZmE1YmE5
LzEvR0VGM3QyaVJBVHVnSjdOZWJ0X0I2ZmdwWE93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW98rMA8E
AgACMAkDBwAgAQZ8FsQwDQYJKoZIhvcNAQELBQADggEBAFjd5DmD0gcq4s251l4d
1qa59ncCW3giSXRb5O19w50g4OzDFH0no8m1Kwy7dUnF1edWuu+gwlHwLjR8muZC
BWHdtGJzjIWWi7uAAPn2PJX+HR7FL9m3hPcV8dK24DhtbV0heIaElZVT5/0vvjjz
W4y+Pr4g3RnuRHu+hZYQ57522NWXZwlw00a4MRI3cqpaM0UUOLitiUuhQhDA/aCB
QmQyihgqje0bqd1qKDudjtrLllwP1cbWx0jyrU5HFZ+BNQix0RVWsXfw6vkBvo5W
/16RxpJLI0rwUMBIGJGKQ7PS9nTSt1gZPHiEX1osxT9GlrLvPC5E6XfMEYyV7APY
eMg=
-----END CERTIFICATE-----
Generated at Fri May 17 18:55:22 2024 by rpki-client on console-ams.rpki-client.org