Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/a2b983-5538-485e-b10f-17a69b702e1b/1/1UlFS1zWBp0Qx1kHfJ6nbqgiz6I.roa
File: 1UlFS1zWBp0Qx1kHfJ6nbqgiz6I.roa (raw, json)
Hash identifier: Fa0yp+kZHTuGPb/Le/iDH8hPbckpmqPQghsLKhsL8kQ=
Subject key identifier: D5:49:45:4B:5C:D6:06:9D:10:C7:59:07:7C:9E:A7:6E:A8:22:CF:A2
Certificate issuer: /CN=7beef5e16c1467da7a02f19237653ae42b109652
Certificate serial: 018CC42558FA58E6978C0E992C28C1F68547
Authority key identifier: 7B:EE:F5:E1:6C:14:67:DA:7A:02:F1:92:37:65:3A:E4:2B:10:96:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e-714WwUZ9p6AvGSN2U65CsQllI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/a2b983-5538-485e-b10f-17a69b702e1b/1/1UlFS1zWBp0Qx1kHfJ6nbqgiz6I.roa
Signing time: Mon 01 Jan 2024 08:30:31 +0000
ROA not before: Mon 01 Jan 2024 08:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205890
IP address blocks: 91.207.94.0/23 maxlen: 23
91.196.144.0/22 maxlen: 22
91.207.72.0/23 maxlen: 23
2a0a:de40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/a2b983-5538-485e-b10f-17a69b702e1b/1/e-714WwUZ9p6AvGSN2U65CsQllI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/a2b983-5538-485e-b10f-17a69b702e1b/1/e-714WwUZ9p6AvGSN2U65CsQllI.mft
rsync://rpki.ripe.net/repository/DEFAULT/e-714WwUZ9p6AvGSN2U65CsQllI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:58:fa:58:e6:97:8c:0e:99:2c:28:c1:f6:85:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7beef5e16c1467da7a02f19237653ae42b109652
Validity
Not Before: Jan 1 08:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d549454b5cd6069d10c759077c9ea76ea822cfa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ee:55:1d:b1:50:53:72:99:bb:b5:24:08:9e:
3c:81:13:ea:31:84:6e:34:61:ed:8f:0b:90:a1:c5:
96:67:f4:44:fd:4b:37:a0:36:1f:c6:c1:6e:46:a3:
5b:27:c8:54:96:2e:6d:02:3f:c3:c6:af:49:3f:e9:
46:11:b6:bb:01:8a:8b:49:9f:4b:22:ce:f0:ec:bf:
c0:87:5b:fb:d5:ed:76:1a:c9:c7:55:db:38:aa:cb:
b5:34:d5:c0:05:a1:ed:6d:d7:85:ea:17:51:ff:dd:
89:8c:77:9d:d0:23:be:cc:b6:34:ae:c8:d2:94:f1:
82:f1:05:e7:ba:5f:8a:28:fe:2d:a0:39:8d:e5:90:
b1:ae:6c:93:ba:4b:1c:50:34:d7:2b:36:f3:5b:c0:
54:44:fe:33:ba:dc:72:0f:8c:e6:11:75:2a:f0:a3:
c8:8c:f5:14:26:54:13:78:f9:08:f1:dd:49:40:fb:
3f:13:6c:4c:ee:69:2d:d4:0e:7a:78:de:f6:de:89:
02:84:ef:81:19:19:16:d4:45:71:33:a4:86:17:5e:
31:b8:a2:53:31:26:6c:a7:5a:f4:73:57:e9:de:18:
a6:40:a6:77:fb:e6:74:b1:07:68:9e:76:f3:f9:30:
f0:fd:5a:1c:c9:22:c7:13:b3:40:4d:e0:b6:83:36:
e1:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:49:45:4B:5C:D6:06:9D:10:C7:59:07:7C:9E:A7:6E:A8:22:CF:A2
X509v3 Authority Key Identifier:
keyid:7B:EE:F5:E1:6C:14:67:DA:7A:02:F1:92:37:65:3A:E4:2B:10:96:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e-714WwUZ9p6AvGSN2U65CsQllI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a2b983-5538-485e-b10f-17a69b702e1b/1/1UlFS1zWBp0Qx1kHfJ6nbqgiz6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a2b983-5538-485e-b10f-17a69b702e1b/1/e-714WwUZ9p6AvGSN2U65CsQllI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.144.0/22
91.207.72.0/23
91.207.94.0/23
IPv6:
2a0a:de40::/32
Signature Algorithm: sha256WithRSAEncryption
5e:e6:6d:d8:33:82:a1:ef:4a:72:2a:5d:dc:19:4a:e1:1e:ab:
ad:5c:74:50:34:e7:17:17:34:a7:7f:3a:14:2e:08:7b:6b:55:
30:b8:37:0c:c6:5a:53:42:eb:f7:24:6a:40:ef:21:2a:84:25:
6f:e7:8a:5d:af:b9:cc:6c:fa:a9:df:c3:df:56:8e:9c:78:f0:
a9:05:1b:1b:66:02:95:2c:bb:5b:d5:c8:e3:15:b6:2e:56:d1:
61:69:4b:08:ef:03:36:81:42:78:af:90:e3:fb:d1:88:ac:a6:
17:fc:f2:cf:dd:0e:0e:2d:45:86:c5:99:e9:12:98:c3:6f:2a:
05:62:e5:29:87:08:84:36:1e:a7:75:3c:9d:7c:cf:0e:a6:f6:
7f:d0:c3:22:ee:eb:c5:b1:44:0b:58:e3:4e:77:ee:1b:87:49:
a1:8f:8e:2c:14:95:e7:76:f8:da:a5:e7:4b:23:a8:7b:21:d3:
30:b2:9f:70:30:20:08:0d:37:cf:11:3a:af:89:9f:5a:4a:36:
99:34:94:f6:fe:30:8b:fa:f1:a3:45:2d:a3:dd:a2:74:f8:c4:
d9:1c:56:cb:53:7b:01:f2:c4:53:e1:4c:65:5c:20:a6:77:aa:
a8:9b:9c:08:33:ee:2e:ab:e0:c8:4b:a5:17:c5:8d:5b:a9:8f:
3d:7a:7c:04
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEJVj6WOaXjA6ZLCjB9oVHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZWVmNWUxNmMxNDY3ZGE3YTAyZjE5MjM3NjUzYWU0MmIx
MDk2NTIwHhcNMjQwMTAxMDgzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQ5NDU0YjVjZDYwNjlkMTBjNzU5MDc3YzllYTc2ZWE4MjJjZmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoO5VHbFQU3KZu7UkCJ48gRPqMYRu
NGHtjwuQocWWZ/RE/Us3oDYfxsFuRqNbJ8hUli5tAj/Dxq9JP+lGEba7AYqLSZ9L
Is7w7L/Ah1v71e12GsnHVds4qsu1NNXABaHtbdeF6hdR/92JjHed0CO+zLY0rsjS
lPGC8QXnul+KKP4toDmN5ZCxrmyTukscUDTXKzbzW8BURP4zutxyD4zmEXUq8KPI
jPUUJlQTePkI8d1JQPs/E2xM7mkt1A56eN723okChO+BGRkW1EVxM6SGF14xuKJT
MSZsp1r0c1fp3himQKZ3++Z0sQdonnbz+TDw/VocySLHE7NATeC2gzbhJQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNVJRUtc1gadEMdZB3yep26oIs+iMB8GA1UdIwQY
MBaAFHvu9eFsFGfaegLxkjdlOuQrEJZSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZS03MTRXd1VaOXA2QXZHU04yVTY1Q3NRbGxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9hMmI5ODMtNTUzOC00ODVlLWIxMGYt
MTdhNjliNzAyZTFiLzEvMVVsRlMxeldCcDBReDFrSGZKNm5icWdpejZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9hMmI5ODMtNTUzOC00ODVlLWIxMGYtMTdhNjliNzAyZTFi
LzEvZS03MTRXd1VaOXA2QXZHU04yVTY1Q3NRbGxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCW8SQAwQB
W89IAwQBW89eMA0EAgACMAcDBQAqCt5AMA0GCSqGSIb3DQEBCwUAA4IBAQBe5m3Y
M4Kh70pyKl3cGUrhHqutXHRQNOcXFzSnfzoULgh7a1UwuDcMxlpTQuv3JGpA7yEq
hCVv54pdr7nMbPqp38PfVo6cePCpBRsbZgKVLLtb1cjjFbYuVtFhaUsI7wM2gUJ4
r5Dj+9GIrKYX/PLP3Q4OLUWGxZnpEpjDbyoFYuUphwiENh6ndTydfM8OpvZ/0MMi
7uvFsUQLWONOd+4bh0mhj44sFJXndvjapedLI6h7IdMwsp9wMCAIDTfPETqviZ9a
SjaZNJT2/jCL+vGjRS2j3aJ0+MTZHFbLU3sB8sRT4UxlXCCmd6qom5wIM+4uq+DI
S6UXxY1bqY89enwE
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:47:41 2024 by rpki-client on console-ams.rpki-client.org