Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6f3269-587d-4b87-8d3a-e6679e7b795a/1/rgAQgBrMl6kfDrZ-cQR_mCnLsPY.roa
File: rgAQgBrMl6kfDrZ-cQR_mCnLsPY.roa (raw, json)
Hash identifier: hG/PUUTr6Fg8xllm4Bhi+v9pFtt7NKyBfMq8jXgrS44=
Subject key identifier: AE:00:10:80:1A:CC:97:A9:1F:0E:B6:7E:71:04:7F:98:29:CB:B0:F6
Certificate issuer: /CN=68637081ca7c2eba41010abeaad64a7c61f6a113
Certificate serial: 01916F3DBCED3A8D9251C91512864DBE0F8F
Authority key identifier: 68:63:70:81:CA:7C:2E:BA:41:01:0A:BE:AA:D6:4A:7C:61:F6:A1:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aGNwgcp8LrpBAQq-qtZKfGH2oRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6f3269-587d-4b87-8d3a-e6679e7b795a/1/rgAQgBrMl6kfDrZ-cQR_mCnLsPY.roa
Signing time: Tue 20 Aug 2024 10:03:22 +0000
ROA not before: Tue 20 Aug 2024 10:03:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6453
IP address blocks: 91.202.248.0/22 maxlen: 24
91.202.248.0/24 maxlen: 24
91.202.249.0/24 maxlen: 24
91.202.250.0/24 maxlen: 24
91.202.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/6f3269-587d-4b87-8d3a-e6679e7b795a/1/aGNwgcp8LrpBAQq-qtZKfGH2oRM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/6f3269-587d-4b87-8d3a-e6679e7b795a/1/aGNwgcp8LrpBAQq-qtZKfGH2oRM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aGNwgcp8LrpBAQq-qtZKfGH2oRM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 Nov 2024 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6f:3d:bc:ed:3a:8d:92:51:c9:15:12:86:4d:be:0f:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68637081ca7c2eba41010abeaad64a7c61f6a113
Validity
Not Before: Aug 20 10:03:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae0010801acc97a91f0eb67e71047f9829cbb0f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:55:e8:7b:44:51:7b:9e:31:d8:bc:f7:15:6c:
d3:b5:1f:25:96:2c:61:d9:ff:f8:0d:f9:c0:06:27:
24:2e:fa:d5:0e:7b:e1:3c:ce:12:00:29:0c:b0:9d:
3c:99:d0:5f:05:9a:0c:57:e0:87:60:7c:cd:4f:4a:
2b:7d:b5:7a:cf:a5:3a:61:7a:bb:7e:fb:46:0f:24:
5a:1c:78:6b:00:5f:1f:fc:39:77:0f:22:9b:79:f1:
bb:7d:51:c2:ee:49:ef:8e:2f:42:6d:d7:f7:73:08:
39:63:da:a4:c4:e6:b3:3c:49:ab:b2:91:1d:28:94:
92:9c:96:65:52:14:38:09:8b:fb:5e:27:88:af:eb:
ec:cd:68:72:8c:f6:a0:c8:bf:5e:9c:7a:76:85:b9:
86:fc:66:48:d9:3c:f1:89:a4:1c:07:e6:18:6c:73:
c1:9f:41:a9:92:c4:70:ae:6e:f2:43:0e:43:11:43:
5e:70:63:4f:16:87:1c:5a:ac:2c:df:bc:e0:7f:0f:
c2:80:de:e1:e6:ae:17:22:2f:34:ff:54:d8:1f:ab:
d8:48:1b:ef:12:49:fc:d9:25:6f:bf:70:84:a3:0e:
4a:86:f7:94:cb:92:81:60:c0:42:83:1d:2e:da:ea:
43:77:03:21:06:e0:ad:02:92:f3:7e:30:b4:77:8a:
2b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:00:10:80:1A:CC:97:A9:1F:0E:B6:7E:71:04:7F:98:29:CB:B0:F6
X509v3 Authority Key Identifier:
keyid:68:63:70:81:CA:7C:2E:BA:41:01:0A:BE:AA:D6:4A:7C:61:F6:A1:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aGNwgcp8LrpBAQq-qtZKfGH2oRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6f3269-587d-4b87-8d3a-e6679e7b795a/1/rgAQgBrMl6kfDrZ-cQR_mCnLsPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6f3269-587d-4b87-8d3a-e6679e7b795a/1/aGNwgcp8LrpBAQq-qtZKfGH2oRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.248.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:bd:7e:ca:95:ab:9b:58:09:ea:d1:07:01:d0:26:1d:0d:55:
5c:64:8c:a3:ea:aa:f1:b5:d6:c7:92:db:43:22:4c:39:5b:aa:
8f:42:15:28:aa:cf:ef:e3:d1:ed:eb:5c:25:06:e7:1a:d2:03:
bd:3c:12:85:2b:dc:15:b3:c9:bc:2f:21:ae:64:ff:38:f5:a3:
50:6b:b2:f6:12:9d:a5:1f:e4:50:91:2f:38:c6:12:8b:ce:aa:
99:44:c9:e8:fa:f5:5f:34:a1:eb:b7:21:a6:2a:85:0c:08:71:
75:47:06:43:0f:0c:bf:42:49:e7:e6:5a:5d:d5:32:87:7f:ec:
9c:bf:b7:08:5f:5c:d2:ef:6c:d4:56:bb:9f:38:61:63:d6:a1:
c3:1c:97:af:52:d1:bb:5d:2d:db:8c:80:eb:1f:a1:cf:0f:5b:
b8:34:94:10:f8:6c:ab:4b:01:bb:8f:60:ec:2b:b8:14:40:48:
a8:f7:34:c2:2a:dc:05:e2:ef:f1:db:1a:4e:d1:80:46:f1:b7:
65:ba:81:9b:dc:52:81:e7:d0:eb:b7:62:d4:e9:84:33:9c:75:
ae:6d:5c:30:08:36:61:e4:7d:a3:1e:5e:d5:93:67:10:eb:fe:
29:c0:09:eb:66:0b:c1:4f:c6:eb:c3:b2:66:1c:ca:1e:ca:f9:
93:67:68:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFvPbztOo2SUckVEoZNvg+PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NjM3MDgxY2E3YzJlYmE0MTAxMGFiZWFhZDY0YTdjNjFm
NmExMTMwHhcNMjQwODIwMTAwMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTAwMTA4MDFhY2M5N2E5MWYwZWI2N2U3MTA0N2Y5ODI5Y2JiMGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFXoe0RRe54x2Lz3FWzTtR8llixh
2f/4DfnABickLvrVDnvhPM4SACkMsJ08mdBfBZoMV+CHYHzNT0orfbV6z6U6YXq7
fvtGDyRaHHhrAF8f/Dl3DyKbefG7fVHC7knvji9Cbdf3cwg5Y9qkxOazPEmrspEd
KJSSnJZlUhQ4CYv7XieIr+vszWhyjPagyL9enHp2hbmG/GZI2TzxiaQcB+YYbHPB
n0GpksRwrm7yQw5DEUNecGNPFoccWqws37zgfw/CgN7h5q4XIi80/1TYH6vYSBvv
Ekn82SVvv3CEow5KhveUy5KBYMBCgx0u2upDdwMhBuCtApLzfjC0d4orUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK4AEIAazJepHw62fnEEf5gpy7D2MB8GA1UdIwQY
MBaAFGhjcIHKfC66QQEKvqrWSnxh9qETMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUdOd2djcDhMcnBCQVFxLXF0WktmR0gyb1JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82ZjMyNjktNTg3ZC00Yjg3LThkM2Et
ZTY2NzllN2I3OTVhLzEvcmdBUWdCck1sNmtmRHJaLWNRUl9tQ25Mc1BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82ZjMyNjktNTg3ZC00Yjg3LThkM2EtZTY2NzllN2I3OTVh
LzEvYUdOd2djcDhMcnBCQVFxLXF0WktmR0gyb1JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8r4MA0G
CSqGSIb3DQEBCwUAA4IBAQCdvX7KlaubWAnq0QcB0CYdDVVcZIyj6qrxtdbHkttD
Ikw5W6qPQhUoqs/v49Ht61wlBuca0gO9PBKFK9wVs8m8LyGuZP849aNQa7L2Ep2l
H+RQkS84xhKLzqqZRMno+vVfNKHrtyGmKoUMCHF1RwZDDwy/Qknn5lpd1TKHf+yc
v7cIX1zS72zUVrufOGFj1qHDHJevUtG7XS3bjIDrH6HPD1u4NJQQ+GyrSwG7j2Ds
K7gUQEio9zTCKtwF4u/x2xpO0YBG8bdluoGb3FKB59Drt2LU6YQznHWubVwwCDZh
5H2jHl7Vk2cQ6/4pwAnrZgvBT8brw7JmHMoeyvmTZ2j9
-----END CERTIFICATE-----
Generated at Wed Nov 13 05:55:32 2024 by rpki-client on console-fra.rpki-client.org