Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/Q85VqPH6P3bvYsFKOqrT7-JSfyc.roa
File: Q85VqPH6P3bvYsFKOqrT7-JSfyc.roa (raw, json)
Hash identifier: 27lqNP8xopzwrtH92IXL8RGaeg3Jfjor1qfrImrmFR8=
Subject key identifier: 43:CE:55:A8:F1:FA:3F:76:EF:62:C1:4A:3A:AA:D3:EF:E2:52:7F:27
Certificate issuer: /CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Certificate serial: 0192C2BF68B25FBC49DDCD64DC5D1A1C110B
Authority key identifier: C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/Q85VqPH6P3bvYsFKOqrT7-JSfyc.roa
Signing time: Fri 25 Oct 2024 08:16:16 +0000
ROA not before: Fri 25 Oct 2024 08:16:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212341
IP address blocks: 91.108.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 08:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c2:bf:68:b2:5f:bc:49:dd:cd:64:dc:5d:1a:1c:11:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Validity
Not Before: Oct 25 08:16:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43ce55a8f1fa3f76ef62c14a3aaad3efe2527f27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:78:9d:60:06:2a:9b:5b:c3:03:a4:61:06:43:
ac:5d:cf:e7:a3:8b:bc:5e:54:73:86:89:40:80:e7:
96:eb:d1:e6:e5:e3:4f:1d:08:b1:17:4f:fb:8c:e1:
2e:06:71:6e:d1:cc:16:6a:dc:bd:95:de:ed:0c:b1:
c0:09:6a:04:7f:fa:fc:3e:67:ee:c9:3e:d3:35:ba:
21:29:03:1b:c4:02:14:6e:b7:8a:ae:58:ff:01:60:
d0:16:d3:46:91:5d:1e:d4:15:78:95:77:de:e3:b1:
d0:10:b9:e4:36:b4:a8:44:5b:26:da:af:93:2b:0d:
5f:98:52:ed:99:72:3b:d5:e9:9e:0e:f8:8b:dc:b3:
49:01:fc:be:d9:f4:42:c5:e5:58:93:1c:f1:e1:3f:
fd:49:4f:29:23:a6:21:db:d9:ef:51:4f:34:ca:df:
94:71:fc:be:ee:62:94:82:04:07:ca:bb:a6:0f:32:
9f:8a:c8:a7:7a:ff:b6:f3:4f:50:30:48:b4:bb:9c:
d3:eb:ea:f1:a0:80:da:35:e5:51:bb:e9:56:e5:24:
47:cd:dc:da:fd:30:13:a7:f9:8b:95:83:df:4d:ca:
67:bc:f8:ea:d8:f2:78:bd:22:fb:ff:b4:95:dd:78:
b7:f7:32:95:af:fe:7d:a6:d5:2b:db:3c:2e:40:b3:
f1:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:CE:55:A8:F1:FA:3F:76:EF:62:C1:4A:3A:AA:D3:EF:E2:52:7F:27
X509v3 Authority Key Identifier:
keyid:C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/Q85VqPH6P3bvYsFKOqrT7-JSfyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.80.0/24
Signature Algorithm: sha256WithRSAEncryption
04:90:34:1a:0e:8c:28:d7:c1:e6:7f:3d:3c:62:7d:84:cb:47:
62:da:24:ef:da:01:b3:66:28:1a:06:d9:b3:ba:8b:b8:d9:4d:
1e:06:d0:47:4b:c8:70:20:47:9f:63:bb:d5:42:e5:4b:82:ac:
93:b9:7c:78:00:81:23:9a:de:60:a1:a3:0d:10:15:8f:be:54:
1c:73:69:3d:04:ad:82:b8:1a:82:50:ad:3d:61:f9:08:16:95:
a8:94:8f:f6:85:49:38:83:76:63:eb:de:dd:0a:79:9b:44:ba:
f3:48:c5:46:1d:f0:1c:f3:4c:ce:19:16:03:88:71:c5:bd:6a:
bb:90:8c:55:ec:f9:69:2f:d7:85:74:de:b4:76:3a:e1:47:1b:
03:11:ed:66:ba:16:4c:7a:6d:66:a7:b7:e0:b7:d8:74:29:97:
54:e5:7a:a2:ab:96:40:45:d0:14:5c:96:f5:df:44:2d:7f:05:
ad:5e:3f:c0:f8:73:b1:de:58:f8:2b:cf:55:10:96:67:f1:b9:
f4:51:bd:46:7c:d4:eb:6a:a8:24:93:67:5a:16:02:17:83:aa:
5b:48:12:b2:3d:d9:d7:17:37:37:60:4f:9b:11:c3:ba:1f:3c:
e1:75:8c:f7:10:0b:a4:02:26:29:3e:b3:0b:d3:aa:c0:5e:10:
ac:63:1f:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLCv2iyX7xJ3c1k3F0aHBELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzhiYzNiZDM1MGVlZGM0ZjM3N2MyMjQ1NTZiMjUwZGE2
ZGRlNmYwHhcNMjQxMDI1MDgxNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2NlNTVhOGYxZmEzZjc2ZWY2MmMxNGEzYWFhZDNlZmUyNTI3ZjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6HidYAYqm1vDA6RhBkOsXc/no4u8
XlRzholAgOeW69Hm5eNPHQixF0/7jOEuBnFu0cwWaty9ld7tDLHACWoEf/r8Pmfu
yT7TNbohKQMbxAIUbreKrlj/AWDQFtNGkV0e1BV4lXfe47HQELnkNrSoRFsm2q+T
Kw1fmFLtmXI71emeDviL3LNJAfy+2fRCxeVYkxzx4T/9SU8pI6Yh29nvUU80yt+U
cfy+7mKUggQHyrumDzKfisinev+2809QMEi0u5zT6+rxoIDaNeVRu+lW5SRHzdza
/TATp/mLlYPfTcpnvPjq2PJ4vSL7/7SV3Xi39zKVr/59ptUr2zwuQLPx+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEPOVajx+j9272LBSjqq0+/iUn8nMB8GA1UdIwQY
MBaAFMN4vDvTUO7cTzd8IkVWslDabd5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYt
NDQxNDU1OGZkY2JiLzEvUTg1VnFQSDZQM2J2WXNGS09xclQ3LUpTZnljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYtNDQxNDU1OGZkY2Ji
LzEvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW2xQMA0G
CSqGSIb3DQEBCwUAA4IBAQAEkDQaDowo18Hmfz08Yn2Ey0di2iTv2gGzZigaBtmz
uou42U0eBtBHS8hwIEefY7vVQuVLgqyTuXx4AIEjmt5goaMNEBWPvlQcc2k9BK2C
uBqCUK09YfkIFpWolI/2hUk4g3Zj697dCnmbRLrzSMVGHfAc80zOGRYDiHHFvWq7
kIxV7PlpL9eFdN60djrhRxsDEe1muhZMem1mp7fgt9h0KZdU5Xqiq5ZARdAUXJb1
30QtfwWtXj/A+HOx3lj4K89VEJZn8bn0Ub1GfNTraqgkk2daFgIXg6pbSBKyPdnX
Fzc3YE+bEcO6HzzhdYz3EAukAiYpPrML06rAXhCsYx+p
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:06:51 2024 by rpki-client on console-fra.rpki-client.org