Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/de4740-d34e-42a7-8968-464b8f3b8363/1/rFZhRryeUIcFwvqzeTjCU0GJIEw.roa
File: rFZhRryeUIcFwvqzeTjCU0GJIEw.roa (raw, json)
Hash identifier: AIEBw6kqJQhP0wtpRiwQQisRJShTNBaqcMtSnPZdsRY=
Subject key identifier: AC:56:61:46:BC:9E:50:87:05:C2:FA:B3:79:38:C2:53:41:89:20:4C
Certificate issuer: /CN=317a927426089f3b8c500083221a798a9d2e8466
Certificate serial: 018CC348FACF632F12E0A1424F0BF4BEFC4C
Authority key identifier: 31:7A:92:74:26:08:9F:3B:8C:50:00:83:22:1A:79:8A:9D:2E:84:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MXqSdCYInzuMUACDIhp5ip0uhGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/de4740-d34e-42a7-8968-464b8f3b8363/1/rFZhRryeUIcFwvqzeTjCU0GJIEw.roa
Signing time: Mon 01 Jan 2024 04:29:49 +0000
ROA not before: Mon 01 Jan 2024 04:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12732
IP address blocks: 91.199.214.0/24 maxlen: 24
2001:67c:27fc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/de4740-d34e-42a7-8968-464b8f3b8363/1/MXqSdCYInzuMUACDIhp5ip0uhGY.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/de4740-d34e-42a7-8968-464b8f3b8363/1/MXqSdCYInzuMUACDIhp5ip0uhGY.mft
rsync://rpki.ripe.net/repository/DEFAULT/MXqSdCYInzuMUACDIhp5ip0uhGY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 10:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:fa:cf:63:2f:12:e0:a1:42:4f:0b:f4:be:fc:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=317a927426089f3b8c500083221a798a9d2e8466
Validity
Not Before: Jan 1 04:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac566146bc9e508705c2fab37938c2534189204c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:89:b8:37:36:7b:ae:00:af:97:e4:ab:19:b8:
d5:c7:a0:df:ce:02:dc:8a:f9:25:b1:3d:fa:4a:5c:
f5:fc:1e:bd:95:4d:06:fd:4c:4d:4f:25:77:01:04:
82:fa:89:78:a0:78:92:41:95:60:de:fe:e3:97:2c:
86:e1:8b:c5:3d:dc:a8:d8:3f:23:f2:b3:6e:9f:02:
4b:f1:fe:2a:d5:87:7a:bf:eb:26:49:89:d5:68:39:
65:2e:de:1a:6a:b6:d3:f5:5f:b1:dc:d2:e9:33:95:
83:17:47:01:56:cf:8b:57:a3:b2:ac:99:79:1f:fc:
aa:a8:2b:d8:a7:81:25:17:62:89:fc:31:01:76:bc:
2d:61:a9:11:07:23:ca:88:3d:76:5a:02:5c:05:44:
f7:b5:ed:a5:cb:2c:a4:be:97:48:4a:62:71:9c:2b:
d3:f9:a4:79:ec:0d:ed:91:99:c7:09:43:c8:d5:f9:
10:83:3c:4d:af:02:ee:64:8b:22:8d:3b:43:62:6c:
00:91:1e:88:f3:8b:d5:74:e4:7a:a2:85:40:01:e8:
d6:b0:58:59:90:d1:00:d9:6e:25:25:08:6a:22:33:
d0:db:9a:fb:b4:41:02:1d:c7:83:77:38:ef:21:00:
9e:d8:77:93:de:a7:05:6c:58:d2:a5:3e:44:c4:a3:
bb:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:56:61:46:BC:9E:50:87:05:C2:FA:B3:79:38:C2:53:41:89:20:4C
X509v3 Authority Key Identifier:
keyid:31:7A:92:74:26:08:9F:3B:8C:50:00:83:22:1A:79:8A:9D:2E:84:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MXqSdCYInzuMUACDIhp5ip0uhGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/de4740-d34e-42a7-8968-464b8f3b8363/1/rFZhRryeUIcFwvqzeTjCU0GJIEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/de4740-d34e-42a7-8968-464b8f3b8363/1/MXqSdCYInzuMUACDIhp5ip0uhGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.214.0/24
IPv6:
2001:67c:27fc::/48
Signature Algorithm: sha256WithRSAEncryption
bb:53:c4:7a:8f:69:28:0e:60:ca:3a:11:45:94:e9:97:70:a0:
6a:c4:0c:1c:ee:97:84:c5:c6:b9:7e:df:20:ea:15:29:2d:d7:
47:0c:33:8d:50:f8:84:55:c6:40:8e:31:6e:b1:dc:d5:12:8b:
10:cd:e9:dd:ac:0c:80:d0:89:7f:e4:3b:32:94:15:e8:91:b4:
36:b7:2f:7d:ca:ad:bc:06:5f:54:82:ae:2e:df:c3:84:cc:d7:
5d:6d:f8:2e:f3:8e:8e:e8:d6:1e:9a:6c:a9:70:56:73:af:f3:
68:34:3d:cb:e8:e5:bc:e7:73:5e:1d:75:ae:d3:5d:5b:4f:78:
ff:86:2b:9b:87:2d:94:6a:bf:62:50:b2:2b:53:8d:52:05:90:
f2:fe:54:7f:33:86:55:11:a5:0b:d1:ac:a2:35:a0:7d:aa:01:
09:43:3e:69:4c:c7:20:50:64:df:21:2f:64:6d:bc:56:e0:80:
b4:cc:ac:36:46:9c:8a:65:02:d3:e2:be:75:cb:fc:ab:2f:b6:
d1:a3:be:51:d6:7d:20:ca:49:21:89:05:49:d8:da:ca:75:fa:
48:e8:d9:d6:9a:7d:11:ee:5d:a0:43:d7:e7:12:6e:a6:b4:66:
0f:69:20:59:5a:52:d0:4a:7c:fb:55:31:9d:00:33:c9:67:4a:
c6:19:77:7e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzDSPrPYy8S4KFCTwv0vvxMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxN2E5Mjc0MjYwODlmM2I4YzUwMDA4MzIyMWE3OThhOWQy
ZTg0NjYwHhcNMjQwMTAxMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzU2NjE0NmJjOWU1MDg3MDVjMmZhYjM3OTM4YzI1MzQxODkyMDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04m4NzZ7rgCvl+SrGbjVx6DfzgLc
ivklsT36Slz1/B69lU0G/UxNTyV3AQSC+ol4oHiSQZVg3v7jlyyG4YvFPdyo2D8j
8rNunwJL8f4q1Yd6v+smSYnVaDllLt4aarbT9V+x3NLpM5WDF0cBVs+LV6OyrJl5
H/yqqCvYp4ElF2KJ/DEBdrwtYakRByPKiD12WgJcBUT3te2lyyykvpdISmJxnCvT
+aR57A3tkZnHCUPI1fkQgzxNrwLuZIsijTtDYmwAkR6I84vVdOR6ooVAAejWsFhZ
kNEA2W4lJQhqIjPQ25r7tEECHceDdzjvIQCe2HeT3qcFbFjSpT5ExKO7FQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKxWYUa8nlCHBcL6s3k4wlNBiSBMMB8GA1UdIwQY
MBaAFDF6knQmCJ87jFAAgyIaeYqdLoRmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVhxU2RDWUluenVNVUFDRElocDVpcDB1aEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9kZTQ3NDAtZDM0ZS00MmE3LTg5Njgt
NDY0YjhmM2I4MzYzLzEvckZaaFJyeWVVSWNGd3ZxemVUakNVMEdKSUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9kZTQ3NDAtZDM0ZS00MmE3LTg5NjgtNDY0YjhmM2I4MzYz
LzEvTVhxU2RDWUluenVNVUFDRElocDVpcDB1aEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW8fWMA8E
AgACMAkDBwAgAQZ8J/wwDQYJKoZIhvcNAQELBQADggEBALtTxHqPaSgOYMo6EUWU
6ZdwoGrEDBzul4TFxrl+3yDqFSkt10cMM41Q+IRVxkCOMW6x3NUSixDN6d2sDIDQ
iX/kOzKUFeiRtDa3L33KrbwGX1SCri7fw4TM111t+C7zjo7o1h6abKlwVnOv82g0
Pcvo5bznc14dda7TXVtPeP+GK5uHLZRqv2JQsitTjVIFkPL+VH8zhlURpQvRrKI1
oH2qAQlDPmlMxyBQZN8hL2RtvFbggLTMrDZGnIplAtPivnXL/KsvttGjvlHWfSDK
SSGJBUnY2sp1+kjo2daafRHuXaBD1+cSbqa0Zg9pIFlaUtBKfPtVMZ0AM8lnSsYZ
d34=
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:50:23 2024 by rpki-client on console-ams.rpki-client.org