Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/3e8e42-dffb-435d-bd2b-eb8b1ecc4741/1/XC2vdiNTA0iE1as9dF6w5AuNmac.roa
File: XC2vdiNTA0iE1as9dF6w5AuNmac.roa (raw, json)
Hash identifier: fKSkzAkV9NTPkwrAsWxO0pwE5qpziYIWtfiyC07Q+BM=
Subject key identifier: 5C:2D:AF:76:23:53:03:48:84:D5:AB:3D:74:5E:B0:E4:0B:8D:99:A7
Certificate issuer: /CN=4dd2fc4d23fd9c2420c40491871808ec5424a670
Certificate serial: 018CC3B67E2025B14F4E86AA6424DB782BD2
Authority key identifier: 4D:D2:FC:4D:23:FD:9C:24:20:C4:04:91:87:18:08:EC:54:24:A6:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdL8TSP9nCQgxASRhxgI7FQkpnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/3e8e42-dffb-435d-bd2b-eb8b1ecc4741/1/XC2vdiNTA0iE1as9dF6w5AuNmac.roa
Signing time: Mon 01 Jan 2024 06:29:26 +0000
ROA not before: Mon 01 Jan 2024 06:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8998
IP address blocks: 91.203.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/3e8e42-dffb-435d-bd2b-eb8b1ecc4741/1/TdL8TSP9nCQgxASRhxgI7FQkpnA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/3e8e42-dffb-435d-bd2b-eb8b1ecc4741/1/TdL8TSP9nCQgxASRhxgI7FQkpnA.mft
rsync://rpki.ripe.net/repository/DEFAULT/TdL8TSP9nCQgxASRhxgI7FQkpnA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:7e:20:25:b1:4f:4e:86:aa:64:24:db:78:2b:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd2fc4d23fd9c2420c40491871808ec5424a670
Validity
Not Before: Jan 1 06:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c2daf762353034884d5ab3d745eb0e40b8d99a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5a:bb:7c:cf:1e:60:d5:79:97:25:b2:68:78:
c5:a7:4a:bf:4e:9c:01:c9:31:5c:63:03:ca:df:c5:
5a:d3:34:fb:77:e2:fe:e5:6b:ea:2f:5b:1f:82:ac:
c1:a2:c2:89:9a:7f:04:3a:67:ce:b1:01:33:13:e1:
23:f7:a4:19:d5:b5:8c:f4:1c:01:db:26:f3:5d:8a:
57:72:3e:97:57:3c:f4:7d:7c:db:26:d6:ca:ed:dc:
1f:96:cc:29:7c:96:8f:29:22:29:84:39:b4:32:82:
1f:11:01:c9:e0:82:f6:bb:6d:5a:f4:e3:da:20:c6:
79:b7:46:a9:bc:26:9f:dc:a0:aa:25:a8:c1:b7:68:
bc:45:09:4b:8c:86:b0:d6:b4:40:20:a1:3a:61:4b:
df:22:c7:d0:bc:5f:00:ca:f2:da:a2:36:9c:c6:a2:
fa:8d:94:ae:1e:20:b3:81:ab:58:dd:8e:52:48:e5:
16:90:e0:82:7d:ca:91:f4:c2:f5:e6:b6:18:9a:d6:
f6:4d:fe:de:1d:d4:96:ab:ce:25:6d:03:c0:0a:88:
73:2f:bf:5b:7f:e7:d6:55:5a:0f:3f:9a:fc:d3:ec:
24:01:a7:02:60:da:6f:76:fa:0c:e2:d3:6a:9d:e2:
d9:fb:23:79:d2:da:91:30:25:15:30:67:d5:04:66:
6e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:2D:AF:76:23:53:03:48:84:D5:AB:3D:74:5E:B0:E4:0B:8D:99:A7
X509v3 Authority Key Identifier:
keyid:4D:D2:FC:4D:23:FD:9C:24:20:C4:04:91:87:18:08:EC:54:24:A6:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdL8TSP9nCQgxASRhxgI7FQkpnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/3e8e42-dffb-435d-bd2b-eb8b1ecc4741/1/XC2vdiNTA0iE1as9dF6w5AuNmac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/3e8e42-dffb-435d-bd2b-eb8b1ecc4741/1/TdL8TSP9nCQgxASRhxgI7FQkpnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.38.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:25:17:38:d5:e3:dc:3a:e7:01:9d:15:73:b0:d6:48:07:4f:
6d:87:59:81:4d:18:4b:25:a4:da:14:d2:5b:b3:28:15:ca:47:
c1:a2:3d:51:0c:f7:9c:85:f5:9f:ef:8b:ea:23:59:95:bf:75:
f8:3d:48:59:95:46:7c:72:19:5d:5a:0a:ed:eb:c0:36:9a:b2:
e9:e6:03:d8:27:c5:d9:47:2a:2a:25:cb:5c:9b:d6:cc:b0:9f:
46:6d:0a:53:f7:ef:9d:96:1c:0b:f2:26:c6:0c:68:a9:4e:db:
5c:bf:f0:1a:56:ff:ec:70:db:3e:f5:bc:f1:ba:37:b4:64:e6:
11:93:10:7a:49:0f:57:a7:e6:d1:26:b3:56:64:c8:11:99:31:
c9:42:6f:c0:dc:9c:4e:27:f4:13:14:60:14:b4:33:30:44:32:
21:41:74:8b:48:0b:88:20:17:ba:f9:64:92:ee:62:78:ff:08:
30:be:3b:a5:a6:72:c6:7a:81:70:2a:88:e1:f5:64:7f:dd:db:
66:01:3a:1c:68:64:4c:5e:4e:c7:ce:30:8e:52:48:3f:69:83:
47:30:a7:37:e6:1d:cf:b9:29:0d:61:74:8a:69:14:9a:85:7f:
f7:2e:d4:17:19:fc:19:89:b3:24:eb:9c:ba:8d:4a:b0:ea:79:
c4:ff:96:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtn4gJbFPToaqZCTbeCvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDJmYzRkMjNmZDljMjQyMGM0MDQ5MTg3MTgwOGVjNTQy
NGE2NzAwHhcNMjQwMTAxMDYyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzJkYWY3NjIzNTMwMzQ4ODRkNWFiM2Q3NDVlYjBlNDBiOGQ5OWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlq7fM8eYNV5lyWyaHjFp0q/TpwB
yTFcYwPK38Va0zT7d+L+5WvqL1sfgqzBosKJmn8EOmfOsQEzE+Ej96QZ1bWM9BwB
2ybzXYpXcj6XVzz0fXzbJtbK7dwflswpfJaPKSIphDm0MoIfEQHJ4IL2u21a9OPa
IMZ5t0apvCaf3KCqJajBt2i8RQlLjIaw1rRAIKE6YUvfIsfQvF8AyvLaojacxqL6
jZSuHiCzgatY3Y5SSOUWkOCCfcqR9ML15rYYmtb2Tf7eHdSWq84lbQPACohzL79b
f+fWVVoPP5r80+wkAacCYNpvdvoM4tNqneLZ+yN50tqRMCUVMGfVBGZuLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFwtr3YjUwNIhNWrPXResOQLjZmnMB8GA1UdIwQY
MBaAFE3S/E0j/ZwkIMQEkYcYCOxUJKZwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRMOFRTUDluQ1FneEFTUmh4Z0k3RlFrcG5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8zZThlNDItZGZmYi00MzVkLWJkMmIt
ZWI4YjFlY2M0NzQxLzEvWEMydmRpTlRBMGlFMWFzOWRGNnc1QXVObWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8zZThlNDItZGZmYi00MzVkLWJkMmItZWI4YjFlY2M0NzQx
LzEvVGRMOFRTUDluQ1FneEFTUmh4Z0k3RlFrcG5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8smMA0G
CSqGSIb3DQEBCwUAA4IBAQCgJRc41ePcOucBnRVzsNZIB09th1mBTRhLJaTaFNJb
sygVykfBoj1RDPechfWf74vqI1mVv3X4PUhZlUZ8chldWgrt68A2mrLp5gPYJ8XZ
RyoqJctcm9bMsJ9GbQpT9++dlhwL8ibGDGipTttcv/AaVv/scNs+9bzxuje0ZOYR
kxB6SQ9Xp+bRJrNWZMgRmTHJQm/A3JxOJ/QTFGAUtDMwRDIhQXSLSAuIIBe6+WSS
7mJ4/wgwvjulpnLGeoFwKojh9WR/3dtmATocaGRMXk7HzjCOUkg/aYNHMKc35h3P
uSkNYXSKaRSahX/3LtQXGfwZibMk65y6jUqw6nnE/5bA
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:57:10 2024 by rpki-client on console-ams.rpki-client.org