Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/c3p4s6DYZLDQz-1E2qXRDMEnT00.roa
File: c3p4s6DYZLDQz-1E2qXRDMEnT00.roa (raw, json)
Hash identifier: vDZ1VLwt5+lxEU03QhLEpMa8VR3Da+q71rhSYrzVIWc=
Subject key identifier: 73:7A:78:B3:A0:D8:64:B0:D0:CF:ED:44:DA:A5:D1:0C:C1:27:4F:4D
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 018CC2DB1FF4F845D78F41FC05527311E0CA
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/c3p4s6DYZLDQz-1E2qXRDMEnT00.roa
Signing time: Mon 01 Jan 2024 02:29:49 +0000
ROA not before: Mon 01 Jan 2024 02:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51789
IP address blocks: 91.220.109.0/24 maxlen: 24
193.164.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.mft
rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:1f:f4:f8:45:d7:8f:41:fc:05:52:73:11:e0:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Jan 1 02:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=737a78b3a0d864b0d0cfed44daa5d10cc1274f4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:5d:f5:12:a8:71:85:f8:fd:ea:6b:29:c0:7d:
75:8e:c1:2e:d6:7f:d5:51:83:f9:e2:b7:ec:99:eb:
fa:53:71:2d:b3:18:cc:18:ac:00:02:91:31:26:9b:
63:2d:e7:0a:81:84:86:18:19:54:04:a8:5a:ad:40:
95:2c:92:4d:ad:22:99:91:73:84:56:7f:04:74:b5:
99:8a:b5:6c:51:b9:56:12:3b:6f:78:a3:b7:bf:77:
8b:23:71:08:50:3c:cc:38:01:ae:db:90:b7:e5:c2:
63:e4:23:bb:18:50:94:bd:4e:00:74:0f:a1:bf:4a:
ab:cd:47:b8:06:14:26:75:58:6d:ab:4c:bf:87:ba:
94:94:f5:a2:48:f6:46:b0:39:da:4d:18:81:22:45:
94:9e:0d:3e:25:c0:d4:c9:99:65:96:c8:f4:3e:ac:
a3:34:f4:2f:d6:7e:78:e0:58:a7:ed:21:93:8a:24:
d7:33:3a:2e:62:4d:b7:33:3f:b1:fc:32:c0:b4:30:
0b:70:e3:e6:c7:6e:de:02:75:d6:67:64:39:9c:62:
40:85:a1:13:a4:32:64:41:f0:ca:89:fa:af:e0:0e:
04:4d:16:1b:73:26:d6:e4:33:c2:6b:88:0d:ba:9e:
e6:3a:c5:95:1c:26:ca:14:f9:24:74:e3:9b:2f:73:
6c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:7A:78:B3:A0:D8:64:B0:D0:CF:ED:44:DA:A5:D1:0C:C1:27:4F:4D
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/c3p4s6DYZLDQz-1E2qXRDMEnT00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.109.0/24
193.164.152.0/24
Signature Algorithm: sha256WithRSAEncryption
43:b2:96:60:ba:19:76:b4:99:f4:8b:90:37:29:21:80:1d:55:
16:b1:6c:85:32:e0:0b:76:54:4f:69:45:11:35:05:6d:76:04:
18:14:f5:26:3e:7c:54:60:33:90:5b:80:10:97:d4:78:85:57:
1e:4d:70:b4:c7:ca:6d:ab:78:6e:81:86:9b:ce:c1:a8:7c:d9:
c0:80:05:78:ab:ff:d2:49:25:2e:69:3e:76:c9:ae:81:c4:37:
e3:df:26:fb:94:4c:57:61:96:de:57:6f:38:0f:c1:6f:64:15:
a2:28:6a:9a:b9:f9:9d:28:e5:e6:21:1a:2f:44:50:1e:28:b9:
14:4d:43:67:ca:cc:d5:65:74:f4:cb:34:aa:68:42:1f:d0:62:
57:90:d8:fb:85:95:50:d2:02:ee:43:08:d5:39:40:29:32:ff:
a8:ef:52:51:6f:ab:0f:a0:14:b2:9b:8b:1b:e3:c0:58:4d:9d:
41:04:7b:a1:87:49:18:57:c2:8b:6b:5e:6c:76:3e:4c:43:0b:
8d:5c:7e:c0:5e:3d:b0:66:ac:e6:01:21:df:1a:f8:92:e0:ee:
b9:57:5c:bd:aa:ae:db:4b:74:b9:67:11:f0:58:67:5b:1f:71:
1f:d3:19:0d:a1:bc:e4:95:74:95:82:4e:68:f4:96:dd:10:31:
6b:75:57:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2x/0+EXXj0H8BVJzEeDKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjQwMTAxMDIyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzdhNzhiM2EwZDg2NGIwZDBjZmVkNDRkYWE1ZDEwY2MxMjc0ZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg131Eqhxhfj96mspwH11jsEu1n/V
UYP54rfsmev6U3EtsxjMGKwAApExJptjLecKgYSGGBlUBKharUCVLJJNrSKZkXOE
Vn8EdLWZirVsUblWEjtveKO3v3eLI3EIUDzMOAGu25C35cJj5CO7GFCUvU4AdA+h
v0qrzUe4BhQmdVhtq0y/h7qUlPWiSPZGsDnaTRiBIkWUng0+JcDUyZlllsj0Pqyj
NPQv1n544Fin7SGTiiTXMzouYk23Mz+x/DLAtDALcOPmx27eAnXWZ2Q5nGJAhaET
pDJkQfDKifqv4A4ETRYbcybW5DPCa4gNup7mOsWVHCbKFPkkdOObL3Ns7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHN6eLOg2GSw0M/tRNql0QzBJ09NMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvYzNwNHM2RFlaTERRei0xRTJxWFJETUVuVDAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9xtAwQA
waSYMA0GCSqGSIb3DQEBCwUAA4IBAQBDspZguhl2tJn0i5A3KSGAHVUWsWyFMuAL
dlRPaUURNQVtdgQYFPUmPnxUYDOQW4AQl9R4hVceTXC0x8ptq3hugYabzsGofNnA
gAV4q//SSSUuaT52ya6BxDfj3yb7lExXYZbeV284D8FvZBWiKGqaufmdKOXmIRov
RFAeKLkUTUNnyszVZXT0yzSqaEIf0GJXkNj7hZVQ0gLuQwjVOUApMv+o71JRb6sP
oBSym4sb48BYTZ1BBHuhh0kYV8KLa15sdj5MQwuNXH7AXj2wZqzmASHfGviS4O65
V1y9qq7bS3S5ZxHwWGdbH3Ef0xkNobzklXSVgk5o9JbdEDFrdVex
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:54:24 2024 by rpki-client on console-fra.rpki-client.org