Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/446d40-5782-4de0-a2c5-b68f5d8f651a/1/8GIvJtJizN9wJS9RttgPc3kdVIM.roa
File: 8GIvJtJizN9wJS9RttgPc3kdVIM.roa (raw, json)
Hash identifier: Sf7iQfKfH4sDFBy09aD5dc6Qemkb4hsSBwyFzyteXI0=
Subject key identifier: F0:62:2F:26:D2:62:CC:DF:70:25:2F:51:B6:D8:0F:73:79:1D:54:83
Certificate issuer: /CN=d737824e0ffa79f18b9fc49d6cb0dd81c9a6ca28
Certificate serial: 018CC79506815D8892F3D3B9A3C7C94318EE
Authority key identifier: D7:37:82:4E:0F:FA:79:F1:8B:9F:C4:9D:6C:B0:DD:81:C9:A6:CA:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1zeCTg_6efGLn8SdbLDdgcmmyig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/446d40-5782-4de0-a2c5-b68f5d8f651a/1/8GIvJtJizN9wJS9RttgPc3kdVIM.roa
Signing time: Tue 02 Jan 2024 00:31:21 +0000
ROA not before: Tue 02 Jan 2024 00:31:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 91.232.229.0/24 maxlen: 24
2001:7f8:66::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/446d40-5782-4de0-a2c5-b68f5d8f651a/1/1zeCTg_6efGLn8SdbLDdgcmmyig.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/446d40-5782-4de0-a2c5-b68f5d8f651a/1/1zeCTg_6efGLn8SdbLDdgcmmyig.mft
rsync://rpki.ripe.net/repository/DEFAULT/1zeCTg_6efGLn8SdbLDdgcmmyig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:06:81:5d:88:92:f3:d3:b9:a3:c7:c9:43:18:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d737824e0ffa79f18b9fc49d6cb0dd81c9a6ca28
Validity
Not Before: Jan 2 00:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0622f26d262ccdf70252f51b6d80f73791d5483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:08:a4:c7:dd:1d:ef:59:f2:93:9f:da:62:ae:
63:76:8f:04:90:c1:ea:1e:ca:61:1d:ad:d9:11:aa:
79:71:23:d5:c8:e8:c8:5e:52:50:fe:66:80:80:cc:
c1:9b:60:25:ef:66:b1:e6:73:22:ff:c3:36:7e:62:
74:4b:b4:9a:03:7f:c1:77:09:63:53:63:21:34:0e:
71:02:95:ce:04:e3:fa:3e:a6:48:fc:3d:f6:45:cf:
d7:4c:87:e1:ea:a2:22:b3:47:d9:c7:a1:79:0d:53:
fd:5b:f5:1e:d5:24:95:e6:94:c4:4f:d9:6f:54:ee:
6b:b1:2d:5e:91:b6:eb:b0:e8:55:d6:90:e0:23:da:
dd:ba:81:02:f1:95:cb:ab:09:85:31:f6:ee:cd:18:
48:07:18:69:05:a8:3f:f4:73:cb:89:c1:67:54:90:
50:91:93:f4:0b:c5:a6:4e:92:48:fc:8e:6e:cd:46:
71:13:36:3d:26:ec:11:13:7f:b5:6f:e0:d5:e6:f5:
88:d5:0e:57:25:2b:3a:4f:37:c7:a6:7d:7f:2a:82:
00:48:7b:f5:27:11:ab:dd:46:c0:1b:64:a3:97:dc:
e1:e3:69:8c:05:24:12:e3:ed:d2:93:6e:14:e5:63:
8a:7a:ae:1f:23:e7:ea:6c:60:03:25:73:53:37:45:
f8:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:62:2F:26:D2:62:CC:DF:70:25:2F:51:B6:D8:0F:73:79:1D:54:83
X509v3 Authority Key Identifier:
keyid:D7:37:82:4E:0F:FA:79:F1:8B:9F:C4:9D:6C:B0:DD:81:C9:A6:CA:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1zeCTg_6efGLn8SdbLDdgcmmyig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/446d40-5782-4de0-a2c5-b68f5d8f651a/1/8GIvJtJizN9wJS9RttgPc3kdVIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/446d40-5782-4de0-a2c5-b68f5d8f651a/1/1zeCTg_6efGLn8SdbLDdgcmmyig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.229.0/24
IPv6:
2001:7f8:66::/48
Signature Algorithm: sha256WithRSAEncryption
32:ae:e2:37:2a:58:b6:c1:70:59:33:18:f2:e8:36:ed:1f:76:
83:f6:af:b8:62:44:cb:82:c6:08:a2:37:34:d6:89:04:a5:a9:
ca:a6:8d:4c:3c:4d:fd:c7:3c:f9:a9:b6:0e:70:8f:6a:ff:94:
fe:ff:83:66:48:79:0f:25:d9:66:f1:e9:c9:2d:e0:21:18:b1:
4a:92:a0:b7:c7:f7:2e:2b:d3:3e:30:42:e5:4b:d2:fb:e4:2a:
10:c5:1a:d0:1f:6d:89:c8:b5:e3:e6:ed:ea:5e:ad:13:10:d0:
0a:95:75:6f:c7:5d:22:8f:c9:e8:bc:b0:72:4a:63:9e:8c:44:
36:a2:bb:41:50:c3:d6:38:0d:2e:5c:bf:a4:75:68:26:c4:84:
d8:c4:4d:84:f8:db:1a:ce:b8:63:6d:ba:b4:14:f4:10:88:b3:
34:86:47:e6:6b:77:7d:90:a2:ca:a6:8a:15:cc:a4:87:67:89:
a4:51:78:df:b6:ab:bd:89:75:77:63:e5:fc:08:28:61:18:b2:
60:aa:da:03:d7:e5:c0:17:88:9e:7a:cb:cd:fb:69:7f:51:f8:
69:f9:c6:5b:66:11:b5:3b:a0:9f:57:ce:b2:d9:68:d1:8b:a5:
63:14:e7:72:4a:75:fd:59:32:62:b9:87:25:40:3f:5f:f8:13:
ec:f9:f9:13
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzHlQaBXYiS89O5o8fJQxjuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3Mzc4MjRlMGZmYTc5ZjE4YjlmYzQ5ZDZjYjBkZDgxYzlh
NmNhMjgwHhcNMjQwMTAyMDAzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDYyMmYyNmQyNjJjY2RmNzAyNTJmNTFiNmQ4MGY3Mzc5MWQ1NDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQikx90d71nyk5/aYq5jdo8EkMHq
HsphHa3ZEap5cSPVyOjIXlJQ/maAgMzBm2Al72ax5nMi/8M2fmJ0S7SaA3/Bdwlj
U2MhNA5xApXOBOP6PqZI/D32Rc/XTIfh6qIis0fZx6F5DVP9W/Ue1SSV5pTET9lv
VO5rsS1ekbbrsOhV1pDgI9rduoEC8ZXLqwmFMfbuzRhIBxhpBag/9HPLicFnVJBQ
kZP0C8WmTpJI/I5uzUZxEzY9JuwRE3+1b+DV5vWI1Q5XJSs6TzfHpn1/KoIASHv1
JxGr3UbAG2Sjl9zh42mMBSQS4+3Sk24U5WOKeq4fI+fqbGADJXNTN0X4JwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPBiLybSYszfcCUvUbbYD3N5HVSDMB8GA1UdIwQY
MBaAFNc3gk4P+nnxi5/EnWyw3YHJpsooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXplQ1RnXzZlZkdMbjhTZGJMRGRnY21teWlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC80NDZkNDAtNTc4Mi00ZGUwLWEyYzUt
YjY4ZjVkOGY2NTFhLzEvOEdJdkp0Sml6Tjl3SlM5UnR0Z1BjM2tkVklNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC80NDZkNDAtNTc4Mi00ZGUwLWEyYzUtYjY4ZjVkOGY2NTFh
LzEvMXplQ1RnXzZlZkdMbjhTZGJMRGRnY21teWlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW+jlMA8E
AgACMAkDBwAgAQf4AGYwDQYJKoZIhvcNAQELBQADggEBADKu4jcqWLbBcFkzGPLo
Nu0fdoP2r7hiRMuCxgiiNzTWiQSlqcqmjUw8Tf3HPPmptg5wj2r/lP7/g2ZIeQ8l
2Wbx6ckt4CEYsUqSoLfH9y4r0z4wQuVL0vvkKhDFGtAfbYnItePm7eperRMQ0AqV
dW/HXSKPyei8sHJKY56MRDaiu0FQw9Y4DS5cv6R1aCbEhNjETYT42xrOuGNturQU
9BCIszSGR+Zrd32QosqmihXMpIdniaRReN+2q72JdXdj5fwIKGEYsmCq2gPX5cAX
iJ56y837aX9R+Gn5xltmEbU7oJ9XzrLZaNGLpWMU53JKdf1ZMmK5hyVAP1/4E+z5
+RM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:11:51 2024 by rpki-client on console-ams.rpki-client.org