Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/a6425c-0c7c-4fdf-87b2-6bba7fc31728/1/iH5CycX17yQbsbbflzuABSaHWUs.roa
File: iH5CycX17yQbsbbflzuABSaHWUs.roa (raw, json)
Hash identifier: PNLCIMvQU0d5sGxH6nGuOQBorpW5Wa49H6g8LHLL7CY=
Subject key identifier: 88:7E:42:C9:C5:F5:EF:24:1B:B1:B6:DF:97:3B:80:05:26:87:59:4B
Certificate issuer: /CN=2e98c506a174cf2cad9c1a6c5b81d6e89886362d
Certificate serial: 018CCA2A712845C846EE8A7E62CD7D583AC5
Authority key identifier: 2E:98:C5:06:A1:74:CF:2C:AD:9C:1A:6C:5B:81:D6:E8:98:86:36:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LpjFBqF0zyytnBpsW4HW6JiGNi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/a6425c-0c7c-4fdf-87b2-6bba7fc31728/1/iH5CycX17yQbsbbflzuABSaHWUs.roa
Signing time: Tue 02 Jan 2024 12:33:48 +0000
ROA not before: Tue 02 Jan 2024 12:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206123
IP address blocks: 91.247.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/a6425c-0c7c-4fdf-87b2-6bba7fc31728/1/LpjFBqF0zyytnBpsW4HW6JiGNi0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/a6425c-0c7c-4fdf-87b2-6bba7fc31728/1/LpjFBqF0zyytnBpsW4HW6JiGNi0.mft
rsync://rpki.ripe.net/repository/DEFAULT/LpjFBqF0zyytnBpsW4HW6JiGNi0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 01:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:71:28:45:c8:46:ee:8a:7e:62:cd:7d:58:3a:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e98c506a174cf2cad9c1a6c5b81d6e89886362d
Validity
Not Before: Jan 2 12:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=887e42c9c5f5ef241bb1b6df973b80052687594b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f1:ff:db:ab:b7:42:57:49:ec:35:2e:57:ac:
18:d3:ee:ae:e6:07:26:9d:9c:17:ae:25:8d:f1:0c:
01:39:64:fa:ee:4e:f8:81:ae:53:80:25:62:95:f5:
a9:8b:2e:b3:9b:a7:78:65:62:e6:fe:4f:0a:98:3c:
ce:bc:58:60:dd:84:4d:21:cf:29:bb:4b:6b:43:10:
d8:57:dc:d7:09:6f:e4:65:6e:84:ed:81:e7:cb:b9:
c4:ab:f5:d1:62:35:39:45:27:0f:bb:15:73:fb:7c:
6c:3a:be:56:e7:13:a2:f8:fe:ee:55:4a:37:f1:f7:
17:26:53:e9:cc:91:05:97:55:0c:59:4a:2f:29:7f:
88:4a:cd:44:05:3c:3f:d4:96:5e:b3:87:9d:4c:5b:
9d:be:1f:97:a4:6d:0b:c3:18:7b:f5:b3:59:e5:51:
bc:29:73:7a:29:c4:aa:6a:07:95:1f:b8:2c:60:c9:
e3:86:1f:f0:92:35:4c:68:b4:5d:64:31:19:44:76:
65:dc:30:1b:32:6d:9a:8b:5c:7b:ce:56:a1:b7:17:
03:c6:d7:13:54:d6:54:e3:ee:cd:79:65:aa:5c:39:
0f:0b:1b:0d:b5:a2:20:ea:d7:ca:2d:97:83:1c:9f:
9d:3b:af:79:88:48:5b:4d:b9:b4:d5:31:6b:1a:86:
bc:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:7E:42:C9:C5:F5:EF:24:1B:B1:B6:DF:97:3B:80:05:26:87:59:4B
X509v3 Authority Key Identifier:
keyid:2E:98:C5:06:A1:74:CF:2C:AD:9C:1A:6C:5B:81:D6:E8:98:86:36:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LpjFBqF0zyytnBpsW4HW6JiGNi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/a6425c-0c7c-4fdf-87b2-6bba7fc31728/1/iH5CycX17yQbsbbflzuABSaHWUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/a6425c-0c7c-4fdf-87b2-6bba7fc31728/1/LpjFBqF0zyytnBpsW4HW6JiGNi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.253.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:18:1f:68:38:9f:35:37:e8:56:b6:48:81:7b:e0:d0:35:7b:
38:19:42:85:4c:08:af:a3:63:d1:fe:18:75:0c:ba:e8:36:56:
3b:2d:7e:bf:6e:d6:3c:6f:b0:5f:35:8b:b7:b1:15:47:87:cf:
b5:cb:1f:2b:bc:fd:c4:42:e6:21:d7:8c:f3:cb:bd:6b:d4:fb:
56:c4:c1:03:ca:de:39:81:c5:ee:b9:6a:31:ac:88:87:06:a3:
61:ab:a6:eb:5b:24:a7:a8:01:d0:31:b2:0a:87:d4:2f:97:f7:
12:f6:c3:69:6b:f3:d5:88:34:80:a1:b2:e3:d3:89:d5:b2:54:
62:9e:ec:52:f0:c7:34:0f:85:ec:08:e8:ba:a7:72:92:55:26:
12:1c:31:4d:bf:45:37:4f:5f:3b:5f:48:b2:85:0a:4a:a6:9e:
c9:88:e8:e8:f3:f5:2f:49:bb:c7:80:59:90:97:c3:8c:af:1f:
26:45:ab:0d:10:65:e9:10:f6:55:90:6e:6c:fc:fc:33:cc:15:
19:37:f5:6c:02:b2:cc:92:df:8c:34:8f:74:fd:f7:98:07:06:
f7:21:03:d6:23:3e:42:c3:a6:a1:94:ee:65:6b:ad:52:98:86:
49:95:c5:29:58:95:da:11:33:fa:ea:87:fc:2b:67:de:cd:37:
af:30:19:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKnEoRchG7op+Ys19WDrFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlOThjNTA2YTE3NGNmMmNhZDljMWE2YzViODFkNmU4OTg4
NjM2MmQwHhcNMjQwMTAyMTIzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODdlNDJjOWM1ZjVlZjI0MWJiMWI2ZGY5NzNiODAwNTI2ODc1OTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/H/26u3QldJ7DUuV6wY0+6u5gcm
nZwXriWN8QwBOWT67k74ga5TgCVilfWpiy6zm6d4ZWLm/k8KmDzOvFhg3YRNIc8p
u0trQxDYV9zXCW/kZW6E7YHny7nEq/XRYjU5RScPuxVz+3xsOr5W5xOi+P7uVUo3
8fcXJlPpzJEFl1UMWUovKX+ISs1EBTw/1JZes4edTFudvh+XpG0Lwxh79bNZ5VG8
KXN6KcSqageVH7gsYMnjhh/wkjVMaLRdZDEZRHZl3DAbMm2ai1x7zlahtxcDxtcT
VNZU4+7NeWWqXDkPCxsNtaIg6tfKLZeDHJ+dO695iEhbTbm01TFrGoa8zQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIh+QsnF9e8kG7G235c7gAUmh1lLMB8GA1UdIwQY
MBaAFC6YxQahdM8srZwabFuB1uiYhjYtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHBqRkJxRjB6eXl0bkJwc1c0SFc2SmlHTmkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9hNjQyNWMtMGM3Yy00ZmRmLTg3YjIt
NmJiYTdmYzMxNzI4LzEvaUg1Q3ljWDE3eVFic2JiZmx6dUFCU2FIV1VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9hNjQyNWMtMGM3Yy00ZmRmLTg3YjItNmJiYTdmYzMxNzI4
LzEvTHBqRkJxRjB6eXl0bkJwc1c0SFc2SmlHTmkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/f9MA0G
CSqGSIb3DQEBCwUAA4IBAQBuGB9oOJ81N+hWtkiBe+DQNXs4GUKFTAivo2PR/hh1
DLroNlY7LX6/btY8b7BfNYu3sRVHh8+1yx8rvP3EQuYh14zzy71r1PtWxMEDyt45
gcXuuWoxrIiHBqNhq6brWySnqAHQMbIKh9Qvl/cS9sNpa/PViDSAobLj04nVslRi
nuxS8Mc0D4XsCOi6p3KSVSYSHDFNv0U3T187X0iyhQpKpp7JiOjo8/UvSbvHgFmQ
l8OMrx8mRasNEGXpEPZVkG5s/PwzzBUZN/VsArLMkt+MNI90/feYBwb3IQPWIz5C
w6ahlO5la61SmIZJlcUpWJXaETP66of8K2fezTevMBk2
-----END CERTIFICATE-----
Generated at Sat Jun 8 11:33:28 2024 by rpki-client on console-ams.rpki-client.org