Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/muR9XgvNafJgHFXFlLHv_Hy24Io.roa
File: muR9XgvNafJgHFXFlLHv_Hy24Io.roa (raw, json)
Hash identifier: JObvKsM99hqa7Y5jhixJq+AoEDKUI+zs7HVrdatqOL8=
Subject key identifier: 9A:E4:7D:5E:0B:CD:69:F2:60:1C:55:C5:94:B1:EF:FC:7C:B6:E0:8A
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 018CC5DC840ACE8BB1ED5F8F6B9BBA3E1D90
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/muR9XgvNafJgHFXFlLHv_Hy24Io.roa
Signing time: Mon 01 Jan 2024 16:30:12 +0000
ROA not before: Mon 01 Jan 2024 16:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12129
IP address blocks: 176.111.221.0/24 maxlen: 24
147.189.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 04:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:84:0a:ce:8b:b1:ed:5f:8f:6b:9b:ba:3e:1d:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Jan 1 16:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ae47d5e0bcd69f2601c55c594b1effc7cb6e08a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ed:7b:40:9f:e8:f4:cb:a9:9c:c3:f5:04:6a:
e3:b5:df:5b:bf:01:0d:3c:09:61:35:c4:5f:ba:a0:
e4:cc:a5:e0:9d:d5:65:18:b9:f3:eb:1c:7b:4d:4d:
21:55:3d:84:7c:43:a4:d2:b7:33:d6:e5:98:0d:53:
31:88:d5:6a:40:ee:9b:d6:88:22:10:96:9e:d6:2e:
7d:09:97:7f:47:a6:bb:eb:08:2a:98:49:92:e0:49:
a6:45:18:6d:e4:f9:4b:7a:17:78:01:2b:59:6e:f5:
14:6f:48:c2:de:dc:62:66:32:47:d3:c9:fa:00:db:
02:88:02:46:40:5e:0b:b6:93:59:9d:87:46:8f:16:
0e:03:d6:a5:ac:3a:07:84:21:54:1e:17:4e:56:d0:
39:6c:4e:a4:80:d1:35:92:03:0a:65:c8:57:c2:88:
de:02:ea:1f:ab:cd:b5:6e:db:9d:72:90:f6:d9:7d:
62:47:4d:b2:91:9c:4d:66:ec:1a:f7:b0:46:14:fe:
6d:27:6c:d5:38:89:04:32:35:20:73:5a:2b:e2:4b:
ca:e4:67:0e:dd:90:1a:d8:7e:07:75:45:ab:39:5d:
38:e3:59:11:6a:69:a3:90:5f:b6:df:c8:5a:04:bf:
9a:76:9f:0c:42:83:32:d8:3c:bf:6c:40:8e:31:e8:
a8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:E4:7D:5E:0B:CD:69:F2:60:1C:55:C5:94:B1:EF:FC:7C:B6:E0:8A
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/muR9XgvNafJgHFXFlLHv_Hy24Io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.140.0/24
176.111.221.0/24
Signature Algorithm: sha256WithRSAEncryption
40:8a:d8:99:a7:67:fd:15:3d:64:b0:ea:6f:b2:f1:5e:e6:5b:
81:0e:fa:c0:30:66:ac:12:d6:a7:b9:f6:42:73:ae:22:c0:20:
9f:ec:7d:a8:3b:07:3c:3b:22:e6:88:80:e8:e5:2a:92:c3:31:
c3:fd:42:0c:06:b8:96:45:52:00:12:da:6d:bb:ca:b3:a6:4b:
cb:4e:f0:9a:d0:74:0a:3a:ee:61:5b:5e:a2:98:21:e7:e0:d7:
59:9a:be:cc:72:5c:4a:24:5f:99:3a:90:0f:66:cd:ba:1d:d3:
1d:8f:7e:57:0b:db:5e:c7:35:4a:dc:cc:7c:df:12:b2:45:74:
2a:d3:c6:42:40:43:30:b9:12:b3:bb:49:23:41:70:bc:19:2e:
0d:36:38:0f:44:6a:47:03:8b:a5:da:e2:87:d7:dd:75:ea:a0:
0c:ae:66:cb:e3:5c:02:7b:76:5d:07:18:03:a0:ed:9a:f6:3a:
29:8e:c5:12:40:4e:b5:9b:2e:80:6d:f8:23:8a:c6:3a:db:c6:
d4:45:f2:ec:93:89:7a:12:3b:25:36:dc:43:f5:eb:d8:ed:e4:
99:a6:e7:1b:54:c1:17:b0:21:9b:5c:6f:8e:11:e7:06:38:c7:
b4:ff:0d:05:8b:37:ee:a8:fd:e5:e8:f8:81:0e:00:69:51:cb:
4e:12:a8:33
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzF3IQKzoux7V+Pa5u6Ph2QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjQwMTAxMTYzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWU0N2Q1ZTBiY2Q2OWYyNjAxYzU1YzU5NGIxZWZmYzdjYjZlMDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+17QJ/o9MupnMP1BGrjtd9bvwEN
PAlhNcRfuqDkzKXgndVlGLnz6xx7TU0hVT2EfEOk0rcz1uWYDVMxiNVqQO6b1ogi
EJae1i59CZd/R6a76wgqmEmS4EmmRRht5PlLehd4AStZbvUUb0jC3txiZjJH08n6
ANsCiAJGQF4LtpNZnYdGjxYOA9alrDoHhCFUHhdOVtA5bE6kgNE1kgMKZchXwoje
Auofq821btudcpD22X1iR02ykZxNZuwa97BGFP5tJ2zVOIkEMjUgc1or4kvK5GcO
3ZAa2H4HdUWrOV0441kRammjkF+238haBL+adp8MQoMy2Dy/bECOMeiokQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJrkfV4LzWnyYBxVxZSx7/x8tuCKMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xL211UjlYZ3ZOYWZKZ0hGWEZsTEh2X0h5MjRJby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBACTvYwD
BACwb90wDQYJKoZIhvcNAQELBQADggEBAECK2JmnZ/0VPWSw6m+y8V7mW4EO+sAw
ZqwS1qe59kJzriLAIJ/sfag7Bzw7IuaIgOjlKpLDMcP9QgwGuJZFUgAS2m27yrOm
S8tO8JrQdAo67mFbXqKYIefg11mavsxyXEokX5k6kA9mzbod0x2PflcL217HNUrc
zHzfErJFdCrTxkJAQzC5ErO7SSNBcLwZLg02OA9EakcDi6Xa4ofX3XXqoAyuZsvj
XAJ7dl0HGAOg7Zr2OimOxRJATrWbLoBt+COKxjrbxtRF8uyTiXoSOyU23EP169jt
5Jmm5xtUwRewIZtcb44R5wY4x7T/DQWLN+6o/eXo+IEOAGlRy04SqDM=
-----END CERTIFICATE-----
Generated at Thu May 2 09:40:49 2024 by rpki-client on console-fra.rpki-client.org