Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/472888-f170-4666-85bd-183356530177/1/mRRVsGfcLPmdR99n1j0u3ool8Fc.roa
File: mRRVsGfcLPmdR99n1j0u3ool8Fc.roa (raw, json)
Hash identifier: wwO+Gro9mnfEu3m0neI2kEzml0U7buFp3TX1GcuAW3c=
Subject key identifier: 99:14:55:B0:67:DC:2C:F9:9D:47:DF:67:D6:3D:2E:DE:8A:25:F0:57
Certificate issuer: /CN=f42b2eb21f6b067214dcfadb290253da717d62e3
Certificate serial: 018CC6B78B7A08F4A262120FCCE141E21726
Authority key identifier: F4:2B:2E:B2:1F:6B:06:72:14:DC:FA:DB:29:02:53:DA:71:7D:62:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Csush9rBnIU3PrbKQJT2nF9YuM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/472888-f170-4666-85bd-183356530177/1/mRRVsGfcLPmdR99n1j0u3ool8Fc.roa
Signing time: Mon 01 Jan 2024 20:29:26 +0000
ROA not before: Mon 01 Jan 2024 20:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48803
IP address blocks: 185.27.164.0/22 maxlen: 22
31.24.72.0/21 maxlen: 21
94.103.192.0/20 maxlen: 21
2a01:8e00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/472888-f170-4666-85bd-183356530177/1/9Csush9rBnIU3PrbKQJT2nF9YuM.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/472888-f170-4666-85bd-183356530177/1/9Csush9rBnIU3PrbKQJT2nF9YuM.mft
rsync://rpki.ripe.net/repository/DEFAULT/9Csush9rBnIU3PrbKQJT2nF9YuM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 10:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:8b:7a:08:f4:a2:62:12:0f:cc:e1:41:e2:17:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f42b2eb21f6b067214dcfadb290253da717d62e3
Validity
Not Before: Jan 1 20:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=991455b067dc2cf99d47df67d63d2ede8a25f057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:53:a2:6a:36:ae:f2:47:a4:34:66:78:ff:73:
6f:d6:33:40:6b:74:4c:44:2e:c1:ad:a8:e2:5e:6b:
6a:c8:81:00:3b:5a:48:d0:b7:40:f4:ff:f7:00:49:
78:28:2c:8e:f2:d5:1f:ff:77:9a:ff:87:b1:1f:25:
d0:de:6c:b4:16:dc:cc:dc:b7:67:e9:03:24:40:df:
bf:5c:ff:07:a1:09:92:43:f8:7b:9a:27:8f:56:69:
66:6e:fa:44:6a:cc:e8:ff:87:fe:57:24:bf:42:36:
6b:2c:67:91:bc:96:fd:82:cd:55:a5:7d:d0:5f:23:
81:2d:15:dd:21:92:56:97:af:38:ad:b1:13:74:3b:
91:4d:f4:cf:49:b9:a5:6c:26:72:7a:50:70:73:4e:
4d:92:b5:70:48:bf:bb:bf:30:e5:3f:bd:f6:44:04:
a0:1f:74:5f:75:b0:17:46:09:3e:5a:89:6d:a1:8f:
cf:9a:35:88:7b:c8:2a:a6:a0:2f:14:a9:9e:d3:eb:
53:24:6a:a0:68:99:61:d6:ad:db:87:2b:0f:10:c9:
09:37:36:13:f2:af:e1:b1:86:1d:c0:c0:77:07:f8:
09:d9:d3:77:eb:76:3a:8d:88:cb:94:85:1c:37:19:
3a:86:5a:a3:a9:a9:e6:19:76:39:41:04:2b:7d:92:
ae:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:14:55:B0:67:DC:2C:F9:9D:47:DF:67:D6:3D:2E:DE:8A:25:F0:57
X509v3 Authority Key Identifier:
keyid:F4:2B:2E:B2:1F:6B:06:72:14:DC:FA:DB:29:02:53:DA:71:7D:62:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Csush9rBnIU3PrbKQJT2nF9YuM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/472888-f170-4666-85bd-183356530177/1/mRRVsGfcLPmdR99n1j0u3ool8Fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/472888-f170-4666-85bd-183356530177/1/9Csush9rBnIU3PrbKQJT2nF9YuM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.72.0/21
94.103.192.0/20
185.27.164.0/22
IPv6:
2a01:8e00::/29
Signature Algorithm: sha256WithRSAEncryption
22:9f:e2:65:2c:97:f5:22:e6:24:21:a9:ec:ed:6b:b3:c1:17:
19:3d:8f:a0:f0:b0:9c:8e:f5:51:9c:29:e8:b5:67:2b:f5:a2:
8e:a8:7b:d7:e1:5e:fd:c2:0c:b3:bd:a8:b3:f3:39:d4:31:6c:
85:2d:2b:00:8a:c4:e8:7c:82:73:6a:5e:5b:ee:21:fc:76:55:
9d:81:3c:7a:78:65:98:85:c7:31:bc:71:15:bc:e2:f5:bb:c7:
57:45:fd:72:81:af:7c:98:b4:3e:86:a5:f1:0d:88:9a:6f:71:
17:d5:6f:f3:af:d8:20:72:0a:28:47:6b:d6:f7:f5:4f:23:e6:
2c:2f:40:81:17:4f:c9:e9:6f:ca:e4:88:05:e8:0b:9d:b3:c6:
14:53:27:31:21:0b:1d:a8:fd:b6:7a:38:c2:8f:b4:0e:df:85:
8e:44:b4:03:17:35:c0:a6:cf:a3:1d:66:ff:30:24:80:65:61:
bb:f8:02:0b:6d:f4:e9:3f:25:01:f2:2d:38:88:30:7b:21:20:
6d:7c:37:77:c4:50:95:36:86:5a:7e:95:a9:5f:05:57:fe:25:
a7:fe:bb:85:83:ec:63:2f:14:27:b1:43:07:84:df:d0:6f:33:
62:d3:9b:65:70:5b:c6:30:fa:0d:db:c0:7b:1d:06:17:28:32:
d5:55:9a:b4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGt4t6CPSiYhIPzOFB4hcmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0MmIyZWIyMWY2YjA2NzIxNGRjZmFkYjI5MDI1M2RhNzE3
ZDYyZTMwHhcNMjQwMTAxMjAyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTE0NTViMDY3ZGMyY2Y5OWQ0N2RmNjdkNjNkMmVkZThhMjVmMDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolOiajau8kekNGZ4/3Nv1jNAa3RM
RC7BrajiXmtqyIEAO1pI0LdA9P/3AEl4KCyO8tUf/3ea/4exHyXQ3my0FtzM3Ldn
6QMkQN+/XP8HoQmSQ/h7miePVmlmbvpEaszo/4f+VyS/QjZrLGeRvJb9gs1VpX3Q
XyOBLRXdIZJWl684rbETdDuRTfTPSbmlbCZyelBwc05NkrVwSL+7vzDlP732RASg
H3RfdbAXRgk+WoltoY/PmjWIe8gqpqAvFKme0+tTJGqgaJlh1q3bhysPEMkJNzYT
8q/hsYYdwMB3B/gJ2dN363Y6jYjLlIUcNxk6hlqjqanmGXY5QQQrfZKuQwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJkUVbBn3Cz5nUffZ9Y9Lt6KJfBXMB8GA1UdIwQY
MBaAFPQrLrIfawZyFNz62ykCU9pxfWLjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUNzdXNoOXJCbklVM1ByYktRSlQybkY5WXVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS80NzI4ODgtZjE3MC00NjY2LTg1YmQt
MTgzMzU2NTMwMTc3LzEvbVJSVnNHZmNMUG1kUjk5bjFqMHUzb29sOEZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS80NzI4ODgtZjE3MC00NjY2LTg1YmQtMTgzMzU2NTMwMTc3
LzEvOUNzdXNoOXJCbklVM1ByYktRSlQybkY5WXVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDHxhIAwQE
XmfAAwQCuRukMA0EAgACMAcDBQMqAY4AMA0GCSqGSIb3DQEBCwUAA4IBAQAin+Jl
LJf1IuYkIans7WuzwRcZPY+g8LCcjvVRnCnotWcr9aKOqHvX4V79wgyzvaiz8znU
MWyFLSsAisTofIJzal5b7iH8dlWdgTx6eGWYhccxvHEVvOL1u8dXRf1yga98mLQ+
hqXxDYiab3EX1W/zr9ggcgooR2vW9/VPI+YsL0CBF0/J6W/K5IgF6Auds8YUUycx
IQsdqP22ejjCj7QO34WORLQDFzXAps+jHWb/MCSAZWG7+AILbfTpPyUB8i04iDB7
ISBtfDd3xFCVNoZafpWpXwVX/iWn/ruFg+xjLxQnsUMHhN/QbzNi05tlcFvGMPoN
28B7HQYXKDLVVZq0
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:08:16 2024 by rpki-client on console-ams.rpki-client.org