Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e7549e-5b25-4200-88b9-4e4a35dd3677/1/mFKfVfY0OAabVh2Ny4oI0rTqncw.roa
File: mFKfVfY0OAabVh2Ny4oI0rTqncw.roa (raw, json)
Hash identifier: VJ/2LSbV6iTfDzKsy374+6wj3X5OCWeecSAuHcvE5IA=
Subject key identifier: 98:52:9F:55:F6:34:38:06:9B:56:1D:8D:CB:8A:08:D2:B4:EA:9D:CC
Certificate issuer: /CN=8c060040ef3a0823aa973f0d0592b1dda808f782
Certificate serial: 018D6A5A411A25FB0357D9E342D8EBC0DF24
Authority key identifier: 8C:06:00:40:EF:3A:08:23:AA:97:3F:0D:05:92:B1:DD:A8:08:F7:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jAYAQO86CCOqlz8NBZKx3agI94I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e7549e-5b25-4200-88b9-4e4a35dd3677/1/mFKfVfY0OAabVh2Ny4oI0rTqncw.roa
Signing time: Fri 02 Feb 2024 15:05:16 +0000
ROA not before: Fri 02 Feb 2024 15:05:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49441
IP address blocks: 91.214.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/e7549e-5b25-4200-88b9-4e4a35dd3677/1/jAYAQO86CCOqlz8NBZKx3agI94I.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/e7549e-5b25-4200-88b9-4e4a35dd3677/1/jAYAQO86CCOqlz8NBZKx3agI94I.mft
rsync://rpki.ripe.net/repository/DEFAULT/jAYAQO86CCOqlz8NBZKx3agI94I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jul 2024 15:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6a:5a:41:1a:25:fb:03:57:d9:e3:42:d8:eb:c0:df:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c060040ef3a0823aa973f0d0592b1dda808f782
Validity
Not Before: Feb 2 15:05:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98529f55f63438069b561d8dcb8a08d2b4ea9dcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f5:65:cc:32:b4:2e:95:5e:f9:4a:40:7f:6d:
79:a4:0d:e7:4a:23:2d:7b:64:41:15:26:5d:51:25:
a1:39:43:c0:7a:8c:bd:4d:05:b2:94:24:47:97:19:
f5:15:26:8f:6b:8a:93:f8:58:14:6a:c4:7d:9b:d2:
f7:e4:32:23:f3:ec:cd:3a:f1:81:74:1b:89:54:37:
49:5a:af:92:e7:90:5e:1d:93:48:bb:a3:e5:81:39:
da:60:92:ef:c7:5b:4a:5e:18:b4:62:e7:2e:e1:f9:
66:09:f2:12:78:f1:d6:0f:1e:af:47:62:e5:51:91:
83:70:de:24:cd:3c:26:38:c9:6a:99:47:76:f1:1d:
ab:13:60:ee:f3:8b:39:88:8d:cb:0a:cd:6f:ca:d7:
31:c1:a7:a3:c2:fa:90:6c:df:90:5b:64:45:c6:bb:
55:df:50:67:af:93:53:ec:98:5c:21:e8:44:5e:b3:
83:a0:5b:68:ce:c2:56:ee:8e:4b:3f:90:f4:6c:f4:
da:e1:fc:93:f6:d3:ba:db:42:8c:84:9c:16:7f:69:
44:c7:10:c0:9a:b9:ba:e1:cc:58:45:e9:e5:eb:5e:
29:73:36:a6:ea:56:05:85:7f:c3:cb:00:98:74:bc:
15:da:3d:f7:a1:85:94:3e:1a:40:13:e7:5f:c6:63:
bd:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:52:9F:55:F6:34:38:06:9B:56:1D:8D:CB:8A:08:D2:B4:EA:9D:CC
X509v3 Authority Key Identifier:
keyid:8C:06:00:40:EF:3A:08:23:AA:97:3F:0D:05:92:B1:DD:A8:08:F7:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jAYAQO86CCOqlz8NBZKx3agI94I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e7549e-5b25-4200-88b9-4e4a35dd3677/1/mFKfVfY0OAabVh2Ny4oI0rTqncw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e7549e-5b25-4200-88b9-4e4a35dd3677/1/jAYAQO86CCOqlz8NBZKx3agI94I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.214.113.0/24
Signature Algorithm: sha256WithRSAEncryption
94:08:4e:de:e7:63:b5:04:8e:25:97:1c:ca:b3:e0:c6:be:db:
5c:5d:64:87:53:65:02:fd:c9:7d:ed:51:27:76:fe:12:3e:bb:
c8:dd:7e:e5:e1:1f:97:16:b6:f2:4b:60:ac:59:60:df:ef:02:
d1:bd:d5:59:24:59:ee:91:c4:ec:b9:d5:76:6f:51:ea:e0:8d:
19:cc:c5:73:6f:47:ec:89:07:12:26:04:bc:1f:01:3f:06:39:
cb:e4:a7:7c:a5:40:83:93:df:e1:de:11:45:c5:ee:6d:b8:a2:
4c:bd:60:f1:d6:37:8c:61:ce:0e:22:1c:bc:0b:a4:e8:b7:ba:
a7:8a:d3:4d:fb:8d:db:42:d0:92:ca:e6:e7:47:3b:9e:7b:ed:
ce:c0:57:9b:ad:b0:53:c3:8a:cb:2f:5b:58:0a:58:65:f5:43:
23:04:a4:71:35:38:dd:f7:c3:32:36:d6:bc:50:1a:7c:39:e4:
46:d1:9b:c2:7b:d3:47:7c:62:7e:da:1b:88:db:68:48:21:ac:
f8:f4:82:5d:92:f7:5d:f6:df:8b:b8:db:14:13:52:61:18:44:
05:4d:41:54:af:3a:9e:b0:d7:55:4a:5e:9b:1d:4c:50:e2:b7:
97:9d:05:54:38:04:7c:8c:23:64:ef:2d:51:00:fe:c4:83:9a:
3e:a8:06:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1qWkEaJfsDV9njQtjrwN8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMDYwMDQwZWYzYTA4MjNhYTk3M2YwZDA1OTJiMWRkYTgw
OGY3ODIwHhcNMjQwMjAyMTUwNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODUyOWY1NWY2MzQzODA2OWI1NjFkOGRjYjhhMDhkMmI0ZWE5ZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfVlzDK0LpVe+UpAf215pA3nSiMt
e2RBFSZdUSWhOUPAeoy9TQWylCRHlxn1FSaPa4qT+FgUasR9m9L35DIj8+zNOvGB
dBuJVDdJWq+S55BeHZNIu6PlgTnaYJLvx1tKXhi0Yucu4flmCfISePHWDx6vR2Ll
UZGDcN4kzTwmOMlqmUd28R2rE2Du84s5iI3LCs1vytcxwaejwvqQbN+QW2RFxrtV
31Bnr5NT7JhcIehEXrODoFtozsJW7o5LP5D0bPTa4fyT9tO620KMhJwWf2lExxDA
mrm64cxYRenl614pczam6lYFhX/DywCYdLwV2j33oYWUPhpAE+dfxmO9BwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJhSn1X2NDgGm1YdjcuKCNK06p3MMB8GA1UdIwQY
MBaAFIwGAEDvOggjqpc/DQWSsd2oCPeCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakFZQVFPODZDQ09xbHo4TkJaS3gzYWdJOTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lNzU0OWUtNWIyNS00MjAwLTg4Yjkt
NGU0YTM1ZGQzNjc3LzEvbUZLZlZmWTBPQWFiVmgyTnk0b0kwclRxbmN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lNzU0OWUtNWIyNS00MjAwLTg4YjktNGU0YTM1ZGQzNjc3
LzEvakFZQVFPODZDQ09xbHo4TkJaS3gzYWdJOTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9ZxMA0G
CSqGSIb3DQEBCwUAA4IBAQCUCE7e52O1BI4llxzKs+DGvttcXWSHU2UC/cl97VEn
dv4SPrvI3X7l4R+XFrbyS2CsWWDf7wLRvdVZJFnukcTsudV2b1Hq4I0ZzMVzb0fs
iQcSJgS8HwE/BjnL5Kd8pUCDk9/h3hFFxe5tuKJMvWDx1jeMYc4OIhy8C6Tot7qn
itNN+43bQtCSyubnRzuee+3OwFebrbBTw4rLL1tYClhl9UMjBKRxNTjd98MyNta8
UBp8OeRG0ZvCe9NHfGJ+2huI22hIIaz49IJdkvdd9t+LuNsUE1JhGEQFTUFUrzqe
sNdVSl6bHUxQ4reXnQVUOAR8jCNk7y1RAP7Eg5o+qAbo
-----END CERTIFICATE-----
Generated at Thu Jul 4 17:47:43 2024 by rpki-client on console-fra.rpki-client.org