Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/0c9dbb-f2ef-4f15-8b2e-643e447444d6/1/mJ7HdLkkIFRzQlKkjwVqJxOFF0Q.roa
File: mJ7HdLkkIFRzQlKkjwVqJxOFF0Q.roa (raw, json)
Hash identifier: OBTQsHeutAbhggxgCcwwaekU7XUnz7SmblYZIVYx7YQ=
Subject key identifier: 98:9E:C7:74:B9:24:20:54:73:42:52:A4:8F:05:6A:27:13:85:17:44
Certificate issuer: /CN=fce25aca434feeb6f573aa463a12c6940bc4d198
Certificate serial: 018CC9BBFCEA5CB028586C44CA4D019D45D8
Authority key identifier: FC:E2:5A:CA:43:4F:EE:B6:F5:73:AA:46:3A:12:C6:94:0B:C4:D1:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_OJaykNP7rb1c6pGOhLGlAvE0Zg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/0c9dbb-f2ef-4f15-8b2e-643e447444d6/1/mJ7HdLkkIFRzQlKkjwVqJxOFF0Q.roa
Signing time: Tue 02 Jan 2024 10:33:09 +0000
ROA not before: Tue 02 Jan 2024 10:33:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21351
IP address blocks: 93.121.128.0/17 maxlen: 24
95.138.0.0/17 maxlen: 24
213.188.160.0/19 maxlen: 24
5.187.96.0/19 maxlen: 24
213.16.0.0/19 maxlen: 24
185.29.48.0/22 maxlen: 24
46.238.128.0/18 maxlen: 24
2a02:1390::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/0c9dbb-f2ef-4f15-8b2e-643e447444d6/1/_OJaykNP7rb1c6pGOhLGlAvE0Zg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/0c9dbb-f2ef-4f15-8b2e-643e447444d6/1/_OJaykNP7rb1c6pGOhLGlAvE0Zg.mft
rsync://rpki.ripe.net/repository/DEFAULT/_OJaykNP7rb1c6pGOhLGlAvE0Zg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:fc:ea:5c:b0:28:58:6c:44:ca:4d:01:9d:45:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fce25aca434feeb6f573aa463a12c6940bc4d198
Validity
Not Before: Jan 2 10:33:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=989ec774b9242054734252a48f056a2713851744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ee:30:f9:16:15:33:83:15:e4:89:6f:30:9f:
21:53:12:67:dd:66:40:59:3d:f3:7d:d5:16:51:f5:
c4:a0:ec:3a:21:2a:bf:4d:86:1b:85:7b:47:fa:d9:
90:79:f6:af:28:2d:1d:dc:ae:f4:f6:ab:8d:fe:f8:
0f:6d:81:24:3f:be:cc:15:53:3e:e2:73:4b:73:f3:
2d:53:1c:78:f3:97:f3:47:de:2e:85:7c:c4:ab:cb:
c8:9b:6e:94:a0:61:55:71:d7:ab:b0:5d:44:6b:08:
d2:69:02:47:7a:78:57:14:2c:63:88:18:0c:7d:ae:
79:9e:e1:2b:d5:84:6c:20:92:30:ba:bf:00:a7:52:
a5:32:92:22:e7:79:4b:c6:ac:22:cf:c1:18:59:9e:
ed:57:31:30:f0:d5:3b:35:e2:cf:6b:22:e7:f0:8b:
5a:a7:ad:9d:e3:17:de:f0:21:93:df:89:87:2d:12:
14:c9:82:5f:0e:db:21:1e:01:69:43:c3:84:43:d0:
f8:9d:9c:cf:10:f1:c5:06:2e:61:85:37:ab:f6:db:
a4:7b:ac:4a:ac:5f:ec:0f:33:51:55:56:f1:b8:87:
d3:5e:b4:5f:07:fc:41:fe:0b:e1:c9:ec:e5:fb:39:
4b:c4:dc:7a:f2:b3:83:d5:e6:b2:d6:9f:56:c7:01:
e4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:9E:C7:74:B9:24:20:54:73:42:52:A4:8F:05:6A:27:13:85:17:44
X509v3 Authority Key Identifier:
keyid:FC:E2:5A:CA:43:4F:EE:B6:F5:73:AA:46:3A:12:C6:94:0B:C4:D1:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_OJaykNP7rb1c6pGOhLGlAvE0Zg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/0c9dbb-f2ef-4f15-8b2e-643e447444d6/1/mJ7HdLkkIFRzQlKkjwVqJxOFF0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/0c9dbb-f2ef-4f15-8b2e-643e447444d6/1/_OJaykNP7rb1c6pGOhLGlAvE0Zg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.96.0/19
46.238.128.0/18
93.121.128.0/17
95.138.0.0/17
185.29.48.0/22
213.16.0.0/19
213.188.160.0/19
IPv6:
2a02:1390::/29
Signature Algorithm: sha256WithRSAEncryption
22:02:11:10:2d:a7:7c:63:45:7d:0e:6d:c5:b6:72:63:a0:a6:
15:32:85:15:41:af:b0:44:d7:a2:55:a8:6e:f8:79:13:76:aa:
aa:98:40:38:28:0a:43:75:30:0c:91:c1:80:66:88:05:ac:8a:
a6:70:bd:da:34:1c:4a:e5:04:3b:1e:8b:61:0f:29:e8:0b:a0:
da:52:6a:95:15:b0:64:f3:d8:75:58:b5:7e:91:7d:9f:3e:e5:
49:6d:98:d8:26:e0:e3:6e:5e:61:f6:32:61:57:6b:1c:9e:c2:
cd:e7:e0:04:10:29:16:ac:1d:db:be:cd:3e:71:85:45:e2:41:
10:c5:c0:07:96:c5:41:8c:ea:4c:b1:1a:39:0e:99:f0:c1:45:
61:14:c0:70:06:b6:61:8a:bd:95:06:81:95:87:b6:7a:8b:72:
4d:f4:2e:ff:cd:26:2a:5f:8f:7d:78:ed:31:44:66:9a:11:4f:
2c:9b:c5:b6:d5:2a:c4:66:3a:b7:bb:7a:1c:48:d0:45:f9:89:
33:dc:72:81:d2:2a:4f:4d:42:4b:38:09:34:58:24:2e:8e:f3:
90:18:d8:4a:b1:ca:1f:db:5d:44:44:3d:06:78:19:85:29:8b:
c0:46:13:12:a7:24:3d:55:05:ff:1d:42:49:21:2b:d6:62:d3:
79:9b:a9:1a
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzJu/zqXLAoWGxEyk0BnUXYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZTI1YWNhNDM0ZmVlYjZmNTczYWE0NjNhMTJjNjk0MGJj
NGQxOTgwHhcNMjQwMTAyMTAzMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODllYzc3NGI5MjQyMDU0NzM0MjUyYTQ4ZjA1NmEyNzEzODUxNzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAne4w+RYVM4MV5IlvMJ8hUxJn3WZA
WT3zfdUWUfXEoOw6ISq/TYYbhXtH+tmQefavKC0d3K709quN/vgPbYEkP77MFVM+
4nNLc/MtUxx485fzR94uhXzEq8vIm26UoGFVcdersF1EawjSaQJHenhXFCxjiBgM
fa55nuEr1YRsIJIwur8Ap1KlMpIi53lLxqwiz8EYWZ7tVzEw8NU7NeLPayLn8Ita
p62d4xfe8CGT34mHLRIUyYJfDtshHgFpQ8OEQ9D4nZzPEPHFBi5hhTer9tuke6xK
rF/sDzNRVVbxuIfTXrRfB/xB/gvhyezl+zlLxNx68rOD1eay1p9WxwHknQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFJiex3S5JCBUc0JSpI8FaicThRdEMB8GA1UdIwQY
MBaAFPziWspDT+629XOqRjoSxpQLxNGYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX09KYXlrTlA3cmIxYzZwR09oTEdsQXZFMFpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8wYzlkYmItZjJlZi00ZjE1LThiMmUt
NjQzZTQ0NzQ0NGQ2LzEvbUo3SGRMa2tJRlJ6UWxLa2p3VnFKeE9GRjBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8wYzlkYmItZjJlZi00ZjE1LThiMmUtNjQzZTQ0NzQ0NGQ2
LzEvX09KYXlrTlA3cmIxYzZwR09oTEdsQXZFMFpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQFBbtgAwQG
Lu6AAwQHXXmAAwQHX4oAAwQCuR0wAwQF1RAAAwQF1bygMA0EAgACMAcDBQMqAhOQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAiAhEQLad8Y0V9Dm3FtnJjoKYVMoUVQa+wRNei
Vahu+HkTdqqqmEA4KApDdTAMkcGAZogFrIqmcL3aNBxK5QQ7HothDynoC6DaUmqV
FbBk89h1WLV+kX2fPuVJbZjYJuDjbl5h9jJhV2scnsLN5+AEECkWrB3bvs0+cYVF
4kEQxcAHlsVBjOpMsRo5DpnwwUVhFMBwBrZhir2VBoGVh7Z6i3JN9C7/zSYqX499
eO0xRGaaEU8sm8W21SrEZjq3u3ocSNBF+Ykz3HKB0ipPTUJLOAk0WCQujvOQGNhK
scof211ERD0GeBmFKYvARhMSpyQ9VQX/HUJJISvWYtN5m6ka
-----END CERTIFICATE-----
Generated at Fri Jun 21 04:35:38 2024 by rpki-client on console-ams.rpki-client.org