Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/mp7pQbvTBLSQV-GDJKgYOURum9Q.roa
File: mp7pQbvTBLSQV-GDJKgYOURum9Q.roa (raw, json)
Hash identifier: idLKBR3vw5yaU4df5pqPUuTT0w27QNa2F59WoLpC69c=
Subject key identifier: 9A:9E:E9:41:BB:D3:04:B4:90:57:E1:83:24:A8:18:39:44:6E:9B:D4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DD0C71724AB535F196D422DE1BAC70
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/mp7pQbvTBLSQV-GDJKgYOURum9Q.roa
Signing time: Tue 02 Jan 2024 06:29:39 +0000
ROA not before: Tue 02 Jan 2024 06:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210624
IP address blocks: 85.217.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:0c:71:72:4a:b5:35:f1:96:d4:22:de:1b:ac:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a9ee941bbd304b49057e18324a81839446e9bd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8e:6d:b0:2b:71:db:10:b1:60:98:a8:f8:6f:
b6:7e:7b:03:5a:47:07:0b:2e:41:51:86:c9:d9:51:
d4:e9:81:9b:fd:af:36:cd:66:56:7b:cf:b4:38:0f:
a0:87:90:f7:de:13:dc:e8:a0:1a:cd:0a:4c:a7:b5:
41:f3:40:c6:d9:8e:b8:80:d4:9b:63:47:32:24:95:
07:91:12:12:7a:ce:d5:c8:ce:6d:a4:02:d1:4a:e3:
2e:f2:45:e8:18:6e:c2:d2:f2:c8:0e:5d:da:9e:20:
98:ab:f3:c2:cf:41:9d:9a:a8:c9:f2:67:48:0e:08:
8d:d4:f3:4f:c8:5a:f1:78:9c:60:db:97:24:36:92:
1e:cd:fa:22:e2:08:9d:5a:d5:b5:bc:c3:8e:f0:b5:
31:8c:41:2a:d0:fa:aa:fd:41:57:5d:49:57:50:12:
11:b8:34:83:73:a0:da:e8:f2:e3:1d:93:9f:bd:ad:
f7:60:de:d7:20:bd:8d:65:03:ee:61:1a:ae:90:06:
2a:59:80:73:78:91:8a:17:fc:3a:25:7e:e4:52:b3:
f9:4f:43:9c:f1:42:2e:44:e2:ce:7e:66:a5:7f:d7:
5b:5b:ba:b4:46:f6:be:18:44:6b:66:1f:5c:3e:79:
6e:76:2f:2a:4b:82:c6:a6:fd:54:af:55:ae:91:29:
5f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:9E:E9:41:BB:D3:04:B4:90:57:E1:83:24:A8:18:39:44:6E:9B:D4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/mp7pQbvTBLSQV-GDJKgYOURum9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.189.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:79:f5:79:29:7e:41:4c:98:22:3d:0f:aa:18:7f:34:ea:24:
0f:b2:9e:8f:df:c7:40:ce:66:b6:cd:68:cd:7e:6e:b9:66:cc:
7b:29:1c:d1:0c:c8:71:a8:d1:72:3b:9e:ab:39:8e:ae:30:3f:
59:a4:24:77:5c:12:1f:a5:71:93:0c:7c:89:e3:92:09:70:c9:
e9:24:2d:61:5e:48:ef:21:50:e7:3d:15:8d:c9:aa:95:b2:c5:
a9:23:61:82:da:c9:40:a9:45:d1:84:b5:da:bb:a7:74:21:37:
fb:7c:22:4b:00:6d:9d:15:ae:ee:d7:5a:b1:a1:4e:b0:73:8b:
7b:10:65:07:15:71:f8:ad:59:32:2d:c5:48:d4:45:9a:0f:57:
5d:50:1a:c6:39:02:cf:53:09:cb:d6:60:c1:ee:25:82:ef:34:
f8:3f:96:50:11:ab:ef:6a:15:6c:2c:54:8a:b5:c5:d0:50:cc:
91:79:e9:23:2d:5c:d9:e8:da:3e:af:70:fa:bf:13:0f:24:50:
1b:aa:9b:03:ac:dc:b5:d6:47:c3:d0:67:ff:33:d2:06:96:18:
44:c1:20:d5:f1:48:72:42:32:55:6d:fe:e3:c9:bf:eb:99:03:
53:af:32:0e:48:75:48:e5:ec:77:11:f6:fa:b2:e8:be:d0:4b:
fe:d3:d9:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3Qxxckq1NfGW1CLeG6xwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTllZTk0MWJiZDMwNGI0OTA1N2UxODMyNGE4MTgzOTQ0NmU5YmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuI5tsCtx2xCxYJio+G+2fnsDWkcH
Cy5BUYbJ2VHU6YGb/a82zWZWe8+0OA+gh5D33hPc6KAazQpMp7VB80DG2Y64gNSb
Y0cyJJUHkRISes7VyM5tpALRSuMu8kXoGG7C0vLIDl3aniCYq/PCz0GdmqjJ8mdI
DgiN1PNPyFrxeJxg25ckNpIezfoi4gidWtW1vMOO8LUxjEEq0Pqq/UFXXUlXUBIR
uDSDc6Da6PLjHZOfva33YN7XIL2NZQPuYRqukAYqWYBzeJGKF/w6JX7kUrP5T0Oc
8UIuROLOfmalf9dbW7q0Rva+GERrZh9cPnludi8qS4LGpv1Ur1WukSlf3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJqe6UG70wS0kFfhgySoGDlEbpvUMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbXA3cFFidlRCTFNRVi1HREpLZ1lPVVJ1bTlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdm9MA0G
CSqGSIb3DQEBCwUAA4IBAQA8efV5KX5BTJgiPQ+qGH806iQPsp6P38dAzma2zWjN
fm65Zsx7KRzRDMhxqNFyO56rOY6uMD9ZpCR3XBIfpXGTDHyJ45IJcMnpJC1hXkjv
IVDnPRWNyaqVssWpI2GC2slAqUXRhLXau6d0ITf7fCJLAG2dFa7u11qxoU6wc4t7
EGUHFXH4rVkyLcVI1EWaD1ddUBrGOQLPUwnL1mDB7iWC7zT4P5ZQEavvahVsLFSK
tcXQUMyReekjLVzZ6No+r3D6vxMPJFAbqpsDrNy11kfD0Gf/M9IGlhhEwSDV8Uhy
QjJVbf7jyb/rmQNTrzIOSHVI5ex3Efb6sui+0Ev+09mq
-----END CERTIFICATE-----
Generated at Sat Apr 27 17:58:07 2024 by rpki-client on console-ams.rpki-client.org