Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/99fNtmpIkMVMfuBaM5IReQO8mis.roa
File: 99fNtmpIkMVMfuBaM5IReQO8mis.roa (raw, json)
Hash identifier: KfLvkAq98if6mD9C31McNRh8jnHBEgwGWmhzhWmZwzs=
Subject key identifier: F7:D7:CD:B6:6A:48:90:C5:4C:7E:E0:5A:33:92:11:79:03:BC:9A:2B
Certificate issuer: /CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Certificate serial: 018CCA29DA235DC02DDE6916461B5DF021B6
Authority key identifier: 32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/99fNtmpIkMVMfuBaM5IReQO8mis.roa
Signing time: Tue 02 Jan 2024 12:33:09 +0000
ROA not before: Tue 02 Jan 2024 12:33:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51955
IP address blocks: 194.0.8.0/24 maxlen: 24
194.0.48.0/24 maxlen: 24
194.0.49.0/24 maxlen: 24
194.0.50.0/24 maxlen: 24
91.198.156.0/24 maxlen: 24
194.8.2.0/24 maxlen: 24
194.8.3.0/24 maxlen: 24
2001:678:80::/48 maxlen: 48
2a02:503:8::/48 maxlen: 48
2001:678:b::/48 maxlen: 48
2001:678:84::/48 maxlen: 48
2a02:503::/48 maxlen: 48
2001:678:7c::/48 maxlen: 48
2a02:503:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 02:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:da:23:5d:c0:2d:de:69:16:46:1b:5d:f0:21:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Validity
Not Before: Jan 2 12:33:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7d7cdb66a4890c54c7ee05a3392117903bc9a2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a9:e6:48:6a:6f:8d:37:ef:23:6a:a9:59:15:
4a:f6:fe:81:b8:4f:4c:5e:7b:bd:eb:b2:83:0a:7d:
23:ac:6f:d5:01:f0:1c:c5:43:bc:3a:2c:81:53:3a:
39:dc:ce:ff:0a:a5:a3:33:21:97:f9:76:aa:ad:3a:
25:67:29:f9:50:ce:76:be:a3:32:10:c7:3c:df:f2:
3e:ae:68:55:3c:d9:fa:3b:da:8d:4b:60:59:ac:23:
b7:15:b9:cb:a6:96:b2:19:e3:72:3d:2e:45:2d:03:
97:f4:c9:ce:23:3a:a0:03:0f:11:26:f1:39:68:d9:
6d:cc:6f:14:fc:57:0d:44:98:fb:ab:e6:8d:0d:2f:
97:d1:04:40:23:8a:1a:6d:64:1a:7e:63:38:a0:89:
40:07:52:3a:71:7a:f6:cc:2f:e8:0f:f2:4e:3a:1e:
0d:9a:87:55:f1:75:ff:b7:82:5d:14:73:21:81:69:
f1:70:c3:09:35:0e:aa:92:9e:fa:ba:2d:47:e6:93:
d0:d2:31:1e:39:a4:ed:d2:66:99:28:9e:19:23:32:
b0:75:f0:e1:65:c7:33:1c:5b:9e:4d:b1:43:59:41:
30:11:2c:8b:62:e2:b0:b3:e1:86:e1:79:5b:e1:d4:
3f:31:54:39:b7:a9:76:99:b6:cb:ca:15:6d:60:1c:
b6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:D7:CD:B6:6A:48:90:C5:4C:7E:E0:5A:33:92:11:79:03:BC:9A:2B
X509v3 Authority Key Identifier:
keyid:32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/99fNtmpIkMVMfuBaM5IReQO8mis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.156.0/24
194.0.8.0/24
194.0.48.0-194.0.50.255
194.8.2.0/23
IPv6:
2001:678:b::/48
2001:678:7c::/48
2001:678:80::/48
2001:678:84::/48
2a02:503::/47
2a02:503:8::/48
Signature Algorithm: sha256WithRSAEncryption
6f:e4:97:a4:4b:bc:4e:c2:df:13:fc:77:9f:38:5b:be:de:67:
86:6c:db:c0:e3:ff:42:51:3b:92:d3:b8:62:69:69:1f:22:5d:
a9:dc:e5:4b:fb:a5:44:2a:fd:f9:7c:59:04:51:f6:24:b5:39:
8c:b2:fa:f3:a7:73:7b:a6:10:76:e5:f7:25:5b:1a:9f:cc:2e:
4d:e1:64:7c:9a:8a:c2:ac:7d:15:18:b2:a6:82:18:3d:36:03:
1f:f7:0b:1f:ad:26:27:3a:b3:71:41:14:a0:f0:78:ea:cd:d3:
77:9d:61:63:37:2f:1e:df:1d:cd:9b:0e:cf:7b:d5:93:2d:8e:
fc:58:e1:80:e6:ed:7b:55:a0:81:00:cc:da:d0:f2:36:25:42:
96:d2:6a:8d:59:f2:cc:38:3e:cf:f3:3d:ad:ad:20:e3:81:18:
ab:b7:35:fe:63:d2:f2:a6:b9:4c:77:c7:13:7e:c6:26:37:a4:
fa:83:1b:4f:ac:18:33:8e:e9:7f:0d:a5:e8:b9:cd:aa:4d:5d:
41:e4:a3:5b:ad:6a:8e:bf:a9:48:fb:0d:ed:80:98:12:65:ee:
64:ff:7e:ae:d2:c3:cb:af:11:ad:01:ba:b4:ff:ca:8c:cc:3f:
76:80:51:2f:bf:70:78:a6:d0:62:7d:41:23:a0:93:3f:ab:fc:
8e:e1:3b:ab
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYzKKdojXcAt3mkWRhtd8CG2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMGIyNGE3NDBmMmU2MTYzMjA1MGFkYzE0NmMxZWU2YTNl
Njg2YzUwHhcNMjQwMTAyMTIzMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2Q3Y2RiNjZhNDg5MGM1NGM3ZWUwNWEzMzkyMTE3OTAzYmM5YTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKnmSGpvjTfvI2qpWRVK9v6BuE9M
Xnu967KDCn0jrG/VAfAcxUO8OiyBUzo53M7/CqWjMyGX+XaqrTolZyn5UM52vqMy
EMc83/I+rmhVPNn6O9qNS2BZrCO3FbnLppayGeNyPS5FLQOX9MnOIzqgAw8RJvE5
aNltzG8U/FcNRJj7q+aNDS+X0QRAI4oabWQafmM4oIlAB1I6cXr2zC/oD/JOOh4N
modV8XX/t4JdFHMhgWnxcMMJNQ6qkp76ui1H5pPQ0jEeOaTt0maZKJ4ZIzKwdfDh
ZcczHFueTbFDWUEwESyLYuKws+GG4Xlb4dQ/MVQ5t6l2mbbLyhVtYBy25QIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFPfXzbZqSJDFTH7gWjOSEXkDvJorMB8GA1UdIwQY
MBaAFDILJKdA8uYWMgUK3BRsHuaj5obFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWdza3AwRHk1aFl5QlFyY0ZHd2U1cVBtaHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85YzI3ZTQtZDdiMS00M2MxLWEzOGYt
OTQ5MTRmNWRkYjNjLzEvOTlmTnRtcElrTVZNZnVCYU01SVJlUU84bWlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85YzI3ZTQtZDdiMS00M2MxLWEzOGYtOTQ5MTRmNWRkYjNj
LzEvTWdza3AwRHk1aFl5QlFyY0ZHd2U1cVBtaHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjAmBAIAATAgAwQAW8acAwQA
wgAIMAwDBATCADADBADCADIDBAHCCAIwPAQCAAIwNgMHACABBngACwMHACABBngA
fAMHACABBngAgAMHACABBngAhAMHASoCBQMAAAMHACoCBQMACDANBgkqhkiG9w0B
AQsFAAOCAQEAb+SXpEu8TsLfE/x3nzhbvt5nhmzbwOP/QlE7ktO4YmlpHyJdqdzl
S/ulRCr9+XxZBFH2JLU5jLL686dze6YQduX3JVsan8wuTeFkfJqKwqx9FRiypoIY
PTYDH/cLH60mJzqzcUEUoPB46s3Td51hYzcvHt8dzZsOz3vVky2O/FjhgObte1Wg
gQDM2tDyNiVCltJqjVnyzDg+z/M9ra0g44EYq7c1/mPS8qa5THfHE37GJjek+oMb
T6wYM47pfw2l6LnNqk1dQeSjW61qjr+pSPsN7YCYEmXuZP9+rtLDy68RrQG6tP/K
jMw/doBRL79weKbQYn1BI6CTP6v8juE7qw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:51:25 2024 by rpki-client on console-fra.rpki-client.org