Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/mXPWsrifenmqhKJYiYkhTfSUhcw.roa
File: mXPWsrifenmqhKJYiYkhTfSUhcw.roa (raw, json)
Hash identifier: HpWzyAfhOIsOGWHWZ0t/URjOW+GBLzCuzq8cRsMRXQM=
Subject key identifier: 99:73:D6:B2:B8:9F:7A:79:AA:84:A2:58:89:89:21:4D:F4:94:85:CC
Certificate issuer: /CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473
Certificate serial: 018CC64B3E4972F7B714E2F8ECB2A038964D
Authority key identifier: F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/mXPWsrifenmqhKJYiYkhTfSUhcw.roa
Signing time: Mon 01 Jan 2024 18:31:09 +0000
ROA not before: Mon 01 Jan 2024 18:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15526
IP address blocks: 212.68.145.0/24 maxlen: 24
213.8.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1-YVtZ08Onb9gEtW109lrQ6_XZHM.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1-YVtZ08Onb9gEtW109lrQ6_XZHM.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:3e:49:72:f7:b7:14:e2:f8:ec:b2:a0:38:96:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473
Validity
Not Before: Jan 1 18:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9973d6b2b89f7a79aa84a2588989214df49485cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:15:17:0b:7a:5b:a4:5e:8c:bd:39:34:6f:49:
88:cc:d5:7f:ad:03:44:a2:bb:c8:04:d1:cf:a9:b3:
dd:5b:67:c3:62:ff:7a:00:c0:c2:72:a4:92:cb:42:
ab:8b:41:7e:b3:fa:ed:c7:88:16:01:0e:7d:ef:18:
a0:d4:fc:ec:e0:af:3a:d2:a9:0d:38:d8:f9:70:a3:
dd:dc:94:5e:e4:78:7d:05:56:7e:0b:b1:02:d4:13:
f5:0a:61:47:62:7a:52:81:8c:c9:ef:fd:6f:e9:5e:
99:29:17:ca:1a:e8:d6:d2:12:52:4f:7b:57:58:bc:
59:74:97:68:ad:f8:cc:b1:6a:56:a5:c1:13:a1:52:
49:70:64:6c:0c:16:fb:f7:89:b3:02:a9:e1:6a:b6:
e5:86:e9:48:51:d7:e1:af:66:17:ad:ce:c1:37:6b:
be:fd:e2:fd:41:b2:07:a7:a3:f0:81:13:2d:4d:5e:
24:ba:d1:e4:1f:79:cb:50:d1:e0:01:9b:6e:82:da:
3d:b3:3d:c1:fc:28:25:07:78:fb:a4:43:82:3f:8b:
01:0c:0d:f2:dc:8e:67:2b:dd:ca:b6:eb:82:da:84:
1b:fd:0d:00:bc:d1:7f:e9:bf:fd:9e:f3:00:03:0a:
88:e1:77:b8:75:7b:cd:2f:ee:d2:e1:76:12:49:df:
92:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:73:D6:B2:B8:9F:7A:79:AA:84:A2:58:89:89:21:4D:F4:94:85:CC
X509v3 Authority Key Identifier:
keyid:F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/mXPWsrifenmqhKJYiYkhTfSUhcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1-YVtZ08Onb9gEtW109lrQ6_XZHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.145.0/24
213.8.23.0/24
Signature Algorithm: sha256WithRSAEncryption
75:d9:1f:06:60:e1:d8:6b:cc:9b:b2:d7:50:f3:c8:d3:53:5e:
f7:83:8b:3d:d8:f4:3d:8d:4d:aa:53:de:89:1f:c0:0d:cb:49:
2f:39:59:29:f1:a1:55:29:0c:7e:1d:40:fb:e2:4e:b1:ef:26:
52:f2:b7:ba:83:74:dc:ab:74:24:75:ea:5b:86:d6:f3:53:a7:
ca:72:82:4b:ac:09:ed:6b:2b:17:01:f9:ed:12:df:80:50:ed:
3d:ce:a4:26:60:f4:f0:ba:96:7b:46:d4:24:81:13:09:27:44:
6b:c6:0a:a7:b1:0e:94:a5:9c:c6:0d:3f:4a:b9:1b:18:72:9e:
1c:4b:9d:fb:d7:04:30:17:55:db:ab:b1:75:b0:e3:2a:7c:3a:
ff:d6:1e:5b:04:2e:72:d7:16:04:45:9c:53:b2:f5:9b:7b:4c:
35:5a:c6:bd:44:01:01:76:7b:6a:a8:4a:21:e7:74:dd:2b:6b:
38:14:50:2c:51:30:c8:24:fd:15:67:b3:81:cb:be:df:16:df:
ce:ed:4c:78:1f:42:d3:24:3e:65:dc:d1:9c:49:91:cb:e2:6a:
43:13:b6:cb:b9:4c:69:01:c4:1f:c6:32:d9:0e:e2:5a:56:25:
90:b9:0c:fe:99:bc:a6:ad:5f:17:0f:8d:b2:83:83:48:1b:3d:
06:51:ae:fa
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzGSz5Jcve3FOL47LKgOJZNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5ODU2ZDY3NGYwZTlkYmY2MDEyZDViNWQzZDk2YjQzYWZk
NzY0NzMwHhcNMjQwMTAxMTgzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTczZDZiMmI4OWY3YTc5YWE4NGEyNTg4OTg5MjE0ZGY0OTQ4NWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxUXC3pbpF6MvTk0b0mIzNV/rQNE
orvIBNHPqbPdW2fDYv96AMDCcqSSy0Kri0F+s/rtx4gWAQ597xig1Pzs4K860qkN
ONj5cKPd3JRe5Hh9BVZ+C7EC1BP1CmFHYnpSgYzJ7/1v6V6ZKRfKGujW0hJST3tX
WLxZdJdorfjMsWpWpcEToVJJcGRsDBb794mzAqnharblhulIUdfhr2YXrc7BN2u+
/eL9QbIHp6PwgRMtTV4kutHkH3nLUNHgAZtugto9sz3B/CglB3j7pEOCP4sBDA3y
3I5nK93KtuuC2oQb/Q0AvNF/6b/9nvMAAwqI4Xe4dXvNL+7S4XYSSd+S+QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJlz1rK4n3p5qoSiWImJIU30lIXMMB8GA1UdIwQY
MBaAFPmFbWdPDp2/YBLVtdPZa0Ov12RzMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ZVnRaMDhPbmI5Z0V0VzEwOWxyUTZfWFpITS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRm
LWVmZDE0ZGI5NTdmYi8xL21YUFdzcmlmZW5tcWhLSllpWWtoVGZTVWhjdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRmLWVmZDE0ZGI5NTdm
Yi8xLzEtWVZ0WjA4T25iOWdFdFcxMDlsclE2X1haSE0uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBADURJED
BADVCBcwDQYJKoZIhvcNAQELBQADggEBAHXZHwZg4dhrzJuy11DzyNNTXveDiz3Y
9D2NTapT3okfwA3LSS85WSnxoVUpDH4dQPviTrHvJlLyt7qDdNyrdCR16luG1vNT
p8pygkusCe1rKxcB+e0S34BQ7T3OpCZg9PC6lntG1CSBEwknRGvGCqexDpSlnMYN
P0q5GxhynhxLnfvXBDAXVdursXWw4yp8Ov/WHlsELnLXFgRFnFOy9Zt7TDVaxr1E
AQF2e2qoSiHndN0razgUUCxRMMgk/RVns4HLvt8W387tTHgfQtMkPmXc0ZxJkcvi
akMTtsu5TGkBxB/GMtkO4lpWJZC5DP6ZvKatXxcPjbKDg0gbPQZRrvo=
-----END CERTIFICATE-----
Generated at Sat May 18 05:22:23 2024 by rpki-client on console-fra.rpki-client.org