Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/86641e-669c-4a8d-ae0b-fe341b3005e3/1/854DDS2vZaAXNJFxhQQsr1FRO3s.roa
File: 854DDS2vZaAXNJFxhQQsr1FRO3s.roa (raw, json)
Hash identifier: Rfs9NBNDMmkltNRoUssb84pN0fOFl4Iv0vK2yPeq0NY=
Subject key identifier: F3:9E:03:0D:2D:AF:65:A0:17:34:91:71:85:04:2C:AF:51:51:3B:7B
Certificate issuer: /CN=9914258fb9d3657b3376142bfc63dace4f8211c4
Certificate serial: 018CC424E7818EBCFB8640346CBA1E03E1BD
Authority key identifier: 99:14:25:8F:B9:D3:65:7B:33:76:14:2B:FC:63:DA:CE:4F:82:11:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mRQlj7nTZXszdhQr_GPazk-CEcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/86641e-669c-4a8d-ae0b-fe341b3005e3/1/854DDS2vZaAXNJFxhQQsr1FRO3s.roa
Signing time: Mon 01 Jan 2024 08:30:02 +0000
ROA not before: Mon 01 Jan 2024 08:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1930
IP address blocks: 192.68.224.0/24 maxlen: 24
192.92.148.0/24 maxlen: 24
192.92.147.0/24 maxlen: 24
192.190.174.0/24 maxlen: 24
192.132.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/86641e-669c-4a8d-ae0b-fe341b3005e3/1/mRQlj7nTZXszdhQr_GPazk-CEcQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/86641e-669c-4a8d-ae0b-fe341b3005e3/1/mRQlj7nTZXszdhQr_GPazk-CEcQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/mRQlj7nTZXszdhQr_GPazk-CEcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:e7:81:8e:bc:fb:86:40:34:6c:ba:1e:03:e1:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9914258fb9d3657b3376142bfc63dace4f8211c4
Validity
Not Before: Jan 1 08:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f39e030d2daf65a01734917185042caf51513b7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6b:2f:e5:cd:7e:4d:6d:c2:02:47:45:52:ff:
89:fb:6e:96:bf:c3:c1:25:db:97:70:bd:e2:5a:80:
41:9b:8a:46:d3:7c:19:fb:ae:e0:62:1b:0c:cc:ed:
71:00:f4:8c:9b:8a:e2:d1:44:53:54:24:ff:8f:f5:
9d:cf:f8:21:67:b7:12:61:c0:db:39:a4:6f:d7:e1:
ac:61:fd:11:90:52:02:03:6b:23:ef:df:d0:12:d6:
5d:78:56:65:55:1c:52:e0:db:66:76:33:43:92:39:
f4:f3:c0:72:88:80:76:52:b5:04:5f:a8:4d:2d:63:
a3:ac:ab:dd:93:6d:66:6e:f9:3c:83:b4:60:d8:3b:
8d:e0:04:76:91:4d:da:65:bf:0d:a8:c9:8b:ea:16:
9a:9a:de:8e:be:ec:27:4b:94:aa:40:99:e6:0b:8d:
91:b8:ee:96:54:c5:82:2e:22:12:d5:63:1c:2f:dd:
44:0e:75:c5:30:9b:b7:53:4c:fe:49:c4:cf:87:5a:
f5:20:43:b2:05:a0:03:a0:f8:f1:50:02:ae:2e:ee:
0e:da:41:5b:0a:69:79:26:69:51:f4:27:43:d4:89:
f5:8a:07:fb:8e:16:63:0f:81:1a:8f:b9:39:49:8d:
74:f8:83:75:9e:47:24:7e:e2:5f:e9:69:3c:28:97:
45:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:9E:03:0D:2D:AF:65:A0:17:34:91:71:85:04:2C:AF:51:51:3B:7B
X509v3 Authority Key Identifier:
keyid:99:14:25:8F:B9:D3:65:7B:33:76:14:2B:FC:63:DA:CE:4F:82:11:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mRQlj7nTZXszdhQr_GPazk-CEcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/86641e-669c-4a8d-ae0b-fe341b3005e3/1/854DDS2vZaAXNJFxhQQsr1FRO3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/86641e-669c-4a8d-ae0b-fe341b3005e3/1/mRQlj7nTZXszdhQr_GPazk-CEcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.68.224.0/24
192.92.147.0-192.92.148.255
192.132.53.0/24
192.190.174.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:27:dc:2f:24:a3:a7:25:5a:db:ab:86:81:1d:ac:5e:0e:c0:
de:9d:79:2d:1a:a4:8a:6d:3f:dc:34:1b:e2:06:6b:d1:49:c5:
64:6e:35:3b:4d:b7:00:6a:a1:2a:e4:5f:f5:ab:9c:c7:e4:97:
cf:c8:b9:fc:30:c6:38:fb:45:61:c1:45:ff:8f:94:55:2c:be:
d8:f3:ef:7f:fa:fc:70:a3:d0:c3:2f:b6:ac:46:02:f8:5b:10:
a7:4b:eb:1c:71:fe:ea:94:22:4c:cd:0c:92:06:08:ce:f5:1d:
a3:8a:ca:23:db:a6:ac:57:ec:3d:24:e4:5e:71:ec:40:b5:3c:
2f:21:d1:cd:21:76:46:ff:1a:14:15:fa:96:5a:c1:17:5b:9e:
e8:a4:fc:d8:3e:4e:3c:26:ba:e4:61:41:67:fb:db:40:7d:66:
96:0c:1f:e9:50:4d:a8:8f:ea:aa:72:73:36:05:15:5e:17:9c:
82:27:13:66:d0:82:07:70:a9:d6:84:02:79:40:68:45:3e:43:
e9:81:20:a4:5a:b4:41:db:28:00:4a:e4:44:ba:3f:2e:63:a4:
90:95:ce:a6:52:d1:24:88:d3:7f:6b:8b:b8:46:b3:e0:41:78:
ca:f3:f5:d0:b6:aa:d9:13:30:54:3b:a7:57:63:b8:0f:f0:1b:
a7:73:05:90
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzEJOeBjrz7hkA0bLoeA+G9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MTQyNThmYjlkMzY1N2IzMzc2MTQyYmZjNjNkYWNlNGY4
MjExYzQwHhcNMjQwMTAxMDgzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzllMDMwZDJkYWY2NWEwMTczNDkxNzE4NTA0MmNhZjUxNTEzYjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmsv5c1+TW3CAkdFUv+J+26Wv8PB
JduXcL3iWoBBm4pG03wZ+67gYhsMzO1xAPSMm4ri0URTVCT/j/Wdz/ghZ7cSYcDb
OaRv1+GsYf0RkFICA2sj79/QEtZdeFZlVRxS4NtmdjNDkjn088ByiIB2UrUEX6hN
LWOjrKvdk21mbvk8g7Rg2DuN4AR2kU3aZb8NqMmL6haamt6OvuwnS5SqQJnmC42R
uO6WVMWCLiIS1WMcL91EDnXFMJu3U0z+ScTPh1r1IEOyBaADoPjxUAKuLu4O2kFb
Cml5JmlR9CdD1In1igf7jhZjD4Eaj7k5SY10+IN1nkckfuJf6Wk8KJdFfQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPOeAw0tr2WgFzSRcYUELK9RUTt7MB8GA1UdIwQY
MBaAFJkUJY+502V7M3YUK/xj2s5PghHEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVJRbGo3blRaWHN6ZGhRcl9HUGF6ay1DRWNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS84NjY0MWUtNjY5Yy00YThkLWFlMGIt
ZmUzNDFiMzAwNWUzLzEvODU0RERTMnZaYUFYTkpGeGhRUXNyMUZSTzNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS84NjY0MWUtNjY5Yy00YThkLWFlMGItZmUzNDFiMzAwNWUz
LzEvbVJRbGo3blRaWHN6ZGhRcl9HUGF6ay1DRWNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAwETgMAwD
BADAXJMDBADAXJQDBADAhDUDBADAvq4wDQYJKoZIhvcNAQELBQADggEBAKsn3C8k
o6clWturhoEdrF4OwN6deS0apIptP9w0G+IGa9FJxWRuNTtNtwBqoSrkX/WrnMfk
l8/Iufwwxjj7RWHBRf+PlFUsvtjz73/6/HCj0MMvtqxGAvhbEKdL6xxx/uqUIkzN
DJIGCM71HaOKyiPbpqxX7D0k5F5x7EC1PC8h0c0hdkb/GhQV+pZawRdbnuik/Ng+
TjwmuuRhQWf720B9ZpYMH+lQTaiP6qpyczYFFV4XnIInE2bQggdwqdaEAnlAaEU+
Q+mBIKRatEHbKABK5ES6Py5jpJCVzqZS0SSI039ri7hGs+BBeMrz9dC2qtkTMFQ7
p1djuA/wG6dzBZA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:00:27 2024 by rpki-client on console-ams.rpki-client.org