Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/mMapmEdHukRlUNw7gLygKtPwVA0.roa
File: mMapmEdHukRlUNw7gLygKtPwVA0.roa (raw, json)
Hash identifier: 3gGZnqmUEddBmlxASfoEGD7Q1NxuNJwGbZ6GTIPvk8g=
Subject key identifier: 98:C6:A9:98:47:47:BA:44:65:50:DC:3B:80:BC:A0:2A:D3:F0:54:0D
Certificate issuer: /CN=3f172439599d7da525797899bf213b8e63554914
Certificate serial: 018CC8015FE2360EF6E07E2341EBB513E91A
Authority key identifier: 3F:17:24:39:59:9D:7D:A5:25:79:78:99:BF:21:3B:8E:63:55:49:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PxckOVmdfaUleXiZvyE7jmNVSRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/mMapmEdHukRlUNw7gLygKtPwVA0.roa
Signing time: Tue 02 Jan 2024 02:29:42 +0000
ROA not before: Tue 02 Jan 2024 02:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1930
IP address blocks: 192.68.221.0/24 maxlen: 24
192.104.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/PxckOVmdfaUleXiZvyE7jmNVSRQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:5f:e2:36:0e:f6:e0:7e:23:41:eb:b5:13:e9:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f172439599d7da525797899bf213b8e63554914
Validity
Not Before: Jan 2 02:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98c6a9984747ba446550dc3b80bca02ad3f0540d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:21:9f:90:6f:dc:25:9a:03:4e:72:1d:00:92:
b6:bf:2e:2d:fa:ab:a7:8e:d2:5a:cb:8f:96:21:66:
cf:7e:61:f7:39:03:7b:c3:05:01:0c:99:2b:0d:b9:
60:85:5a:d1:0b:78:ae:04:cb:37:15:6c:b2:cd:54:
d2:88:bf:2d:78:81:94:c9:bc:54:18:db:8d:6b:8a:
6d:5d:d6:fb:ed:5a:38:4b:cc:58:01:00:66:ab:60:
2b:79:96:a0:aa:78:b2:a2:f4:48:2b:12:85:b5:55:
aa:a2:ff:94:4a:73:d6:b7:6a:fc:61:c0:54:16:ec:
07:56:57:09:92:5f:63:26:3e:1b:46:a1:66:8e:f5:
d1:45:6d:f7:22:8b:f0:23:ff:3d:80:d5:f2:f7:84:
f5:48:9c:f5:8a:2e:7b:a2:fc:1a:f3:59:7d:ed:1c:
2b:da:c5:01:30:d3:2c:26:49:c0:a3:a5:f3:db:56:
88:7a:02:5f:e1:bc:e7:29:f4:1d:a6:9b:ce:d8:0f:
63:08:58:a4:6c:85:22:54:1f:f5:66:e4:14:e9:42:
60:a6:9d:75:ef:39:15:93:f3:c5:90:59:06:58:99:
bc:37:85:31:03:4f:e7:5a:dc:93:74:cc:9b:7b:01:
20:7b:77:ec:53:8e:4e:47:95:e6:27:60:0f:b6:7b:
81:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:C6:A9:98:47:47:BA:44:65:50:DC:3B:80:BC:A0:2A:D3:F0:54:0D
X509v3 Authority Key Identifier:
keyid:3F:17:24:39:59:9D:7D:A5:25:79:78:99:BF:21:3B:8E:63:55:49:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PxckOVmdfaUleXiZvyE7jmNVSRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/mMapmEdHukRlUNw7gLygKtPwVA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.68.221.0/24
192.104.48.0/24
Signature Algorithm: sha256WithRSAEncryption
95:af:97:59:b3:14:6a:71:de:84:8f:03:39:29:f8:27:8a:5f:
7a:1a:24:1a:dd:65:b6:8c:a4:31:8f:1f:bb:ea:25:5b:a6:ca:
b4:b5:3b:11:03:e3:b4:18:bf:6c:2b:92:c3:06:d8:b9:a8:f9:
f6:de:74:0c:03:04:a7:e2:19:06:bd:9a:41:2e:cc:8e:2d:92:
b6:49:90:ca:dc:f1:bd:00:28:5d:cc:b6:4e:5e:e4:84:6a:72:
7b:75:b8:f9:88:ed:cf:cb:de:a8:04:f2:26:e2:63:9f:67:1c:
91:7a:44:41:7b:9c:dc:77:61:50:8a:7c:d7:dc:19:7a:b5:7a:
5e:3f:1f:10:bf:01:08:4e:21:c2:6b:89:f7:e9:0f:3c:9b:96:
b7:ef:45:62:0a:68:9e:67:68:f9:d5:29:18:da:be:32:2b:3f:
d0:42:3c:3e:93:e9:05:69:c9:6f:05:c9:c5:98:91:91:4a:ab:
17:1c:53:e5:05:f8:9c:b3:1a:87:85:4c:12:7b:b1:90:d4:ee:
bd:ff:84:92:61:b3:7c:5d:15:ee:d0:cf:76:28:14:50:4e:2a:
0d:39:f6:5a:c3:7a:69:c7:ac:4b:13:53:b6:8b:bc:81:da:27:
37:d6:57:d1:24:f7:9e:db:20:ea:a0:d6:0b:7c:bd:6f:28:b8:
10:36:27:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAV/iNg724H4jQeu1E+kaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMTcyNDM5NTk5ZDdkYTUyNTc5Nzg5OWJmMjEzYjhlNjM1
NTQ5MTQwHhcNMjQwMTAyMDIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGM2YTk5ODQ3NDdiYTQ0NjU1MGRjM2I4MGJjYTAyYWQzZjA1NDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiGfkG/cJZoDTnIdAJK2vy4t+qun
jtJay4+WIWbPfmH3OQN7wwUBDJkrDblghVrRC3iuBMs3FWyyzVTSiL8teIGUybxU
GNuNa4ptXdb77Vo4S8xYAQBmq2AreZagqniyovRIKxKFtVWqov+USnPWt2r8YcBU
FuwHVlcJkl9jJj4bRqFmjvXRRW33IovwI/89gNXy94T1SJz1ii57ovwa81l97Rwr
2sUBMNMsJknAo6Xz21aIegJf4bznKfQdppvO2A9jCFikbIUiVB/1ZuQU6UJgpp11
7zkVk/PFkFkGWJm8N4UxA0/nWtyTdMybewEge3fsU45OR5XmJ2APtnuBewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJjGqZhHR7pEZVDcO4C8oCrT8FQNMB8GA1UdIwQY
MBaAFD8XJDlZnX2lJXl4mb8hO45jVUkUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHhja09WbWRmYVVsZVhpWnZ5RTdqbU5WU1JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi85ZjlhYTktMDljMC00OGNjLWIwYTEt
ODg3MzMxZWZiNzE1LzEvbU1hcG1FZEh1a1JsVU53N2dMeWdLdFB3VkEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi85ZjlhYTktMDljMC00OGNjLWIwYTEtODg3MzMxZWZiNzE1
LzEvUHhja09WbWRmYVVsZVhpWnZ5RTdqbU5WU1JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwETdAwQA
wGgwMA0GCSqGSIb3DQEBCwUAA4IBAQCVr5dZsxRqcd6EjwM5Kfgnil96GiQa3WW2
jKQxjx+76iVbpsq0tTsRA+O0GL9sK5LDBti5qPn23nQMAwSn4hkGvZpBLsyOLZK2
SZDK3PG9AChdzLZOXuSEanJ7dbj5iO3Py96oBPIm4mOfZxyRekRBe5zcd2FQinzX
3Bl6tXpePx8QvwEITiHCa4n36Q88m5a370ViCmieZ2j51SkY2r4yKz/QQjw+k+kF
aclvBcnFmJGRSqsXHFPlBficsxqHhUwSe7GQ1O69/4SSYbN8XRXu0M92KBRQTioN
OfZaw3ppx6xLE1O2i7yB2ic31lfRJPee2yDqoNYLfL1vKLgQNidG
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:15:57 2024 by rpki-client on console-ams.rpki-client.org