Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/mABzuBRQafI9RIbJVGU5_8TsqsY.roa
File: mABzuBRQafI9RIbJVGU5_8TsqsY.roa (raw, json)
Hash identifier: dkw8k30qBU36CIwJ27ZwW3JfqJ4APyLAHoTXrPkMjos=
Subject key identifier: 98:00:73:B8:14:50:69:F2:3D:44:86:C9:54:65:39:FF:C4:EC:AA:C6
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0192852909EA770F5A10A7255B8E0E356568
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/mABzuBRQafI9RIbJVGU5_8TsqsY.roa
Signing time: Sun 13 Oct 2024 09:15:12 +0000
ROA not before: Sun 13 Oct 2024 09:15:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215071
IP address blocks: 91.200.221.0/24 maxlen: 24
109.122.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:85:29:09:ea:77:0f:5a:10:a7:25:5b:8e:0e:35:65:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Oct 13 09:15:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=980073b8145069f23d4486c9546539ffc4ecaac6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6c:55:53:ae:8e:f9:52:fa:72:85:a5:2e:2b:
f1:75:6a:54:95:24:b5:6a:5b:d3:05:3c:fb:a1:7b:
11:84:72:45:9f:ed:21:55:97:29:0f:51:e3:3a:1c:
6f:a3:17:e2:08:9f:fb:32:f5:82:02:dd:37:07:59:
d2:91:32:69:3b:55:24:3a:58:e7:5d:52:c0:95:af:
2b:30:1b:69:43:6a:ed:20:ba:d2:c2:5e:f0:78:f0:
5f:33:2c:a3:8c:80:8c:9d:39:dd:d5:41:4a:9a:f0:
34:46:2e:21:7a:9d:f1:a4:62:82:ad:3b:6b:b0:9c:
24:ea:10:0f:0d:df:f6:5b:4a:0a:83:d1:77:1d:37:
1a:d3:39:69:6a:32:a9:5a:66:92:56:37:8c:e1:60:
85:eb:af:72:5d:96:b1:36:2d:70:d9:3b:b6:be:e8:
8f:6b:78:5e:6e:32:09:97:7a:52:e4:d4:d9:83:49:
5a:ce:96:5f:da:dc:94:ef:a4:f8:b0:76:8c:48:b2:
2f:3d:c8:e1:e0:aa:b2:2e:ad:9b:32:da:c4:ee:10:
8d:e8:af:04:93:c7:3b:26:44:39:b9:6b:95:02:a9:
2e:f7:73:0c:24:8b:54:f1:ce:89:63:38:3b:46:dc:
70:23:11:f0:02:77:4a:0f:0b:ee:97:c0:61:c5:bd:
b1:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:00:73:B8:14:50:69:F2:3D:44:86:C9:54:65:39:FF:C4:EC:AA:C6
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/mABzuBRQafI9RIbJVGU5_8TsqsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.221.0/24
109.122.42.0/24
Signature Algorithm: sha256WithRSAEncryption
41:16:a8:9f:ee:bc:f1:af:23:02:8c:5f:44:49:74:06:a2:0e:
be:af:2d:13:10:87:25:f7:d8:97:91:43:66:02:ad:75:b2:6c:
9b:1d:5e:54:4e:8c:9e:47:c6:23:b6:ca:b5:86:20:2f:2b:ac:
a9:2b:18:19:5f:d1:3b:9b:76:55:92:44:14:13:50:c5:11:cb:
c6:59:f6:94:81:27:bf:7e:52:87:0a:0b:05:2c:c2:e9:ee:30:
86:64:90:0f:c5:d5:97:ae:22:eb:f5:cc:39:a9:86:a2:17:9c:
9b:45:d6:3c:9a:1f:95:6a:59:28:ee:97:89:22:2d:cc:83:11:
dd:ce:e9:c6:2b:04:52:10:e8:7d:f1:cd:0b:f3:58:ab:c5:1c:
21:bd:3c:70:60:a0:4e:e2:9a:74:e3:12:c6:e2:4a:64:3f:fe:
fa:f3:5f:cd:17:ed:8e:b3:b5:4f:07:d3:2e:dd:f8:36:55:9f:
d5:a3:3e:f8:27:49:35:6a:0f:38:f8:df:c0:3a:b8:5f:5b:2b:
2f:de:c8:d5:e7:bd:c1:2f:69:2c:fc:86:2c:fb:66:39:11:38:
b8:ff:f5:72:92:5f:1b:1e:41:44:02:95:3d:8f:cf:c7:51:0e:
5d:e1:6a:dd:09:44:83:d6:23:e2:a1:15:e8:08:03:03:22:38:
44:75:a4:10
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKFKQnqdw9aEKclW44ONWVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQxMDEzMDkxNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODAwNzNiODE0NTA2OWYyM2Q0NDg2Yzk1NDY1MzlmZmM0ZWNhYWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWxVU66O+VL6coWlLivxdWpUlSS1
alvTBTz7oXsRhHJFn+0hVZcpD1HjOhxvoxfiCJ/7MvWCAt03B1nSkTJpO1UkOljn
XVLAla8rMBtpQ2rtILrSwl7wePBfMyyjjICMnTnd1UFKmvA0Ri4hep3xpGKCrTtr
sJwk6hAPDd/2W0oKg9F3HTca0zlpajKpWmaSVjeM4WCF669yXZaxNi1w2Tu2vuiP
a3hebjIJl3pS5NTZg0lazpZf2tyU76T4sHaMSLIvPcjh4KqyLq2bMtrE7hCN6K8E
k8c7JkQ5uWuVAqku93MMJItU8c6JYzg7RtxwIxHwAndKDwvul8Bhxb2xBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJgAc7gUUGnyPUSGyVRlOf/E7KrGMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvbUFCenVCUlFhZkk5UkliSlZHVTVfOFRzcXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8jdAwQA
bXoqMA0GCSqGSIb3DQEBCwUAA4IBAQBBFqif7rzxryMCjF9ESXQGog6+ry0TEIcl
99iXkUNmAq11smybHV5UToyeR8Yjtsq1hiAvK6ypKxgZX9E7m3ZVkkQUE1DFEcvG
WfaUgSe/flKHCgsFLMLp7jCGZJAPxdWXriLr9cw5qYaiF5ybRdY8mh+Valko7peJ
Ii3MgxHdzunGKwRSEOh98c0L81irxRwhvTxwYKBO4pp04xLG4kpkP/7681/NF+2O
s7VPB9Mu3fg2VZ/Voz74J0k1ag84+N/AOrhfWysv3sjV573BL2ks/IYs+2Y5ETi4
//Vykl8bHkFEApU9j8/HUQ5d4WrdCUSD1iPioRXoCAMDIjhEdaQQ
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:41:08 2024 by rpki-client on console-fra.rpki-client.org