Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/mZMSwYxRjGtgDdEB0srYHp0deyo.roa
File: mZMSwYxRjGtgDdEB0srYHp0deyo.roa (raw, json)
Hash identifier: dzLQE+86iKyfmKpa61IMb3iFatlc4bAn2BhBwEZn5Y8=
Subject key identifier: 99:93:12:C1:8C:51:8C:6B:60:0D:D1:01:D2:CA:D8:1E:9D:1D:7B:2A
Certificate issuer: /CN=bcfd2da5447d007616ebddc2a70feac5e77c4a8b
Certificate serial: 018D31541988A67F65206438A8FC0B1CE12F
Authority key identifier: BC:FD:2D:A5:44:7D:00:76:16:EB:DD:C2:A7:0F:EA:C5:E7:7C:4A:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/mZMSwYxRjGtgDdEB0srYHp0deyo.roa
Signing time: Mon 22 Jan 2024 13:20:11 +0000
ROA not before: Mon 22 Jan 2024 13:20:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49436
IP address blocks: 185.250.168.0/22 maxlen: 22
185.250.168.0/23 maxlen: 23
185.250.170.0/23 maxlen: 23
195.42.158.0/23 maxlen: 23
2a0c:f47::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/vP0tpUR9AHYW693Cpw_qxed8Sos.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/vP0tpUR9AHYW693Cpw_qxed8Sos.mft
rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:31:54:19:88:a6:7f:65:20:64:38:a8:fc:0b:1c:e1:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfd2da5447d007616ebddc2a70feac5e77c4a8b
Validity
Not Before: Jan 22 13:20:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=999312c18c518c6b600dd101d2cad81e9d1d7b2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e5:73:8a:29:e9:48:33:b8:bc:81:4f:0e:1c:
f2:d2:34:8b:78:f6:14:ba:60:96:00:f4:71:ed:25:
b1:cf:ea:3d:66:97:91:e2:99:13:47:9a:9c:f0:b0:
86:12:e4:bc:17:95:f2:34:3d:4f:d9:53:8c:a5:38:
97:8c:36:33:f9:1a:f1:8b:8c:e2:bd:0a:f4:48:57:
14:c8:fe:92:54:6f:fb:5c:3a:17:a0:8f:10:5e:56:
b0:19:9f:2c:95:79:9b:db:9a:f8:60:32:98:ae:26:
30:f0:7a:76:63:c8:3b:ac:5b:6c:22:ef:7e:d2:84:
5f:43:6b:8c:15:b2:1e:88:1d:0b:b9:ad:05:a3:f5:
f7:df:30:69:13:97:6c:75:5a:c1:1e:a9:35:46:87:
9a:a6:04:c4:21:94:32:1e:df:b1:26:75:e6:5d:17:
2a:8f:c5:26:fc:74:cd:f3:94:ca:5f:1a:cb:b0:82:
e5:82:73:b4:6b:e9:09:8a:59:30:22:94:42:01:2b:
69:59:0e:88:37:be:52:18:f4:f2:93:2f:68:b6:80:
1b:ff:9b:8e:4d:8c:ff:1a:8c:be:a0:57:8c:80:f2:
63:2b:98:ae:30:8f:af:71:d3:a3:f2:b3:f7:4e:ac:
d5:38:74:fc:f1:f0:56:f6:99:8a:77:b1:48:02:86:
35:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:93:12:C1:8C:51:8C:6B:60:0D:D1:01:D2:CA:D8:1E:9D:1D:7B:2A
X509v3 Authority Key Identifier:
keyid:BC:FD:2D:A5:44:7D:00:76:16:EB:DD:C2:A7:0F:EA:C5:E7:7C:4A:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/mZMSwYxRjGtgDdEB0srYHp0deyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/vP0tpUR9AHYW693Cpw_qxed8Sos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.168.0/22
195.42.158.0/23
IPv6:
2a0c:f47::/32
Signature Algorithm: sha256WithRSAEncryption
2a:1d:30:56:94:16:1f:ad:b8:d0:19:41:b4:34:d9:f6:0a:a5:
12:4b:44:f8:91:c3:f8:b8:e8:72:02:5b:9a:64:0b:7e:91:f2:
72:45:9a:57:ba:ab:ef:b5:25:ad:25:95:00:b4:ee:22:cd:8a:
db:42:69:43:90:37:94:9b:15:55:58:af:32:8c:76:b6:dc:16:
4a:65:4e:1a:cd:2e:3f:68:f7:1e:5a:58:37:97:f3:55:97:4d:
c9:51:3a:b7:1b:c2:c8:57:39:e4:df:9e:ac:42:66:24:73:90:
e1:35:c7:98:88:6d:4f:51:b0:8b:87:c6:b6:00:10:ea:ca:fd:
92:11:56:00:58:15:1f:e4:12:4e:d0:ad:28:4e:25:e2:2c:d0:
e9:1a:fd:e8:a4:e4:b9:4c:e5:61:85:31:3a:5e:13:47:7f:28:
a8:b5:a3:20:2e:01:8d:28:43:cb:b8:06:35:ac:60:74:09:c2:
ed:a5:d4:fa:e8:73:9a:66:93:2a:c8:ba:9d:54:f4:79:12:54:
46:f1:a4:32:51:41:f3:e7:f1:08:3d:c4:c1:59:30:75:9e:bb:
c4:91:bc:4c:b9:20:94:a5:ac:d5:37:4a:0f:19:6b:3f:3f:3a:
67:29:d9:ac:56:bd:09:5e:c3:83:b2:bc:e1:3e:c2:2b:d7:f4:
26:e7:8d:12
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY0xVBmIpn9lIGQ4qPwLHOEvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmQyZGE1NDQ3ZDAwNzYxNmViZGRjMmE3MGZlYWM1ZTc3
YzRhOGIwHhcNMjQwMTIyMTMyMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTkzMTJjMThjNTE4YzZiNjAwZGQxMDFkMmNhZDgxZTlkMWQ3YjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeVziinpSDO4vIFPDhzy0jSLePYU
umCWAPRx7SWxz+o9ZpeR4pkTR5qc8LCGEuS8F5XyND1P2VOMpTiXjDYz+Rrxi4zi
vQr0SFcUyP6SVG/7XDoXoI8QXlawGZ8slXmb25r4YDKYriYw8Hp2Y8g7rFtsIu9+
0oRfQ2uMFbIeiB0Lua0Fo/X33zBpE5dsdVrBHqk1RoeapgTEIZQyHt+xJnXmXRcq
j8Um/HTN85TKXxrLsILlgnO0a+kJilkwIpRCAStpWQ6IN75SGPTyky9otoAb/5uO
TYz/Goy+oFeMgPJjK5iuMI+vcdOj8rP3TqzVOHT88fBW9pmKd7FIAoY1/wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJmTEsGMUYxrYA3RAdLK2B6dHXsqMB8GA1UdIwQY
MBaAFLz9LaVEfQB2FuvdwqcP6sXnfEqLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAwdHBVUjlBSFlXNjkzQ3B3X3F4ZWQ4U29zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85MTlmZmYtMjUyZi00NzIwLWFkZTQt
YmJmZTIxOTZjNmFmLzEvbVpNU3dZeFJqR3RnRGRFQjBzcllIcDBkZXlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS85MTlmZmYtMjUyZi00NzIwLWFkZTQtYmJmZTIxOTZjNmFm
LzEvdlAwdHBVUjlBSFlXNjkzQ3B3X3F4ZWQ4U29zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCufqoAwQB
wyqeMA0EAgACMAcDBQAqDA9HMA0GCSqGSIb3DQEBCwUAA4IBAQAqHTBWlBYfrbjQ
GUG0NNn2CqUSS0T4kcP4uOhyAluaZAt+kfJyRZpXuqvvtSWtJZUAtO4izYrbQmlD
kDeUmxVVWK8yjHa23BZKZU4azS4/aPceWlg3l/NVl03JUTq3G8LIVznk356sQmYk
c5DhNceYiG1PUbCLh8a2ABDqyv2SEVYAWBUf5BJO0K0oTiXiLNDpGv3opOS5TOVh
hTE6XhNHfyiotaMgLgGNKEPLuAY1rGB0CcLtpdT66HOaZpMqyLqdVPR5ElRG8aQy
UUHz5/EIPcTBWTB1nrvEkbxMuSCUpazVN0oPGWs/PzpnKdmsVr0JXsODsrzhPsIr
1/Qm540S
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:53:56 2024 by rpki-client on console-fra.rpki-client.org