Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/076add-edfa-4f37-9996-66ce9e3a8c1e/1/mhK28BhEpQWWIDvcOIYNfGXsBPE.roa
File: mhK28BhEpQWWIDvcOIYNfGXsBPE.roa (raw, json)
Hash identifier: JJJDa7X8kcp/u73b802akRtrHFk/PIRPccnBezbjJeA=
Subject key identifier: 9A:12:B6:F0:18:44:A5:05:96:20:3B:DC:38:86:0D:7C:65:EC:04:F1
Certificate issuer: /CN=1de76ce535cfb8e216ec0d24deb579d1a4ca0e06
Certificate serial: 019223CC5DB870999C7E390D825C8D8B1419
Authority key identifier: 1D:E7:6C:E5:35:CF:B8:E2:16:EC:0D:24:DE:B5:79:D1:A4:CA:0E:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Heds5TXPuOIW7A0k3rV50aTKDgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/076add-edfa-4f37-9996-66ce9e3a8c1e/1/mhK28BhEpQWWIDvcOIYNfGXsBPE.roa
Signing time: Tue 24 Sep 2024 11:30:48 +0000
ROA not before: Tue 24 Sep 2024 11:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16327
IP address blocks: 91.209.193.0/24 maxlen: 24
194.146.180.0/22 maxlen: 22
194.146.180.0/23 maxlen: 23
194.146.180.0/24 maxlen: 24
194.146.181.0/24 maxlen: 24
194.146.182.0/23 maxlen: 23
194.146.182.0/24 maxlen: 24
194.146.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/076add-edfa-4f37-9996-66ce9e3a8c1e/1/Heds5TXPuOIW7A0k3rV50aTKDgY.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/076add-edfa-4f37-9996-66ce9e3a8c1e/1/Heds5TXPuOIW7A0k3rV50aTKDgY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Heds5TXPuOIW7A0k3rV50aTKDgY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:23:cc:5d:b8:70:99:9c:7e:39:0d:82:5c:8d:8b:14:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1de76ce535cfb8e216ec0d24deb579d1a4ca0e06
Validity
Not Before: Sep 24 11:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a12b6f01844a50596203bdc38860d7c65ec04f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:37:2a:2b:9f:4e:35:b4:c2:76:eb:a7:db:47:
23:02:c2:fe:0c:d6:1b:4f:c5:fe:5b:e2:cd:23:e9:
38:19:e8:fa:10:23:27:ab:f2:3d:66:2f:d8:ca:7b:
b1:86:80:2e:61:b0:de:43:51:76:73:18:19:b2:79:
92:be:48:42:f9:90:ec:ae:07:7f:cc:14:b0:2b:e0:
f6:39:dd:73:dd:d9:d3:ff:db:ca:d7:65:6d:a5:3f:
04:b0:68:14:57:0a:60:d9:0b:2c:cb:de:7a:f7:00:
44:6b:34:8f:4c:e1:6f:1d:f8:06:ff:9d:0e:27:59:
51:c1:ba:a7:b8:08:04:90:fc:bd:5c:36:c8:b6:d5:
75:ab:7a:d4:cd:b2:7e:cb:2f:c2:9f:9c:e4:19:1b:
9e:ae:1b:4a:57:eb:12:8d:a7:74:17:e1:4d:59:d1:
29:15:ee:08:e5:da:27:00:ef:26:3b:39:20:72:2e:
f9:99:67:32:37:d4:66:2c:fa:ce:4c:d7:3d:bd:bf:
e8:88:60:2b:29:92:7d:3a:d7:3b:ac:e2:9d:56:3f:
6b:40:11:aa:59:ad:b4:8d:d2:26:f6:ca:8a:21:87:
18:6f:75:c5:07:97:c6:f0:52:53:82:56:9c:b6:a6:
c9:8d:94:7a:51:67:81:96:c2:ab:89:65:20:12:65:
1c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:12:B6:F0:18:44:A5:05:96:20:3B:DC:38:86:0D:7C:65:EC:04:F1
X509v3 Authority Key Identifier:
keyid:1D:E7:6C:E5:35:CF:B8:E2:16:EC:0D:24:DE:B5:79:D1:A4:CA:0E:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Heds5TXPuOIW7A0k3rV50aTKDgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/076add-edfa-4f37-9996-66ce9e3a8c1e/1/mhK28BhEpQWWIDvcOIYNfGXsBPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/076add-edfa-4f37-9996-66ce9e3a8c1e/1/Heds5TXPuOIW7A0k3rV50aTKDgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.193.0/24
194.146.180.0/22
Signature Algorithm: sha256WithRSAEncryption
24:2b:cf:d8:74:55:4f:2f:67:95:ad:c1:c3:58:be:b6:f6:da:
9b:65:76:95:c3:e3:66:1b:10:de:4a:21:76:4d:20:e7:79:24:
4a:2a:65:61:ab:48:62:9b:b2:e9:0e:da:e6:76:25:3c:90:d8:
7b:7c:c6:c4:74:ce:e8:4f:4c:b0:9c:3b:cb:57:a8:31:e4:ee:
00:08:28:33:26:da:a8:f3:f5:a7:92:22:fc:7e:14:5d:a4:3b:
10:70:84:7e:30:96:08:52:d3:fb:29:3c:4a:de:be:d7:f9:93:
91:9d:17:89:aa:48:6b:2c:d3:bc:82:f0:62:8e:c0:50:bd:95:
00:fe:c6:f1:46:75:07:dc:1a:6c:cd:73:c2:77:b9:a0:e9:95:
36:14:50:7a:c4:1e:90:ba:6f:2a:c3:fa:b1:c3:16:04:18:bb:
23:97:f6:c2:05:02:15:0e:45:c8:33:2a:27:dd:91:b9:04:9c:
7c:68:a2:4d:79:41:43:d0:2a:97:dc:e4:ee:41:82:79:24:49:
8e:e1:76:4e:1e:c6:c6:04:e3:4a:e5:20:eb:dd:c2:29:af:5a:
1d:d8:1c:4d:85:9d:61:e4:f9:48:87:69:a0:22:92:84:a4:70:
b6:55:eb:19:39:44:20:90:0a:f6:2f:30:b8:67:11:85:a3:ec:
71:12:91:5b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIjzF24cJmcfjkNglyNixQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTc2Y2U1MzVjZmI4ZTIxNmVjMGQyNGRlYjU3OWQxYTRj
YTBlMDYwHhcNMjQwOTI0MTEzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTEyYjZmMDE4NDRhNTA1OTYyMDNiZGMzODg2MGQ3YzY1ZWMwNGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjcqK59ONbTCduun20cjAsL+DNYb
T8X+W+LNI+k4Gej6ECMnq/I9Zi/YynuxhoAuYbDeQ1F2cxgZsnmSvkhC+ZDsrgd/
zBSwK+D2Od1z3dnT/9vK12VtpT8EsGgUVwpg2Qssy9569wBEazSPTOFvHfgG/50O
J1lRwbqnuAgEkPy9XDbIttV1q3rUzbJ+yy/Cn5zkGRuerhtKV+sSjad0F+FNWdEp
Fe4I5donAO8mOzkgci75mWcyN9RmLPrOTNc9vb/oiGArKZJ9Otc7rOKdVj9rQBGq
Wa20jdIm9sqKIYcYb3XFB5fG8FJTglactqbJjZR6UWeBlsKriWUgEmUcbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJoStvAYRKUFliA73DiGDXxl7ATxMB8GA1UdIwQY
MBaAFB3nbOU1z7jiFuwNJN61edGkyg4GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVkczVUWFB1T0lXN0EwazNyVjUwYVRLRGdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wNzZhZGQtZWRmYS00ZjM3LTk5OTYt
NjZjZTllM2E4YzFlLzEvbWhLMjhCaEVwUVdXSUR2Y09JWU5mR1hzQlBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wNzZhZGQtZWRmYS00ZjM3LTk5OTYtNjZjZTllM2E4YzFl
LzEvSGVkczVUWFB1T0lXN0EwazNyVjUwYVRLRGdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9HBAwQC
wpK0MA0GCSqGSIb3DQEBCwUAA4IBAQAkK8/YdFVPL2eVrcHDWL629tqbZXaVw+Nm
GxDeSiF2TSDneSRKKmVhq0him7LpDtrmdiU8kNh7fMbEdM7oT0ywnDvLV6gx5O4A
CCgzJtqo8/WnkiL8fhRdpDsQcIR+MJYIUtP7KTxK3r7X+ZORnReJqkhrLNO8gvBi
jsBQvZUA/sbxRnUH3BpszXPCd7mg6ZU2FFB6xB6Qum8qw/qxwxYEGLsjl/bCBQIV
DkXIMyon3ZG5BJx8aKJNeUFD0CqX3OTuQYJ5JEmO4XZOHsbGBONK5SDr3cIpr1od
2BxNhZ1h5PlIh2mgIpKEpHC2VesZOUQgkAr2LzC4ZxGFo+xxEpFb
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:36:25 2024 by rpki-client on console-ams.rpki-client.org