Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/mW8VQal48w2oErTZzy-GbeM_wZI.roa
File: mW8VQal48w2oErTZzy-GbeM_wZI.roa (raw, json)
Hash identifier: m32I+p1hqH6oohP1RMzGhIwqG/IE4A7WNZqOOc9S8W4=
Subject key identifier: 99:6F:15:41:A9:78:F3:0D:A8:12:B4:D9:CF:2F:86:6D:E3:3F:C1:92
Certificate issuer: /CN=002647c801fb58fcfaac135bb48f5e61fea7e566
Certificate serial: 018CC8018C4BC408893365781C3060CCF811
Authority key identifier: 00:26:47:C8:01:FB:58:FC:FA:AC:13:5B:B4:8F:5E:61:FE:A7:E5:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ACZHyAH7WPz6rBNbtI9eYf6n5WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/mW8VQal48w2oErTZzy-GbeM_wZI.roa
Signing time: Tue 02 Jan 2024 02:29:53 +0000
ROA not before: Tue 02 Jan 2024 02:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41108
IP address blocks: 91.228.52.0/23 maxlen: 23
91.229.229.0/24 maxlen: 24
193.25.100.0/23 maxlen: 23
195.88.44.0/23 maxlen: 23
91.228.104.0/22 maxlen: 22
195.110.20.0/23 maxlen: 23
195.110.20.0/24 maxlen: 24
2001:67c:12a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/ACZHyAH7WPz6rBNbtI9eYf6n5WY.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/ACZHyAH7WPz6rBNbtI9eYf6n5WY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ACZHyAH7WPz6rBNbtI9eYf6n5WY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:8c:4b:c4:08:89:33:65:78:1c:30:60:cc:f8:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=002647c801fb58fcfaac135bb48f5e61fea7e566
Validity
Not Before: Jan 2 02:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=996f1541a978f30da812b4d9cf2f866de33fc192
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a7:b5:e3:71:1f:d1:d8:68:e4:6a:25:02:91:
db:55:7d:2c:bc:78:6d:8e:bd:00:fe:4f:42:3a:e4:
b2:ec:6f:a8:ff:cf:c7:9f:fe:d3:6a:e9:60:ff:fc:
48:b5:33:4d:a0:a8:72:fb:dd:ae:77:f2:b7:09:35:
13:1c:3f:ca:7b:5c:b1:db:83:2f:47:0a:b0:21:24:
d2:fe:d5:f3:5f:fb:87:c9:34:2d:2f:0b:ed:73:9d:
48:56:08:8d:06:f4:2e:9b:30:d8:b7:d9:48:49:8a:
e3:d5:1b:00:92:52:c9:21:43:d9:a7:c7:82:a2:21:
75:65:e8:7a:b5:4b:52:5c:33:f4:6c:2f:b7:cd:05:
37:ba:57:9e:29:21:72:93:43:d8:0f:7d:b6:52:24:
cf:7e:68:49:8b:a9:c7:8b:af:e8:38:f6:5a:f6:de:
5b:97:da:34:e0:7f:11:a4:24:b6:fb:91:43:33:08:
1e:23:73:8e:1b:c8:ed:7b:b5:48:6a:b0:0f:1f:f9:
26:93:3b:dd:a6:8e:d0:fd:e0:de:5c:89:ad:88:f8:
9f:d0:43:84:5d:4e:9a:67:6e:9c:d1:6c:05:d3:ab:
d0:eb:75:93:9f:56:d0:85:98:05:b9:b0:b6:2c:ec:
92:57:94:c8:b5:62:6d:6c:23:91:81:22:b2:2e:b9:
49:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:6F:15:41:A9:78:F3:0D:A8:12:B4:D9:CF:2F:86:6D:E3:3F:C1:92
X509v3 Authority Key Identifier:
keyid:00:26:47:C8:01:FB:58:FC:FA:AC:13:5B:B4:8F:5E:61:FE:A7:E5:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ACZHyAH7WPz6rBNbtI9eYf6n5WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/mW8VQal48w2oErTZzy-GbeM_wZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/ACZHyAH7WPz6rBNbtI9eYf6n5WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.52.0/23
91.228.104.0/22
91.229.229.0/24
193.25.100.0/23
195.88.44.0/23
195.110.20.0/23
IPv6:
2001:67c:12a0::/48
Signature Algorithm: sha256WithRSAEncryption
16:5b:ea:20:05:fe:24:3d:77:9c:62:07:56:43:c6:19:24:90:
0c:e4:b9:b2:13:a3:c2:68:e4:34:ce:42:74:f8:f1:a6:7a:5a:
06:10:71:ca:6c:58:70:9b:a3:f4:bb:92:85:a4:52:82:37:3c:
11:fd:11:c1:22:dc:2a:77:23:ed:57:93:3c:fe:0c:23:27:c1:
0b:91:80:c0:1f:d9:3e:57:6c:dd:f2:6e:41:c8:e3:df:ef:ba:
16:13:e6:c5:cb:b0:91:89:50:4b:5e:e8:3f:17:59:41:cc:d2:
13:75:65:38:cf:cf:70:86:60:1a:3b:43:07:b9:0d:02:5f:8f:
2d:1a:fd:84:2b:77:2b:22:ea:23:7b:15:9b:37:12:b3:b9:78:
d4:ab:6f:7a:a2:84:c4:34:6b:17:91:61:af:03:c9:1f:d1:c6:
be:00:2d:5d:89:c5:32:85:99:4e:e9:72:c1:55:2f:46:31:a8:
43:70:99:32:a5:9e:3c:ab:53:c9:9c:f4:16:aa:e3:25:00:c4:
9f:83:77:42:2b:0d:a5:f3:a9:f1:9d:16:e9:3a:39:49:30:35:
21:ca:f7:61:0d:24:d3:e3:d3:c9:c8:2e:86:c2:85:ac:54:e2:
5e:58:00:fb:89:13:42:f0:80:bb:20:43:a7:b1:75:8d:97:38:
e5:c7:e7:61
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzIAYxLxAiJM2V4HDBgzPgRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMjY0N2M4MDFmYjU4ZmNmYWFjMTM1YmI0OGY1ZTYxZmVh
N2U1NjYwHhcNMjQwMTAyMDIyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTZmMTU0MWE5NzhmMzBkYTgxMmI0ZDljZjJmODY2ZGUzM2ZjMTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkae143Ef0dho5GolApHbVX0svHht
jr0A/k9COuSy7G+o/8/Hn/7Taulg//xItTNNoKhy+92ud/K3CTUTHD/Ke1yx24Mv
RwqwISTS/tXzX/uHyTQtLwvtc51IVgiNBvQumzDYt9lISYrj1RsAklLJIUPZp8eC
oiF1Zeh6tUtSXDP0bC+3zQU3uleeKSFyk0PYD322UiTPfmhJi6nHi6/oOPZa9t5b
l9o04H8RpCS2+5FDMwgeI3OOG8jte7VIarAPH/kmkzvdpo7Q/eDeXImtiPif0EOE
XU6aZ26c0WwF06vQ63WTn1bQhZgFubC2LOySV5TItWJtbCORgSKyLrlJPwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFJlvFUGpePMNqBK02c8vhm3jP8GSMB8GA1UdIwQY
MBaAFAAmR8gB+1j8+qwTW7SPXmH+p+VmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUNaSHlBSDdXUHo2ckJOYnRJOWVZZjZuNVdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jZmMwNmYtODJiZS00OWZiLWJjODIt
OTRlZmJmNWNlY2Q0LzEvbVc4VlFhbDQ4dzJvRXJUWnp5LUdiZU1fd1pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jZmMwNmYtODJiZS00OWZiLWJjODItOTRlZmJmNWNlY2Q0
LzEvQUNaSHlBSDdXUHo2ckJOYnRJOWVZZjZuNVdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQBW+Q0AwQC
W+RoAwQAW+XlAwQBwRlkAwQBw1gsAwQBw24UMA8EAgACMAkDBwAgAQZ8EqAwDQYJ
KoZIhvcNAQELBQADggEBABZb6iAF/iQ9d5xiB1ZDxhkkkAzkubITo8Jo5DTOQnT4
8aZ6WgYQccpsWHCbo/S7koWkUoI3PBH9EcEi3Cp3I+1Xkzz+DCMnwQuRgMAf2T5X
bN3ybkHI49/vuhYT5sXLsJGJUEte6D8XWUHM0hN1ZTjPz3CGYBo7Qwe5DQJfjy0a
/YQrdysi6iN7FZs3ErO5eNSrb3qihMQ0axeRYa8DyR/Rxr4ALV2JxTKFmU7pcsFV
L0YxqENwmTKlnjyrU8mc9Baq4yUAxJ+Dd0IrDaXzqfGdFuk6OUkwNSHK92ENJNPj
08nILobChaxU4l5YAPuJE0LwgLsgQ6exdY2XOOXH52E=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:34:54 2024 by rpki-client on console-ams.rpki-client.org