Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/mBmFYHmnU6h8PDE3fzLdgxaFjT8.roa
File: mBmFYHmnU6h8PDE3fzLdgxaFjT8.roa (raw, json)
Hash identifier: eYQ/M6bcGuOi7EXz7ZRZv1w02i0YzURv25hJjcoxEiY=
Subject key identifier: 98:19:85:60:79:A7:53:A8:7C:3C:31:37:7F:32:DD:83:16:85:8D:3F
Certificate issuer: /CN=f3751cf8c3a2d36c9744c96519899945ac607820
Certificate serial: 018CC9BC9FBEC90A32F531ACCE0B36F7B037
Authority key identifier: F3:75:1C:F8:C3:A2:D3:6C:97:44:C9:65:19:89:99:45:AC:60:78:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/83Uc-MOi02yXRMllGYmZRaxgeCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/mBmFYHmnU6h8PDE3fzLdgxaFjT8.roa
Signing time: Tue 02 Jan 2024 10:33:51 +0000
ROA not before: Tue 02 Jan 2024 10:33:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48956
IP address blocks: 91.230.42.0/23 maxlen: 23
45.90.0.0/23 maxlen: 23
195.88.114.0/23 maxlen: 23
91.207.52.0/23 maxlen: 23
91.246.104.0/21 maxlen: 21
37.46.15.0/24 maxlen: 24
37.46.13.0/24 maxlen: 24
37.46.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/83Uc-MOi02yXRMllGYmZRaxgeCA.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/83Uc-MOi02yXRMllGYmZRaxgeCA.mft
rsync://rpki.ripe.net/repository/DEFAULT/83Uc-MOi02yXRMllGYmZRaxgeCA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:9f:be:c9:0a:32:f5:31:ac:ce:0b:36:f7:b0:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3751cf8c3a2d36c9744c96519899945ac607820
Validity
Not Before: Jan 2 10:33:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9819856079a753a87c3c31377f32dd8316858d3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2e:f4:d8:39:ed:49:ed:9c:2f:97:de:75:38:
ca:91:af:b1:a2:33:11:61:99:35:c5:1f:b1:31:1f:
92:21:9a:02:6c:19:26:33:e6:43:9b:85:c3:bb:82:
54:92:95:b4:8c:87:6f:b2:9e:27:48:76:17:e0:1d:
d0:08:05:1c:92:74:2e:61:63:3e:7a:25:25:4d:bf:
e7:8d:98:bc:9d:0a:5c:ec:6c:da:b0:86:4e:40:34:
e4:64:af:94:e8:55:c0:b4:6d:0d:54:4f:f1:d7:bf:
5a:28:e8:db:04:f1:a0:dd:54:59:02:d2:87:ec:48:
0c:7d:af:a2:75:98:fe:70:fb:24:a7:57:6c:eb:84:
e1:6a:79:fd:15:ec:88:54:75:9b:a8:6e:09:f0:ad:
c6:16:0d:03:56:eb:5a:94:f7:a6:f1:67:f1:41:0b:
06:d1:4a:60:a6:ac:aa:74:98:10:b2:10:1f:39:37:
b9:84:77:28:1b:6c:7c:7b:74:fa:9f:94:96:59:a1:
3b:6c:a5:0b:13:10:71:09:41:6b:9d:58:82:63:bb:
2b:4b:fb:79:eb:d3:84:d0:cc:8f:30:c1:25:24:4e:
da:20:74:3f:81:92:b7:9c:4f:3a:36:1b:ef:5b:67:
ab:e0:8b:77:47:0d:4a:c8:28:fe:63:5b:39:49:f6:
7c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:19:85:60:79:A7:53:A8:7C:3C:31:37:7F:32:DD:83:16:85:8D:3F
X509v3 Authority Key Identifier:
keyid:F3:75:1C:F8:C3:A2:D3:6C:97:44:C9:65:19:89:99:45:AC:60:78:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/83Uc-MOi02yXRMllGYmZRaxgeCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/mBmFYHmnU6h8PDE3fzLdgxaFjT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/83Uc-MOi02yXRMllGYmZRaxgeCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.13.0-37.46.15.255
45.90.0.0/23
91.207.52.0/23
91.230.42.0/23
91.246.104.0/21
195.88.114.0/23
Signature Algorithm: sha256WithRSAEncryption
60:77:84:9c:68:2a:45:f8:41:ec:5c:2d:f2:de:30:06:89:7e:
d8:99:7f:29:19:51:3f:a3:18:2e:3e:df:61:bf:4d:85:97:ec:
a2:4e:79:f5:8b:63:90:b2:38:b0:24:0e:1b:a6:bd:65:19:80:
4e:0b:b3:3e:32:da:63:7b:e5:64:bb:ac:a7:4b:e0:d1:85:bb:
41:ea:e5:74:90:2e:d1:f2:69:d0:7b:e0:0e:e0:06:5b:ab:49:
ee:29:87:58:31:6a:ee:6d:ea:6a:6e:96:98:ec:a4:7d:43:22:
d2:84:53:94:3b:6c:c9:60:06:cc:cf:d2:d9:9b:49:9d:7c:89:
94:47:b4:d7:cc:d3:3d:a7:3a:e6:45:ef:31:ae:84:48:e5:c4:
5a:c7:7f:01:82:43:27:56:03:2e:04:9d:b2:af:23:07:a1:c7:
f3:27:cc:21:5f:d4:8f:c6:03:3a:df:e6:ac:91:15:57:38:7c:
18:d7:3c:9a:24:c2:01:db:58:51:ff:19:ec:0d:a6:c3:4c:c4:
7d:07:28:5b:aa:3d:73:6d:f7:c4:05:d4:6e:17:d0:12:01:d2:
14:b2:d5:59:4f:9a:20:66:c6:89:c6:43:5f:fa:b5:1b:11:72:
c4:0b:1e:3d:0c:8a:df:cd:cc:04:3d:04:29:e9:c2:b4:ee:ce:
74:b6:d3:d2
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzJvJ++yQoy9TGszgs297A3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNzUxY2Y4YzNhMmQzNmM5NzQ0Yzk2NTE5ODk5OTQ1YWM2
MDc4MjAwHhcNMjQwMTAyMTAzMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODE5ODU2MDc5YTc1M2E4N2MzYzMxMzc3ZjMyZGQ4MzE2ODU4ZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxi702DntSe2cL5fedTjKka+xojMR
YZk1xR+xMR+SIZoCbBkmM+ZDm4XDu4JUkpW0jIdvsp4nSHYX4B3QCAUcknQuYWM+
eiUlTb/njZi8nQpc7GzasIZOQDTkZK+U6FXAtG0NVE/x179aKOjbBPGg3VRZAtKH
7EgMfa+idZj+cPskp1ds64Thann9FeyIVHWbqG4J8K3GFg0DVutalPem8WfxQQsG
0UpgpqyqdJgQshAfOTe5hHcoG2x8e3T6n5SWWaE7bKULExBxCUFrnViCY7srS/t5
69OE0MyPMMElJE7aIHQ/gZK3nE86NhvvW2er4It3Rw1KyCj+Y1s5SfZ8lQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJgZhWB5p1OofDwxN38y3YMWhY0/MB8GA1UdIwQY
MBaAFPN1HPjDotNsl0TJZRmJmUWsYHggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODNVYy1NT2kwMnlYUk1sbEdZbVpSYXhnZUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wOGY5YjQtMTE1Yy00NDg4LWI1Njct
NWNmN2MwNjIxMDY1LzEvbUJtRllIbW5VNmg4UERFM2Z6TGRneGFGalQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wOGY5YjQtMTE1Yy00NDg4LWI1NjctNWNmN2MwNjIxMDY1
LzEvODNVYy1NT2kwMnlYUk1sbEdZbVpSYXhnZUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAAlLg0D
BAQlLgADBAEtWgADBAFbzzQDBAFb5ioDBANb9mgDBAHDWHIwDQYJKoZIhvcNAQEL
BQADggEBAGB3hJxoKkX4QexcLfLeMAaJftiZfykZUT+jGC4+32G/TYWX7KJOefWL
Y5CyOLAkDhumvWUZgE4Lsz4y2mN75WS7rKdL4NGFu0Hq5XSQLtHyadB74A7gBlur
Se4ph1gxau5t6mpulpjspH1DItKEU5Q7bMlgBszP0tmbSZ18iZRHtNfM0z2nOuZF
7zGuhEjlxFrHfwGCQydWAy4EnbKvIwehx/MnzCFf1I/GAzrf5qyRFVc4fBjXPJok
wgHbWFH/GewNpsNMxH0HKFuqPXNt98QF1G4X0BIB0hSy1VlPmiBmxonGQ1/6tRsR
csQLHj0Mit/NzAQ9BCnpwrTuznS209I=
-----END CERTIFICATE-----
Generated at Wed May 8 04:56:29 2024 by rpki-client on console-fra.rpki-client.org