Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/606dde-fc51-456e-b5f1-dcaf7ef7ae3a/1/fMbx_Pv6ODIpheZvxOx_J9Srj8A.roa
File: fMbx_Pv6ODIpheZvxOx_J9Srj8A.roa (raw, json)
Hash identifier: 67jCgsIVU2OOsrMdrmTqPJzG3o5nQ+DD7re/UwRyQnE=
Subject key identifier: 7C:C6:F1:FC:FB:FA:38:32:29:85:E6:6F:C4:EC:7F:27:D4:AB:8F:C0
Certificate issuer: /CN=58dd1017c53457a8a921419687bde8a8b8eb5611
Certificate serial: 018CC794BD57B22C02E0D85DC7B3BD4B021E
Authority key identifier: 58:DD:10:17:C5:34:57:A8:A9:21:41:96:87:BD:E8:A8:B8:EB:56:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WN0QF8U0V6ipIUGWh73oqLjrVhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/606dde-fc51-456e-b5f1-dcaf7ef7ae3a/1/fMbx_Pv6ODIpheZvxOx_J9Srj8A.roa
Signing time: Tue 02 Jan 2024 00:31:02 +0000
ROA not before: Tue 02 Jan 2024 00:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43842
IP address blocks: 91.195.162.0/24 maxlen: 24
193.138.92.0/24 maxlen: 24
91.195.163.0/24 maxlen: 24
91.193.51.0/24 maxlen: 24
91.193.48.0/24 maxlen: 24
91.193.49.0/24 maxlen: 24
91.193.50.0/24 maxlen: 24
209.35.197.0/24 maxlen: 24
193.28.155.0/24 maxlen: 24
195.62.19.0/24 maxlen: 24
195.62.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/606dde-fc51-456e-b5f1-dcaf7ef7ae3a/1/WN0QF8U0V6ipIUGWh73oqLjrVhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/606dde-fc51-456e-b5f1-dcaf7ef7ae3a/1/WN0QF8U0V6ipIUGWh73oqLjrVhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/WN0QF8U0V6ipIUGWh73oqLjrVhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:bd:57:b2:2c:02:e0:d8:5d:c7:b3:bd:4b:02:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58dd1017c53457a8a921419687bde8a8b8eb5611
Validity
Not Before: Jan 2 00:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7cc6f1fcfbfa38322985e66fc4ec7f27d4ab8fc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ab:a0:3d:4d:a6:95:5d:0d:91:f9:37:d6:87:
2d:cf:26:00:77:6f:a0:78:22:d1:8b:cd:ee:37:78:
cf:8d:77:dc:5e:f0:38:02:dc:7f:2c:dc:84:83:e7:
a0:c1:0b:7a:39:18:d2:4f:db:55:8c:4b:99:e0:ca:
b4:1d:64:23:28:8c:05:ed:80:36:ab:51:e7:27:ac:
60:07:89:8b:3e:b8:08:fe:a0:27:24:eb:8d:e4:2c:
83:52:ff:b5:6e:76:cc:13:01:99:ee:29:f3:0d:b9:
9b:9b:a8:f9:76:5f:08:72:61:03:88:89:dd:ed:3f:
b5:ab:45:57:0b:6b:55:df:a6:be:8d:e6:3c:cd:65:
aa:04:6a:88:62:af:23:c5:1a:f8:1e:a9:8c:17:a1:
75:45:85:d6:29:cf:f3:9f:c9:52:8c:29:9d:f3:ec:
d6:11:c9:dc:da:be:ac:bc:a4:1e:ec:21:dd:48:de:
5d:8e:fd:47:d2:d4:ad:1d:94:a2:3a:28:ba:74:ce:
99:de:5f:e9:a0:f3:e7:62:dc:88:1f:2f:78:03:24:
10:f6:d4:e4:35:9c:36:23:9e:b5:cc:de:72:1f:20:
0d:33:9a:cf:0e:e3:ad:11:b0:1e:b7:46:6b:08:05:
76:0e:f3:5e:08:23:dd:f3:f6:19:92:6d:40:9b:03:
b9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C6:F1:FC:FB:FA:38:32:29:85:E6:6F:C4:EC:7F:27:D4:AB:8F:C0
X509v3 Authority Key Identifier:
keyid:58:DD:10:17:C5:34:57:A8:A9:21:41:96:87:BD:E8:A8:B8:EB:56:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WN0QF8U0V6ipIUGWh73oqLjrVhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/606dde-fc51-456e-b5f1-dcaf7ef7ae3a/1/fMbx_Pv6ODIpheZvxOx_J9Srj8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/606dde-fc51-456e-b5f1-dcaf7ef7ae3a/1/WN0QF8U0V6ipIUGWh73oqLjrVhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.48.0/22
91.195.162.0/23
193.28.155.0/24
193.138.92.0/24
195.62.18.0/23
209.35.197.0/24
Signature Algorithm: sha256WithRSAEncryption
da:84:26:26:4d:c1:5c:a7:49:3f:a7:d9:4f:f6:f6:4e:be:4e:
c4:b3:cb:4b:4b:25:8c:89:91:06:cc:10:b6:0d:a7:ad:e8:d2:
36:16:66:0d:ec:62:53:1b:3e:a2:b1:e5:e2:c9:78:cd:ce:15:
a1:9d:a1:05:e9:90:a1:b4:14:f2:fb:7b:a1:fc:1f:e2:50:9a:
d3:b1:f0:f2:01:ce:b2:8b:f3:9a:b0:2e:f3:f7:4b:45:5e:e2:
e1:7f:86:44:80:fe:ad:40:b0:4a:b1:19:47:cd:25:15:c1:64:
3a:af:86:56:8a:22:71:d9:90:e4:06:c0:c7:c7:02:54:40:90:
32:1c:8f:95:fd:57:80:ad:b7:8c:2b:f2:48:d1:1c:eb:5b:b9:
12:a0:cc:08:04:11:4a:1f:70:e0:b4:94:5e:f1:5e:85:10:76:
68:38:7b:63:01:7c:87:98:7d:80:b2:55:35:0e:aa:cd:73:b2:
9c:78:94:f5:d5:61:6c:6c:9f:1b:3b:ab:4e:06:78:f4:ca:61:
fa:79:e8:b8:e3:06:49:17:91:17:3d:34:68:b2:2e:d5:08:d1:
9f:93:5c:76:4b:fe:b6:3c:c7:22:04:c5:57:65:5c:24:0d:51:
77:34:54:87:c4:fe:47:6e:d5:54:b7:7d:97:76:51:0e:0d:ee:
c7:ff:17:58
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzHlL1XsiwC4Nhdx7O9SwIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZGQxMDE3YzUzNDU3YThhOTIxNDE5Njg3YmRlOGE4Yjhl
YjU2MTEwHhcNMjQwMTAyMDAzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2M2ZjFmY2ZiZmEzODMyMjk4NWU2NmZjNGVjN2YyN2Q0YWI4ZmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKugPU2mlV0Nkfk31octzyYAd2+g
eCLRi83uN3jPjXfcXvA4Atx/LNyEg+egwQt6ORjST9tVjEuZ4Mq0HWQjKIwF7YA2
q1HnJ6xgB4mLPrgI/qAnJOuN5CyDUv+1bnbMEwGZ7inzDbmbm6j5dl8IcmEDiInd
7T+1q0VXC2tV36a+jeY8zWWqBGqIYq8jxRr4HqmMF6F1RYXWKc/zn8lSjCmd8+zW
Ecnc2r6svKQe7CHdSN5djv1H0tStHZSiOii6dM6Z3l/poPPnYtyIHy94AyQQ9tTk
NZw2I561zN5yHyANM5rPDuOtEbAet0ZrCAV2DvNeCCPd8/YZkm1AmwO5BQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHzG8fz7+jgyKYXmb8TsfyfUq4/AMB8GA1UdIwQY
MBaAFFjdEBfFNFeoqSFBloe96Ki461YRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV04wUUY4VTBWNmlwSVVHV2g3M29xTGpyVmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC82MDZkZGUtZmM1MS00NTZlLWI1ZjEt
ZGNhZjdlZjdhZTNhLzEvZk1ieF9QdjZPRElwaGVadnhPeF9KOVNyajhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC82MDZkZGUtZmM1MS00NTZlLWI1ZjEtZGNhZjdlZjdhZTNh
LzEvV04wUUY4VTBWNmlwSVVHV2g3M29xTGpyVmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCW8EwAwQB
W8OiAwQAwRybAwQAwYpcAwQBwz4SAwQA0SPFMA0GCSqGSIb3DQEBCwUAA4IBAQDa
hCYmTcFcp0k/p9lP9vZOvk7Es8tLSyWMiZEGzBC2Daet6NI2FmYN7GJTGz6iseXi
yXjNzhWhnaEF6ZChtBTy+3uh/B/iUJrTsfDyAc6yi/OasC7z90tFXuLhf4ZEgP6t
QLBKsRlHzSUVwWQ6r4ZWiiJx2ZDkBsDHxwJUQJAyHI+V/VeArbeMK/JI0RzrW7kS
oMwIBBFKH3DgtJRe8V6FEHZoOHtjAXyHmH2AslU1DqrNc7KceJT11WFsbJ8bO6tO
Bnj0ymH6eei44wZJF5EXPTRosi7VCNGfk1x2S/62PMciBMVXZVwkDVF3NFSHxP5H
btVUt32XdlEODe7H/xdY
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:57:32 2024 by rpki-client on console-fra.rpki-client.org