Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/02c5ec-7c6f-4ae2-9897-3059c89b72ea/1/90CV9Cmz7dYCPuKpkHL1v-Mkd4c.roa
File: 90CV9Cmz7dYCPuKpkHL1v-Mkd4c.roa (raw, json)
Hash identifier: F3yI6x2+gCVNN5q8T3BRJn6rIOZT95Pi4vAuI/aKokQ=
Subject key identifier: F7:40:95:F4:29:B3:ED:D6:02:3E:E2:A9:90:72:F5:BF:E3:24:77:87
Certificate issuer: /CN=4c54ecce6cbc9c54929eaa4b22b337b0fd9b36bf
Certificate serial: 018CC6B8F5561074525F9B32AB6F3F8CD999
Authority key identifier: 4C:54:EC:CE:6C:BC:9C:54:92:9E:AA:4B:22:B3:37:B0:FD:9B:36:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TFTszmy8nFSSnqpLIrM3sP2bNr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/02c5ec-7c6f-4ae2-9897-3059c89b72ea/1/90CV9Cmz7dYCPuKpkHL1v-Mkd4c.roa
Signing time: Mon 01 Jan 2024 20:30:59 +0000
ROA not before: Mon 01 Jan 2024 20:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33941
IP address blocks: 195.82.96.0/24 maxlen: 24
195.82.107.0/24 maxlen: 24
83.136.120.0/21 maxlen: 21
212.85.248.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/02c5ec-7c6f-4ae2-9897-3059c89b72ea/1/TFTszmy8nFSSnqpLIrM3sP2bNr8.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/02c5ec-7c6f-4ae2-9897-3059c89b72ea/1/TFTszmy8nFSSnqpLIrM3sP2bNr8.mft
rsync://rpki.ripe.net/repository/DEFAULT/TFTszmy8nFSSnqpLIrM3sP2bNr8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:f5:56:10:74:52:5f:9b:32:ab:6f:3f:8c:d9:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c54ecce6cbc9c54929eaa4b22b337b0fd9b36bf
Validity
Not Before: Jan 1 20:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f74095f429b3edd6023ee2a99072f5bfe3247787
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:64:9a:19:89:0d:48:92:cd:e9:f8:7d:e2:dc:
9f:b2:b1:94:97:2e:72:08:e7:24:aa:1b:d9:26:c5:
26:97:3e:4c:08:33:e4:57:23:be:05:e9:0c:46:a1:
1c:42:fb:39:85:3a:37:05:87:6b:3a:b7:43:57:45:
23:a7:dc:f0:fb:23:d8:2f:a4:6e:c7:1b:2b:2e:30:
37:21:89:4d:a5:12:72:3a:c8:4f:e2:67:4c:b6:8c:
bf:76:50:d2:7f:87:ce:a6:b0:21:b0:2b:18:f4:56:
a6:7d:fe:e2:f5:43:c2:02:18:56:ca:6f:d3:6f:c6:
4f:e8:d4:5d:e5:bc:4a:61:a4:3b:62:11:88:e3:45:
dd:41:dd:a4:90:31:96:f7:b8:52:b4:51:c5:9a:1a:
1e:04:71:6f:a7:5e:93:8c:73:20:91:a9:b8:6d:65:
b7:19:86:ff:c6:b6:c0:a0:3b:35:39:1a:a0:05:fa:
a8:b7:4b:11:9f:c2:88:51:60:ba:fd:d1:81:77:3d:
a5:7e:fd:67:db:f8:5a:3b:04:18:ea:18:54:86:75:
75:c4:22:1d:e0:16:b4:5c:52:28:2c:82:0e:1c:85:
56:9a:cb:a2:d4:59:fb:82:cf:06:6c:84:87:a8:54:
04:90:4d:9d:a3:4a:2d:95:00:81:9b:2a:f7:a8:e7:
12:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:40:95:F4:29:B3:ED:D6:02:3E:E2:A9:90:72:F5:BF:E3:24:77:87
X509v3 Authority Key Identifier:
keyid:4C:54:EC:CE:6C:BC:9C:54:92:9E:AA:4B:22:B3:37:B0:FD:9B:36:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TFTszmy8nFSSnqpLIrM3sP2bNr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/02c5ec-7c6f-4ae2-9897-3059c89b72ea/1/90CV9Cmz7dYCPuKpkHL1v-Mkd4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/02c5ec-7c6f-4ae2-9897-3059c89b72ea/1/TFTszmy8nFSSnqpLIrM3sP2bNr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.120.0/21
195.82.96.0/24
195.82.107.0/24
212.85.248.0/22
Signature Algorithm: sha256WithRSAEncryption
37:32:2d:ff:4b:33:fb:c2:f2:e2:0f:7c:b3:f5:c9:f9:b2:a9:
03:9e:0b:72:94:ee:0f:7a:b4:61:2e:73:dd:6d:52:e5:16:53:
9a:13:51:07:bc:ce:08:63:3b:47:c6:1b:1d:5e:76:41:b9:49:
39:d2:25:3a:56:8c:53:b0:e5:74:18:09:62:84:bc:fe:25:d3:
e0:d8:a6:73:c9:c6:98:30:1e:da:21:04:55:e8:ca:2e:82:c7:
5c:08:a0:12:19:57:da:6b:8f:a4:81:9b:01:a1:75:9f:e5:68:
9e:34:3b:3c:90:33:8a:f4:9d:d1:3e:5c:b0:93:9f:bc:2c:63:
65:7a:18:b1:04:f2:48:f6:b5:4a:3d:68:72:e6:f9:12:93:aa:
dc:07:0a:55:f0:d0:cc:14:ac:9f:b5:11:3d:82:c8:64:9b:af:
5a:1c:a0:d6:7f:fe:25:21:45:1e:c7:17:76:7c:e0:43:0b:bf:
94:74:f9:2c:27:17:7b:b0:98:b1:2a:9b:2a:81:2c:7c:47:85:
ea:cb:4f:8b:ce:7b:e7:87:3e:a5:d9:2f:e4:90:2b:d5:b0:d1:
48:40:1a:0e:de:d6:67:c9:8e:dc:53:39:5c:83:ce:77:41:a5:
e5:08:f4:b9:05:85:40:fb:1b:ce:50:49:fc:80:22:98:f5:0e:
26:48:f9:00
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGuPVWEHRSX5syq28/jNmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNTRlY2NlNmNiYzljNTQ5MjllYWE0YjIyYjMzN2IwZmQ5
YjM2YmYwHhcNMjQwMTAxMjAzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzQwOTVmNDI5YjNlZGQ2MDIzZWUyYTk5MDcyZjViZmUzMjQ3Nzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGSaGYkNSJLN6fh94tyfsrGUly5y
COckqhvZJsUmlz5MCDPkVyO+BekMRqEcQvs5hTo3BYdrOrdDV0Ujp9zw+yPYL6Ru
xxsrLjA3IYlNpRJyOshP4mdMtoy/dlDSf4fOprAhsCsY9Famff7i9UPCAhhWym/T
b8ZP6NRd5bxKYaQ7YhGI40XdQd2kkDGW97hStFHFmhoeBHFvp16TjHMgkam4bWW3
GYb/xrbAoDs1ORqgBfqot0sRn8KIUWC6/dGBdz2lfv1n2/haOwQY6hhUhnV1xCId
4Ba0XFIoLIIOHIVWmsui1Fn7gs8GbISHqFQEkE2do0otlQCBmyr3qOcSEwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPdAlfQps+3WAj7iqZBy9b/jJHeHMB8GA1UdIwQY
MBaAFExU7M5svJxUkp6qSyKzN7D9mza/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEZUc3pteThuRlNTbnFwTElyTTNzUDJiTnI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wMmM1ZWMtN2M2Zi00YWUyLTk4OTct
MzA1OWM4OWI3MmVhLzEvOTBDVjlDbXo3ZFlDUHVLcGtITDF2LU1rZDRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8wMmM1ZWMtN2M2Zi00YWUyLTk4OTctMzA1OWM4OWI3MmVh
LzEvVEZUc3pteThuRlNTbnFwTElyTTNzUDJiTnI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDU4h4AwQA
w1JgAwQAw1JrAwQC1FX4MA0GCSqGSIb3DQEBCwUAA4IBAQA3Mi3/SzP7wvLiD3yz
9cn5sqkDngtylO4PerRhLnPdbVLlFlOaE1EHvM4IYztHxhsdXnZBuUk50iU6VoxT
sOV0GAlihLz+JdPg2KZzycaYMB7aIQRV6MougsdcCKASGVfaa4+kgZsBoXWf5Wie
NDs8kDOK9J3RPlywk5+8LGNlehixBPJI9rVKPWhy5vkSk6rcBwpV8NDMFKyftRE9
gshkm69aHKDWf/4lIUUexxd2fOBDC7+UdPksJxd7sJixKpsqgSx8R4Xqy0+Lznvn
hz6l2S/kkCvVsNFIQBoO3tZnyY7cUzlcg853QaXlCPS5BYVA+xvOUEn8gCKY9Q4m
SPkA
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:48:54 2024 by rpki-client on console-ams.rpki-client.org