Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/mXVcAZjz2uXWsJsdMwn64MLi0G4.roa
File: mXVcAZjz2uXWsJsdMwn64MLi0G4.roa (raw, json)
Hash identifier: nCi0Gh1zrvEeK73/rAeQTqEbtsTqREkg0hShMavzhrQ=
Subject key identifier: 99:75:5C:01:98:F3:DA:E5:D6:B0:9B:1D:33:09:FA:E0:C2:E2:D0:6E
Certificate issuer: /CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Certificate serial: 018CC7271B9CF13007FC481F69613F52F19B
Authority key identifier: B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/mXVcAZjz2uXWsJsdMwn64MLi0G4.roa
Signing time: Mon 01 Jan 2024 22:31:18 +0000
ROA not before: Mon 01 Jan 2024 22:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14537
IP address blocks: 91.206.144.0/23 maxlen: 24
193.28.159.0/24 maxlen: 24
91.223.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.mft
rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:1b:9c:f1:30:07:fc:48:1f:69:61:3f:52:f1:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Validity
Not Before: Jan 1 22:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99755c0198f3dae5d6b09b1d3309fae0c2e2d06e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:da:19:76:c4:94:95:ec:7e:9d:ca:d4:13:c1:
8c:fc:87:77:d4:7d:9c:39:1f:b6:5a:eb:6a:05:53:
6d:95:1f:b7:4f:60:bf:32:9f:28:b7:1a:e5:21:eb:
60:2c:6b:3a:3d:44:39:48:d5:c1:c8:d7:18:b8:9c:
f8:b8:27:66:76:ab:9f:b8:dd:a0:80:d4:10:cc:ba:
6e:77:be:41:88:b4:50:71:b5:e2:97:17:cf:84:c7:
b6:e8:9c:09:e5:97:c8:4b:88:a5:d1:97:55:00:58:
f6:77:69:c4:82:d9:ca:5e:65:b9:c3:6d:75:db:cc:
56:50:05:7c:f3:c5:2d:a7:fd:3a:36:21:4f:3b:f3:
35:61:fd:b6:75:ca:c1:4e:66:8a:74:81:63:f5:c8:
2a:57:73:92:a8:e7:dd:1b:9f:f8:5d:3d:ba:f7:07:
02:27:a3:27:04:3c:4f:c7:10:de:ea:cd:3b:58:d9:
35:63:9c:52:0a:b8:4f:6d:2b:77:75:7b:7f:82:db:
c4:97:93:be:07:2d:16:8a:f0:7e:24:af:ca:80:5d:
20:d5:fb:7c:1d:81:dc:ee:f7:9c:0d:f8:16:26:e1:
7e:22:ea:95:03:d0:b0:08:d6:bb:ec:c2:34:52:5c:
9e:e1:e1:34:fa:96:8e:fa:ae:d2:46:96:c4:c0:4b:
8c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:75:5C:01:98:F3:DA:E5:D6:B0:9B:1D:33:09:FA:E0:C2:E2:D0:6E
X509v3 Authority Key Identifier:
keyid:B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/mXVcAZjz2uXWsJsdMwn64MLi0G4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.144.0/23
91.223.161.0/24
193.28.159.0/24
Signature Algorithm: sha256WithRSAEncryption
76:07:1b:8e:90:0e:f0:0c:fe:95:0c:f1:8c:27:dd:01:eb:ee:
27:25:4b:99:99:8c:1b:f9:45:c8:40:82:06:95:d1:7b:81:84:
bf:86:cf:85:ee:67:b5:27:82:55:ea:5b:f6:c7:89:38:51:05:
d0:b0:97:85:f5:2b:fe:e0:21:1f:91:e9:7a:16:0a:2e:9f:d0:
75:0a:1f:f4:20:86:33:67:ab:b7:97:84:dd:56:05:1a:55:3a:
8c:f2:0a:d0:2b:18:6d:61:5b:01:de:20:10:7a:a0:ed:f2:37:
78:da:31:fa:ed:12:8b:e3:c9:de:e4:a9:4a:2d:d3:62:9b:00:
6d:b9:a0:04:4b:5a:e7:32:09:0c:22:c3:6c:68:05:cb:2d:26:
26:7f:89:ce:b0:2d:89:f6:ab:97:d0:c4:74:8c:85:85:14:f5:
7c:2a:9f:52:f0:bc:f3:6e:71:bb:d9:c1:71:75:a1:e9:5f:46:
b2:08:f9:d4:4e:23:cd:f9:e2:cf:b7:1b:be:63:b5:7a:b1:66:
42:f2:62:9e:49:77:b1:03:c1:f6:40:a7:00:58:cc:c6:8a:ce:
fa:cb:84:b2:f6:df:c1:dc:4f:8a:81:41:ed:8f:31:3c:49:c0:
c7:4f:cb:40:7c:56:aa:cd:7d:a9:58:9a:83:87:7e:85:64:92:
da:f8:f6:1c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJxuc8TAH/EgfaWE/UvGbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YjBhODY2NTllYzMxNGYxM2EwNGUzYTAzZGJkYjEyNDRh
MGUwYTkwHhcNMjQwMTAxMjIzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTc1NWMwMTk4ZjNkYWU1ZDZiMDliMWQzMzA5ZmFlMGMyZTJkMDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNoZdsSUlex+ncrUE8GM/Id31H2c
OR+2WutqBVNtlR+3T2C/Mp8otxrlIetgLGs6PUQ5SNXByNcYuJz4uCdmdqufuN2g
gNQQzLpud75BiLRQcbXilxfPhMe26JwJ5ZfIS4il0ZdVAFj2d2nEgtnKXmW5w211
28xWUAV888Utp/06NiFPO/M1Yf22dcrBTmaKdIFj9cgqV3OSqOfdG5/4XT269wcC
J6MnBDxPxxDe6s07WNk1Y5xSCrhPbSt3dXt/gtvEl5O+By0WivB+JK/KgF0g1ft8
HYHc7vecDfgWJuF+IuqVA9CwCNa77MI0Ulye4eE0+paO+q7SRpbEwEuMEwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJl1XAGY89rl1rCbHTMJ+uDC4tBuMB8GA1UdIwQY
MBaAFLWwqGZZ7DFPE6BOOgPb2xJEoOCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTIt
N2ZiZjVlZTI5MGFjLzEvbVhWY0FaanoydVhXc0pzZE13bjY0TUxpMEc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTItN2ZiZjVlZTI5MGFj
LzEvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW86QAwQA
W9+hAwQAwRyfMA0GCSqGSIb3DQEBCwUAA4IBAQB2BxuOkA7wDP6VDPGMJ90B6+4n
JUuZmYwb+UXIQIIGldF7gYS/hs+F7me1J4JV6lv2x4k4UQXQsJeF9Sv+4CEfkel6
Fgoun9B1Ch/0IIYzZ6u3l4TdVgUaVTqM8grQKxhtYVsB3iAQeqDt8jd42jH67RKL
48ne5KlKLdNimwBtuaAES1rnMgkMIsNsaAXLLSYmf4nOsC2J9quX0MR0jIWFFPV8
Kp9S8LzzbnG72cFxdaHpX0ayCPnUTiPN+eLPtxu+Y7V6sWZC8mKeSXexA8H2QKcA
WMzGis76y4Sy9t/B3E+KgUHtjzE8ScDHT8tAfFaqzX2pWJqDh36FZJLa+PYc
-----END CERTIFICATE-----
Generated at Sat Jun 1 08:43:35 2024 by rpki-client on console-ams.rpki-client.org