Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/mG8Bkra50XtcA_lW5lqnDhkws28.roa
File: mG8Bkra50XtcA_lW5lqnDhkws28.roa (raw, json)
Hash identifier: U1A56l8O3QnwzRYceouN7ESv8MHhQY2dfnqSEoeByKE=
Subject key identifier: 98:6F:01:92:B6:B9:D1:7B:5C:03:F9:56:E6:5A:A7:0E:19:30:B3:6F
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 018CC26CF9151E7C69ED32BC05E19C20D694
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/mG8Bkra50XtcA_lW5lqnDhkws28.roa
Signing time: Mon 01 Jan 2024 00:29:30 +0000
ROA not before: Mon 01 Jan 2024 00:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203978
IP address blocks: 185.176.104.0/22 maxlen: 24
185.106.44.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f9:15:1e:7c:69:ed:32:bc:05:e1:9c:20:d6:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Jan 1 00:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=986f0192b6b9d17b5c03f956e65aa70e1930b36f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2f:15:7b:4d:de:36:59:18:b1:df:c4:dd:3e:
32:e3:14:50:94:22:f5:16:35:cb:1d:dd:83:fd:6d:
52:33:52:ef:8f:bb:97:65:df:68:18:96:43:1d:fb:
2d:84:a5:1d:73:ba:44:82:36:6a:a5:e9:50:2a:2f:
80:41:c9:87:27:13:b7:f8:bc:56:e8:30:a1:b4:0b:
83:fe:7a:51:fb:ae:41:ac:56:ad:35:6e:b3:15:bd:
1f:ee:79:bb:d7:da:90:e8:12:7c:3d:6c:65:71:34:
42:9f:04:df:ba:09:92:f8:42:26:64:a3:74:56:36:
28:01:17:2d:38:d6:25:e3:b4:37:1c:d5:96:96:71:
19:74:29:d9:92:bc:56:f1:97:20:48:93:e8:d2:65:
78:d5:ca:b2:1a:54:25:e4:fe:f1:d4:ea:43:88:82:
d0:21:11:f7:32:64:81:db:f2:42:8e:06:c6:12:68:
87:ae:92:f8:ef:c0:27:8b:07:49:37:ff:0f:24:e5:
7b:14:73:8e:b0:be:89:70:b9:a9:a1:d3:d3:e4:ab:
be:10:58:da:30:5e:be:8a:04:35:08:e6:eb:08:42:
9c:76:38:25:d9:c5:35:11:c0:f3:cc:30:e1:da:4f:
f8:a4:7a:3f:7f:83:18:5b:fe:65:ea:3f:33:4b:79:
bc:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:6F:01:92:B6:B9:D1:7B:5C:03:F9:56:E6:5A:A7:0E:19:30:B3:6F
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/mG8Bkra50XtcA_lW5lqnDhkws28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.44.0/22
185.176.104.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:ec:86:a9:d4:ea:a9:a5:92:17:2c:9a:98:85:06:c8:ee:85:
fb:aa:29:ca:0f:2f:eb:e1:3d:4d:31:52:dd:7c:9f:2f:37:23:
73:55:15:84:ee:a8:6f:fa:b0:f1:50:1d:0b:b0:27:15:b9:a3:
90:24:16:38:47:49:2c:45:59:12:3e:29:20:2d:a3:c1:79:87:
71:a6:d2:c5:67:e4:74:8f:23:5f:7f:10:eb:da:23:83:6f:8e:
c5:19:07:c1:0a:b3:42:4d:ec:71:7f:39:32:b9:55:0c:4a:66:
39:19:39:2a:aa:76:f2:35:14:71:3d:ca:4c:bb:d3:11:60:18:
c7:9b:a6:64:76:24:39:d5:c8:78:d7:fe:1c:c6:f4:b5:b9:c7:
34:7e:0f:e3:21:50:9a:95:e5:23:43:3e:40:0b:88:ab:df:dc:
44:f3:12:ab:31:42:8d:8c:22:9a:4f:eb:9b:cc:3a:c7:ec:aa:
f5:fb:6e:8c:62:b7:31:d0:8d:d2:e2:da:84:c5:9b:b5:2e:59:
07:55:36:78:cc:6e:ff:15:b1:03:d9:2e:4a:0f:5e:ed:35:41:
a4:b5:85:b2:99:d0:53:39:89:9d:17:7e:3c:c8:3a:fe:01:3c:
97:b5:da:94:9a:3e:c2:f2:3d:33:9d:5d:f2:0c:a2:48:c2:6d:
fb:7d:8a:c9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbPkVHnxp7TK8BeGcINaUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjQwMTAxMDAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODZmMDE5MmI2YjlkMTdiNWMwM2Y5NTZlNjVhYTcwZTE5MzBiMzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwS8Ve03eNlkYsd/E3T4y4xRQlCL1
FjXLHd2D/W1SM1Lvj7uXZd9oGJZDHfsthKUdc7pEgjZqpelQKi+AQcmHJxO3+LxW
6DChtAuD/npR+65BrFatNW6zFb0f7nm719qQ6BJ8PWxlcTRCnwTfugmS+EImZKN0
VjYoARctONYl47Q3HNWWlnEZdCnZkrxW8ZcgSJPo0mV41cqyGlQl5P7x1OpDiILQ
IRH3MmSB2/JCjgbGEmiHrpL478AniwdJN/8PJOV7FHOOsL6JcLmpodPT5Ku+EFja
MF6+igQ1CObrCEKcdjgl2cU1EcDzzDDh2k/4pHo/f4MYW/5l6j8zS3m8iQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJhvAZK2udF7XAP5VuZapw4ZMLNvMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvbUc4QmtyYTUwWHRjQV9sVzVscW5EaGt3czI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuWosAwQC
ubBoMA0GCSqGSIb3DQEBCwUAA4IBAQC/7Iap1OqppZIXLJqYhQbI7oX7qinKDy/r
4T1NMVLdfJ8vNyNzVRWE7qhv+rDxUB0LsCcVuaOQJBY4R0ksRVkSPikgLaPBeYdx
ptLFZ+R0jyNffxDr2iODb47FGQfBCrNCTexxfzkyuVUMSmY5GTkqqnbyNRRxPcpM
u9MRYBjHm6ZkdiQ51ch41/4cxvS1ucc0fg/jIVCaleUjQz5AC4ir39xE8xKrMUKN
jCKaT+ubzDrH7Kr1+26MYrcx0I3S4tqExZu1LlkHVTZ4zG7/FbED2S5KD17tNUGk
tYWymdBTOYmdF348yDr+ATyXtdqUmj7C8j0znV3yDKJIwm37fYrJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:06:58 2024 by rpki-client on console-ams.rpki-client.org