Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/x95Mn108wp2Mz3IpBwxm84TkBYw.roa
File: x95Mn108wp2Mz3IpBwxm84TkBYw.roa (raw, json)
Hash identifier: CuCbKtSIYTO0x/r3A+kRR+3hRfeJ+3JNd09Ph6VHxzo=
Subject key identifier: C7:DE:4C:9F:5D:3C:C2:9D:8C:CF:72:29:07:0C:66:F3:84:E4:05:8C
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 018CC3B7289A7E75BCAD9C783D3271F3F4A1
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/x95Mn108wp2Mz3IpBwxm84TkBYw.roa
Signing time: Mon 01 Jan 2024 06:30:09 +0000
ROA not before: Mon 01 Jan 2024 06:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2287
IP address blocks: 90.84.157.0/24 maxlen: 24
90.84.158.0/24 maxlen: 24
2a01:ceff:1::/48 maxlen: 48
2a01:ceff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:28:9a:7e:75:bc:ad:9c:78:3d:32:71:f3:f4:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 06:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7de4c9f5d3cc29d8ccf7229070c66f384e4058c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:bc:8b:b4:c5:71:d5:d8:57:16:b5:74:de:41:
63:5a:c8:3b:f6:3e:98:b8:d1:a1:41:ff:cc:b5:27:
fc:9b:a9:14:36:8e:6e:06:4f:d6:de:44:d0:6e:58:
d3:75:7c:59:cf:d4:a8:11:33:07:23:5e:cd:37:59:
50:4f:d7:6c:3f:37:15:45:e4:b2:0d:51:4a:86:61:
73:60:95:fb:4f:52:c4:14:cc:4e:7b:a6:bd:0d:30:
b2:f3:37:0e:b4:73:58:83:a7:08:be:38:9e:51:e7:
1d:ae:b4:43:48:4a:ab:19:a9:f6:a2:45:ab:e4:2a:
1e:78:94:08:ba:da:7e:91:12:a2:a8:e9:32:93:2b:
5e:3d:91:e1:3d:1d:4c:b6:e7:5d:5b:1b:fe:9b:c0:
7e:2a:a5:54:67:15:e3:fa:d3:76:6c:75:29:fd:75:
8b:50:91:2a:a1:99:8e:1e:f5:4c:25:1f:45:bb:5d:
1b:88:99:f4:87:05:25:e4:05:78:20:e5:3a:bd:ce:
7a:4e:1e:04:54:6a:d8:bd:79:ed:c7:0e:46:93:93:
e7:82:5a:7d:71:4d:f3:c3:fb:81:85:60:f9:70:7a:
54:c1:34:e6:99:ff:7e:aa:49:a9:9e:4f:34:93:20:
1d:9c:64:55:28:55:96:0f:9e:33:83:fa:d7:52:d9:
ea:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:DE:4C:9F:5D:3C:C2:9D:8C:CF:72:29:07:0C:66:F3:84:E4:05:8C
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/x95Mn108wp2Mz3IpBwxm84TkBYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.84.157.0-90.84.158.255
IPv6:
2a01:ceff::/47
Signature Algorithm: sha256WithRSAEncryption
65:ca:a8:8d:a9:1e:da:07:e9:91:e0:d6:2d:19:cb:bf:20:41:
b4:d3:31:00:b0:b5:df:47:e9:ef:9a:95:f1:91:fe:c7:a9:c2:
07:89:68:44:41:e1:26:c3:13:47:60:a9:0f:89:22:09:98:82:
8a:51:b4:66:45:71:bb:62:06:88:32:d4:4c:e7:c0:ef:8d:e0:
8b:96:4c:91:51:bd:22:47:ab:87:86:57:c0:8d:dc:36:46:49:
0e:1e:6d:15:90:12:67:87:a2:7c:f7:f3:19:df:d8:7a:bd:f5:
7c:a9:b5:65:66:49:d8:15:b9:d0:a5:78:e9:6c:cc:d3:71:ca:
23:a3:c1:7d:11:d2:ee:83:de:34:99:63:38:8e:51:ee:93:b2:
f5:76:99:8b:fb:fe:0c:47:02:a9:1f:b8:be:e5:da:bb:e7:97:
8b:4c:43:d3:5b:2e:99:72:f3:8a:7f:fb:e6:e0:1f:a4:22:ff:
aa:6b:7f:fb:cd:e0:2f:17:d5:a6:18:2d:aa:71:02:f0:1c:e7:
26:35:74:74:3f:e4:59:91:0c:81:a9:89:c1:0c:60:08:bf:0e:
b5:57:9a:d8:50:85:a8:00:25:88:55:87:25:fc:41:26:1f:25:
f8:42:2b:7b:e2:13:06:e9:31:2c:bc:53:07:bd:a7:b5:a7:75:
d9:a0:4e:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzDtyiafnW8rZx4PTJx8/ShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjQwMTAxMDYzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2RlNGM5ZjVkM2NjMjlkOGNjZjcyMjkwNzBjNjZmMzg0ZTQwNThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbyLtMVx1dhXFrV03kFjWsg79j6Y
uNGhQf/MtSf8m6kUNo5uBk/W3kTQbljTdXxZz9SoETMHI17NN1lQT9dsPzcVReSy
DVFKhmFzYJX7T1LEFMxOe6a9DTCy8zcOtHNYg6cIvjieUecdrrRDSEqrGan2okWr
5CoeeJQIutp+kRKiqOkykytePZHhPR1MtuddWxv+m8B+KqVUZxXj+tN2bHUp/XWL
UJEqoZmOHvVMJR9Fu10biJn0hwUl5AV4IOU6vc56Th4EVGrYvXntxw5Gk5Pnglp9
cU3zw/uBhWD5cHpUwTTmmf9+qkmpnk80kyAdnGRVKFWWD54zg/rXUtnqnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMfeTJ9dPMKdjM9yKQcMZvOE5AWMMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEveDk1TW4xMDh3cDJNejNJcEJ3eG04NFRrQll3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBABaVJ0D
BABaVJ4wDwQCAAIwCQMHASoBzv8AADANBgkqhkiG9w0BAQsFAAOCAQEAZcqojake
2gfpkeDWLRnLvyBBtNMxALC130fp75qV8ZH+x6nCB4loREHhJsMTR2CpD4kiCZiC
ilG0ZkVxu2IGiDLUTOfA743gi5ZMkVG9Ikerh4ZXwI3cNkZJDh5tFZASZ4eifPfz
Gd/Yer31fKm1ZWZJ2BW50KV46WzM03HKI6PBfRHS7oPeNJljOI5R7pOy9XaZi/v+
DEcCqR+4vuXau+eXi0xD01sumXLzin/75uAfpCL/qmt/+83gLxfVphgtqnEC8Bzn
JjV0dD/kWZEMgamJwQxgCL8OtVea2FCFqAAliFWHJfxBJh8l+EIre+ITBukxLLxT
B72ntad12aBOZw==
-----END CERTIFICATE-----
Generated at Sun May 19 21:17:40 2024 by rpki-client on console-ams.rpki-client.org