Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/7473ac-8437-4c21-ac13-0b477ca73ac6/1/mh1KIn-1S4z2Eu-z87wpx8Ovs4c.roa
File: mh1KIn-1S4z2Eu-z87wpx8Ovs4c.roa (raw, json)
Hash identifier: 066bH/sML8fM52If8qbzAmxmf4HAjCP6xqF4+fmapSk=
Subject key identifier: 9A:1D:4A:22:7F:B5:4B:8C:F6:12:EF:B3:F3:BC:29:C7:C3:AF:B3:87
Certificate issuer: /CN=509fe7e8b9de675913121e7ebb4226b62d03b1cb
Certificate serial: 018CC72733E5E32C5D6DCAE7F7028F8B5A1E
Authority key identifier: 50:9F:E7:E8:B9:DE:67:59:13:12:1E:7E:BB:42:26:B6:2D:03:B1:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJ_n6LneZ1kTEh5-u0Imti0Dscs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/7473ac-8437-4c21-ac13-0b477ca73ac6/1/mh1KIn-1S4z2Eu-z87wpx8Ovs4c.roa
Signing time: Mon 01 Jan 2024 22:31:24 +0000
ROA not before: Mon 01 Jan 2024 22:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25413
IP address blocks: 194.105.120.0/21 maxlen: 24
194.156.12.0/22 maxlen: 24
146.106.0.0/16 maxlen: 24
2a0d:c40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/7473ac-8437-4c21-ac13-0b477ca73ac6/1/UJ_n6LneZ1kTEh5-u0Imti0Dscs.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/7473ac-8437-4c21-ac13-0b477ca73ac6/1/UJ_n6LneZ1kTEh5-u0Imti0Dscs.mft
rsync://rpki.ripe.net/repository/DEFAULT/UJ_n6LneZ1kTEh5-u0Imti0Dscs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:33:e5:e3:2c:5d:6d:ca:e7:f7:02:8f:8b:5a:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=509fe7e8b9de675913121e7ebb4226b62d03b1cb
Validity
Not Before: Jan 1 22:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a1d4a227fb54b8cf612efb3f3bc29c7c3afb387
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:c0:21:f6:4a:b6:07:93:9a:23:75:65:75:4a:
d7:9a:6b:14:08:d6:3b:1d:34:88:1c:93:46:ee:cd:
d9:c7:1a:4c:38:5c:f4:05:93:7a:03:43:c9:86:e1:
bd:51:08:40:fa:8a:c7:41:5d:7e:0a:d5:e2:9f:c5:
ab:42:59:af:e1:ef:e9:ac:5c:d2:51:b1:34:d0:fc:
62:d4:22:d8:ff:60:76:1c:e1:12:5d:e7:93:35:95:
e3:aa:de:7c:ab:25:4b:eb:7d:85:b9:18:f7:d4:98:
04:71:74:dd:06:13:89:eb:10:9a:14:4e:e3:a4:54:
0c:68:a0:31:85:9a:00:54:4b:2c:4c:2b:f7:c3:7b:
9a:91:5d:2f:52:12:55:d3:f1:e5:a5:25:5e:88:61:
c3:c4:4a:f4:a4:80:ec:75:5f:dd:6e:ed:02:03:4b:
13:cc:c9:15:c2:f7:f3:85:e6:6b:78:1d:62:dc:82:
14:10:87:34:87:96:1e:82:5f:ae:55:98:8e:f8:ad:
6b:38:06:fa:6f:ff:82:a2:f4:c6:91:ab:33:9f:ef:
48:79:87:79:99:bb:1c:86:2f:8d:4a:da:60:68:cc:
a3:f4:85:5e:9e:c2:7b:9b:64:ec:7f:b4:e7:b5:b8:
07:94:53:65:19:49:d3:24:e5:95:d6:de:c3:f1:75:
76:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:1D:4A:22:7F:B5:4B:8C:F6:12:EF:B3:F3:BC:29:C7:C3:AF:B3:87
X509v3 Authority Key Identifier:
keyid:50:9F:E7:E8:B9:DE:67:59:13:12:1E:7E:BB:42:26:B6:2D:03:B1:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJ_n6LneZ1kTEh5-u0Imti0Dscs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/7473ac-8437-4c21-ac13-0b477ca73ac6/1/mh1KIn-1S4z2Eu-z87wpx8Ovs4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/7473ac-8437-4c21-ac13-0b477ca73ac6/1/UJ_n6LneZ1kTEh5-u0Imti0Dscs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.106.0.0/16
194.105.120.0/21
194.156.12.0/22
IPv6:
2a0d:c40::/29
Signature Algorithm: sha256WithRSAEncryption
30:2e:ef:dc:04:f2:12:ca:91:91:10:71:2b:d0:17:a7:16:4f:
4a:73:22:b0:51:5d:5e:d2:46:9e:8c:0b:70:0f:ac:17:ba:2e:
0d:d9:a4:56:5c:3f:81:35:2d:d1:49:a8:12:94:89:77:00:21:
70:de:e5:10:3f:79:5c:3f:d7:1b:29:0f:a9:88:fc:a5:57:2e:
80:71:d2:5e:87:c1:15:3c:4c:9e:02:2a:51:c2:da:51:c5:7d:
9c:75:79:25:35:0d:43:46:58:84:18:88:0a:b7:fa:2c:2a:1b:
c1:ba:14:52:3f:b3:27:20:f8:db:03:ab:c7:b7:50:72:58:7d:
6c:99:69:1c:c8:e8:e7:79:ed:4f:d2:f3:12:02:37:16:c2:86:
e7:80:1f:0e:02:80:1a:d0:22:bd:42:82:e5:fe:c8:2e:63:a1:
a0:1f:36:3e:25:1e:34:2c:ad:ec:4b:49:58:2d:fa:01:a5:40:
02:ae:3d:7b:63:a7:d8:f3:d2:2d:22:1d:54:ca:7f:e8:85:cc:
f1:a0:3f:d3:0e:0d:cf:0e:85:81:32:a5:90:05:2a:87:03:83:
58:8a:f7:29:20:3a:4c:a0:8a:4c:d1:ac:d9:98:9b:18:15:b7:
08:97:fe:10:eb:ab:49:c5:5a:0d:cc:b8:cd:cc:44:b1:43:8c:
4c:26:a0:17
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzHJzPl4yxdbcrn9wKPi1oeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOWZlN2U4YjlkZTY3NTkxMzEyMWU3ZWJiNDIyNmI2MmQw
M2IxY2IwHhcNMjQwMTAxMjIzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTFkNGEyMjdmYjU0YjhjZjYxMmVmYjNmM2JjMjljN2MzYWZiMzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMAh9kq2B5OaI3VldUrXmmsUCNY7
HTSIHJNG7s3ZxxpMOFz0BZN6A0PJhuG9UQhA+orHQV1+CtXin8WrQlmv4e/prFzS
UbE00Pxi1CLY/2B2HOESXeeTNZXjqt58qyVL632FuRj31JgEcXTdBhOJ6xCaFE7j
pFQMaKAxhZoAVEssTCv3w3uakV0vUhJV0/HlpSVeiGHDxEr0pIDsdV/dbu0CA0sT
zMkVwvfzheZreB1i3IIUEIc0h5Yegl+uVZiO+K1rOAb6b/+CovTGkaszn+9IeYd5
mbschi+NStpgaMyj9IVensJ7m2Tsf7TntbgHlFNlGUnTJOWV1t7D8XV21QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJodSiJ/tUuM9hLvs/O8KcfDr7OHMB8GA1UdIwQY
MBaAFFCf5+i53mdZExIefrtCJrYtA7HLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpfbjZMbmVaMWtURWg1LXUwSW10aTBEc2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy83NDczYWMtODQzNy00YzIxLWFjMTMt
MGI0NzdjYTczYWM2LzEvbWgxS0luLTFTNHoyRXUtejg3d3B4OE92czRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy83NDczYWMtODQzNy00YzIxLWFjMTMtMGI0NzdjYTczYWM2
LzEvVUpfbjZMbmVaMWtURWg1LXUwSW10aTBEc2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwMAkmoDBAPC
aXgDBALCnAwwDQQCAAIwBwMFAyoNDEAwDQYJKoZIhvcNAQELBQADggEBADAu79wE
8hLKkZEQcSvQF6cWT0pzIrBRXV7SRp6MC3APrBe6Lg3ZpFZcP4E1LdFJqBKUiXcA
IXDe5RA/eVw/1xspD6mI/KVXLoBx0l6HwRU8TJ4CKlHC2lHFfZx1eSU1DUNGWIQY
iAq3+iwqG8G6FFI/sycg+NsDq8e3UHJYfWyZaRzI6Od57U/S8xICNxbChueAHw4C
gBrQIr1CguX+yC5joaAfNj4lHjQsrexLSVgt+gGlQAKuPXtjp9jz0i0iHVTKf+iF
zPGgP9MODc8OhYEypZAFKocDg1iK9ykgOkygikzRrNmYmxgVtwiX/hDrq0nFWg3M
uM3MRLFDjEwmoBc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:42:04 2024 by rpki-client on console-ams.rpki-client.org