Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/6555c3-0546-4eef-8648-506a21595cb8/1/mS9nbMSpMaQ86uKnMp9Pat2QM84.roa
File: mS9nbMSpMaQ86uKnMp9Pat2QM84.roa (raw, json)
Hash identifier: CHAjXwqLO6FkZv5rziwoGJ+rKUYV8fJQt/U4CTLb2p4=
Subject key identifier: 99:2F:67:6C:C4:A9:31:A4:3C:EA:E2:A7:32:9F:4F:6A:DD:90:33:CE
Certificate issuer: /CN=87a4e5d7725c5868aabea025b838dcc233c6ffc9
Certificate serial: 018CC72719EF57565CBCDD9910EB4D237E74
Authority key identifier: 87:A4:E5:D7:72:5C:58:68:AA:BE:A0:25:B8:38:DC:C2:33:C6:FF:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h6Tl13JcWGiqvqAluDjcwjPG_8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/6555c3-0546-4eef-8648-506a21595cb8/1/mS9nbMSpMaQ86uKnMp9Pat2QM84.roa
Signing time: Mon 01 Jan 2024 22:31:17 +0000
ROA not before: Mon 01 Jan 2024 22:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198263
IP address blocks: 91.232.164.0/22 maxlen: 22
193.186.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/6555c3-0546-4eef-8648-506a21595cb8/1/h6Tl13JcWGiqvqAluDjcwjPG_8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/6555c3-0546-4eef-8648-506a21595cb8/1/h6Tl13JcWGiqvqAluDjcwjPG_8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/h6Tl13JcWGiqvqAluDjcwjPG_8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:19:ef:57:56:5c:bc:dd:99:10:eb:4d:23:7e:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87a4e5d7725c5868aabea025b838dcc233c6ffc9
Validity
Not Before: Jan 1 22:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=992f676cc4a931a43ceae2a7329f4f6add9033ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ab:d4:5a:b6:81:33:4f:44:63:00:45:54:6f:
6a:ad:6a:7e:b3:0b:bd:d1:03:b6:81:4a:be:35:7d:
8e:f3:65:3a:2e:72:c1:ee:60:d6:dd:e3:ae:4f:0c:
db:73:5a:ae:57:51:b9:01:ac:4f:d5:a5:24:c2:ee:
a3:6b:18:e1:18:c9:c0:e9:ff:89:d8:c1:a9:de:45:
6e:d6:42:bf:59:b3:cd:b0:86:05:b7:a9:3e:9d:02:
8a:f6:a1:0e:ca:e1:f8:5e:df:cd:17:df:d9:16:a3:
48:7b:b5:ea:c4:a7:f4:2f:bd:38:4a:92:85:a9:7e:
9a:2e:bb:68:fb:4f:e1:bf:a1:00:97:a4:f6:37:8e:
be:7e:e2:85:0f:ec:d1:14:2c:82:22:2d:e1:05:34:
73:9a:21:ca:29:17:f2:0e:5f:cb:1d:aa:90:12:a5:
74:33:f7:10:7b:62:b0:ec:79:c8:e3:22:21:08:ac:
b4:b2:4e:e6:f9:c7:91:ee:e9:68:9b:f1:5d:13:89:
e7:a7:59:13:32:c8:e9:35:15:6f:14:5d:88:7c:1a:
36:64:e3:be:c3:43:32:c7:bd:95:da:a9:4b:64:e4:
c4:91:29:54:b8:da:9f:eb:d1:a6:85:ce:0c:f1:c4:
a8:79:d1:ef:e1:45:c0:7c:c6:a2:26:b9:5b:be:e2:
00:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:2F:67:6C:C4:A9:31:A4:3C:EA:E2:A7:32:9F:4F:6A:DD:90:33:CE
X509v3 Authority Key Identifier:
keyid:87:A4:E5:D7:72:5C:58:68:AA:BE:A0:25:B8:38:DC:C2:33:C6:FF:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h6Tl13JcWGiqvqAluDjcwjPG_8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/6555c3-0546-4eef-8648-506a21595cb8/1/mS9nbMSpMaQ86uKnMp9Pat2QM84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/6555c3-0546-4eef-8648-506a21595cb8/1/h6Tl13JcWGiqvqAluDjcwjPG_8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.164.0/22
193.186.39.0/24
Signature Algorithm: sha256WithRSAEncryption
34:11:ef:8d:07:7d:e4:cf:5c:29:aa:1c:2a:10:4a:bf:18:91:
7a:7d:10:8e:c2:d8:a8:5d:cb:25:48:94:bb:03:64:02:14:e5:
a2:90:b0:49:13:59:9d:93:84:a8:ed:31:b2:e2:c5:2a:8f:20:
ae:eb:2b:14:fd:87:8b:19:3c:7a:e1:40:5f:72:17:a5:e1:b6:
c5:b6:02:91:ab:28:86:0d:99:84:2e:6c:f3:2d:88:bb:dc:1b:
24:8f:c1:e3:c6:20:f7:b0:ca:d1:bc:b4:02:0f:cd:88:1d:33:
d5:06:9b:3f:a5:4c:31:93:b3:46:0b:8a:53:50:85:c0:07:83:
2c:00:0f:2b:96:ff:a6:1c:02:c9:58:7e:94:86:56:3b:4d:56:
9c:a5:16:3f:98:9d:68:a0:33:2a:37:e5:f5:04:67:75:cf:51:
71:c9:a7:74:de:7a:c2:da:13:78:39:d9:95:1b:f1:32:22:34:
5d:ea:5f:3e:ae:b0:98:17:9a:01:8a:11:7c:d2:d8:d0:83:87:
08:5b:8a:1f:01:ca:05:3c:fc:1a:29:b9:70:0c:df:47:16:2d:
d5:52:f5:0d:2f:6c:e4:16:75:8f:69:46:7a:bd:43:f6:06:af:
fc:32:59:34:3c:1a:06:fc:54:c8:ef:ea:58:aa:4a:f2:07:9d:
45:f2:f4:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJxnvV1ZcvN2ZEOtNI350MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YTRlNWQ3NzI1YzU4NjhhYWJlYTAyNWI4MzhkY2MyMzNj
NmZmYzkwHhcNMjQwMTAxMjIzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTJmNjc2Y2M0YTkzMWE0M2NlYWUyYTczMjlmNGY2YWRkOTAzM2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqvUWraBM09EYwBFVG9qrWp+swu9
0QO2gUq+NX2O82U6LnLB7mDW3eOuTwzbc1quV1G5AaxP1aUkwu6jaxjhGMnA6f+J
2MGp3kVu1kK/WbPNsIYFt6k+nQKK9qEOyuH4Xt/NF9/ZFqNIe7XqxKf0L704SpKF
qX6aLrto+0/hv6EAl6T2N46+fuKFD+zRFCyCIi3hBTRzmiHKKRfyDl/LHaqQEqV0
M/cQe2Kw7HnI4yIhCKy0sk7m+ceR7ulom/FdE4nnp1kTMsjpNRVvFF2IfBo2ZOO+
w0Myx72V2qlLZOTEkSlUuNqf69Gmhc4M8cSoedHv4UXAfMaiJrlbvuIA3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJkvZ2zEqTGkPOripzKfT2rdkDPOMB8GA1UdIwQY
MBaAFIek5ddyXFhoqr6gJbg43MIzxv/JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDZUbDEzSmNXR2lxdnFBbHVEamN3alBHXzhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My82NTU1YzMtMDU0Ni00ZWVmLTg2NDgt
NTA2YTIxNTk1Y2I4LzEvbVM5bmJNU3BNYVE4NnVLbk1wOVBhdDJRTTg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My82NTU1YzMtMDU0Ni00ZWVmLTg2NDgtNTA2YTIxNTk1Y2I4
LzEvaDZUbDEzSmNXR2lxdnFBbHVEamN3alBHXzhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+ikAwQA
wbonMA0GCSqGSIb3DQEBCwUAA4IBAQA0Ee+NB33kz1wpqhwqEEq/GJF6fRCOwtio
XcslSJS7A2QCFOWikLBJE1mdk4So7TGy4sUqjyCu6ysU/YeLGTx64UBfchel4bbF
tgKRqyiGDZmELmzzLYi73Bskj8HjxiD3sMrRvLQCD82IHTPVBps/pUwxk7NGC4pT
UIXAB4MsAA8rlv+mHALJWH6UhlY7TVacpRY/mJ1ooDMqN+X1BGd1z1Fxyad03nrC
2hN4OdmVG/EyIjRd6l8+rrCYF5oBihF80tjQg4cIW4ofAcoFPPwaKblwDN9HFi3V
UvUNL2zkFnWPaUZ6vUP2Bq/8Mlk0PBoG/FTI7+pYqkryB51F8vQ3
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:00:52 2024 by rpki-client on console-fra.rpki-client.org