Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/mj96qHKA5MOHG5Eh77KoCDPC2Ts.roa
File: mj96qHKA5MOHG5Eh77KoCDPC2Ts.roa (raw, json)
Hash identifier: gT53mnUVfnbnP/Y8k2IbSkYM3CdIBHspM4X6skC/9iE=
Subject key identifier: 9A:3F:7A:A8:72:80:E4:C3:87:1B:91:21:EF:B2:A8:08:33:C2:D9:3B
Certificate issuer: /CN=406f014a2bc76ae04e6d304d06aacbfc8e85d514
Certificate serial: 018CC492CAB42B81D5A431361792C1505F97
Authority key identifier: 40:6F:01:4A:2B:C7:6A:E0:4E:6D:30:4D:06:AA:CB:FC:8E:85:D5:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QG8BSivHauBObTBNBqrL_I6F1RQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/mj96qHKA5MOHG5Eh77KoCDPC2Ts.roa
Signing time: Mon 01 Jan 2024 10:30:03 +0000
ROA not before: Mon 01 Jan 2024 10:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1820
IP address blocks: 91.192.184.0/22 maxlen: 32
194.246.120.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/QG8BSivHauBObTBNBqrL_I6F1RQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/QG8BSivHauBObTBNBqrL_I6F1RQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/QG8BSivHauBObTBNBqrL_I6F1RQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:ca:b4:2b:81:d5:a4:31:36:17:92:c1:50:5f:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=406f014a2bc76ae04e6d304d06aacbfc8e85d514
Validity
Not Before: Jan 1 10:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a3f7aa87280e4c3871b9121efb2a80833c2d93b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f6:72:e0:c8:3a:03:9d:a4:fe:64:56:a5:bc:
0d:ad:7b:e2:5e:53:31:7d:c3:53:71:d9:9a:40:3b:
66:ac:39:58:86:60:d1:ae:cc:f5:9f:ee:25:b3:60:
be:c8:b2:43:85:d6:ab:8d:d3:3a:a0:51:1f:9d:b9:
6e:aa:66:53:b8:02:48:46:75:df:6f:dc:74:a4:0d:
b6:41:7d:a2:bf:18:2b:0f:3e:29:e3:5d:ae:b0:0b:
e9:42:b3:cd:aa:1a:eb:62:cc:9d:2f:39:c0:43:33:
52:84:11:c7:52:55:4e:98:04:73:f6:1d:2f:ef:77:
38:cb:47:6b:07:cc:67:54:13:c4:0c:2b:27:01:a0:
79:ce:c3:a0:fb:10:d5:5a:8e:91:37:4c:ea:7a:91:
84:72:7f:5b:5a:b4:36:b4:6d:34:64:fc:d3:f4:f2:
d1:cc:52:d4:8e:50:3f:16:fa:67:56:0d:a9:52:17:
79:a6:90:45:9e:fd:fe:0a:49:08:c7:7c:8f:8c:79:
0f:41:43:1c:50:05:0c:cd:e6:f5:1f:8b:70:c3:c7:
04:76:87:a3:a5:0c:9e:c3:f0:7f:74:f9:33:2d:a4:
09:21:07:94:09:b4:60:14:f1:9b:7d:3c:16:92:0d:
53:8a:5f:ea:64:57:1b:14:d4:d8:af:1a:24:d8:70:
db:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:3F:7A:A8:72:80:E4:C3:87:1B:91:21:EF:B2:A8:08:33:C2:D9:3B
X509v3 Authority Key Identifier:
keyid:40:6F:01:4A:2B:C7:6A:E0:4E:6D:30:4D:06:AA:CB:FC:8E:85:D5:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QG8BSivHauBObTBNBqrL_I6F1RQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/mj96qHKA5MOHG5Eh77KoCDPC2Ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/QG8BSivHauBObTBNBqrL_I6F1RQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.184.0/22
194.246.120.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:81:1c:57:b3:1b:be:4e:b5:35:49:3a:79:88:03:4b:4b:0a:
b0:84:6d:f0:23:aa:e9:13:73:c0:c5:75:ac:c3:41:01:43:de:
ae:02:8e:8c:d3:f8:86:99:5d:7e:22:3b:c9:0a:d0:88:0a:82:
06:1b:b3:33:2f:f1:f3:10:f4:89:d4:08:7c:32:63:86:04:19:
64:e0:cb:51:85:19:4b:94:44:70:40:13:8f:20:18:a1:90:99:
4f:6f:93:73:18:2b:fd:0f:03:18:10:e8:be:8f:0f:06:3b:db:
04:f3:49:61:b1:94:7b:ed:12:6a:b8:f0:87:5e:77:d7:33:3d:
66:42:f7:16:65:c2:90:06:c6:04:97:82:ea:e0:6b:c0:48:b8:
b1:60:7c:71:fa:86:5a:e2:d4:00:a5:18:a2:7a:0d:90:3f:ba:
88:34:35:e4:f9:c6:ca:91:f4:78:79:ed:7b:bc:f5:10:b2:72:
39:c9:5e:c0:1a:fe:29:cd:8c:83:70:d1:c7:7d:e8:2d:82:77:
8c:cf:8a:27:2d:c3:29:8e:6e:c9:f1:3b:dc:e0:ff:f5:3b:3b:
a5:3f:36:b3:8e:0e:57:56:41:18:ce:d0:1d:4c:9a:03:43:dd:
ae:6e:c1:ea:45:5a:86:c9:d9:77:b5:8d:b5:78:e5:8d:a5:4a:
43:d0:eb:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEksq0K4HVpDE2F5LBUF+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNmYwMTRhMmJjNzZhZTA0ZTZkMzA0ZDA2YWFjYmZjOGU4
NWQ1MTQwHhcNMjQwMTAxMTAzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTNmN2FhODcyODBlNGMzODcxYjkxMjFlZmIyYTgwODMzYzJkOTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfZy4Mg6A52k/mRWpbwNrXviXlMx
fcNTcdmaQDtmrDlYhmDRrsz1n+4ls2C+yLJDhdarjdM6oFEfnbluqmZTuAJIRnXf
b9x0pA22QX2ivxgrDz4p412usAvpQrPNqhrrYsydLznAQzNShBHHUlVOmARz9h0v
73c4y0drB8xnVBPEDCsnAaB5zsOg+xDVWo6RN0zqepGEcn9bWrQ2tG00ZPzT9PLR
zFLUjlA/FvpnVg2pUhd5ppBFnv3+CkkIx3yPjHkPQUMcUAUMzeb1H4tww8cEdoej
pQyew/B/dPkzLaQJIQeUCbRgFPGbfTwWkg1Til/qZFcbFNTYrxok2HDbLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJo/eqhygOTDhxuRIe+yqAgzwtk7MB8GA1UdIwQY
MBaAFEBvAUorx2rgTm0wTQaqy/yOhdUUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUc4QlNpdkhhdUJPYlRCTkJxckxfSTZGMVJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hYjNjYWEtMzEzZS00NjgzLTg0ZGIt
OWVlNWE3OGVjNTdiLzEvbWo5NnFIS0E1TU9IRzVFaDc3S29DRFBDMlRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hYjNjYWEtMzEzZS00NjgzLTg0ZGItOWVlNWE3OGVjNTdi
LzEvUUc4QlNpdkhhdUJPYlRCTkJxckxfSTZGMVJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8C4AwQB
wvZ4MA0GCSqGSIb3DQEBCwUAA4IBAQAMgRxXsxu+TrU1STp5iANLSwqwhG3wI6rp
E3PAxXWsw0EBQ96uAo6M0/iGmV1+IjvJCtCICoIGG7MzL/HzEPSJ1Ah8MmOGBBlk
4MtRhRlLlERwQBOPIBihkJlPb5NzGCv9DwMYEOi+jw8GO9sE80lhsZR77RJquPCH
XnfXMz1mQvcWZcKQBsYEl4Lq4GvASLixYHxx+oZa4tQApRiieg2QP7qINDXk+cbK
kfR4ee17vPUQsnI5yV7AGv4pzYyDcNHHfegtgneMz4onLcMpjm7J8Tvc4P/1Ozul
Pzazjg5XVkEYztAdTJoDQ92ubsHqRVqGydl3tY21eOWNpUpD0Ous
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:49:31 2024 by rpki-client on console-fra.rpki-client.org