Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/mhWQbvSI_viOxf27wuKLV4-3i4M.roa
File: mhWQbvSI_viOxf27wuKLV4-3i4M.roa (raw, json)
Hash identifier: q2gp512luGlLNjLO1g9rOCCnwLnEggWfhqCO5d978OY=
Subject key identifier: 9A:15:90:6E:F4:88:FE:F8:8E:C5:FD:BB:C2:E2:8B:57:8F:B7:8B:83
Certificate issuer: /CN=dc94bb69453f139a60029e22db0fb3424a906cee
Certificate serial: 019247A9464F9A8772B73FAE13C584946AE3
Authority key identifier: DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/mhWQbvSI_viOxf27wuKLV4-3i4M.roa
Signing time: Tue 01 Oct 2024 10:38:48 +0000
ROA not before: Tue 01 Oct 2024 10:38:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15683
IP address blocks: 78.27.128.0/18 maxlen: 24
91.196.192.0/22 maxlen: 24
91.200.248.0/22 maxlen: 24
91.203.48.0/22 maxlen: 24
94.45.32.0/19 maxlen: 24
193.222.140.0/24 maxlen: 24
193.243.152.0/23 maxlen: 24
2a01:6d80:2000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 10:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:47:a9:46:4f:9a:87:72:b7:3f:ae:13:c5:84:94:6a:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc94bb69453f139a60029e22db0fb3424a906cee
Validity
Not Before: Oct 1 10:38:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a15906ef488fef88ec5fdbbc2e28b578fb78b83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f7:9c:7b:e6:18:eb:f2:55:20:d3:92:94:fd:
7e:8b:d1:e2:56:ca:99:bc:b1:ed:18:a1:cb:b5:61:
7c:c0:29:e8:aa:60:2c:be:d1:49:45:cf:bb:25:8b:
a2:b4:e5:fb:66:f6:83:f1:f3:64:21:6a:78:ca:bb:
a7:9e:f5:be:a7:59:dc:86:d4:84:8f:bf:ca:e9:18:
ca:7e:5e:f6:70:93:45:3a:53:73:a5:e4:fb:2c:bf:
23:de:b1:6b:bf:93:51:96:a4:77:ba:38:e5:1b:40:
ec:8a:62:1c:17:4c:1c:e8:07:29:da:4b:88:87:f9:
58:9e:ef:6f:79:66:03:ba:36:f5:2e:56:6a:bb:af:
d8:20:79:71:22:95:3c:af:90:f9:af:87:2a:1b:14:
67:ad:67:a5:11:c8:49:d4:71:e6:9b:e5:c6:8d:44:
c2:2e:5b:32:6f:6a:db:36:6b:40:f7:cb:b4:0c:d0:
53:5a:df:56:3e:53:1d:e5:60:b5:bb:74:8f:bc:7a:
ce:74:2b:93:34:0e:ea:08:74:fe:66:39:9d:de:7a:
2c:e2:c1:68:06:25:5c:f0:b7:95:55:e3:66:b9:38:
55:ba:03:d6:d6:2c:6b:ff:b0:8b:e4:4b:a3:0f:b3:
7d:3a:83:ba:52:b3:3b:5f:12:41:e4:57:dd:29:15:
10:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:15:90:6E:F4:88:FE:F8:8E:C5:FD:BB:C2:E2:8B:57:8F:B7:8B:83
X509v3 Authority Key Identifier:
keyid:DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/mhWQbvSI_viOxf27wuKLV4-3i4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.27.128.0/18
91.196.192.0/22
91.200.248.0/22
91.203.48.0/22
94.45.32.0/19
193.222.140.0/24
193.243.152.0/23
IPv6:
2a01:6d80:2000::/36
Signature Algorithm: sha256WithRSAEncryption
4a:80:bd:57:1b:50:dd:fc:99:fd:3f:d7:67:84:2e:91:7a:bc:
da:e1:da:02:18:60:c2:47:21:46:91:f2:8d:14:be:4f:a3:67:
36:6d:72:c2:83:c3:50:a7:53:3b:3b:45:7a:02:d6:36:0d:bf:
56:fd:57:20:c7:33:88:8c:0e:d2:92:5a:91:3e:27:a6:9f:25:
83:35:73:e4:c1:56:de:ec:39:16:f7:64:4f:eb:84:51:33:ae:
e7:32:a9:b8:9d:5f:d0:95:5e:d0:24:59:41:cd:23:56:07:4a:
44:2e:6e:b3:f2:8e:a0:b1:0f:ce:fb:9f:e5:a5:d1:c6:3b:b9:
81:d8:dc:7c:db:1f:5c:0c:43:6c:99:52:b5:2c:8f:3d:5f:6e:
5e:23:d7:9e:80:57:86:30:c9:ce:01:87:78:0d:ef:2b:26:ba:
3d:39:e5:7b:ec:43:1e:a6:94:58:69:c4:5c:1a:7c:30:78:86:
79:81:78:ac:de:ec:a7:b4:85:1d:60:44:ec:5d:72:5b:74:75:
02:fc:ef:f2:32:bb:95:e2:db:0b:58:be:bc:6c:0c:36:58:70:
95:90:a0:18:f0:d3:7c:b4:b5:9c:32:c5:a6:ca:8b:4e:63:24:
28:8b:ef:11:63:6b:aa:45:18:f3:17:ca:d0:ac:68:3f:23:10:
b5:f9:21:3f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZJHqUZPmodytz+uE8WElGrjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOTRiYjY5NDUzZjEzOWE2MDAyOWUyMmRiMGZiMzQyNGE5
MDZjZWUwHhcNMjQxMDAxMTAzODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTE1OTA2ZWY0ODhmZWY4OGVjNWZkYmJjMmUyOGI1NzhmYjc4YjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfece+YY6/JVINOSlP1+i9HiVsqZ
vLHtGKHLtWF8wCnoqmAsvtFJRc+7JYuitOX7ZvaD8fNkIWp4yrunnvW+p1nchtSE
j7/K6RjKfl72cJNFOlNzpeT7LL8j3rFrv5NRlqR3ujjlG0DsimIcF0wc6Acp2kuI
h/lYnu9veWYDujb1LlZqu6/YIHlxIpU8r5D5r4cqGxRnrWelEchJ1HHmm+XGjUTC
Llsyb2rbNmtA98u0DNBTWt9WPlMd5WC1u3SPvHrOdCuTNA7qCHT+Zjmd3nos4sFo
BiVc8LeVVeNmuThVugPW1ixr/7CL5EujD7N9OoO6UrM7XxJB5FfdKRUQIwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFJoVkG70iP74jsX9u8Lii1ePt4uDMB8GA1UdIwQY
MBaAFNyUu2lFPxOaYAKeItsPs0JKkGzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGIt
MDkwYzQ2ZTlmMmVkLzEvbWhXUWJ2U0lfdmlPeGYyN3d1S0xWNC0zaTRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGItMDkwYzQ2ZTlmMmVk
LzEvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAwBAIAATAqAwQGThuAAwQC
W8TAAwQCW8j4AwQCW8swAwQFXi0gAwQAwd6MAwQBwfOYMA4EAgACMAgDBgQqAW2A
IDANBgkqhkiG9w0BAQsFAAOCAQEASoC9VxtQ3fyZ/T/XZ4QukXq82uHaAhhgwkch
RpHyjRS+T6NnNm1ywoPDUKdTOztFegLWNg2/Vv1XIMcziIwO0pJakT4npp8lgzVz
5MFW3uw5FvdkT+uEUTOu5zKpuJ1f0JVe0CRZQc0jVgdKRC5us/KOoLEPzvuf5aXR
xju5gdjcfNsfXAxDbJlStSyPPV9uXiPXnoBXhjDJzgGHeA3vKya6PTnle+xDHqaU
WGnEXBp8MHiGeYF4rN7sp7SFHWBE7F1yW3R1Avzv8jK7leLbC1i+vGwMNlhwlZCg
GPDTfLS1nDLFpsqLTmMkKIvvEWNrqkUY8xfK0KxoPyMQtfkhPw==
-----END CERTIFICATE-----
Generated at Tue Dec 3 17:38:14 2024 by rpki-client on console-ams.rpki-client.org