Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a41794-d619-4c74-824d-31d7010a7256/1/mIE7IW6tGLLWuZelWlJn-t3wvqk.roa
File: mIE7IW6tGLLWuZelWlJn-t3wvqk.roa (raw, json)
Hash identifier: dUijOZz4zvxMxSIYXoAblgknbjsFyo+OEEdBvwBmhMY=
Subject key identifier: 98:81:3B:21:6E:AD:18:B2:D6:B9:97:A5:5A:52:67:FA:DD:F0:BE:A9
Certificate issuer: /CN=acfb02432688674260c6d012a597d70bcd5149c4
Certificate serial: 018CC8DED7F5D4CA23D50FC38ABD3D3F56DC
Authority key identifier: AC:FB:02:43:26:88:67:42:60:C6:D0:12:A5:97:D7:0B:CD:51:49:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPsCQyaIZ0JgxtASpZfXC81RScQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a41794-d619-4c74-824d-31d7010a7256/1/mIE7IW6tGLLWuZelWlJn-t3wvqk.roa
Signing time: Tue 02 Jan 2024 06:31:36 +0000
ROA not before: Tue 02 Jan 2024 06:31:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48638
IP address blocks: 185.43.152.0/22 maxlen: 24
91.194.86.0/23 maxlen: 24
185.59.168.0/22 maxlen: 24
94.143.184.0/21 maxlen: 24
2a02:4a00::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/a41794-d619-4c74-824d-31d7010a7256/1/rPsCQyaIZ0JgxtASpZfXC81RScQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/a41794-d619-4c74-824d-31d7010a7256/1/rPsCQyaIZ0JgxtASpZfXC81RScQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/rPsCQyaIZ0JgxtASpZfXC81RScQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:d7:f5:d4:ca:23:d5:0f:c3:8a:bd:3d:3f:56:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acfb02432688674260c6d012a597d70bcd5149c4
Validity
Not Before: Jan 2 06:31:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98813b216ead18b2d6b997a55a5267faddf0bea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:65:61:12:eb:02:51:ea:ab:5f:b2:f1:86:c5:
34:e1:de:75:62:d4:f3:e2:2a:8f:a3:96:2a:df:f7:
b2:f2:04:c6:98:fe:d3:ea:09:dd:c0:24:51:fc:4e:
25:ae:64:ad:95:45:f2:67:24:c6:ac:bc:2c:45:87:
1a:55:7d:8f:9c:62:37:a6:97:ab:b4:7a:83:fe:a2:
e6:9b:cd:8f:18:bd:b1:e6:a5:85:2d:08:32:48:7b:
44:e2:c0:dd:af:e0:ac:9f:b1:82:84:74:09:be:09:
2c:d3:9e:be:8a:3f:bc:0f:f9:30:2c:59:0a:a3:65:
d4:c6:85:3b:0d:f7:4c:36:1a:03:46:7c:16:6c:df:
6c:2d:73:6f:00:2c:4b:4b:25:c4:21:a9:a4:66:ac:
3e:fe:91:68:73:3a:47:3a:00:b7:1e:f7:c4:2c:d7:
21:3a:46:47:15:7b:c9:0c:bb:1a:6b:13:7d:28:c2:
c2:0f:15:69:20:73:c9:39:0a:65:82:93:83:7c:b5:
ee:38:7b:53:5b:cc:d5:88:e5:d7:d0:e1:22:f0:bb:
4e:da:d9:3f:db:35:25:aa:e5:45:de:35:19:1e:ed:
e0:78:e3:4b:5c:3c:0e:52:d6:ce:28:5d:60:4a:8a:
45:40:bb:82:98:53:a3:45:fa:fd:07:b5:16:ab:e6:
29:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:81:3B:21:6E:AD:18:B2:D6:B9:97:A5:5A:52:67:FA:DD:F0:BE:A9
X509v3 Authority Key Identifier:
keyid:AC:FB:02:43:26:88:67:42:60:C6:D0:12:A5:97:D7:0B:CD:51:49:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPsCQyaIZ0JgxtASpZfXC81RScQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a41794-d619-4c74-824d-31d7010a7256/1/mIE7IW6tGLLWuZelWlJn-t3wvqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a41794-d619-4c74-824d-31d7010a7256/1/rPsCQyaIZ0JgxtASpZfXC81RScQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.86.0/23
94.143.184.0/21
185.43.152.0/22
185.59.168.0/22
IPv6:
2a02:4a00::/32
Signature Algorithm: sha256WithRSAEncryption
36:eb:83:f1:c0:ef:ba:60:79:11:7f:7f:a8:23:44:11:08:c8:
26:05:54:d5:fe:44:dc:ed:bb:f0:49:fa:eb:f1:d6:d1:33:91:
cd:cd:83:a7:c1:ae:3f:f0:81:34:e6:5a:3f:ef:dc:6d:16:fe:
90:be:99:ab:df:d4:98:b7:87:d3:dc:14:04:19:bd:29:87:4d:
ff:94:8f:43:3f:2e:12:f4:89:1f:96:c1:8c:32:5f:69:da:79:
e0:69:34:13:09:81:a7:27:dd:e5:45:93:7f:52:4d:8e:93:3e:
e8:f2:ab:3d:eb:ac:0a:46:21:4d:5d:a3:d6:01:cc:63:31:1e:
82:d8:e5:0e:c1:f4:2b:48:2b:8b:f6:e1:17:dc:de:24:b5:40:
5a:4a:ec:54:8b:f6:ce:8d:27:0d:58:6a:d6:6d:90:13:31:79:
ed:0f:2a:01:13:24:02:13:52:af:95:6a:76:2c:ab:13:f4:01:
54:31:76:5e:17:90:e3:6a:32:98:6a:a2:31:a7:cd:a0:4a:db:
fa:36:82:ed:03:ff:98:0a:2a:66:f7:46:1e:02:77:aa:2c:ba:
1b:21:1f:df:fe:4f:b7:87:96:a4:34:aa:5d:30:6b:7e:fb:8d:
7b:f7:44:fc:06:eb:9a:9a:aa:a1:40:15:51:d3:29:cf:cf:2c:
bc:85:1b:9f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzI3tf11Moj1Q/Dir09P1bcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZmIwMjQzMjY4ODY3NDI2MGM2ZDAxMmE1OTdkNzBiY2Q1
MTQ5YzQwHhcNMjQwMTAyMDYzMTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODgxM2IyMTZlYWQxOGIyZDZiOTk3YTU1YTUyNjdmYWRkZjBiZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2VhEusCUeqrX7LxhsU04d51YtTz
4iqPo5Yq3/ey8gTGmP7T6gndwCRR/E4lrmStlUXyZyTGrLwsRYcaVX2PnGI3pper
tHqD/qLmm82PGL2x5qWFLQgySHtE4sDdr+Csn7GChHQJvgks056+ij+8D/kwLFkK
o2XUxoU7DfdMNhoDRnwWbN9sLXNvACxLSyXEIamkZqw+/pFoczpHOgC3HvfELNch
OkZHFXvJDLsaaxN9KMLCDxVpIHPJOQplgpODfLXuOHtTW8zViOXX0OEi8LtO2tk/
2zUlquVF3jUZHu3geONLXDwOUtbOKF1gSopFQLuCmFOjRfr9B7UWq+YpowIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJiBOyFurRiy1rmXpVpSZ/rd8L6pMB8GA1UdIwQY
MBaAFKz7AkMmiGdCYMbQEqWX1wvNUUnEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclBzQ1F5YUlaMEpneHRBU3BaZlhDODFSU2NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNDE3OTQtZDYxOS00Yzc0LTgyNGQt
MzFkNzAxMGE3MjU2LzEvbUlFN0lXNnRHTExXdVplbFdsSm4tdDN3dnFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNDE3OTQtZDYxOS00Yzc0LTgyNGQtMzFkNzAxMGE3MjU2
LzEvclBzQ1F5YUlaMEpneHRBU3BaZlhDODFSU2NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBW8JWAwQD
Xo+4AwQCuSuYAwQCuTuoMA0EAgACMAcDBQAqAkoAMA0GCSqGSIb3DQEBCwUAA4IB
AQA264PxwO+6YHkRf3+oI0QRCMgmBVTV/kTc7bvwSfrr8dbRM5HNzYOnwa4/8IE0
5lo/79xtFv6Qvpmr39SYt4fT3BQEGb0ph03/lI9DPy4S9IkflsGMMl9p2nngaTQT
CYGnJ93lRZN/Uk2Okz7o8qs966wKRiFNXaPWAcxjMR6C2OUOwfQrSCuL9uEX3N4k
tUBaSuxUi/bOjScNWGrWbZATMXntDyoBEyQCE1KvlWp2LKsT9AFUMXZeF5DjajKY
aqIxp82gStv6NoLtA/+YCipm90YeAneqLLobIR/f/k+3h5akNKpdMGt++41790T8
BuuamqqhQBVR0ynPzyy8hRuf
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:49:50 2024 by rpki-client on console-fra.rpki-client.org