Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/RMChs2fNq_joitEhMfCp1crAR0g.roa
File: RMChs2fNq_joitEhMfCp1crAR0g.roa (raw, json)
Hash identifier: JGMIUji+jtOkbrxSwFnZYVpcTRA+YM3YLGtTOasQVZA=
Subject key identifier: 44:C0:A1:B3:67:CD:AB:F8:E8:8A:D1:21:31:F0:A9:D5:CA:C0:47:48
Certificate issuer: /CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Certificate serial: 018CC6B7DF8499D5309F899338A0164A374D
Authority key identifier: 94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/RMChs2fNq_joitEhMfCp1crAR0g.roa
Signing time: Mon 01 Jan 2024 20:29:48 +0000
ROA not before: Mon 01 Jan 2024 20:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 195.54.161.0/24 maxlen: 24
91.231.186.0/24 maxlen: 24
45.86.230.0/24 maxlen: 24
2a10:1fc0:7::/48 maxlen: 48
2a10:1fc0:a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:df:84:99:d5:30:9f:89:93:38:a0:16:4a:37:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Validity
Not Before: Jan 1 20:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44c0a1b367cdabf8e88ad12131f0a9d5cac04748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ca:ea:f4:32:3d:7c:c2:fe:b3:00:61:30:f1:
f9:f5:8e:81:07:e5:77:a6:b5:26:fc:47:d4:28:91:
7d:ac:be:38:0f:de:8c:fb:72:b4:19:c0:83:f1:eb:
a1:5a:c2:29:77:0a:45:f5:5e:9b:e5:c4:b6:1c:ab:
27:5a:e2:2c:37:30:a6:35:28:3a:be:9a:88:1b:2a:
1b:70:cb:35:87:a8:5c:86:21:2f:4f:a1:1c:ff:be:
e8:72:d4:69:5d:23:21:ab:eb:64:6f:fe:2f:a4:23:
a2:23:68:13:fc:5f:b3:64:0d:75:30:7d:55:eb:2b:
ec:20:87:a0:22:21:ce:e4:03:07:f5:d9:14:d9:98:
a7:47:7b:48:60:65:ff:89:96:94:c9:41:f2:34:9f:
8a:fc:88:99:02:5e:9d:40:27:1e:d7:87:fe:6f:45:
c3:b2:8f:d4:9f:ff:b6:21:dd:7b:54:f3:c2:0c:95:
9b:01:b3:5f:65:0d:80:04:bb:ff:9d:aa:82:a7:e9:
f1:28:12:97:2e:1c:11:e8:7f:02:d0:e3:41:d2:93:
93:b3:0a:98:24:fd:7e:36:f0:94:43:08:09:73:1e:
a5:f6:7f:c2:bb:af:66:b6:6c:40:5c:1c:ab:15:10:
5e:f7:eb:bb:d9:2d:7f:63:17:f7:4d:62:47:db:af:
c2:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:C0:A1:B3:67:CD:AB:F8:E8:8A:D1:21:31:F0:A9:D5:CA:C0:47:48
X509v3 Authority Key Identifier:
keyid:94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/RMChs2fNq_joitEhMfCp1crAR0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.230.0/24
91.231.186.0/24
195.54.161.0/24
IPv6:
2a10:1fc0:7::/48
2a10:1fc0:a::/48
Signature Algorithm: sha256WithRSAEncryption
b6:72:2b:4a:d2:44:58:80:26:8f:20:b0:de:b2:48:2c:a5:9f:
a5:ac:dd:2d:f4:76:e8:25:c4:96:bb:e8:e4:ef:16:00:56:1a:
4f:5c:42:47:f6:35:21:bb:ff:05:25:8b:3c:da:61:6f:af:d1:
40:4c:28:93:0a:7f:e9:bf:36:9f:1a:69:0e:bf:ed:d8:67:c7:
c9:1e:03:5c:1b:b9:46:c4:de:7c:c8:97:0b:9e:72:b7:bd:dc:
c8:e7:a5:73:d1:ae:da:af:84:38:4f:af:96:05:ac:ce:04:1b:
e6:8e:05:a3:ec:57:0d:77:88:d4:a2:03:82:c3:4f:ec:d5:1c:
a6:eb:60:f2:e4:84:3b:6e:de:93:66:04:f3:79:5e:64:82:69:
21:68:80:1d:53:37:6d:ef:65:90:a0:a7:62:4c:c9:44:7f:bb:
94:c7:27:03:ff:93:22:0f:20:3d:bf:a0:2f:91:16:20:c9:f4:
8a:9b:45:66:e9:1d:bd:ae:2b:d4:5f:02:bd:c9:38:35:25:21:
d8:2c:66:19:65:a1:ff:51:3c:c5:48:8e:90:48:d1:9d:de:32:
3c:92:ca:48:b9:12:9a:f8:fb:1d:21:d4:8a:4c:e8:87:7e:1c:
7a:89:46:4f:6c:ee:5e:24:24:47:a1:6f:cd:d2:32:70:6e:6d:
bb:01:e4:1c
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzGt9+EmdUwn4mTOKAWSjdNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzMyMGQwMzA5MzAxNzhlNmY3Y2VlZjkxZDJhYjg3ODRk
M2RjMTYwHhcNMjQwMTAxMjAyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGMwYTFiMzY3Y2RhYmY4ZTg4YWQxMjEzMWYwYTlkNWNhYzA0NzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMrq9DI9fML+swBhMPH59Y6BB+V3
prUm/EfUKJF9rL44D96M+3K0GcCD8euhWsIpdwpF9V6b5cS2HKsnWuIsNzCmNSg6
vpqIGyobcMs1h6hchiEvT6Ec/77octRpXSMhq+tkb/4vpCOiI2gT/F+zZA11MH1V
6yvsIIegIiHO5AMH9dkU2ZinR3tIYGX/iZaUyUHyNJ+K/IiZAl6dQCce14f+b0XD
so/Un/+2Id17VPPCDJWbAbNfZQ2ABLv/naqCp+nxKBKXLhwR6H8C0ONB0pOTswqY
JP1+NvCUQwgJcx6l9n/Cu69mtmxAXByrFRBe9+u72S1/Yxf3TWJH26/CKQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFETAobNnzav46IrRITHwqdXKwEdIMB8GA1UdIwQY
MBaAFJRzINAwkwF45vfO75HSq4eE09wWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEt
OGFjNGEyMTkzOGI0LzEvUk1DaHMyZk5xX2pvaXRFaE1mQ3AxY3JBUjBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEtOGFjNGEyMTkzOGI0
LzEvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQALVbmAwQA
W+e6AwQAwzahMBgEAgACMBIDBwAqEB/AAAcDBwAqEB/AAAowDQYJKoZIhvcNAQEL
BQADggEBALZyK0rSRFiAJo8gsN6ySCyln6Ws3S30duglxJa76OTvFgBWGk9cQkf2
NSG7/wUlizzaYW+v0UBMKJMKf+m/Np8aaQ6/7dhnx8keA1wbuUbE3nzIlwuecre9
3MjnpXPRrtqvhDhPr5YFrM4EG+aOBaPsVw13iNSiA4LDT+zVHKbrYPLkhDtu3pNm
BPN5XmSCaSFogB1TN23vZZCgp2JMyUR/u5THJwP/kyIPID2/oC+RFiDJ9IqbRWbp
Hb2uK9RfAr3JODUlIdgsZhllof9RPMVIjpBI0Z3eMjySyki5Epr4+x0h1IpM6Id+
HHqJRk9s7l4kJEehb83SMnBubbsB5Bw=
-----END CERTIFICATE-----
Generated at Mon May 6 08:36:05 2024 by rpki-client on console-ams.rpki-client.org