Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/kMzTs15lml0u--8DeDIZ3ahYB-8.roa
File: kMzTs15lml0u--8DeDIZ3ahYB-8.roa (raw, json)
Hash identifier: hmu1j5piIsrOJ4koHYlWa9Aa3VoNfnl47fPB74RcAdg=
Subject key identifier: 90:CC:D3:B3:5E:65:9A:5D:2E:FB:EF:03:78:32:19:DD:A8:58:07:EF
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018CC801D6C0B738DC88F5E25F7D93E9D72F
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/kMzTs15lml0u--8DeDIZ3ahYB-8.roa
Signing time: Tue 02 Jan 2024 02:30:12 +0000
ROA not before: Tue 02 Jan 2024 02:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35537
IP address blocks: 94.124.116.0/24 maxlen: 24
2a09:7:2004::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:d6:c0:b7:38:dc:88:f5:e2:5f:7d:93:e9:d7:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 2 02:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90ccd3b35e659a5d2efbef03783219dda85807ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:9f:e3:3d:38:43:b0:ea:0e:7e:08:0e:ed:27:
6f:5e:6c:95:fb:7f:5e:4b:2e:af:e3:5f:aa:a6:b5:
09:f4:f8:69:d0:e3:e0:c0:28:3a:90:99:f2:6f:5b:
5d:84:94:8e:2c:89:67:1a:1f:c0:46:f6:78:a6:4d:
70:e4:ba:5a:27:a9:83:58:a5:e6:95:66:a6:f5:fc:
03:2d:f8:08:ba:38:30:5c:c8:0e:4c:e8:f6:ba:9b:
72:7e:c5:07:4a:84:ab:9a:8d:af:f6:ab:ef:6f:a5:
24:df:db:74:2b:c7:77:e5:0d:49:a9:77:ce:d8:01:
97:57:76:d5:a6:95:38:ca:af:59:b7:27:08:da:f7:
22:7b:db:b8:2e:f1:f9:52:37:b3:1e:47:97:99:84:
3d:7a:1b:47:f0:5c:25:95:c2:71:4f:6a:a2:6c:e9:
12:7c:dc:b9:f8:88:91:7e:1d:b4:b0:a5:37:1d:8b:
3c:86:e0:0e:e2:4b:61:4a:e1:64:0c:91:6f:55:b6:
89:db:c9:6e:48:1a:65:37:3e:53:01:1b:8d:66:92:
5b:b5:b7:a5:87:c5:e3:c6:4f:54:9a:75:d9:a2:07:
29:b3:10:d4:c6:44:3a:df:17:7e:ac:d3:4d:e4:65:
c8:f3:ff:61:a5:fd:d9:4e:6e:dc:f3:c4:5b:00:07:
67:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:CC:D3:B3:5E:65:9A:5D:2E:FB:EF:03:78:32:19:DD:A8:58:07:EF
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/kMzTs15lml0u--8DeDIZ3ahYB-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.124.116.0/24
IPv6:
2a09:7:2004::/48
Signature Algorithm: sha256WithRSAEncryption
7c:ed:da:58:2c:83:72:90:ee:cb:7c:c1:c9:b6:b6:55:66:a0:
f4:41:8c:5b:4a:42:3f:87:82:f0:0a:21:5f:aa:28:1d:b1:f6:
8a:c8:07:22:22:0f:66:6f:3f:07:4d:4b:b9:8b:09:fd:6d:5b:
a6:85:d8:a8:e8:00:ab:3c:66:1c:a6:2c:06:72:a4:69:bf:1a:
f8:7a:63:51:66:95:b1:8d:de:35:41:69:2b:fb:04:a9:14:bc:
b2:0f:18:d6:00:1f:77:e1:23:d6:06:08:4b:9e:ef:3e:f2:b7:
d3:96:57:eb:95:21:fa:f8:5a:0e:fe:c4:07:e8:f8:f6:b3:00:
56:3c:23:c6:38:9a:47:d6:22:27:77:e8:1d:ea:16:64:25:84:
45:f7:0f:cb:df:35:5c:bd:7e:b1:0d:06:ba:5a:71:0b:38:ea:
88:bf:0b:8f:f8:bf:95:31:96:f7:f5:78:2a:56:a1:2b:c7:c2:
c1:22:fb:00:5f:a4:e9:ac:5c:4d:15:c2:57:6a:07:78:03:82:
27:7e:0a:17:43:2f:8e:ae:00:6f:bb:53:68:b6:ca:a4:00:44:
c4:f8:63:a5:1e:28:0b:8f:5f:56:d6:52:fc:ee:15:e9:2e:79:
d6:6f:e0:be:c0:82:03:29:f9:44:eb:b0:c1:34:fa:1c:4f:27:
2c:ad:5e:1f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIAdbAtzjciPXiX32T6dcvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwMTAyMDIzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGNjZDNiMzVlNjU5YTVkMmVmYmVmMDM3ODMyMTlkZGE4NTgwN2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxp/jPThDsOoOfggO7SdvXmyV+39e
Sy6v41+qprUJ9Php0OPgwCg6kJnyb1tdhJSOLIlnGh/ARvZ4pk1w5LpaJ6mDWKXm
lWam9fwDLfgIujgwXMgOTOj2uptyfsUHSoSrmo2v9qvvb6Uk39t0K8d35Q1JqXfO
2AGXV3bVppU4yq9ZtycI2vcie9u4LvH5UjezHkeXmYQ9ehtH8FwllcJxT2qibOkS
fNy5+IiRfh20sKU3HYs8huAO4kthSuFkDJFvVbaJ28luSBplNz5TARuNZpJbtbel
h8Xjxk9UmnXZogcpsxDUxkQ63xd+rNNN5GXI8/9hpf3ZTm7c88RbAAdnEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJDM07NeZZpdLvvvA3gyGd2oWAfvMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEva016VHMxNWxtbDB1LS04RGVESVozYWhZQi04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAXnx0MA8E
AgACMAkDBwAqCQAHIAQwDQYJKoZIhvcNAQELBQADggEBAHzt2lgsg3KQ7st8wcm2
tlVmoPRBjFtKQj+HgvAKIV+qKB2x9orIByIiD2ZvPwdNS7mLCf1tW6aF2KjoAKs8
ZhymLAZypGm/Gvh6Y1FmlbGN3jVBaSv7BKkUvLIPGNYAH3fhI9YGCEue7z7yt9OW
V+uVIfr4Wg7+xAfo+PazAFY8I8Y4mkfWIid36B3qFmQlhEX3D8vfNVy9frENBrpa
cQs46oi/C4/4v5Uxlvf1eCpWoSvHwsEi+wBfpOmsXE0VwldqB3gDgid+ChdDL46u
AG+7U2i2yqQARMT4Y6UeKAuPX1bWUvzuFekuedZv4L7AggMp+UTrsME0+hxPJyyt
Xh8=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:29:03 2024 by rpki-client on console-fra.rpki-client.org