Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/mKalWuYZbmNUhRIjCMGinGLnvQs.roa
File: mKalWuYZbmNUhRIjCMGinGLnvQs.roa (raw, json)
Hash identifier: Zs+65sEUJytPZnnr+qDNyKL987g4Qls9GH6qRc3o3po=
Subject key identifier: 98:A6:A5:5A:E6:19:6E:63:54:85:12:23:08:C1:A2:9C:62:E7:BD:0B
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 019243AD76C4121593AFC1B84DF51752D477
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/mKalWuYZbmNUhRIjCMGinGLnvQs.roa
Signing time: Mon 30 Sep 2024 16:04:54 +0000
ROA not before: Mon 30 Sep 2024 16:04:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 195.216.176.0/23 maxlen: 23
213.182.196.0/24 maxlen: 24
213.182.197.0/24 maxlen: 24
213.182.218.0/24 maxlen: 24
213.182.220.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:43:ad:76:c4:12:15:93:af:c1:b8:4d:f5:17:52:d4:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Sep 30 16:04:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98a6a55ae6196e635485122308c1a29c62e7bd0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e6:80:d2:6c:04:f3:78:c8:e9:ae:5d:f3:ef:
3f:f2:71:bd:cd:15:28:9a:88:86:d9:c9:3b:2a:f8:
6a:3b:90:aa:81:5e:7a:8b:09:48:ce:f0:d4:ea:7d:
ce:1c:03:0a:65:02:d6:dc:1f:64:78:08:ea:68:25:
9a:44:af:96:b6:d0:30:8c:a8:cf:3b:44:53:9f:19:
3a:51:6a:53:a4:2a:a6:cb:10:be:83:fc:b8:d7:cf:
15:ac:e8:ab:6c:2b:9f:e0:d5:44:04:5b:7d:d7:d8:
68:9b:a5:74:73:96:09:6f:cb:9e:b7:2b:6d:6c:5b:
22:9b:f7:79:e6:0e:d7:fe:fb:46:a1:4b:36:96:33:
a4:0a:66:eb:65:d4:50:c4:a9:09:89:56:81:df:86:
15:47:d8:ec:df:ff:cc:b1:fc:af:99:1c:4b:7d:81:
da:a1:8a:2e:42:cd:fb:77:83:15:96:81:29:c5:c5:
71:30:9a:73:f5:7f:32:aa:61:ad:8d:4b:ab:87:df:
b8:5d:35:01:a4:ff:fa:6c:6b:56:ce:a2:c4:3b:d0:
a0:be:a0:19:60:6a:62:f7:78:92:0f:b1:9d:a9:b8:
73:05:b8:8a:5a:c8:18:37:97:76:08:87:5f:66:79:
81:9f:dc:b3:d8:1d:20:57:85:57:78:52:b4:ca:f6:
71:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A6:A5:5A:E6:19:6E:63:54:85:12:23:08:C1:A2:9C:62:E7:BD:0B
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/mKalWuYZbmNUhRIjCMGinGLnvQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.176.0/23
213.182.196.0/23
213.182.218.0/24
213.182.220.0/22
Signature Algorithm: sha256WithRSAEncryption
80:66:9e:f4:0e:b9:5d:ca:a0:07:94:31:24:a3:af:5c:fb:d3:
c5:ed:1f:4b:be:59:18:2b:59:35:74:51:94:4f:31:16:31:48:
71:c7:0c:6e:62:93:63:50:51:50:d5:aa:81:e0:c0:cb:c3:38:
71:d2:ba:f3:ba:64:0a:e2:8e:4d:26:70:f7:12:a6:ab:65:ed:
10:c4:25:25:50:67:9e:d6:9b:2d:17:03:77:cf:7c:39:55:f3:
be:27:1c:e8:e4:a8:03:c2:3c:aa:55:5d:a0:a2:c6:64:f7:67:
8c:56:08:88:3d:13:c0:57:65:59:77:7b:c9:fa:3f:e7:f3:70:
29:eb:68:d9:77:71:17:14:b2:ac:55:5d:f2:42:ba:1d:3b:19:
36:6a:81:e1:80:2b:98:74:8f:95:e5:bb:08:26:32:69:4c:d0:
a2:55:e7:6a:27:64:6f:2c:b2:5d:9e:67:b7:2b:06:2c:20:0c:
30:8f:6d:a2:e9:c9:a9:9f:0a:15:66:ac:72:08:56:03:52:03:
5f:9e:27:30:82:f8:d4:a0:7b:c9:2d:6e:9f:33:6e:5c:65:7d:
25:10:cf:a6:9a:a4:07:78:0c:db:0e:a3:17:83:93:56:4b:f9:
88:8e:48:c7:b3:ea:51:8e:a8:03:3b:f9:7a:e4:cd:bd:cd:40:
a5:a9:63:84
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZJDrXbEEhWTr8G4TfUXUtR3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjQwOTMwMTYwNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGE2YTU1YWU2MTk2ZTYzNTQ4NTEyMjMwOGMxYTI5YzYyZTdiZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+aA0mwE83jI6a5d8+8/8nG9zRUo
moiG2ck7KvhqO5CqgV56iwlIzvDU6n3OHAMKZQLW3B9keAjqaCWaRK+WttAwjKjP
O0RTnxk6UWpTpCqmyxC+g/y4188VrOirbCuf4NVEBFt919hom6V0c5YJb8uetytt
bFsim/d55g7X/vtGoUs2ljOkCmbrZdRQxKkJiVaB34YVR9js3//MsfyvmRxLfYHa
oYouQs37d4MVloEpxcVxMJpz9X8yqmGtjUurh9+4XTUBpP/6bGtWzqLEO9CgvqAZ
YGpi93iSD7GdqbhzBbiKWsgYN5d2CIdfZnmBn9yz2B0gV4VXeFK0yvZxewIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJimpVrmGW5jVIUSIwjBopxi570LMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvbUthbFd1WVpibU5VaFJJakNNR2luR0xudlFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBw9iwAwQB
1bbEAwQA1bbaAwQC1bbcMA0GCSqGSIb3DQEBCwUAA4IBAQCAZp70DrldyqAHlDEk
o69c+9PF7R9LvlkYK1k1dFGUTzEWMUhxxwxuYpNjUFFQ1aqB4MDLwzhx0rrzumQK
4o5NJnD3EqarZe0QxCUlUGee1pstFwN3z3w5VfO+Jxzo5KgDwjyqVV2gosZk92eM
VgiIPRPAV2VZd3vJ+j/n83Ap62jZd3EXFLKsVV3yQrodOxk2aoHhgCuYdI+V5bsI
JjJpTNCiVedqJ2RvLLJdnme3KwYsIAwwj22i6cmpnwoVZqxyCFYDUgNfnicwgvjU
oHvJLW6fM25cZX0lEM+mmqQHeAzbDqMXg5NWS/mIjkjHs+pRjqgDO/l65M29zUCl
qWOE
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:38:02 2024 by rpki-client on console-fra.rpki-client.org