Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/ec287d-efab-4341-be53-f2b544b0fe7b/1/mbWxf1VsZfOgSsKgfjKblDunI8A.roa
File: mbWxf1VsZfOgSsKgfjKblDunI8A.roa (raw, json)
Hash identifier: SQ9z7wXSJJpZ+repH5dl3+DyC54LJssAxERZySHI73M=
Subject key identifier: 99:B5:B1:7F:55:6C:65:F3:A0:4A:C2:A0:7E:32:9B:94:3B:A7:23:C0
Certificate issuer: /CN=48f68aa2e755aa0ac69a70fe8efebea4c2335611
Certificate serial: 018CCA991DF2D1C1D8F7CF2FD350A566016E
Authority key identifier: 48:F6:8A:A2:E7:55:AA:0A:C6:9A:70:FE:8E:FE:BE:A4:C2:33:56:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SPaKoudVqgrGmnD-jv6-pMIzVhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/ec287d-efab-4341-be53-f2b544b0fe7b/1/mbWxf1VsZfOgSsKgfjKblDunI8A.roa
Signing time: Tue 02 Jan 2024 14:34:41 +0000
ROA not before: Tue 02 Jan 2024 14:34:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41103
IP address blocks: 185.91.100.0/22 maxlen: 24
195.95.187.0/24 maxlen: 24
2a03:8920::/32 maxlen: 48
2001:67c:15f4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/ec287d-efab-4341-be53-f2b544b0fe7b/1/SPaKoudVqgrGmnD-jv6-pMIzVhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/ec287d-efab-4341-be53-f2b544b0fe7b/1/SPaKoudVqgrGmnD-jv6-pMIzVhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/SPaKoudVqgrGmnD-jv6-pMIzVhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:1d:f2:d1:c1:d8:f7:cf:2f:d3:50:a5:66:01:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48f68aa2e755aa0ac69a70fe8efebea4c2335611
Validity
Not Before: Jan 2 14:34:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99b5b17f556c65f3a04ac2a07e329b943ba723c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0c:b2:90:98:98:47:fe:73:cc:ad:aa:14:74:
71:e4:ff:ce:7c:65:01:6d:18:7b:55:c5:ee:95:a5:
3e:be:6a:16:b5:1e:78:12:7b:81:2e:93:e3:70:8c:
85:3b:bf:60:43:d9:ad:cc:1f:47:d7:5d:e6:cf:b5:
0d:1e:fb:cb:ff:48:dc:3c:0f:76:fc:b5:9f:37:83:
2f:26:05:b1:ac:21:19:89:51:94:65:79:c3:59:eb:
2b:c1:65:de:33:27:a7:c0:dd:33:5d:8f:f6:16:6a:
5e:73:2b:20:8a:43:c0:9f:ff:96:ea:99:0f:50:56:
61:23:b3:e6:1f:6f:7a:88:ab:c5:d6:57:57:34:8e:
e4:91:25:1f:c6:5a:25:df:3d:52:a0:7c:ab:e7:5b:
42:79:05:65:a7:ea:10:5b:39:e6:82:b9:5f:4d:62:
68:8c:98:2d:38:b7:15:34:92:9a:00:8d:20:e5:ef:
1f:00:da:5b:ae:87:d1:d1:21:90:59:f4:e6:ff:d3:
21:c8:4d:c6:7a:9e:c8:91:38:f8:e9:e8:5c:88:84:
da:8c:5c:d6:48:79:87:47:40:be:83:5d:36:db:d1:
7e:78:87:e1:b2:fc:b2:be:f8:98:a0:9b:e5:8e:57:
ee:5a:01:5c:29:e1:7f:04:dc:a5:42:54:8d:fd:e1:
0e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:B5:B1:7F:55:6C:65:F3:A0:4A:C2:A0:7E:32:9B:94:3B:A7:23:C0
X509v3 Authority Key Identifier:
keyid:48:F6:8A:A2:E7:55:AA:0A:C6:9A:70:FE:8E:FE:BE:A4:C2:33:56:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SPaKoudVqgrGmnD-jv6-pMIzVhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ec287d-efab-4341-be53-f2b544b0fe7b/1/mbWxf1VsZfOgSsKgfjKblDunI8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ec287d-efab-4341-be53-f2b544b0fe7b/1/SPaKoudVqgrGmnD-jv6-pMIzVhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.100.0/22
195.95.187.0/24
IPv6:
2001:67c:15f4::/48
2a03:8920::/32
Signature Algorithm: sha256WithRSAEncryption
8a:38:6a:ec:55:06:e1:ac:e6:51:7f:5f:4b:30:29:11:03:6f:
4b:10:59:4d:cb:cc:54:eb:ab:85:02:eb:92:c5:f5:dd:74:dc:
77:20:05:4d:20:ce:eb:b2:29:e5:39:69:57:8c:fb:fd:02:1b:
ba:3a:7d:b1:f9:cf:74:ce:8b:93:33:2e:93:25:1a:74:b9:2b:
c2:fd:29:0e:54:60:20:ea:68:04:be:35:71:32:8c:34:76:1d:
48:d4:25:79:bc:f5:46:bb:9e:f1:70:69:05:d7:34:6a:51:5a:
03:bf:10:db:4e:e4:07:6b:fc:11:fe:cc:17:d6:e4:19:56:10:
a4:74:db:69:0d:91:4c:19:66:ff:9f:fe:e1:ae:4b:e2:c3:08:
7c:ac:f0:bd:8c:7c:1e:44:1a:3d:31:e0:42:a0:c8:9c:44:6e:
21:df:cd:97:cf:3e:a0:dc:cc:8e:3c:f1:f9:0c:9b:21:86:87:
e6:13:f3:6a:6b:13:73:fc:63:21:08:f4:bf:6e:11:78:be:ac:
9e:88:fc:c4:37:2b:a7:29:dc:97:59:b4:9a:8d:01:d7:79:7e:
27:72:97:f0:93:e6:b3:f8:29:8e:c5:57:73:e9:2c:c7:8b:57:
81:a5:17:e6:60:2a:ae:97:55:d3:64:e2:fb:76:b0:ea:36:ec:
d9:9a:5f:6e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzKmR3y0cHY988v01ClZgFuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4ZjY4YWEyZTc1NWFhMGFjNjlhNzBmZThlZmViZWE0YzIz
MzU2MTEwHhcNMjQwMTAyMTQzNDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWI1YjE3ZjU1NmM2NWYzYTA0YWMyYTA3ZTMyOWI5NDNiYTcyM2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQyykJiYR/5zzK2qFHRx5P/OfGUB
bRh7VcXulaU+vmoWtR54EnuBLpPjcIyFO79gQ9mtzB9H113mz7UNHvvL/0jcPA92
/LWfN4MvJgWxrCEZiVGUZXnDWesrwWXeMyenwN0zXY/2FmpecysgikPAn/+W6pkP
UFZhI7PmH296iKvF1ldXNI7kkSUfxlol3z1SoHyr51tCeQVlp+oQWznmgrlfTWJo
jJgtOLcVNJKaAI0g5e8fANpbrofR0SGQWfTm/9MhyE3Gep7IkTj46ehciITajFzW
SHmHR0C+g10229F+eIfhsvyyvviYoJvljlfuWgFcKeF/BNylQlSN/eEOwQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJm1sX9VbGXzoErCoH4ym5Q7pyPAMB8GA1UdIwQY
MBaAFEj2iqLnVaoKxppw/o7+vqTCM1YRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1BhS291ZFZxZ3JHbW5ELWp2Ni1wTUl6VmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9lYzI4N2QtZWZhYi00MzQxLWJlNTMt
ZjJiNTQ0YjBmZTdiLzEvbWJXeGYxVnNaZk9nU3NLZ2ZqS2JsRHVuSThBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9lYzI4N2QtZWZhYi00MzQxLWJlNTMtZjJiNTQ0YjBmZTdi
LzEvU1BhS291ZFZxZ3JHbW5ELWp2Ni1wTUl6VmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuVtkAwQA
w1+7MBYEAgACMBADBwAgAQZ8FfQDBQAqA4kgMA0GCSqGSIb3DQEBCwUAA4IBAQCK
OGrsVQbhrOZRf19LMCkRA29LEFlNy8xU66uFAuuSxfXddNx3IAVNIM7rsinlOWlX
jPv9Ahu6On2x+c90zouTMy6TJRp0uSvC/SkOVGAg6mgEvjVxMow0dh1I1CV5vPVG
u57xcGkF1zRqUVoDvxDbTuQHa/wR/swX1uQZVhCkdNtpDZFMGWb/n/7hrkviwwh8
rPC9jHweRBo9MeBCoMicRG4h382Xzz6g3MyOPPH5DJshhofmE/NqaxNz/GMhCPS/
bhF4vqyeiPzENyunKdyXWbSajQHXeX4ncpfwk+az+CmOxVdz6SzHi1eBpRfmYCqu
l1XTZOL7drDqNuzZml9u
-----END CERTIFICATE-----
Generated at Tue Nov 26 23:03:41 2024 by rpki-client on console-fra.rpki-client.org