Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/0df7f3-a492-4d6f-b36f-d41e03592335/1/makasdgj9joi2Qb4esFFl2b7XiE.roa
File: makasdgj9joi2Qb4esFFl2b7XiE.roa (raw, json)
Hash identifier: lKFNU4r/QNGeXadZMPZkBFgP7YXjXxGi+m1t7CHK2IE=
Subject key identifier: 99:A9:1A:B1:D8:23:F6:3A:22:D9:06:F8:7A:C1:45:97:66:FB:5E:21
Certificate issuer: /CN=b5000b81e9ed4b2a702a1ef5f852e0e769ee10e2
Certificate serial: 018CC56E0CCC8D6B36FBFDAC173FB26F4C16
Authority key identifier: B5:00:0B:81:E9:ED:4B:2A:70:2A:1E:F5:F8:52:E0:E7:69:EE:10:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tQALgentSypwKh71-FLg52nuEOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/0df7f3-a492-4d6f-b36f-d41e03592335/1/makasdgj9joi2Qb4esFFl2b7XiE.roa
Signing time: Mon 01 Jan 2024 14:29:32 +0000
ROA not before: Mon 01 Jan 2024 14:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12998
IP address blocks: 5.183.200.0/22 maxlen: 24
195.3.156.0/22 maxlen: 24
193.227.206.0/23 maxlen: 24
91.196.100.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/0df7f3-a492-4d6f-b36f-d41e03592335/1/tQALgentSypwKh71-FLg52nuEOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/0df7f3-a492-4d6f-b36f-d41e03592335/1/tQALgentSypwKh71-FLg52nuEOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tQALgentSypwKh71-FLg52nuEOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:0c:cc:8d:6b:36:fb:fd:ac:17:3f:b2:6f:4c:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5000b81e9ed4b2a702a1ef5f852e0e769ee10e2
Validity
Not Before: Jan 1 14:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99a91ab1d823f63a22d906f87ac1459766fb5e21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d2:0b:16:8e:87:6b:ce:aa:1c:4b:35:d3:c8:
3d:a0:bf:e0:ec:10:8a:e8:94:e7:23:6e:c6:06:48:
56:f2:72:c6:55:6c:5f:05:d4:38:e0:4e:91:b3:4f:
a9:45:ae:ed:ba:d2:e3:d9:0d:75:2c:0a:c5:15:ba:
74:8a:26:e2:04:25:97:9f:6b:95:f3:86:99:85:02:
63:6f:43:aa:a5:f1:21:2a:5f:f9:06:a8:88:a8:df:
5e:d9:01:52:00:77:14:db:b4:de:0c:37:26:a4:24:
8b:0f:90:1c:cb:32:06:77:3b:a0:91:5d:64:24:49:
c4:73:fc:78:fa:80:27:9b:ab:eb:2d:67:c2:df:de:
a5:c0:91:a7:65:8a:dc:59:65:64:30:c8:b4:62:28:
00:d2:95:c7:6a:c8:4f:de:f1:17:3e:56:5b:b3:4b:
d0:65:a3:16:bb:e1:af:cd:25:1e:87:dc:1a:47:c5:
60:2f:78:6b:99:4a:bc:65:bc:72:eb:35:fd:67:da:
12:0a:96:34:c5:8e:eb:57:e5:58:6c:e6:a2:de:9d:
ca:fc:6b:ac:ad:c3:3c:3e:ec:46:d3:e2:3e:36:27:
73:20:c3:39:65:a6:bb:53:56:47:47:5d:25:0d:b2:
dc:b1:dc:f0:5f:df:9b:f2:19:78:cc:59:01:aa:e2:
5e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:A9:1A:B1:D8:23:F6:3A:22:D9:06:F8:7A:C1:45:97:66:FB:5E:21
X509v3 Authority Key Identifier:
keyid:B5:00:0B:81:E9:ED:4B:2A:70:2A:1E:F5:F8:52:E0:E7:69:EE:10:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tQALgentSypwKh71-FLg52nuEOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0df7f3-a492-4d6f-b36f-d41e03592335/1/makasdgj9joi2Qb4esFFl2b7XiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0df7f3-a492-4d6f-b36f-d41e03592335/1/tQALgentSypwKh71-FLg52nuEOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.200.0/22
91.196.100.0/22
193.227.206.0/23
195.3.156.0/22
Signature Algorithm: sha256WithRSAEncryption
75:32:bf:4a:de:2c:eb:37:7f:40:19:04:bb:85:3c:1d:a3:a4:
94:e8:a6:53:da:c7:94:81:64:a8:ae:4c:85:b3:21:a9:80:da:
2e:e4:d1:2a:ed:66:d9:09:9b:83:9f:38:80:6f:29:a1:a6:ab:
4b:d9:a1:c5:07:40:90:4e:b9:cd:0a:8b:98:27:1b:83:b1:2a:
7f:0e:e3:95:03:f1:c2:c1:fa:ae:41:f9:8c:03:ca:48:4e:fe:
7c:02:b2:f4:53:aa:80:01:43:85:ad:36:64:c2:46:da:9a:ca:
da:54:a3:8e:cc:e9:c6:13:25:c1:ab:3d:ca:06:16:d1:30:cd:
f3:88:8e:93:f6:fb:ae:92:eb:7b:42:a1:26:fe:41:ca:be:c2:
b1:d4:a0:c0:77:5c:f4:3b:ba:a5:e6:df:1a:fa:e0:1a:d9:dd:
8e:3a:87:7b:26:2a:9f:a1:aa:1c:ca:5c:a2:6f:99:64:6c:11:
05:d0:c1:ec:75:19:86:f4:b7:db:9d:cb:8b:6a:d2:04:5d:5f:
5f:ed:6e:49:b1:27:30:69:37:e0:c0:e8:ce:68:eb:ef:3b:84:
d8:e3:1a:47:e8:37:fa:04:17:0a:63:53:67:62:76:c9:b8:d5:
79:e3:3a:13:33:e5:fb:79:cc:ae:df:98:a4:97:be:7e:3f:ee:
d7:f2:24:3e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFbgzMjWs2+/2sFz+yb0wWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MDAwYjgxZTllZDRiMmE3MDJhMWVmNWY4NTJlMGU3Njll
ZTEwZTIwHhcNMjQwMTAxMTQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWE5MWFiMWQ4MjNmNjNhMjJkOTA2Zjg3YWMxNDU5NzY2ZmI1ZTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptILFo6Ha86qHEs108g9oL/g7BCK
6JTnI27GBkhW8nLGVWxfBdQ44E6Rs0+pRa7tutLj2Q11LArFFbp0iibiBCWXn2uV
84aZhQJjb0OqpfEhKl/5BqiIqN9e2QFSAHcU27TeDDcmpCSLD5AcyzIGdzugkV1k
JEnEc/x4+oAnm6vrLWfC396lwJGnZYrcWWVkMMi0YigA0pXHashP3vEXPlZbs0vQ
ZaMWu+GvzSUeh9waR8VgL3hrmUq8Zbxy6zX9Z9oSCpY0xY7rV+VYbOai3p3K/Gus
rcM8PuxG0+I+NidzIMM5Zaa7U1ZHR10lDbLcsdzwX9+b8hl4zFkBquJeGwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJmpGrHYI/Y6ItkG+HrBRZdm+14hMB8GA1UdIwQY
MBaAFLUAC4Hp7UsqcCoe9fhS4Odp7hDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFFBTGdlbnRTeXB3S2g3MS1GTGc1Mm51RU9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8wZGY3ZjMtYTQ5Mi00ZDZmLWIzNmYt
ZDQxZTAzNTkyMzM1LzEvbWFrYXNkZ2o5am9pMlFiNGVzRkZsMmI3WGlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8wZGY3ZjMtYTQ5Mi00ZDZmLWIzNmYtZDQxZTAzNTkyMzM1
LzEvdFFBTGdlbnRTeXB3S2g3MS1GTGc1Mm51RU9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBbfIAwQC
W8RkAwQBwePOAwQCwwOcMA0GCSqGSIb3DQEBCwUAA4IBAQB1Mr9K3izrN39AGQS7
hTwdo6SU6KZT2seUgWSorkyFsyGpgNou5NEq7WbZCZuDnziAbymhpqtL2aHFB0CQ
TrnNCouYJxuDsSp/DuOVA/HCwfquQfmMA8pITv58ArL0U6qAAUOFrTZkwkbamsra
VKOOzOnGEyXBqz3KBhbRMM3ziI6T9vuukut7QqEm/kHKvsKx1KDAd1z0O7ql5t8a
+uAa2d2OOod7Jiqfoaocylyib5lkbBEF0MHsdRmG9LfbncuLatIEXV9f7W5JsScw
aTfgwOjOaOvvO4TY4xpH6Df6BBcKY1NnYnbJuNV54zoTM+X7ecyu35ikl75+P+7X
8iQ+
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:47:34 2024 by rpki-client on console-fra.rpki-client.org