Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/mm4fQ3xOmABtRbqLE_PG_QAOCTc.roa
File: mm4fQ3xOmABtRbqLE_PG_QAOCTc.roa (raw, json)
Hash identifier: WG0B+r71TY5vEJdlpgXtSR1GojPWJdww0lM6nLPmR4k=
Subject key identifier: 9A:6E:1F:43:7C:4E:98:00:6D:45:BA:8B:13:F3:C6:FD:00:0E:09:37
Certificate issuer: /CN=672f0e42b08aa451fc583a358ec370ffbd2dac68
Certificate serial: 018CC3B68E1465222DCA71DB6B21515E9459
Authority key identifier: 67:2F:0E:42:B0:8A:A4:51:FC:58:3A:35:8E:C3:70:FF:BD:2D:AC:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zy8OQrCKpFH8WDo1jsNw_70trGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/mm4fQ3xOmABtRbqLE_PG_QAOCTc.roa
Signing time: Mon 01 Jan 2024 06:29:30 +0000
ROA not before: Mon 01 Jan 2024 06:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 87.238.140.0/24 maxlen: 24
87.238.140.0/22 maxlen: 24
2a06:56c1::/32 maxlen: 48
2a06:56c1::/40 maxlen: 48
2a06:56c2::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/Zy8OQrCKpFH8WDo1jsNw_70trGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/Zy8OQrCKpFH8WDo1jsNw_70trGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zy8OQrCKpFH8WDo1jsNw_70trGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:8e:14:65:22:2d:ca:71:db:6b:21:51:5e:94:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=672f0e42b08aa451fc583a358ec370ffbd2dac68
Validity
Not Before: Jan 1 06:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a6e1f437c4e98006d45ba8b13f3c6fd000e0937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:a1:d5:8f:12:36:69:3e:bb:6f:25:26:2c:52:
1f:a9:ab:46:40:fd:23:e5:95:6d:a1:67:6f:d1:36:
bf:41:0f:77:67:a2:c3:19:14:e7:4d:83:5b:c3:be:
fb:2c:32:ac:8b:23:66:da:0f:d0:6f:25:4a:42:f6:
aa:26:97:1a:8e:35:cc:3c:e5:e0:23:8e:af:bb:f6:
dc:07:88:9e:6f:48:0e:d8:6f:2e:49:c4:cc:be:2e:
54:52:f0:46:14:4e:33:3b:71:49:84:86:ee:ff:e6:
3f:c8:b1:97:62:68:6b:d8:9c:e6:2f:15:d6:d3:38:
cd:30:02:00:0f:a6:57:9c:ca:52:be:29:3c:ae:58:
39:06:bf:55:70:fd:78:e1:3a:42:75:98:1e:c5:f2:
a3:09:ec:6e:f0:cc:98:74:3e:1a:aa:c5:49:91:37:
73:26:ca:e7:6b:c9:54:02:4e:ea:b6:cd:29:6c:4d:
4c:95:54:fd:bc:75:b1:7f:de:d7:77:16:34:25:d7:
8a:13:56:35:5b:cc:b4:88:f2:26:80:51:3f:95:32:
46:94:b9:5a:d4:58:47:93:5e:e1:bd:d7:28:d9:ac:
a6:e7:ab:2b:aa:24:a9:d5:2b:b9:64:79:78:6c:40:
33:13:3c:d7:6d:be:a6:62:bd:dc:c8:dd:11:b3:6f:
30:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:6E:1F:43:7C:4E:98:00:6D:45:BA:8B:13:F3:C6:FD:00:0E:09:37
X509v3 Authority Key Identifier:
keyid:67:2F:0E:42:B0:8A:A4:51:FC:58:3A:35:8E:C3:70:FF:BD:2D:AC:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zy8OQrCKpFH8WDo1jsNw_70trGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/mm4fQ3xOmABtRbqLE_PG_QAOCTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/Zy8OQrCKpFH8WDo1jsNw_70trGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.140.0/22
IPv6:
2a06:56c1::-2a06:56c2:ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
60:7e:87:e5:80:1f:41:ae:10:61:3e:cc:83:df:ac:63:7d:ce:
f5:0b:f3:84:04:a3:7f:90:62:20:6d:3a:d9:e7:7f:50:4c:b6:
a3:04:53:98:39:3e:30:a7:2f:54:67:15:27:25:41:35:73:19:
33:1e:0f:bb:a8:94:44:68:1c:53:ec:e2:60:1d:09:3c:ae:f5:
58:40:fa:bd:c8:b2:5d:26:bc:d8:41:58:ab:e2:9b:c3:cb:1b:
7e:62:4f:f6:3f:0d:2f:19:c0:d2:c3:80:b3:e8:bf:a4:c3:0d:
3e:2b:4c:72:52:1c:10:87:0d:fd:79:3a:14:01:78:91:b4:9b:
1c:06:d1:b2:e0:5b:78:fc:df:75:ed:69:bb:52:90:ec:bd:ed:
4a:17:16:be:35:2c:ee:5b:e0:55:48:74:74:f9:3c:cd:bb:48:
26:ba:1f:79:20:7f:5b:4a:68:49:23:ee:84:11:ce:a9:bf:42:
c9:e4:c3:89:a5:e3:2b:00:18:73:8e:a8:0a:3a:50:5f:7d:65:
64:28:a1:a0:bc:aa:a5:d2:45:ae:32:f1:bf:5f:75:c5:05:59:
44:7b:0f:6a:e8:2f:e8:64:2e:35:5b:09:0c:92:e3:82:cc:fd:
b4:2f:47:11:e0:7e:29:4e:7f:90:96:45:ae:5f:6b:a0:a7:f4:
ce:ec:41:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzDto4UZSItynHbayFRXpRZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3MmYwZTQyYjA4YWE0NTFmYzU4M2EzNThlYzM3MGZmYmQy
ZGFjNjgwHhcNMjQwMTAxMDYyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTZlMWY0MzdjNGU5ODAwNmQ0NWJhOGIxM2YzYzZmZDAwMGUwOTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9KHVjxI2aT67byUmLFIfqatGQP0j
5ZVtoWdv0Ta/QQ93Z6LDGRTnTYNbw777LDKsiyNm2g/QbyVKQvaqJpcajjXMPOXg
I46vu/bcB4ieb0gO2G8uScTMvi5UUvBGFE4zO3FJhIbu/+Y/yLGXYmhr2JzmLxXW
0zjNMAIAD6ZXnMpSvik8rlg5Br9VcP144TpCdZgexfKjCexu8MyYdD4aqsVJkTdz
Jsrna8lUAk7qts0pbE1MlVT9vHWxf97XdxY0JdeKE1Y1W8y0iPImgFE/lTJGlLla
1FhHk17hvdco2aym56srqiSp1Su5ZHl4bEAzEzzXbb6mYr3cyN0Rs28wVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJpuH0N8TpgAbUW6ixPzxv0ADgk3MB8GA1UdIwQY
MBaAFGcvDkKwiqRR/Fg6NY7DcP+9LaxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnk4T1FyQ0twRkg4V0RvMWpzTndfNzB0ckdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My81OWE2YjktY2QyMC00Y2Q3LWI0YTct
ZjBiOTYyZjUyNDE0LzEvbW00ZlEzeE9tQUJ0UmJxTEVfUEdfUUFPQ1RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My81OWE2YjktY2QyMC00Y2Q3LWI0YTctZjBiOTYyZjUyNDE0
LzEvWnk4T1FyQ0twRkg4V0RvMWpzTndfNzB0ckdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQCV+6MMBcE
AgACMBEwDwMFACoGVsEDBgAqBlbCADANBgkqhkiG9w0BAQsFAAOCAQEAYH6H5YAf
Qa4QYT7Mg9+sY33O9QvzhASjf5BiIG062ed/UEy2owRTmDk+MKcvVGcVJyVBNXMZ
Mx4Pu6iURGgcU+ziYB0JPK71WED6vciyXSa82EFYq+Kbw8sbfmJP9j8NLxnA0sOA
s+i/pMMNPitMclIcEIcN/Xk6FAF4kbSbHAbRsuBbePzfde1pu1KQ7L3tShcWvjUs
7lvgVUh0dPk8zbtIJrofeSB/W0poSSPuhBHOqb9CyeTDiaXjKwAYc46oCjpQX31l
ZCihoLyqpdJFrjLxv191xQVZRHsPaugv6GQuNVsJDJLjgsz9tC9HEeB+KU5/kJZF
rl9roKf0zuxBRw==
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:29:26 2024 by rpki-client on console-fra.rpki-client.org