Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/mfseBlqU1g138npgvmxfq5-KAmo.roa
File: mfseBlqU1g138npgvmxfq5-KAmo.roa (raw, json)
Hash identifier: ub1SxCZh8JIO+8wonLLb221dNd6CZzuvDVEpWo/KYPA=
Subject key identifier: 99:FB:1E:06:5A:94:D6:0D:77:F2:7A:60:BE:6C:5F:AB:9F:8A:02:6A
Certificate issuer: /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial: 018F61D938AA346C1C96365793BDEEAA766F
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/mfseBlqU1g138npgvmxfq5-KAmo.roa
Signing time: Fri 10 May 2024 09:32:56 +0000
ROA not before: Fri 10 May 2024 09:32:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207990
IP address blocks: 91.132.114.0/23 maxlen: 32
91.199.253.0/24 maxlen: 24
103.240.180.0/22 maxlen: 32
193.19.206.0/24 maxlen: 32
193.28.182.0/24 maxlen: 32
193.28.191.0/24 maxlen: 32
193.28.202.0/24 maxlen: 32
193.28.237.0/24 maxlen: 32
213.217.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.mft
rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 05:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:61:d9:38:aa:34:6c:1c:96:36:57:93:bd:ee:aa:76:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Validity
Not Before: May 10 09:32:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99fb1e065a94d60d77f27a60be6c5fab9f8a026a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:84:74:b5:04:67:0c:da:5f:39:a3:68:30:1d:
6a:34:84:c4:02:cd:02:ad:f3:9f:07:d7:d7:af:57:
64:52:a7:be:71:32:58:b9:3a:9f:1c:02:7c:e1:0b:
38:58:cb:fd:72:d6:4e:6b:18:a3:34:d4:6a:ee:08:
f7:64:4e:60:26:96:b0:a1:7b:49:30:1d:af:24:ae:
b0:b5:21:59:6d:32:a1:b1:50:a5:c7:f5:18:83:a4:
9a:de:82:13:a0:c1:bc:a8:91:31:c4:7d:fe:27:ac:
a9:1d:85:1c:d4:0e:36:25:3c:ff:5b:46:5b:22:4d:
4e:ce:59:e5:ca:03:b5:33:60:93:05:30:59:c1:a4:
12:94:be:c5:21:36:88:b2:43:cb:78:d9:27:86:1b:
5c:e1:46:30:c0:5c:7b:10:28:3c:7f:46:dc:40:06:
2b:08:a8:b8:9b:94:97:7b:9a:da:9e:03:a0:7e:ae:
8f:9e:bd:cf:de:d4:08:96:83:f0:4a:3b:56:e0:30:
7e:79:bb:2b:25:09:ce:0e:0c:5b:f1:21:b8:71:6d:
9c:d5:36:c3:30:5f:78:5b:37:6f:8d:3e:10:8e:e3:
9c:32:d4:85:78:1f:1d:42:84:c8:d0:3a:b8:11:1b:
cf:88:5f:e9:93:10:9f:c1:99:6b:81:ce:6a:15:23:
0a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:FB:1E:06:5A:94:D6:0D:77:F2:7A:60:BE:6C:5F:AB:9F:8A:02:6A
X509v3 Authority Key Identifier:
keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/mfseBlqU1g138npgvmxfq5-KAmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.114.0/23
91.199.253.0/24
103.240.180.0/22
193.19.206.0/24
193.28.182.0/24
193.28.191.0/24
193.28.202.0/24
193.28.237.0/24
213.217.10.0/24
Signature Algorithm: sha256WithRSAEncryption
74:b1:69:2e:03:93:85:a9:2c:95:41:cf:34:6d:df:35:f3:68:
e2:2a:94:6b:12:2e:55:28:d3:7c:e2:b5:8d:27:bd:8e:d9:63:
42:e2:4a:fb:cb:0e:43:44:58:44:87:c5:01:73:9f:14:57:7e:
34:5d:5a:8d:81:b2:3c:18:ca:9d:60:62:3a:c7:fc:0a:bc:6c:
69:43:e0:e3:ff:45:f1:f9:a5:55:a3:87:cd:f1:7c:61:6f:c8:
88:b1:d8:d8:07:7b:78:ef:1a:9c:b6:7d:c5:19:4d:1a:ab:fc:
91:4b:12:75:82:a1:c7:6e:53:ab:7e:15:5f:0a:51:93:f7:86:
ec:26:ba:4a:65:e2:50:14:91:1a:9e:33:cb:12:e6:19:28:f8:
50:5e:ab:98:60:65:c5:6c:fb:c4:15:00:7c:8a:7b:5d:36:49:
b3:8e:5e:54:c7:a0:cf:cc:e8:86:e7:62:09:46:8c:93:36:37:
43:ef:ee:e1:9c:e2:e3:65:76:ed:93:0a:4d:ce:2d:c2:cf:07:
50:0e:90:8e:28:8f:88:b8:39:15:7f:90:47:0b:b1:94:69:51:
ee:6b:55:44:79:0f:6c:a8:e5:92:17:fc:a7:fe:0a:ec:c3:ac:
9e:00:32:33:36:57:57:85:44:f8:91:68:1e:31:50:89:c7:17:
a6:19:6d:7e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY9h2TiqNGwcljZXk73uqnZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDNhMmNhZjI5ODAxOWZiZDY2ODYyMTUxNmM4YzZlMWQx
MGU4M2MwHhcNMjQwNTEwMDkzMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWZiMWUwNjVhOTRkNjBkNzdmMjdhNjBiZTZjNWZhYjlmOGEwMjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6IR0tQRnDNpfOaNoMB1qNITEAs0C
rfOfB9fXr1dkUqe+cTJYuTqfHAJ84Qs4WMv9ctZOaxijNNRq7gj3ZE5gJpawoXtJ
MB2vJK6wtSFZbTKhsVClx/UYg6Sa3oIToMG8qJExxH3+J6ypHYUc1A42JTz/W0Zb
Ik1OzlnlygO1M2CTBTBZwaQSlL7FITaIskPLeNknhhtc4UYwwFx7ECg8f0bcQAYr
CKi4m5SXe5rangOgfq6Pnr3P3tQIloPwSjtW4DB+ebsrJQnODgxb8SG4cW2c1TbD
MF94WzdvjT4QjuOcMtSFeB8dQoTI0Dq4ERvPiF/pkxCfwZlrgc5qFSMKTQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJn7HgZalNYNd/J6YL5sX6ufigJqMB8GA1UdIwQY
MBaAFGwDosrymAGfvWaGIVFsjG4dEOg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDkt
ZmMzN2ZiMGNkNDNiLzEvbWZzZUJscVUxZzEzOG5wZ3ZteGZxNS1LQW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDktZmMzN2ZiMGNkNDNi
LzEvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBW4RyAwQA
W8f9AwQCZ/C0AwQAwRPOAwQAwRy2AwQAwRy/AwQAwRzKAwQAwRztAwQA1dkKMA0G
CSqGSIb3DQEBCwUAA4IBAQB0sWkuA5OFqSyVQc80bd8182jiKpRrEi5VKNN84rWN
J72O2WNC4kr7yw5DRFhEh8UBc58UV340XVqNgbI8GMqdYGI6x/wKvGxpQ+Dj/0Xx
+aVVo4fN8Xxhb8iIsdjYB3t47xqctn3FGU0aq/yRSxJ1gqHHblOrfhVfClGT94bs
JrpKZeJQFJEanjPLEuYZKPhQXquYYGXFbPvEFQB8intdNkmzjl5Ux6DPzOiG52IJ
RoyTNjdD7+7hnOLjZXbtkwpNzi3CzwdQDpCOKI+IuDkVf5BHC7GUaVHua1VEeQ9s
qOWSF/yn/grsw6yeADIzNldXhUT4kWgeMVCJxxemGW1+
-----END CERTIFICATE-----
Generated at Sat Jun 15 12:52:10 2024 by rpki-client on console-fra.rpki-client.org