Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/99hL1M0Kvtc8JTPpQAYPcI3Zq9o.roa
File: 99hL1M0Kvtc8JTPpQAYPcI3Zq9o.roa (raw, json)
Hash identifier: A0pfMFVZTusr8PW8FcxYb99YfBgnjaJMvX5sYI5zJ+M=
Subject key identifier: F7:D8:4B:D4:CD:0A:BE:D7:3C:25:33:E9:40:06:0F:70:8D:D9:AB:DA
Certificate issuer: /CN=28851c6fc6eb3816e116c8a4a851d0d178c90f31
Certificate serial: 018CC9B88CCB813AA88F84CB9A22334047E8
Authority key identifier: 28:85:1C:6F:C6:EB:38:16:E1:16:C8:A4:A8:51:D0:D1:78:C9:0F:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIUcb8brOBbhFsikqFHQ0XjJDzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/99hL1M0Kvtc8JTPpQAYPcI3Zq9o.roa
Signing time: Tue 02 Jan 2024 10:29:24 +0000
ROA not before: Tue 02 Jan 2024 10:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60819
IP address blocks: 188.241.145.0/24 maxlen: 24
2a00:a900:7afe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/KIUcb8brOBbhFsikqFHQ0XjJDzE.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/KIUcb8brOBbhFsikqFHQ0XjJDzE.mft
rsync://rpki.ripe.net/repository/DEFAULT/KIUcb8brOBbhFsikqFHQ0XjJDzE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:b8:8c:cb:81:3a:a8:8f:84:cb:9a:22:33:40:47:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28851c6fc6eb3816e116c8a4a851d0d178c90f31
Validity
Not Before: Jan 2 10:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7d84bd4cd0abed73c2533e940060f708dd9abda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f0:3e:79:89:e3:e0:84:fe:df:fb:a4:0f:7d:
2e:94:73:d5:56:bd:d2:d4:db:38:15:a2:3f:74:95:
72:40:4f:b0:d6:07:17:4a:7c:d1:2b:cd:d4:a2:ee:
2c:23:a5:ec:5f:01:cb:fd:6e:9c:f7:a1:85:21:db:
06:6a:da:02:4d:f7:9c:c2:02:82:ce:a2:3b:85:b1:
a7:f6:58:84:e6:27:bd:3d:69:00:d2:b2:de:6c:3d:
12:ac:00:38:31:4d:8b:c1:d4:51:a5:d2:4f:60:b3:
75:e3:a9:93:27:ab:7f:70:60:30:01:68:b4:cc:8a:
e8:c2:95:6a:4d:32:1b:99:ff:d1:4d:64:0b:4a:4f:
f7:29:6b:4c:c3:1b:6e:4e:7d:4a:f9:28:83:0e:4a:
e8:c1:1d:70:f2:39:15:f7:1e:86:d5:d6:e3:85:e4:
bf:5f:44:f3:0e:4c:9e:96:c6:d5:ca:93:99:4a:e1:
8e:d0:45:d7:02:5e:4a:6d:e5:4c:e9:5e:67:33:f2:
7f:8c:5f:e4:33:e5:34:26:6f:80:05:cf:45:8f:41:
7f:f1:00:e0:fa:e3:6b:22:1a:52:f2:82:fc:bd:48:
04:a9:e3:e8:46:f3:32:1a:e5:13:91:05:18:9a:f4:
bf:97:c5:3a:ab:f7:5b:24:a0:fc:7b:67:91:8d:a4:
dc:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:D8:4B:D4:CD:0A:BE:D7:3C:25:33:E9:40:06:0F:70:8D:D9:AB:DA
X509v3 Authority Key Identifier:
keyid:28:85:1C:6F:C6:EB:38:16:E1:16:C8:A4:A8:51:D0:D1:78:C9:0F:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIUcb8brOBbhFsikqFHQ0XjJDzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/99hL1M0Kvtc8JTPpQAYPcI3Zq9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/KIUcb8brOBbhFsikqFHQ0XjJDzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.241.145.0/24
IPv6:
2a00:a900:7afe::/48
Signature Algorithm: sha256WithRSAEncryption
0c:56:8a:41:27:5f:21:92:eb:fa:e9:90:c2:73:46:bf:53:a8:
fc:73:41:7e:3b:a0:e1:d7:77:26:7c:38:86:6f:90:fd:77:10:
d9:7e:07:17:53:7f:8a:af:c8:cf:02:5f:15:9d:ef:37:67:a6:
bf:68:c9:5d:00:5a:8e:2f:0c:85:3b:10:6b:f4:92:aa:f4:8a:
50:32:e2:20:b1:d7:80:da:0e:6b:30:2b:0c:33:70:94:5b:37:
f8:73:48:fe:f3:25:01:ed:b3:3b:cd:dc:58:a5:69:ef:bf:14:
a3:02:d4:83:65:fe:90:26:11:8e:f4:35:83:c2:f3:2a:fe:cf:
9d:af:7d:3d:bf:90:74:1b:f8:46:f5:93:c6:1d:51:bd:00:41:
79:ad:44:d5:e8:7f:f4:ef:56:51:5a:4b:37:87:f0:c1:c4:c1:
55:ae:a9:5b:32:7a:fe:61:1b:d4:e5:31:90:9a:6f:e8:47:9f:
19:68:3b:72:0f:eb:2e:ad:36:f6:26:89:6e:10:be:be:23:2c:
18:6c:ba:d2:b0:05:36:81:bd:69:98:63:db:d5:0f:92:d8:46:
66:64:af:05:f7:9a:8d:63:40:d1:c7:ab:03:7f:05:4a:64:3e:
f5:51:14:27:0b:5e:87:04:38:b9:69:c4:53:44:8d:be:97:3d:
18:d5:30:ad
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJuIzLgTqoj4TLmiIzQEfoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODUxYzZmYzZlYjM4MTZlMTE2YzhhNGE4NTFkMGQxNzhj
OTBmMzEwHhcNMjQwMTAyMTAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2Q4NGJkNGNkMGFiZWQ3M2MyNTMzZTk0MDA2MGY3MDhkZDlhYmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvA+eYnj4IT+3/ukD30ulHPVVr3S
1Ns4FaI/dJVyQE+w1gcXSnzRK83Uou4sI6XsXwHL/W6c96GFIdsGatoCTfecwgKC
zqI7hbGn9liE5ie9PWkA0rLebD0SrAA4MU2LwdRRpdJPYLN146mTJ6t/cGAwAWi0
zIrowpVqTTIbmf/RTWQLSk/3KWtMwxtuTn1K+SiDDkrowR1w8jkV9x6G1dbjheS/
X0TzDkyelsbVypOZSuGO0EXXAl5KbeVM6V5nM/J/jF/kM+U0Jm+ABc9Fj0F/8QDg
+uNrIhpS8oL8vUgEqePoRvMyGuUTkQUYmvS/l8U6q/dbJKD8e2eRjaTc8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPfYS9TNCr7XPCUz6UAGD3CN2avaMB8GA1UdIwQY
MBaAFCiFHG/G6zgW4RbIpKhR0NF4yQ8xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lVY2I4YnJPQmJoRnNpa3FGSFEwWGpKRHpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9iOWU2ZGYtZGE4Zi00NDkxLThmZTQt
NTI0NWIxMzUyMjFiLzEvOTloTDFNMEt2dGM4SlRQcFFBWVBjSTNacTlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9iOWU2ZGYtZGE4Zi00NDkxLThmZTQtNTI0NWIxMzUyMjFi
LzEvS0lVY2I4YnJPQmJoRnNpa3FGSFEwWGpKRHpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAvPGRMA8E
AgACMAkDBwAqAKkAev4wDQYJKoZIhvcNAQELBQADggEBAAxWikEnXyGS6/rpkMJz
Rr9TqPxzQX47oOHXdyZ8OIZvkP13ENl+BxdTf4qvyM8CXxWd7zdnpr9oyV0AWo4v
DIU7EGv0kqr0ilAy4iCx14DaDmswKwwzcJRbN/hzSP7zJQHtszvN3Filae+/FKMC
1INl/pAmEY70NYPC8yr+z52vfT2/kHQb+Eb1k8YdUb0AQXmtRNXof/TvVlFaSzeH
8MHEwVWuqVsyev5hG9TlMZCab+hHnxloO3IP6y6tNvYmiW4Qvr4jLBhsutKwBTaB
vWmYY9vVD5LYRmZkrwX3mo1jQNHHqwN/BUpkPvVRFCcLXocEOLlpxFNEjb6XPRjV
MK0=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:26:20 2024 by rpki-client on console-fra.rpki-client.org