Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/72135d-e497-44a6-b4d0-460fb4bac2db/1/mQEWQEQ735rK1__1RKQxaWL2D20.roa
File: mQEWQEQ735rK1__1RKQxaWL2D20.roa (raw, json)
Hash identifier: ZGVVCg6xAFyASzCbiC+7oaqlVs49gsMlnVSCUz1RySI=
Subject key identifier: 99:01:16:40:44:3B:DF:9A:CA:D7:FF:F5:44:A4:31:69:62:F6:0F:6D
Certificate issuer: /CN=626165bfb23dda1f9870b2417f496485e6c08a74
Certificate serial: 01916FC736A72A8C57E133C67111B83FD13F
Authority key identifier: 62:61:65:BF:B2:3D:DA:1F:98:70:B2:41:7F:49:64:85:E6:C0:8A:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YmFlv7I92h-YcLJBf0lkhebAinQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/72135d-e497-44a6-b4d0-460fb4bac2db/1/mQEWQEQ735rK1__1RKQxaWL2D20.roa
Signing time: Tue 20 Aug 2024 12:33:32 +0000
ROA not before: Tue 20 Aug 2024 12:33:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202132
IP address blocks: 80.241.136.0/22 maxlen: 22
80.241.136.0/24 maxlen: 24
80.241.137.0/24 maxlen: 24
80.241.138.0/24 maxlen: 24
80.241.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/72135d-e497-44a6-b4d0-460fb4bac2db/1/YmFlv7I92h-YcLJBf0lkhebAinQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/72135d-e497-44a6-b4d0-460fb4bac2db/1/YmFlv7I92h-YcLJBf0lkhebAinQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/YmFlv7I92h-YcLJBf0lkhebAinQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 18:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6f:c7:36:a7:2a:8c:57:e1:33:c6:71:11:b8:3f:d1:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=626165bfb23dda1f9870b2417f496485e6c08a74
Validity
Not Before: Aug 20 12:33:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99011640443bdf9acad7fff544a4316962f60f6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e6:8a:52:4b:cb:9e:b7:a0:9b:9a:a0:72:b6:
8e:24:7a:6a:f4:a6:5f:fc:0d:8e:5d:f4:60:c3:08:
1c:8e:ec:b8:08:c4:9b:16:a5:4c:d6:ac:32:35:2c:
c3:9d:ec:6c:60:6c:d9:c6:15:52:5d:2e:85:c9:cd:
73:67:d4:dd:8f:8a:a2:aa:00:f9:5d:6f:e4:d2:2e:
0e:8a:12:61:26:ac:fa:e4:86:67:8a:b4:92:11:41:
15:ba:17:04:b8:64:ff:ae:a8:89:b7:d7:52:7a:77:
a3:ea:36:84:8c:d5:7e:51:f0:d7:82:75:42:5a:a5:
14:a3:c7:b7:b3:f8:a4:b2:60:e0:70:d1:e1:33:de:
21:c0:5d:61:c5:81:bc:cd:b0:a4:d3:28:0b:7f:e6:
7f:cb:ef:6c:ff:65:b8:4f:9c:8b:8d:a6:0b:f3:a6:
8c:18:79:81:47:b4:cb:3f:bc:d5:c8:db:ec:7e:cd:
d7:13:c4:3b:bc:f4:4e:ed:52:82:01:e7:fd:ea:d5:
6a:72:05:d1:46:90:08:06:f8:d4:b1:a6:7c:04:a6:
b3:f3:d4:5c:86:6c:56:9b:50:83:ce:37:fa:b1:dc:
a7:be:40:ee:e7:2e:c3:b7:0d:6e:6f:6c:02:25:d8:
43:9e:4c:61:89:9a:ef:47:5b:7e:40:14:9e:e7:fd:
db:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:01:16:40:44:3B:DF:9A:CA:D7:FF:F5:44:A4:31:69:62:F6:0F:6D
X509v3 Authority Key Identifier:
keyid:62:61:65:BF:B2:3D:DA:1F:98:70:B2:41:7F:49:64:85:E6:C0:8A:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YmFlv7I92h-YcLJBf0lkhebAinQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/72135d-e497-44a6-b4d0-460fb4bac2db/1/mQEWQEQ735rK1__1RKQxaWL2D20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/72135d-e497-44a6-b4d0-460fb4bac2db/1/YmFlv7I92h-YcLJBf0lkhebAinQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.241.136.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:c6:e8:0a:15:c6:4d:67:f3:78:41:36:4a:ff:6d:05:4d:15:
70:f9:e5:32:f8:e0:af:02:32:31:d7:eb:64:64:c0:09:7c:bd:
65:cf:d0:83:2f:5a:d6:11:9c:8f:b8:33:e9:9e:c9:1c:2d:e3:
ab:d0:af:06:b0:3e:10:9c:64:32:d9:f7:56:81:02:95:c7:e5:
f7:0e:a1:28:18:0e:22:dc:97:b0:29:a5:64:ce:0c:fc:a3:b1:
ce:12:40:93:2b:fb:5e:0a:d6:7f:29:fb:7c:35:34:58:2f:5d:
05:76:c1:31:ef:b6:6c:7c:2e:f2:00:b4:44:3b:b0:09:d3:20:
4c:4f:29:ed:ea:4c:c9:f2:9c:af:a3:0d:57:a9:ad:67:f8:b8:
7e:f9:50:e0:0e:93:9e:02:ef:71:45:ed:2a:8a:a0:c2:24:99:
9c:91:64:14:c1:98:22:3e:59:fa:65:24:2f:4a:74:89:be:3c:
1c:18:d2:e3:6a:ff:18:bd:24:62:1a:9b:b9:2a:a3:bf:7c:ae:
69:ff:bd:68:10:7e:a5:8b:ac:d8:d8:c8:2f:f5:2c:51:f8:1a:
85:f6:81:fb:cb:7e:52:54:51:9c:61:d8:9a:0c:9d:c3:45:53:
6f:62:ca:be:bf:74:3a:cb:d8:42:7c:56:ff:10:79:4d:cd:d0:
66:b3:5e:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFvxzanKoxX4TPGcRG4P9E/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNjE2NWJmYjIzZGRhMWY5ODcwYjI0MTdmNDk2NDg1ZTZj
MDhhNzQwHhcNMjQwODIwMTIzMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTAxMTY0MDQ0M2JkZjlhY2FkN2ZmZjU0NGE0MzE2OTYyZjYwZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuaKUkvLnregm5qgcraOJHpq9KZf
/A2OXfRgwwgcjuy4CMSbFqVM1qwyNSzDnexsYGzZxhVSXS6Fyc1zZ9Tdj4qiqgD5
XW/k0i4OihJhJqz65IZnirSSEUEVuhcEuGT/rqiJt9dSenej6jaEjNV+UfDXgnVC
WqUUo8e3s/iksmDgcNHhM94hwF1hxYG8zbCk0ygLf+Z/y+9s/2W4T5yLjaYL86aM
GHmBR7TLP7zVyNvsfs3XE8Q7vPRO7VKCAef96tVqcgXRRpAIBvjUsaZ8BKaz89Rc
hmxWm1CDzjf6sdynvkDu5y7Dtw1ub2wCJdhDnkxhiZrvR1t+QBSe5/3bPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJkBFkBEO9+aytf/9USkMWli9g9tMB8GA1UdIwQY
MBaAFGJhZb+yPdofmHCyQX9JZIXmwIp0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW1GbHY3STkyaC1ZY0xKQmYwbGtoZWJBaW5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi83MjEzNWQtZTQ5Ny00NGE2LWI0ZDAt
NDYwZmI0YmFjMmRiLzEvbVFFV1FFUTczNXJLMV9fMVJLUXhhV0wyRDIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi83MjEzNWQtZTQ5Ny00NGE2LWI0ZDAtNDYwZmI0YmFjMmRi
LzEvWW1GbHY3STkyaC1ZY0xKQmYwbGtoZWJBaW5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUPGIMA0G
CSqGSIb3DQEBCwUAA4IBAQCixugKFcZNZ/N4QTZK/20FTRVw+eUy+OCvAjIx1+tk
ZMAJfL1lz9CDL1rWEZyPuDPpnskcLeOr0K8GsD4QnGQy2fdWgQKVx+X3DqEoGA4i
3JewKaVkzgz8o7HOEkCTK/teCtZ/Kft8NTRYL10FdsEx77ZsfC7yALREO7AJ0yBM
Tynt6kzJ8pyvow1Xqa1n+Lh++VDgDpOeAu9xRe0qiqDCJJmckWQUwZgiPln6ZSQv
SnSJvjwcGNLjav8YvSRiGpu5KqO/fK5p/71oEH6li6zY2Mgv9SxR+BqF9oH7y35S
VFGcYdiaDJ3DRVNvYsq+v3Q6y9hCfFb/EHlNzdBms14P
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:48:24 2024 by rpki-client on console-fra.rpki-client.org