Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/57fb14-d705-4055-8045-bca234829f48/1/mlaxVKcE-ubf867N6LqscZc4x6w.roa
File: mlaxVKcE-ubf867N6LqscZc4x6w.roa (raw, json)
Hash identifier: w9xdtOWC+JXbMHHugUiqzP6wX+ZqCqVQ+dZA+jyO5S8=
Subject key identifier: 9A:56:B1:54:A7:04:FA:E6:DF:F3:AE:CD:E8:BA:AC:71:97:38:C7:AC
Certificate issuer: /CN=85916be7e63cfd8c8b77c0588d12694f16b14cda
Certificate serial: 018CC500FEB1D40C7E464809238A44751589
Authority key identifier: 85:91:6B:E7:E6:3C:FD:8C:8B:77:C0:58:8D:12:69:4F:16:B1:4C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hZFr5-Y8_YyLd8BYjRJpTxaxTNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/57fb14-d705-4055-8045-bca234829f48/1/mlaxVKcE-ubf867N6LqscZc4x6w.roa
Signing time: Mon 01 Jan 2024 12:30:25 +0000
ROA not before: Mon 01 Jan 2024 12:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39864
IP address blocks: 91.232.94.0/24 maxlen: 24
91.232.93.0/24 maxlen: 24
91.232.92.0/24 maxlen: 24
91.232.95.0/24 maxlen: 24
91.213.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/57fb14-d705-4055-8045-bca234829f48/1/hZFr5-Y8_YyLd8BYjRJpTxaxTNo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/57fb14-d705-4055-8045-bca234829f48/1/hZFr5-Y8_YyLd8BYjRJpTxaxTNo.mft
rsync://rpki.ripe.net/repository/DEFAULT/hZFr5-Y8_YyLd8BYjRJpTxaxTNo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:fe:b1:d4:0c:7e:46:48:09:23:8a:44:75:15:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85916be7e63cfd8c8b77c0588d12694f16b14cda
Validity
Not Before: Jan 1 12:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a56b154a704fae6dff3aecde8baac719738c7ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:25:49:58:b7:3a:50:59:34:4c:50:1b:f0:4a:
6e:02:64:21:72:d0:55:09:52:d9:55:42:7e:ea:39:
59:0e:53:b7:ae:c7:82:25:f3:3b:a5:85:f5:7a:81:
13:59:7b:33:73:ab:5d:9d:95:60:6d:e2:fc:06:03:
b8:f0:fe:f8:56:93:2d:86:c5:25:8c:d6:d8:69:aa:
8e:c8:b2:30:e7:1e:e3:81:55:72:75:5b:cb:77:d5:
67:06:29:02:de:fb:29:7f:c1:da:49:1a:a5:5f:b1:
3a:03:01:ec:bd:73:66:7b:ca:a9:4e:f1:2d:19:d5:
b1:a0:f2:7a:e5:f1:c3:e7:c2:1d:3e:43:ea:ae:4b:
73:94:94:83:48:86:2f:56:95:6f:4a:38:8c:46:ab:
95:0e:40:74:81:de:e8:9d:6d:88:97:36:b2:27:90:
3c:e6:a8:7b:7f:ab:2e:a5:27:e7:10:11:28:da:52:
13:3b:17:42:9b:58:f0:27:75:db:91:32:35:fc:98:
c2:44:37:47:28:5a:32:47:4a:12:0f:4b:56:0a:11:
35:ed:f0:f7:6b:1e:f9:0d:9a:22:a3:6a:91:91:6b:
5b:02:da:5a:16:f0:fa:79:ec:18:62:bf:10:12:ca:
4d:00:79:2e:3c:f3:3e:f5:b2:c7:0b:e4:57:93:02:
e0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:56:B1:54:A7:04:FA:E6:DF:F3:AE:CD:E8:BA:AC:71:97:38:C7:AC
X509v3 Authority Key Identifier:
keyid:85:91:6B:E7:E6:3C:FD:8C:8B:77:C0:58:8D:12:69:4F:16:B1:4C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hZFr5-Y8_YyLd8BYjRJpTxaxTNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/57fb14-d705-4055-8045-bca234829f48/1/mlaxVKcE-ubf867N6LqscZc4x6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/57fb14-d705-4055-8045-bca234829f48/1/hZFr5-Y8_YyLd8BYjRJpTxaxTNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.144.0/24
91.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
92:8c:97:2e:af:a2:2a:79:ab:c1:2a:df:75:c8:1e:1d:04:ab:
eb:21:64:93:60:57:ce:ce:62:51:82:aa:9e:fb:93:ad:d7:a2:
10:d8:3f:14:e6:91:7e:20:94:bf:08:24:f2:4d:ae:4a:94:58:
01:bf:1b:cb:0b:7e:39:c2:14:f8:cb:a7:6e:b5:73:ff:a6:22:
92:34:7c:f6:61:21:c4:d7:e1:02:69:3e:d5:b2:dd:a2:b6:2b:
81:7e:70:a7:23:3a:bb:1a:eb:a3:42:8e:60:88:b3:ad:6e:5e:
93:07:0f:82:a3:84:6b:12:37:09:18:6b:72:96:e9:9b:f1:ab:
03:0d:84:6e:bb:26:7d:47:4b:46:5e:38:a8:ce:cd:24:6f:71:
10:3c:a1:c1:68:02:e7:89:0a:63:df:65:85:0e:37:61:ae:84:
c7:5f:b6:b8:98:e5:cb:07:89:53:03:bc:65:06:be:d4:70:33:
91:0d:19:21:f5:34:0d:df:a7:24:61:9f:7f:7a:27:a7:a8:79:
34:56:40:ab:cf:ef:58:02:d9:27:35:4b:0f:99:d1:68:a0:d1:
11:39:3e:80:29:f1:78:ff:dc:38:24:1d:9d:6e:7c:c4:9f:06:
56:d4:3a:bd:19:b7:1f:13:dc:6f:c6:b7:54:de:7b:8f:92:08:
1e:18:7e:77
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFAP6x1Ax+RkgJI4pEdRWJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1OTE2YmU3ZTYzY2ZkOGM4Yjc3YzA1ODhkMTI2OTRmMTZi
MTRjZGEwHhcNMjQwMTAxMTIzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTU2YjE1NGE3MDRmYWU2ZGZmM2FlY2RlOGJhYWM3MTk3MzhjN2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjiVJWLc6UFk0TFAb8EpuAmQhctBV
CVLZVUJ+6jlZDlO3rseCJfM7pYX1eoETWXszc6tdnZVgbeL8BgO48P74VpMthsUl
jNbYaaqOyLIw5x7jgVVydVvLd9VnBikC3vspf8HaSRqlX7E6AwHsvXNme8qpTvEt
GdWxoPJ65fHD58IdPkPqrktzlJSDSIYvVpVvSjiMRquVDkB0gd7onW2IlzayJ5A8
5qh7f6supSfnEBEo2lITOxdCm1jwJ3XbkTI1/JjCRDdHKFoyR0oSD0tWChE17fD3
ax75DZoio2qRkWtbAtpaFvD6eewYYr8QEspNAHkuPPM+9bLHC+RXkwLgVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJpWsVSnBPrm3/Ouzei6rHGXOMesMB8GA1UdIwQY
MBaAFIWRa+fmPP2Mi3fAWI0SaU8WsUzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFpGcjUtWThfWXlMZDhCWWpSSnBUeGF4VE5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS81N2ZiMTQtZDcwNS00MDU1LTgwNDUt
YmNhMjM0ODI5ZjQ4LzEvbWxheFZLY0UtdWJmODY3TjZMcXNjWmM0eDZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS81N2ZiMTQtZDcwNS00MDU1LTgwNDUtYmNhMjM0ODI5ZjQ4
LzEvaFpGcjUtWThfWXlMZDhCWWpSSnBUeGF4VE5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9WQAwQC
W+hcMA0GCSqGSIb3DQEBCwUAA4IBAQCSjJcur6IqeavBKt91yB4dBKvrIWSTYFfO
zmJRgqqe+5Ot16IQ2D8U5pF+IJS/CCTyTa5KlFgBvxvLC345whT4y6dutXP/piKS
NHz2YSHE1+ECaT7Vst2itiuBfnCnIzq7GuujQo5giLOtbl6TBw+Co4RrEjcJGGty
lumb8asDDYRuuyZ9R0tGXjiozs0kb3EQPKHBaALniQpj32WFDjdhroTHX7a4mOXL
B4lTA7xlBr7UcDORDRkh9TQN36ckYZ9/eienqHk0VkCrz+9YAtknNUsPmdFooNER
OT6AKfF4/9w4JB2dbnzEnwZW1Dq9GbcfE9xvxrdU3nuPkggeGH53
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:26:22 2024 by rpki-client on console-fra.rpki-client.org