Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/mK39CtP2qe-fPdq3atI2fMh63sw.roa
File: mK39CtP2qe-fPdq3atI2fMh63sw.roa (raw, json)
Hash identifier: Mc95m5CfVyhN5KiNj2JlfLoFF82hugGY8cjKSNiDwYQ=
Subject key identifier: 98:AD:FD:0A:D3:F6:A9:EF:9F:3D:DA:B7:6A:D2:36:7C:C8:7A:DE:CC
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 018CC5DC3E1922B95FAE70B6D36C35ACD888
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/mK39CtP2qe-fPdq3atI2fMh63sw.roa
Signing time: Mon 01 Jan 2024 16:29:54 +0000
ROA not before: Mon 01 Jan 2024 16:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2643
IP address blocks: 194.190.160.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:3e:19:22:b9:5f:ae:70:b6:d3:6c:35:ac:d8:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 1 16:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98adfd0ad3f6a9ef9f3ddab76ad2367cc87adecc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d5:1f:e9:c4:58:20:cd:d6:82:d3:1a:2f:81:
96:d9:02:d3:46:48:6b:87:25:5c:70:47:e9:43:d7:
23:66:bf:d7:6a:41:71:e2:82:2d:43:1a:8d:d9:ac:
82:82:9e:a7:9f:52:ba:a5:44:59:06:d7:10:11:3f:
99:17:fa:bd:2a:2b:7d:f6:e7:37:a1:1f:81:d2:58:
7e:9a:45:00:94:22:23:40:5d:81:6f:f5:a8:05:a2:
b2:2b:13:01:0a:25:2d:19:6b:5e:10:03:b0:39:fb:
f5:94:78:0d:91:c8:ea:0a:43:62:6b:84:83:0e:8c:
54:cf:83:8a:61:6a:30:d3:d4:a1:26:53:21:cb:c2:
a8:04:05:ca:f9:92:b0:0d:9e:9a:cb:bb:ce:8a:dd:
cf:49:4d:5d:94:46:e8:04:09:ed:9d:84:16:86:78:
1d:05:7c:dc:1b:56:16:fc:cb:24:a0:a6:0a:17:61:
10:b1:5b:11:42:a9:aa:bd:2d:2e:24:5b:4c:13:8c:
51:08:e8:9e:c1:e5:b0:f7:8c:85:41:f5:c9:38:b8:
2a:00:a1:c8:7e:6d:ec:1c:bf:5c:5d:9f:2f:92:6b:
39:9b:97:70:d3:1a:37:60:2a:64:a3:c6:49:d8:f1:
27:2f:ba:9b:f0:68:fc:0b:55:c5:5d:ef:bd:07:9a:
ea:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:AD:FD:0A:D3:F6:A9:EF:9F:3D:DA:B7:6A:D2:36:7C:C8:7A:DE:CC
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/mK39CtP2qe-fPdq3atI2fMh63sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.190.160.0/21
Signature Algorithm: sha256WithRSAEncryption
46:14:72:a5:ab:d3:f1:fb:ee:9c:e7:81:e9:3e:07:22:ff:a3:
d8:b4:0e:da:c3:7f:5e:96:cf:f5:3a:52:79:90:2f:8f:ea:0c:
66:eb:ff:08:ac:67:7b:0c:b7:f1:f8:3c:43:37:ee:cc:86:64:
74:20:ae:7b:86:dc:14:fd:cc:53:5c:ef:49:e0:98:e4:98:f6:
27:2c:c6:1b:45:75:08:9c:50:1e:78:5e:5d:5c:00:25:f4:9f:
70:25:96:1d:8d:c6:4b:d9:f1:05:86:a6:5a:8c:8f:91:4f:9e:
fc:af:94:e9:af:41:93:55:f8:88:f8:7d:15:35:48:7f:9d:00:
6e:cb:8d:f4:58:0b:89:e0:a7:ad:47:2d:2f:87:cc:bd:42:4f:
c1:cd:78:f8:61:9c:ac:3f:48:d6:53:11:aa:0d:f0:43:d9:fe:
87:f0:c3:61:04:c0:c0:17:e1:c0:e1:b6:3c:3c:78:0e:6b:44:
6e:4d:e9:19:4d:35:c4:7d:fa:c0:29:cd:fb:60:3a:5b:d6:3c:
9e:80:36:e2:63:4e:02:ee:30:65:17:9d:20:02:06:1e:0a:f4:
88:c0:99:4d:da:db:8f:d5:21:62:d6:3f:50:73:d8:2c:ce:ad:
4d:01:54:38:4c:8e:2e:15:69:cb:98:e8:98:6a:d6:20:4b:0f:
61:52:1c:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3D4ZIrlfrnC202w1rNiIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjQwMTAxMTYyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGFkZmQwYWQzZjZhOWVmOWYzZGRhYjc2YWQyMzY3Y2M4N2FkZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdUf6cRYIM3WgtMaL4GW2QLTRkhr
hyVccEfpQ9cjZr/XakFx4oItQxqN2ayCgp6nn1K6pURZBtcQET+ZF/q9Kit99uc3
oR+B0lh+mkUAlCIjQF2Bb/WoBaKyKxMBCiUtGWteEAOwOfv1lHgNkcjqCkNia4SD
DoxUz4OKYWow09ShJlMhy8KoBAXK+ZKwDZ6ay7vOit3PSU1dlEboBAntnYQWhngd
BXzcG1YW/MskoKYKF2EQsVsRQqmqvS0uJFtME4xRCOieweWw94yFQfXJOLgqAKHI
fm3sHL9cXZ8vkms5m5dw0xo3YCpko8ZJ2PEnL7qb8Gj8C1XFXe+9B5rqJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJit/QrT9qnvnz3at2rSNnzIet7MMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvbUszOUN0UDJxZS1mUGRxM2F0STJmTWg2M3N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwr6gMA0G
CSqGSIb3DQEBCwUAA4IBAQBGFHKlq9Px++6c54HpPgci/6PYtA7aw39els/1OlJ5
kC+P6gxm6/8IrGd7DLfx+DxDN+7MhmR0IK57htwU/cxTXO9J4JjkmPYnLMYbRXUI
nFAeeF5dXAAl9J9wJZYdjcZL2fEFhqZajI+RT578r5Tpr0GTVfiI+H0VNUh/nQBu
y430WAuJ4KetRy0vh8y9Qk/BzXj4YZysP0jWUxGqDfBD2f6H8MNhBMDAF+HA4bY8
PHgOa0RuTekZTTXEffrAKc37YDpb1jyegDbiY04C7jBlF50gAgYeCvSIwJlN2tuP
1SFi1j9Qc9gszq1NAVQ4TI4uFWnLmOiYatYgSw9hUhz4
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:43:03 2024 by rpki-client on console-fra.rpki-client.org