Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/f9ee6d-7640-4e3d-9b45-e56feca612e7/1/mKikTdEfYhkqtPthsI8iPes1KjE.roa
File: mKikTdEfYhkqtPthsI8iPes1KjE.roa (raw, json)
Hash identifier: Q+FZmKIFMlshQrzrWVVl0PdlBpS294rCvEuRR6Qcuwk=
Subject key identifier: 98:A8:A4:4D:D1:1F:62:19:2A:B4:FB:61:B0:8F:22:3D:EB:35:2A:31
Certificate issuer: /CN=ef7dd1ebee513ffa318cdc88b81ac18cfe726b30
Certificate serial: 018CC6B7DD4CD882F28A39F3731C3ABD2B3F
Authority key identifier: EF:7D:D1:EB:EE:51:3F:FA:31:8C:DC:88:B8:1A:C1:8C:FE:72:6B:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/733R6-5RP_oxjNyIuBrBjP5yazA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/f9ee6d-7640-4e3d-9b45-e56feca612e7/1/mKikTdEfYhkqtPthsI8iPes1KjE.roa
Signing time: Mon 01 Jan 2024 20:29:47 +0000
ROA not before: Mon 01 Jan 2024 20:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30972
IP address blocks: 141.138.88.0/21 maxlen: 21
193.22.143.0/24 maxlen: 24
193.242.217.0/24 maxlen: 24
195.88.194.0/23 maxlen: 23
185.97.184.0/22 maxlen: 22
2a0a:21c0::/29 maxlen: 29
2a01:a580::/32 maxlen: 32
2a01:a580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/f9ee6d-7640-4e3d-9b45-e56feca612e7/1/733R6-5RP_oxjNyIuBrBjP5yazA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/f9ee6d-7640-4e3d-9b45-e56feca612e7/1/733R6-5RP_oxjNyIuBrBjP5yazA.mft
rsync://rpki.ripe.net/repository/DEFAULT/733R6-5RP_oxjNyIuBrBjP5yazA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 13:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:dd:4c:d8:82:f2:8a:39:f3:73:1c:3a:bd:2b:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef7dd1ebee513ffa318cdc88b81ac18cfe726b30
Validity
Not Before: Jan 1 20:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98a8a44dd11f62192ab4fb61b08f223deb352a31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c9:7c:91:99:a8:ec:36:28:dc:e1:d4:7e:97:
a4:3f:bb:38:36:e5:89:a6:58:a5:22:68:60:1b:a3:
f7:50:24:92:b9:04:f2:e7:17:23:40:ce:70:e3:13:
ed:55:01:17:0b:92:ca:cb:b1:50:8b:49:b9:ce:90:
3c:8a:d4:de:95:a0:24:a7:b9:84:6a:41:5b:77:2e:
7c:2e:1c:5f:ed:3f:b5:a6:93:a2:b3:49:b4:4d:9f:
d4:3e:74:62:2c:df:b7:9e:47:60:2b:a3:e3:84:0f:
22:a9:af:bd:07:5b:16:ca:e5:1e:a1:0b:4f:ac:e9:
fc:be:d6:40:73:6a:c0:79:2c:63:bf:d4:5a:97:dc:
73:ed:60:64:e6:ad:a7:2f:e4:53:3b:81:15:b8:e5:
3c:93:80:9b:41:92:00:4c:84:41:6e:89:43:d5:d0:
27:a4:b6:b1:e3:0a:13:89:b3:d0:3d:a5:98:fd:03:
ad:bf:66:53:88:81:85:7e:61:5d:f7:15:68:e2:09:
ad:b6:f2:33:26:8d:7b:58:93:10:e7:12:e5:f4:31:
3e:95:d5:8e:58:06:23:ea:bc:28:90:4e:69:8f:3e:
1e:da:46:44:09:51:11:b4:a4:bb:39:62:2d:6d:2a:
8e:41:b9:9a:c5:dc:66:e8:70:d0:98:b5:b6:53:af:
61:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A8:A4:4D:D1:1F:62:19:2A:B4:FB:61:B0:8F:22:3D:EB:35:2A:31
X509v3 Authority Key Identifier:
keyid:EF:7D:D1:EB:EE:51:3F:FA:31:8C:DC:88:B8:1A:C1:8C:FE:72:6B:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/733R6-5RP_oxjNyIuBrBjP5yazA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/f9ee6d-7640-4e3d-9b45-e56feca612e7/1/mKikTdEfYhkqtPthsI8iPes1KjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/f9ee6d-7640-4e3d-9b45-e56feca612e7/1/733R6-5RP_oxjNyIuBrBjP5yazA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.138.88.0/21
185.97.184.0/22
193.22.143.0/24
193.242.217.0/24
195.88.194.0/23
IPv6:
2a01:a580::/29
2a0a:21c0::/29
Signature Algorithm: sha256WithRSAEncryption
c0:05:c8:ab:8a:0e:00:a3:9a:76:97:6d:09:48:68:3c:9d:c1:
4f:cd:d8:17:11:8e:c5:d7:08:b9:ad:66:99:26:9e:f2:f2:9c:
3e:13:10:4b:34:44:0a:00:46:50:83:c5:93:5f:40:eb:72:02:
5b:b6:30:e4:37:c7:72:81:b8:97:96:a4:12:d4:63:db:2e:14:
24:06:c4:f7:30:6f:53:6d:46:43:23:41:bd:97:6f:8f:fa:91:
c2:82:be:3a:6b:b0:24:5d:25:97:7d:5d:19:c4:d2:ea:14:e4:
36:f5:d2:94:3b:30:4c:c7:58:73:c9:54:2d:04:86:35:ed:82:
1e:f8:f4:9f:59:2c:c2:34:11:3c:21:13:d2:80:15:99:55:69:
68:ef:ca:e7:28:45:ca:dc:d7:b1:f8:42:cb:fa:0c:81:d2:67:
43:24:dd:18:d4:3c:90:06:65:0e:29:8a:fe:0e:45:72:ff:9b:
ab:d7:57:7d:cd:84:20:d6:46:a0:bf:fa:81:9c:04:d9:92:d2:
1f:ae:1d:be:32:8c:b1:d7:3b:fe:ee:71:ed:c9:7a:af:22:d0:
90:84:16:74:b5:9f:a5:46:d8:23:81:49:08:7a:a2:87:10:90:
dd:a1:eb:a7:e7:25:b5:97:5a:83:4b:79:df:fa:a6:a4:c8:47:
77:82:b1:7c
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzGt91M2ILyijnzcxw6vSs/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmN2RkMWViZWU1MTNmZmEzMThjZGM4OGI4MWFjMThjZmU3
MjZiMzAwHhcNMjQwMTAxMjAyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGE4YTQ0ZGQxMWY2MjE5MmFiNGZiNjFiMDhmMjIzZGViMzUyYTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicl8kZmo7DYo3OHUfpekP7s4NuWJ
plilImhgG6P3UCSSuQTy5xcjQM5w4xPtVQEXC5LKy7FQi0m5zpA8itTelaAkp7mE
akFbdy58Lhxf7T+1ppOis0m0TZ/UPnRiLN+3nkdgK6PjhA8iqa+9B1sWyuUeoQtP
rOn8vtZAc2rAeSxjv9Ral9xz7WBk5q2nL+RTO4EVuOU8k4CbQZIATIRBbolD1dAn
pLax4woTibPQPaWY/QOtv2ZTiIGFfmFd9xVo4gmttvIzJo17WJMQ5xLl9DE+ldWO
WAYj6rwokE5pjz4e2kZECVERtKS7OWItbSqOQbmaxdxm6HDQmLW2U69hrQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFJiopE3RH2IZKrT7YbCPIj3rNSoxMB8GA1UdIwQY
MBaAFO990evuUT/6MYzciLgawYz+cmswMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzMzUjYtNVJQX294ak55SXVCckJqUDV5YXpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9mOWVlNmQtNzY0MC00ZTNkLTliNDUt
ZTU2ZmVjYTYxMmU3LzEvbUtpa1RkRWZZaGtxdFB0aHNJOGlQZXMxS2pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9mOWVlNmQtNzY0MC00ZTNkLTliNDUtZTU2ZmVjYTYxMmU3
LzEvNzMzUjYtNVJQX294ak55SXVCckJqUDV5YXpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDjYpYAwQC
uWG4AwQAwRaPAwQAwfLZAwQBw1jCMBQEAgACMA4DBQMqAaWAAwUDKgohwDANBgkq
hkiG9w0BAQsFAAOCAQEAwAXIq4oOAKOadpdtCUhoPJ3BT83YFxGOxdcIua1mmSae
8vKcPhMQSzRECgBGUIPFk19A63ICW7Yw5DfHcoG4l5akEtRj2y4UJAbE9zBvU21G
QyNBvZdvj/qRwoK+OmuwJF0ll31dGcTS6hTkNvXSlDswTMdYc8lULQSGNe2CHvj0
n1kswjQRPCET0oAVmVVpaO/K5yhFytzXsfhCy/oMgdJnQyTdGNQ8kAZlDimK/g5F
cv+bq9dXfc2EINZGoL/6gZwE2ZLSH64dvjKMsdc7/u5x7cl6ryLQkIQWdLWfpUbY
I4FJCHqihxCQ3aHrp+cltZdag0t53/qmpMhHd4KxfA==
-----END CERTIFICATE-----
Generated at Fri May 10 17:49:03 2024 by rpki-client on console-ams.rpki-client.org