Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/8c3a8b-9171-4620-b1e0-77fca7a30b9f/1/9mowk0TbRQHT2HhtGoWJL7ooMFY.roa
File: 9mowk0TbRQHT2HhtGoWJL7ooMFY.roa (raw, json)
Hash identifier: eUDrNJbPEYWmap5RfrmQYx5DaHuW7GbPdq9AvajQrEw=
Subject key identifier: F6:6A:30:93:44:DB:45:01:D3:D8:78:6D:1A:85:89:2F:BA:28:30:56
Certificate issuer: /CN=0c6859feba7834c9322b7c6f6bd81bd3bef5ce51
Certificate serial: 01916F5EB21B696910F892328D33F8EB5777
Authority key identifier: 0C:68:59:FE:BA:78:34:C9:32:2B:7C:6F:6B:D8:1B:D3:BE:F5:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DGhZ_rp4NMkyK3xva9gb0771zlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/8c3a8b-9171-4620-b1e0-77fca7a30b9f/1/9mowk0TbRQHT2HhtGoWJL7ooMFY.roa
Signing time: Tue 20 Aug 2024 10:39:22 +0000
ROA not before: Tue 20 Aug 2024 10:39:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9121
IP address blocks: 195.140.196.0/24 maxlen: 24
195.140.197.0/24 maxlen: 24
195.140.198.0/24 maxlen: 24
195.140.199.0/24 maxlen: 24
195.149.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/8c3a8b-9171-4620-b1e0-77fca7a30b9f/1/DGhZ_rp4NMkyK3xva9gb0771zlE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/8c3a8b-9171-4620-b1e0-77fca7a30b9f/1/DGhZ_rp4NMkyK3xva9gb0771zlE.mft
rsync://rpki.ripe.net/repository/DEFAULT/DGhZ_rp4NMkyK3xva9gb0771zlE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6f:5e:b2:1b:69:69:10:f8:92:32:8d:33:f8:eb:57:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c6859feba7834c9322b7c6f6bd81bd3bef5ce51
Validity
Not Before: Aug 20 10:39:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f66a309344db4501d3d8786d1a85892fba283056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ab:2f:02:e5:77:c6:1f:3e:b8:97:61:cc:b4:
b8:29:b0:c9:51:1e:b1:e6:0d:7a:7e:f5:bb:24:33:
cf:b4:1f:e2:39:0e:90:6c:a0:7a:4a:0d:58:e6:f9:
ce:65:2b:db:43:93:60:e9:92:77:dc:3e:be:7c:d5:
5e:46:bd:6f:87:6c:1f:53:33:ce:56:4f:2d:c1:7a:
38:20:52:9f:39:83:27:48:04:fa:af:c4:50:07:d9:
82:ef:1a:b7:12:48:10:e2:42:62:29:1e:34:3f:fe:
9c:af:2e:ca:d6:96:60:a4:a2:f2:09:4c:fc:6f:4e:
eb:7e:ab:dc:d7:60:7e:65:e8:95:ab:7c:aa:bd:a0:
e8:cc:0a:a8:38:01:68:3a:98:5d:5a:4d:81:72:0a:
5a:90:11:c9:63:cf:98:51:ca:8d:1f:a9:ba:18:81:
29:ac:71:13:88:df:89:2d:c2:5d:1d:eb:d9:b4:3e:
28:4b:1e:74:90:34:43:b7:90:6a:28:9e:af:2a:00:
e6:fa:d0:fb:1a:ec:1a:bd:d5:f2:7c:56:df:e5:39:
6b:fe:b3:e2:32:91:52:a4:5e:5d:7e:a6:bb:ad:7f:
1c:14:39:05:12:44:db:1a:71:ef:66:78:e4:dc:7a:
b9:00:db:d6:60:39:05:b1:8a:bc:06:a2:24:4a:08:
d1:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:6A:30:93:44:DB:45:01:D3:D8:78:6D:1A:85:89:2F:BA:28:30:56
X509v3 Authority Key Identifier:
keyid:0C:68:59:FE:BA:78:34:C9:32:2B:7C:6F:6B:D8:1B:D3:BE:F5:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DGhZ_rp4NMkyK3xva9gb0771zlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/8c3a8b-9171-4620-b1e0-77fca7a30b9f/1/9mowk0TbRQHT2HhtGoWJL7ooMFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/8c3a8b-9171-4620-b1e0-77fca7a30b9f/1/DGhZ_rp4NMkyK3xva9gb0771zlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.140.196.0/22
195.149.116.0/24
Signature Algorithm: sha256WithRSAEncryption
24:63:5f:10:49:6f:fe:16:a5:02:63:92:fa:8c:d5:7c:8f:73:
f5:ed:7f:46:91:0a:a7:65:80:6a:6b:bf:2a:58:4e:e6:29:15:
45:74:25:96:fe:5d:eb:2d:41:06:85:07:0b:79:11:f5:90:a6:
b0:b4:e7:fd:fc:63:77:03:b7:95:af:42:be:5c:3e:e8:65:04:
32:4d:aa:92:77:ac:d4:df:4e:75:2d:af:55:3c:db:08:ac:e9:
b6:39:28:66:1f:3a:36:fb:24:64:0b:fe:c2:a4:a6:cc:9e:00:
f1:0e:89:fe:fe:15:d0:e5:2d:0f:b2:b0:be:9d:3b:0a:a3:fa:
8d:b4:5b:59:e6:2d:08:e6:3c:c2:0f:87:ed:c9:bf:7d:e5:45:
6a:26:ce:21:de:2b:1d:f5:14:5b:38:ee:d9:5c:56:f7:6b:9b:
5f:6e:c6:88:0b:7d:74:ff:09:21:26:16:e2:96:7a:33:58:eb:
f7:6b:68:2d:74:4c:f8:15:3e:e6:e6:58:f1:04:6f:0a:f6:d2:
a7:4d:b8:d0:32:9d:17:41:fb:23:c7:f1:30:a7:40:37:b7:53:
84:24:13:e8:6a:6d:74:2c:9d:d3:19:64:4b:a4:f6:95:c1:0c:
76:b6:31:70:c1:bd:d4:76:d7:d8:76:b3:94:1f:a4:9f:5b:22:
da:04:c4:13
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFvXrIbaWkQ+JIyjTP461d3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNjg1OWZlYmE3ODM0YzkzMjJiN2M2ZjZiZDgxYmQzYmVm
NWNlNTEwHhcNMjQwODIwMTAzOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjZhMzA5MzQ0ZGI0NTAxZDNkODc4NmQxYTg1ODkyZmJhMjgzMDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6svAuV3xh8+uJdhzLS4KbDJUR6x
5g16fvW7JDPPtB/iOQ6QbKB6Sg1Y5vnOZSvbQ5Ng6ZJ33D6+fNVeRr1vh2wfUzPO
Vk8twXo4IFKfOYMnSAT6r8RQB9mC7xq3EkgQ4kJiKR40P/6cry7K1pZgpKLyCUz8
b07rfqvc12B+ZeiVq3yqvaDozAqoOAFoOphdWk2BcgpakBHJY8+YUcqNH6m6GIEp
rHETiN+JLcJdHevZtD4oSx50kDRDt5BqKJ6vKgDm+tD7GuwavdXyfFbf5Tlr/rPi
MpFSpF5dfqa7rX8cFDkFEkTbGnHvZnjk3Hq5ANvWYDkFsYq8BqIkSgjRvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPZqMJNE20UB09h4bRqFiS+6KDBWMB8GA1UdIwQY
MBaAFAxoWf66eDTJMit8b2vYG9O+9c5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREdoWl9ycDROTWt5SzN4dmE5Z2IwNzcxemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC84YzNhOGItOTE3MS00NjIwLWIxZTAt
NzdmY2E3YTMwYjlmLzEvOW1vd2swVGJSUUhUMkhodEdvV0pMN29vTUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC84YzNhOGItOTE3MS00NjIwLWIxZTAtNzdmY2E3YTMwYjlm
LzEvREdoWl9ycDROTWt5SzN4dmE5Z2IwNzcxemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCw4zEAwQA
w5V0MA0GCSqGSIb3DQEBCwUAA4IBAQAkY18QSW/+FqUCY5L6jNV8j3P17X9GkQqn
ZYBqa78qWE7mKRVFdCWW/l3rLUEGhQcLeRH1kKawtOf9/GN3A7eVr0K+XD7oZQQy
TaqSd6zU3051La9VPNsIrOm2OShmHzo2+yRkC/7CpKbMngDxDon+/hXQ5S0PsrC+
nTsKo/qNtFtZ5i0I5jzCD4ftyb995UVqJs4h3isd9RRbOO7ZXFb3a5tfbsaIC310
/wkhJhbilnozWOv3a2gtdEz4FT7m5ljxBG8K9tKnTbjQMp0XQfsjx/Ewp0A3t1OE
JBPoam10LJ3TGWRLpPaVwQx2tjFwwb3UdtfYdrOUH6SfWyLaBMQT
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:42:12 2024 by rpki-client on console-fra.rpki-client.org