Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/90033c-5b03-4709-b6d3-a865e189ed8a/1/mP2ym5I7teIvfQowUuDuTVqjhno.roa
File: mP2ym5I7teIvfQowUuDuTVqjhno.roa (raw, json)
Hash identifier: HSw2xIdw+/hY3t0yr/kZp5PpnEjGciQF0320Xgsak6w=
Subject key identifier: 98:FD:B2:9B:92:3B:B5:E2:2F:7D:0A:30:52:E0:EE:4D:5A:A3:86:7A
Certificate issuer: /CN=c2fca944458606b1017e26c3ca17430f7ff924b3
Certificate serial: 018CC94CCAB21C33A5A7C2D2B917099359F7
Authority key identifier: C2:FC:A9:44:45:86:06:B1:01:7E:26:C3:CA:17:43:0F:7F:F9:24:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wvypREWGBrEBfibDyhdDD3_5JLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/90033c-5b03-4709-b6d3-a865e189ed8a/1/mP2ym5I7teIvfQowUuDuTVqjhno.roa
Signing time: Tue 02 Jan 2024 08:31:42 +0000
ROA not before: Tue 02 Jan 2024 08:31:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51988
IP address blocks: 91.220.194.0/24 maxlen: 24
2001:7f8:46::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/90033c-5b03-4709-b6d3-a865e189ed8a/1/wvypREWGBrEBfibDyhdDD3_5JLM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/90033c-5b03-4709-b6d3-a865e189ed8a/1/wvypREWGBrEBfibDyhdDD3_5JLM.mft
rsync://rpki.ripe.net/repository/DEFAULT/wvypREWGBrEBfibDyhdDD3_5JLM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:ca:b2:1c:33:a5:a7:c2:d2:b9:17:09:93:59:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2fca944458606b1017e26c3ca17430f7ff924b3
Validity
Not Before: Jan 2 08:31:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98fdb29b923bb5e22f7d0a3052e0ee4d5aa3867a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:aa:d8:58:48:c6:9d:e2:5c:d0:80:a8:62:b8:
e3:b9:7d:01:a4:2c:60:31:4b:58:12:ea:10:44:b1:
13:f2:ad:63:f9:42:ce:ec:39:51:04:ab:e2:0b:a1:
1b:f4:c7:b6:58:28:f1:57:02:b6:a6:bc:2b:a9:90:
8d:66:a1:c2:b3:8a:25:93:58:17:28:a3:b8:82:9d:
5c:f4:88:84:fd:80:9c:27:a5:e9:62:62:fe:c4:46:
2e:8a:26:b9:d1:dd:8c:4b:b6:b9:64:c3:f9:77:44:
40:a8:34:30:1a:3b:ca:9f:0e:2d:a6:7c:cc:89:78:
4f:71:03:d1:81:f3:36:da:bf:99:76:25:96:ef:0a:
45:2d:5a:95:ba:b2:ca:85:9a:a9:00:0d:b5:1a:92:
6d:1a:ec:0b:87:7e:25:40:e1:e1:a2:a4:12:12:54:
49:0d:9c:a1:0b:83:c1:88:7a:2e:6e:de:11:95:d9:
38:9c:2e:5d:0d:38:ae:d7:f5:90:f5:db:27:dc:96:
56:69:6d:87:3f:ad:46:48:47:0d:0c:bd:f3:3f:fb:
27:04:5d:74:5d:5b:97:c2:bd:76:2a:f5:c9:40:40:
0a:3e:6f:10:9e:57:a4:38:b5:5e:19:ea:ed:0e:a7:
33:43:b4:2d:31:e0:7f:08:36:4f:15:ee:6c:fd:41:
13:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:FD:B2:9B:92:3B:B5:E2:2F:7D:0A:30:52:E0:EE:4D:5A:A3:86:7A
X509v3 Authority Key Identifier:
keyid:C2:FC:A9:44:45:86:06:B1:01:7E:26:C3:CA:17:43:0F:7F:F9:24:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wvypREWGBrEBfibDyhdDD3_5JLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/90033c-5b03-4709-b6d3-a865e189ed8a/1/mP2ym5I7teIvfQowUuDuTVqjhno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/90033c-5b03-4709-b6d3-a865e189ed8a/1/wvypREWGBrEBfibDyhdDD3_5JLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.194.0/24
IPv6:
2001:7f8:46::/48
Signature Algorithm: sha256WithRSAEncryption
37:29:13:51:d4:13:df:d3:21:0b:de:bb:a3:64:b3:28:c3:f5:
c3:e4:ff:22:c6:b6:01:73:2a:1f:ea:9f:d1:e2:bc:07:5a:c5:
bd:2c:1b:0c:5d:2e:8e:3b:0a:fb:e4:a5:28:16:ef:e6:ac:dc:
5c:ad:17:71:2a:ab:b1:ee:bd:6c:0c:fa:a6:d5:d4:aa:6c:26:
28:a1:ae:66:77:5b:b7:d9:54:78:2f:f6:ff:9a:d1:8e:b3:6f:
9f:4d:28:3f:02:47:23:57:d9:10:3b:d1:14:bc:72:a7:1f:df:
0a:ae:31:1f:f3:23:ff:20:e9:5f:81:f8:7d:b5:21:db:19:e1:
cb:31:0e:54:83:ae:e6:2b:ad:6e:63:ac:94:d9:00:ac:ad:33:
02:0e:88:9a:78:62:61:8c:a1:7b:19:89:df:32:1a:a8:5c:52:
5c:91:f0:9a:79:7b:4e:16:46:1f:b5:14:b8:2e:74:f5:b1:ee:
49:d7:97:1c:27:d3:c9:c3:80:b6:23:e5:35:26:d3:01:c6:77:
dd:51:ef:74:b8:35:f2:2d:19:78:61:17:7b:2d:4c:fb:f7:8b:
11:39:a1:21:03:f5:3c:e4:69:36:7a:4e:4a:ea:0a:f7:f6:b1:
e0:97:81:ea:34:a4:7c:1a:c8:38:15:5b:11:e6:db:42:6b:35:
85:15:cb:b6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJTMqyHDOlp8LSuRcJk1n3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZmNhOTQ0NDU4NjA2YjEwMTdlMjZjM2NhMTc0MzBmN2Zm
OTI0YjMwHhcNMjQwMTAyMDgzMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGZkYjI5YjkyM2JiNWUyMmY3ZDBhMzA1MmUwZWU0ZDVhYTM4NjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqrYWEjGneJc0ICoYrjjuX0BpCxg
MUtYEuoQRLET8q1j+ULO7DlRBKviC6Eb9Me2WCjxVwK2prwrqZCNZqHCs4olk1gX
KKO4gp1c9IiE/YCcJ6XpYmL+xEYuiia50d2MS7a5ZMP5d0RAqDQwGjvKnw4tpnzM
iXhPcQPRgfM22r+ZdiWW7wpFLVqVurLKhZqpAA21GpJtGuwLh34lQOHhoqQSElRJ
DZyhC4PBiHoubt4Rldk4nC5dDTiu1/WQ9dsn3JZWaW2HP61GSEcNDL3zP/snBF10
XVuXwr12KvXJQEAKPm8QnlekOLVeGertDqczQ7QtMeB/CDZPFe5s/UETPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJj9spuSO7XiL30KMFLg7k1ao4Z6MB8GA1UdIwQY
MBaAFML8qURFhgaxAX4mw8oXQw9/+SSzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3Z5cFJFV0dCckVCZmliRHloZEREM181SkxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85MDAzM2MtNWIwMy00NzA5LWI2ZDMt
YTg2NWUxODllZDhhLzEvbVAyeW01STd0ZUl2ZlFvd1V1RHVUVnFqaG5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85MDAzM2MtNWIwMy00NzA5LWI2ZDMtYTg2NWUxODllZDhh
LzEvd3Z5cFJFV0dCckVCZmliRHloZEREM181SkxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9zCMA8E
AgACMAkDBwAgAQf4AEYwDQYJKoZIhvcNAQELBQADggEBADcpE1HUE9/TIQveu6Nk
syjD9cPk/yLGtgFzKh/qn9HivAdaxb0sGwxdLo47CvvkpSgW7+as3FytF3Eqq7Hu
vWwM+qbV1KpsJiihrmZ3W7fZVHgv9v+a0Y6zb59NKD8CRyNX2RA70RS8cqcf3wqu
MR/zI/8g6V+B+H21IdsZ4csxDlSDruYrrW5jrJTZAKytMwIOiJp4YmGMoXsZid8y
GqhcUlyR8Jp5e04WRh+1FLgudPWx7knXlxwn08nDgLYj5TUm0wHGd91R73S4NfIt
GXhhF3stTPv3ixE5oSED9TzkaTZ6TkrqCvf2seCXgeo0pHwayDgVWxHm20JrNYUV
y7Y=
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:57:26 2024 by rpki-client on console-ams.rpki-client.org