Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/mZScfSxL4T78-fhidGxlZmNIw6I.roa
File: mZScfSxL4T78-fhidGxlZmNIw6I.roa (raw, json)
Hash identifier: Pze/pgdSIvXn1+Fag2kb0JP6MvO/4uOv01h68+qgORY=
Subject key identifier: 99:94:9C:7D:2C:4B:E1:3E:FC:F9:F8:62:74:6C:65:66:63:48:C3:A2
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 018CC348AFF2DB005D6D30AE16F6CA821141
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/mZScfSxL4T78-fhidGxlZmNIw6I.roa
Signing time: Mon 01 Jan 2024 04:29:29 +0000
ROA not before: Mon 01 Jan 2024 04:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205430
IP address blocks: 91.106.28.0/24 maxlen: 24
94.240.41.0/24 maxlen: 24
94.240.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:af:f2:db:00:5d:6d:30:ae:16:f6:ca:82:11:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Jan 1 04:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99949c7d2c4be13efcf9f862746c65666348c3a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:61:5d:ce:86:05:dc:07:43:f3:71:4e:32:e4:
c3:61:d2:13:6b:fb:1e:a9:a5:33:9a:72:26:8e:c7:
36:c3:3a:48:db:6e:e7:62:7f:9c:60:e1:07:50:f7:
17:aa:61:7b:d0:19:0d:47:c8:1d:a3:6a:33:00:a0:
20:47:21:b8:41:4d:54:16:41:91:a8:99:d0:45:d7:
07:72:4c:8b:60:5d:0e:de:ff:5e:33:b7:dc:2b:06:
d5:d3:09:43:0a:50:67:25:da:ee:43:4f:03:30:b4:
e6:7c:53:c7:9f:d5:ff:ab:ab:e1:f6:c2:da:7c:ea:
6e:28:b8:a4:ae:18:f7:9f:16:48:09:0a:36:f7:d9:
7e:81:b1:4b:51:21:c9:cd:83:d2:c7:ae:7d:cf:4c:
c7:b1:a7:57:81:4e:7a:94:14:b3:51:10:0c:dd:a7:
60:24:a7:98:22:ab:ea:ee:16:34:0c:54:32:d1:c5:
ed:bd:c2:1f:fa:18:dc:4c:78:d9:23:f9:c2:2c:74:
db:1e:c7:df:a0:4a:03:c0:f9:cf:4f:cc:08:ef:e7:
ac:23:ee:16:68:36:24:2a:ea:16:fb:92:c0:ca:d9:
b4:39:cf:9a:26:50:55:80:0c:36:d2:ae:41:85:92:
fe:36:76:41:d6:da:ff:95:55:51:0c:be:dc:34:89:
7f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:94:9C:7D:2C:4B:E1:3E:FC:F9:F8:62:74:6C:65:66:63:48:C3:A2
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/mZScfSxL4T78-fhidGxlZmNIw6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.28.0/24
94.240.41.0/24
94.240.43.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:c6:c3:98:bf:64:88:ca:93:d4:0e:04:47:84:83:65:4c:85:
50:d3:38:29:f8:40:1f:d7:a8:95:ab:54:97:26:f8:08:dc:2f:
ad:f5:3d:84:ce:d9:0a:99:09:2a:db:69:6c:34:63:ba:b4:62:
06:0e:9c:52:09:32:fe:c9:c4:83:38:65:53:b4:6b:f2:84:ef:
ce:43:a3:90:f0:44:32:09:e4:33:1b:9a:5b:15:3e:11:ff:d1:
c0:fe:62:a6:4d:54:4d:6d:69:41:7a:73:79:bf:63:6a:85:b1:
91:a6:91:c7:86:18:01:91:34:c9:e2:81:31:7e:78:86:92:52:
55:e0:bf:9f:d0:af:77:1b:af:c5:c6:6b:e5:09:80:cf:3b:c4:
2e:b1:cc:97:e1:f0:cd:de:83:c9:fe:a3:05:76:c4:8f:74:6b:
62:c9:0c:f5:96:dd:b3:02:fa:0e:53:53:58:3c:02:c5:e5:ba:
c6:e8:70:e6:97:26:1c:bc:0e:c1:c2:e2:8e:67:a4:43:18:e0:
b9:f7:f7:f5:be:4d:7d:6a:c6:ea:fe:96:07:95:41:4c:0f:14:
91:0e:df:99:06:83:c0:d1:07:51:95:5b:f0:41:a2:0c:3f:eb:
75:63:bd:8a:22:73:8f:58:72:ed:09:97:b0:68:91:c2:fd:97:
b4:7e:3c:aa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSK/y2wBdbTCuFvbKghFBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjQwMTAxMDQyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTk0OWM3ZDJjNGJlMTNlZmNmOWY4NjI3NDZjNjU2NjYzNDhjM2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGFdzoYF3AdD83FOMuTDYdITa/se
qaUzmnImjsc2wzpI227nYn+cYOEHUPcXqmF70BkNR8gdo2ozAKAgRyG4QU1UFkGR
qJnQRdcHckyLYF0O3v9eM7fcKwbV0wlDClBnJdruQ08DMLTmfFPHn9X/q6vh9sLa
fOpuKLikrhj3nxZICQo299l+gbFLUSHJzYPSx659z0zHsadXgU56lBSzURAM3adg
JKeYIqvq7hY0DFQy0cXtvcIf+hjcTHjZI/nCLHTbHsffoEoDwPnPT8wI7+esI+4W
aDYkKuoW+5LAytm0Oc+aJlBVgAw20q5BhZL+NnZB1tr/lVVRDL7cNIl/jQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJmUnH0sS+E+/Pn4YnRsZWZjSMOiMB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvbVpTY2ZTeEw0VDc4LWZoaWRHeGxabU5JdzZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW2ocAwQA
XvApAwQAXvArMA0GCSqGSIb3DQEBCwUAA4IBAQBaxsOYv2SIypPUDgRHhINlTIVQ
0zgp+EAf16iVq1SXJvgI3C+t9T2EztkKmQkq22lsNGO6tGIGDpxSCTL+ycSDOGVT
tGvyhO/OQ6OQ8EQyCeQzG5pbFT4R/9HA/mKmTVRNbWlBenN5v2NqhbGRppHHhhgB
kTTJ4oExfniGklJV4L+f0K93G6/FxmvlCYDPO8QuscyX4fDN3oPJ/qMFdsSPdGti
yQz1lt2zAvoOU1NYPALF5brG6HDmlyYcvA7BwuKOZ6RDGOC59/f1vk19asbq/pYH
lUFMDxSRDt+ZBoPA0QdRlVvwQaIMP+t1Y72KInOPWHLtCZewaJHC/Ze0fjyq
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:12:40 2024 by rpki-client on console-fra.rpki-client.org