Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c51d58-e349-4231-864f-978234c3bb70/1/mhSqf4jtStcAetimdx30z0OMVE8.roa
File: mhSqf4jtStcAetimdx30z0OMVE8.roa (raw, json)
Hash identifier: QLjkyumWP7QjMi/egbzjpDZtNED5wEWBLz1ksr3sr9M=
Subject key identifier: 9A:14:AA:7F:88:ED:4A:D7:00:7A:D8:A6:77:1D:F4:CF:43:8C:54:4F
Certificate issuer: /CN=274d91cfa0a6db9bfd9154a441858e00e38bdbd6
Certificate serial: 018CC94C150590470335338A2ADFB129723D
Authority key identifier: 27:4D:91:CF:A0:A6:DB:9B:FD:91:54:A4:41:85:8E:00:E3:8B:DB:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J02Rz6Cm25v9kVSkQYWOAOOL29Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c51d58-e349-4231-864f-978234c3bb70/1/mhSqf4jtStcAetimdx30z0OMVE8.roa
Signing time: Tue 02 Jan 2024 08:30:55 +0000
ROA not before: Tue 02 Jan 2024 08:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209088
IP address blocks: 5.181.212.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/c51d58-e349-4231-864f-978234c3bb70/1/J02Rz6Cm25v9kVSkQYWOAOOL29Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/c51d58-e349-4231-864f-978234c3bb70/1/J02Rz6Cm25v9kVSkQYWOAOOL29Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/J02Rz6Cm25v9kVSkQYWOAOOL29Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:15:05:90:47:03:35:33:8a:2a:df:b1:29:72:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=274d91cfa0a6db9bfd9154a441858e00e38bdbd6
Validity
Not Before: Jan 2 08:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a14aa7f88ed4ad7007ad8a6771df4cf438c544f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:bd:d6:69:84:df:ed:dd:39:73:4c:b5:e6:9d:
df:89:ae:a8:38:fc:9d:ab:a1:fa:e2:5e:49:2d:50:
ce:7d:85:8c:b8:cc:4e:2c:96:82:15:c2:18:0d:46:
ec:fa:c6:82:bb:8b:db:46:4f:09:42:dd:f3:51:c6:
eb:c2:b9:ec:55:7a:5f:e1:a1:2c:dd:67:e2:d9:08:
4e:b5:44:58:aa:1d:a4:88:15:2f:bd:e8:a1:26:1e:
8b:8b:4d:61:da:da:cf:0e:f8:e7:6a:f7:a4:37:66:
ec:9a:de:ee:7e:14:80:1e:b1:33:e5:24:64:d1:1b:
a7:42:a6:06:eb:ab:f6:40:e6:c9:8a:2a:07:4b:41:
8d:96:cb:29:3c:aa:9e:8c:8f:dd:96:36:42:e4:e9:
56:69:eb:00:0d:65:14:47:f0:17:95:60:52:d4:ec:
3d:bd:94:63:57:7d:62:f8:5f:db:d2:44:29:7b:07:
de:8d:d1:7a:9a:73:d8:d6:2e:66:9d:86:1c:b8:b0:
68:3f:0c:1f:e6:38:ce:81:6a:3a:95:a5:bd:69:a0:
5a:8c:e6:4a:1a:fd:e2:fc:b6:b1:ff:ea:19:7c:71:
9b:3e:b5:7f:be:ee:e2:75:d7:9c:5f:5d:8b:fe:17:
51:3e:95:3a:71:3f:06:60:a7:06:a5:54:8f:88:41:
c1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:14:AA:7F:88:ED:4A:D7:00:7A:D8:A6:77:1D:F4:CF:43:8C:54:4F
X509v3 Authority Key Identifier:
keyid:27:4D:91:CF:A0:A6:DB:9B:FD:91:54:A4:41:85:8E:00:E3:8B:DB:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J02Rz6Cm25v9kVSkQYWOAOOL29Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c51d58-e349-4231-864f-978234c3bb70/1/mhSqf4jtStcAetimdx30z0OMVE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c51d58-e349-4231-864f-978234c3bb70/1/J02Rz6Cm25v9kVSkQYWOAOOL29Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.212.0/22
Signature Algorithm: sha256WithRSAEncryption
97:66:ab:1f:9e:3c:29:88:34:e2:02:f3:a1:c5:94:9b:87:6c:
fa:9e:9f:d0:f9:38:de:e0:26:91:cc:e6:59:21:15:18:cf:29:
a7:85:e7:af:0a:19:b4:d3:1e:aa:f5:91:17:db:ac:39:f2:2c:
45:00:ea:53:21:3c:a8:19:0a:13:15:80:f7:c4:c9:e1:40:32:
a1:09:47:95:d0:fa:2e:f3:77:36:02:b6:af:08:81:a8:6a:8d:
5f:97:34:fa:2e:25:b4:7e:59:bf:c4:f7:60:16:cb:26:4d:44:
fc:65:63:03:26:3f:40:8a:be:2b:52:e7:10:df:a6:55:50:01:
62:9e:56:e0:39:8f:9b:db:63:35:f5:33:98:6b:47:d8:0b:d0:
54:db:bf:49:a1:e5:3b:68:e4:ec:59:11:e9:57:95:a7:5d:ba:
29:2d:0d:8c:c1:0d:0c:ed:05:9b:51:a8:cb:26:04:33:92:82:
14:d7:16:58:ab:db:76:c4:48:48:d0:9c:a8:dc:3a:71:6b:b3:
85:64:26:d0:11:6a:24:c5:72:57:31:ec:1b:c2:de:82:92:f0:
73:ba:b5:bd:0b:cc:3d:34:90:0d:91:81:d0:fa:da:1c:82:99:
e4:7e:dd:09:56:a4:bd:41:e7:6e:c8:5c:0d:87:b9:71:e6:de:
e5:c5:cb:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTBUFkEcDNTOKKt+xKXI9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NGQ5MWNmYTBhNmRiOWJmZDkxNTRhNDQxODU4ZTAwZTM4
YmRiZDYwHhcNMjQwMTAyMDgzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTE0YWE3Zjg4ZWQ0YWQ3MDA3YWQ4YTY3NzFkZjRjZjQzOGM1NDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApL3WaYTf7d05c0y15p3fia6oOPyd
q6H64l5JLVDOfYWMuMxOLJaCFcIYDUbs+saCu4vbRk8JQt3zUcbrwrnsVXpf4aEs
3Wfi2QhOtURYqh2kiBUvveihJh6Li01h2trPDvjnavekN2bsmt7ufhSAHrEz5SRk
0RunQqYG66v2QObJiioHS0GNlsspPKqejI/dljZC5OlWaesADWUUR/AXlWBS1Ow9
vZRjV31i+F/b0kQpewfejdF6mnPY1i5mnYYcuLBoPwwf5jjOgWo6laW9aaBajOZK
Gv3i/Lax/+oZfHGbPrV/vu7iddecX12L/hdRPpU6cT8GYKcGpVSPiEHBbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJoUqn+I7UrXAHrYpncd9M9DjFRPMB8GA1UdIwQY
MBaAFCdNkc+gptub/ZFUpEGFjgDji9vWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjAyUno2Q20yNXY5a1ZTa1FZV09BT09MMjlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jNTFkNTgtZTM0OS00MjMxLTg2NGYt
OTc4MjM0YzNiYjcwLzEvbWhTcWY0anRTdGNBZXRpbWR4MzB6ME9NVkU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jNTFkNTgtZTM0OS00MjMxLTg2NGYtOTc4MjM0YzNiYjcw
LzEvSjAyUno2Q20yNXY5a1ZTa1FZV09BT09MMjlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbXUMA0G
CSqGSIb3DQEBCwUAA4IBAQCXZqsfnjwpiDTiAvOhxZSbh2z6np/Q+Tje4CaRzOZZ
IRUYzymnheevChm00x6q9ZEX26w58ixFAOpTITyoGQoTFYD3xMnhQDKhCUeV0Pou
83c2AravCIGoao1flzT6LiW0flm/xPdgFssmTUT8ZWMDJj9Air4rUucQ36ZVUAFi
nlbgOY+b22M19TOYa0fYC9BU279JoeU7aOTsWRHpV5WnXbopLQ2MwQ0M7QWbUajL
JgQzkoIU1xZYq9t2xEhI0Jyo3Dpxa7OFZCbQEWokxXJXMewbwt6CkvBzurW9C8w9
NJANkYHQ+tocgpnkft0JVqS9QeduyFwNh7lx5t7lxcuQ
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:43:19 2024 by rpki-client on console-fra.rpki-client.org