Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/mHeU-YQSqYOTR2-ukosoLMKrPn4.roa
File: mHeU-YQSqYOTR2-ukosoLMKrPn4.roa (raw, json)
Hash identifier: 0lmbtXmEnnebMAeaVgNMOeG8Kwd0nVx+rXxNttyiWwE=
Subject key identifier: 98:77:94:F9:84:12:A9:83:93:47:6F:AE:92:8B:28:2C:C2:AB:3E:7E
Certificate issuer: /CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Certificate serial: 018CC425335B39C26B9D8556477DE7E08BB6
Authority key identifier: D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/mHeU-YQSqYOTR2-ukosoLMKrPn4.roa
Signing time: Mon 01 Jan 2024 08:30:21 +0000
ROA not before: Mon 01 Jan 2024 08:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50311
IP address blocks: 91.220.131.0/24 maxlen: 24
2a04:3e00:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:33:5b:39:c2:6b:9d:85:56:47:7d:e7:e0:8b:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Validity
Not Before: Jan 1 08:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=987794f98412a98393476fae928b282cc2ab3e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:30:a0:6c:e6:b8:4c:72:11:f7:de:06:4e:a4:
b3:59:24:6d:65:8f:42:05:d7:cc:76:22:5d:0c:bb:
0b:bb:1d:cc:1c:21:5c:95:54:5b:0b:13:4f:37:bf:
64:14:57:7c:80:35:6d:fd:de:2c:b6:4d:5c:30:ab:
ec:4f:0d:47:41:5f:32:0b:66:01:2c:8e:98:e2:99:
dc:a5:ae:68:54:79:87:49:58:6b:b5:15:a4:1b:14:
3d:21:c1:dd:bf:b3:09:cf:b3:5d:c6:d6:3c:43:4c:
2a:19:a2:07:f7:de:3c:d3:e6:59:03:75:31:a5:bf:
37:f0:e5:c4:45:0f:a4:70:40:f6:3d:a1:ce:b5:1d:
a4:24:83:86:7a:e5:29:cb:a8:ce:07:77:29:04:96:
d5:a6:69:58:de:30:e8:14:e0:c0:91:1a:22:8a:f9:
4a:a6:d8:e3:b3:72:fc:ef:9a:2a:59:f0:f0:84:f2:
b5:2c:6f:c3:4d:c5:4d:2c:d2:ca:f4:4f:fc:07:d4:
00:6d:61:09:8b:66:68:29:90:4d:cc:2e:c1:26:e1:
24:3c:b8:6a:a2:a2:47:f9:3b:09:62:20:33:e5:e8:
5b:1f:64:5d:f2:33:7b:44:0d:fe:43:01:b0:30:b3:
68:2f:57:33:49:6e:ce:df:5d:14:41:1e:43:b2:dd:
33:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:77:94:F9:84:12:A9:83:93:47:6F:AE:92:8B:28:2C:C2:AB:3E:7E
X509v3 Authority Key Identifier:
keyid:D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/mHeU-YQSqYOTR2-ukosoLMKrPn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.131.0/24
IPv6:
2a04:3e00:1000::/48
Signature Algorithm: sha256WithRSAEncryption
a0:6e:eb:ed:71:aa:05:10:39:03:36:80:6b:38:93:50:5f:5e:
c7:84:78:d4:7c:19:75:93:5a:3e:89:0e:3b:64:b6:d5:89:57:
9e:2a:f6:9b:83:6f:30:00:6b:cf:f6:e3:f1:08:0c:ca:ba:04:
8a:a3:ab:12:a4:92:a4:c2:e2:83:03:10:bf:c5:a2:ff:5e:a9:
e8:37:63:1e:4c:53:27:20:ce:37:3a:9a:24:4f:7c:1e:99:28:
33:75:7e:5c:05:6a:d6:a9:52:97:bb:af:50:c6:35:e0:88:76:
cd:ca:d1:ca:79:30:e9:20:bc:bd:8b:a1:0c:e4:79:00:b9:02:
32:a6:47:51:18:d1:33:ef:3e:55:4d:cd:08:af:41:1b:f5:e4:
86:b8:c5:81:b0:99:c4:51:73:a8:52:ef:69:eb:dc:7d:b3:d4:
8d:86:6f:f0:d7:21:29:36:1a:ff:14:96:dd:20:50:7d:17:37:
f6:72:d2:cf:a0:c6:9a:d0:c2:ad:10:8a:4f:56:fc:0e:89:11:
99:f8:e7:36:87:4a:18:27:ed:a1:79:da:87:6c:9c:b2:c0:0c:
90:19:40:51:1a:86:6f:24:40:57:2e:12:00:e3:b6:b8:78:9e:
e7:b0:8b:ca:93:b6:c7:87:96:8d:3b:00:ad:b2:0f:3e:f1:ec:
93:59:8e:a6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEJTNbOcJrnYVWR33n4Iu2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjAwY2JhZmQyNmZlZTUwNjRmYzg5ZjMwMWRmYzhlM2Mx
ZDNjYTUwHhcNMjQwMTAxMDgzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODc3OTRmOTg0MTJhOTgzOTM0NzZmYWU5MjhiMjgyY2MyYWIzZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDCgbOa4THIR994GTqSzWSRtZY9C
BdfMdiJdDLsLux3MHCFclVRbCxNPN79kFFd8gDVt/d4stk1cMKvsTw1HQV8yC2YB
LI6Y4pncpa5oVHmHSVhrtRWkGxQ9IcHdv7MJz7NdxtY8Q0wqGaIH99480+ZZA3Ux
pb838OXERQ+kcED2PaHOtR2kJIOGeuUpy6jOB3cpBJbVpmlY3jDoFODAkRoiivlK
ptjjs3L875oqWfDwhPK1LG/DTcVNLNLK9E/8B9QAbWEJi2ZoKZBNzC7BJuEkPLhq
oqJH+TsJYiAz5ehbH2Rd8jN7RA3+QwGwMLNoL1czSW7O310UQR5Dst0zOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJh3lPmEEqmDk0dvrpKLKCzCqz5+MB8GA1UdIwQY
MBaAFNNgDLr9Jv7lBk/InzAd/I48HTylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmIt
MWM2ODBhZGY3YTI2LzEvbUhlVS1ZUVNxWU9UUjItdWtvc29MTUtyUG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmItMWM2ODBhZGY3YTI2
LzEvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9yDMA8E
AgACMAkDBwAqBD4AEAAwDQYJKoZIhvcNAQELBQADggEBAKBu6+1xqgUQOQM2gGs4
k1BfXseEeNR8GXWTWj6JDjtkttWJV54q9puDbzAAa8/24/EIDMq6BIqjqxKkkqTC
4oMDEL/Fov9eqeg3Yx5MUycgzjc6miRPfB6ZKDN1flwFatapUpe7r1DGNeCIds3K
0cp5MOkgvL2LoQzkeQC5AjKmR1EY0TPvPlVNzQivQRv15Ia4xYGwmcRRc6hS72nr
3H2z1I2Gb/DXISk2Gv8Ult0gUH0XN/Zy0s+gxprQwq0Qik9W/A6JEZn45zaHShgn
7aF52odsnLLADJAZQFEahm8kQFcuEgDjtrh4nuewi8qTtseHlo07AK2yDz7x7JNZ
jqY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:41:34 2024 by rpki-client on console-ams.rpki-client.org