Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/23e07b-e9e4-42a5-b8e0-a8d3838052d0/1/mJqvMzlkXHdHiRUEPuJl-RWjNuI.roa
File: mJqvMzlkXHdHiRUEPuJl-RWjNuI.roa (raw, json)
Hash identifier: jNOltm4il7hK2Uf5JrBc9qyM66VFvetOvLZLqOyZkvc=
Subject key identifier: 98:9A:AF:33:39:64:5C:77:47:89:15:04:3E:E2:65:F9:15:A3:36:E2
Certificate issuer: /CN=f7a58d1b12aeb5583328dda525d0698674bb1def
Certificate serial: 018F0793AA3F8EF2754C9055085100F94F78
Authority key identifier: F7:A5:8D:1B:12:AE:B5:58:33:28:DD:A5:25:D0:69:86:74:BB:1D:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/96WNGxKutVgzKN2lJdBphnS7He8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/23e07b-e9e4-42a5-b8e0-a8d3838052d0/1/mJqvMzlkXHdHiRUEPuJl-RWjNuI.roa
Signing time: Mon 22 Apr 2024 20:51:08 +0000
ROA not before: Mon 22 Apr 2024 20:51:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201117
IP address blocks: 185.245.156.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/23e07b-e9e4-42a5-b8e0-a8d3838052d0/1/96WNGxKutVgzKN2lJdBphnS7He8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/23e07b-e9e4-42a5-b8e0-a8d3838052d0/1/96WNGxKutVgzKN2lJdBphnS7He8.mft
rsync://rpki.ripe.net/repository/DEFAULT/96WNGxKutVgzKN2lJdBphnS7He8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 02:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:07:93:aa:3f:8e:f2:75:4c:90:55:08:51:00:f9:4f:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7a58d1b12aeb5583328dda525d0698674bb1def
Validity
Not Before: Apr 22 20:51:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=989aaf3339645c77478915043ee265f915a336e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:93:c9:fb:6d:68:5f:6f:4d:52:c7:0a:20:ba:
a6:3f:1e:cf:b1:46:71:58:71:7b:fe:a0:80:b1:32:
17:61:44:ca:78:15:d5:e1:a1:fa:9a:f4:38:63:6d:
aa:88:82:59:9a:ad:50:61:93:83:35:73:d0:67:6f:
c6:2d:19:02:50:d1:65:c1:de:7a:4f:ad:4c:10:02:
e3:3b:38:58:73:76:20:54:c1:41:40:7a:db:80:37:
ae:27:c5:dc:27:d1:ed:61:e8:d1:33:e3:fe:ae:67:
d0:23:5d:2f:bd:96:cb:3a:93:79:2e:28:29:7c:60:
d7:53:d3:82:82:20:70:0a:be:1f:cb:c0:4d:b3:89:
c5:57:a6:99:9d:e9:45:4b:ec:bb:0a:97:02:1c:39:
ec:19:ee:f7:b0:4d:ce:30:cc:cd:1d:00:92:a7:1f:
07:06:7f:6b:97:8a:65:d2:b1:fc:e1:64:7b:a8:fc:
93:6e:70:c4:2d:53:1b:4a:ae:b3:39:29:78:9b:07:
0c:87:c1:7c:bc:fe:eb:7a:f9:a2:e1:fe:83:cf:5e:
33:2b:cf:ba:79:d1:24:9d:d5:bd:57:5c:24:8e:1f:
94:90:e0:34:f7:d1:a8:ce:8d:f4:ed:88:28:d1:36:
e0:6f:ab:fb:05:3d:80:13:75:ca:c8:a0:a1:9c:a8:
0e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:9A:AF:33:39:64:5C:77:47:89:15:04:3E:E2:65:F9:15:A3:36:E2
X509v3 Authority Key Identifier:
keyid:F7:A5:8D:1B:12:AE:B5:58:33:28:DD:A5:25:D0:69:86:74:BB:1D:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/96WNGxKutVgzKN2lJdBphnS7He8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/23e07b-e9e4-42a5-b8e0-a8d3838052d0/1/mJqvMzlkXHdHiRUEPuJl-RWjNuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/23e07b-e9e4-42a5-b8e0-a8d3838052d0/1/96WNGxKutVgzKN2lJdBphnS7He8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.156.0/22
Signature Algorithm: sha256WithRSAEncryption
59:e9:91:4e:9b:4d:8c:a9:b4:81:73:ab:dc:2c:b1:05:7c:d5:
88:88:46:12:d7:a9:d9:9b:8a:6e:f1:cf:13:99:d8:fb:23:6e:
78:fa:69:5c:ce:05:b6:18:ab:88:83:64:71:c0:82:3b:07:98:
ff:56:5c:18:4c:3b:db:30:9c:8a:b5:8c:37:66:41:1a:0c:8b:
72:80:7d:54:be:95:15:fd:43:fd:33:b7:dd:22:d0:0b:7b:20:
b4:47:b4:f3:9c:80:e9:20:a3:9d:b7:40:bf:de:8e:64:92:f1:
89:9c:88:39:1d:f3:da:49:43:41:f0:9d:3f:c1:a3:bc:e7:15:
d9:46:0d:fd:d4:8f:7b:05:da:33:e4:8e:05:7b:a3:62:ae:53:
cb:01:33:28:d8:17:85:2c:bb:37:94:06:c4:87:5e:df:84:fb:
7c:fc:5b:dc:9e:bc:bc:de:ad:30:20:c1:09:ed:8a:b9:07:f0:
48:f4:5f:dd:d9:f7:90:c5:35:8a:8b:92:7a:e1:4f:04:b4:97:
2d:7b:2f:17:2e:ac:06:7c:bf:59:94:e9:6a:55:17:95:09:04:
56:8c:bd:15:3d:d3:a2:94:df:63:cc:6d:34:71:3c:37:24:4b:
05:08:99:d8:c5:09:78:af:77:6b:06:33:50:94:07:58:61:b5:
2e:30:4f:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8Hk6o/jvJ1TJBVCFEA+U94MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YTU4ZDFiMTJhZWI1NTgzMzI4ZGRhNTI1ZDA2OTg2NzRi
YjFkZWYwHhcNMjQwNDIyMjA1MTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODlhYWYzMzM5NjQ1Yzc3NDc4OTE1MDQzZWUyNjVmOTE1YTMzNmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZPJ+21oX29NUscKILqmPx7PsUZx
WHF7/qCAsTIXYUTKeBXV4aH6mvQ4Y22qiIJZmq1QYZODNXPQZ2/GLRkCUNFlwd56
T61MEALjOzhYc3YgVMFBQHrbgDeuJ8XcJ9HtYejRM+P+rmfQI10vvZbLOpN5Ligp
fGDXU9OCgiBwCr4fy8BNs4nFV6aZnelFS+y7CpcCHDnsGe73sE3OMMzNHQCSpx8H
Bn9rl4pl0rH84WR7qPyTbnDELVMbSq6zOSl4mwcMh8F8vP7revmi4f6Dz14zK8+6
edEkndW9V1wkjh+UkOA099Gozo307Ygo0Tbgb6v7BT2AE3XKyKChnKgOSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJiarzM5ZFx3R4kVBD7iZfkVozbiMB8GA1UdIwQY
MBaAFPeljRsSrrVYMyjdpSXQaYZ0ux3vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTZXTkd4S3V0Vmd6S04ybEpkQnBoblM3SGU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8yM2UwN2ItZTllNC00MmE1LWI4ZTAt
YThkMzgzODA1MmQwLzEvbUpxdk16bGtYSGRIaVJVRVB1SmwtUldqTnVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8yM2UwN2ItZTllNC00MmE1LWI4ZTAtYThkMzgzODA1MmQw
LzEvOTZXTkd4S3V0Vmd6S04ybEpkQnBoblM3SGU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufWcMA0G
CSqGSIb3DQEBCwUAA4IBAQBZ6ZFOm02MqbSBc6vcLLEFfNWIiEYS16nZm4pu8c8T
mdj7I254+mlczgW2GKuIg2RxwII7B5j/VlwYTDvbMJyKtYw3ZkEaDItygH1UvpUV
/UP9M7fdItALeyC0R7TznIDpIKOdt0C/3o5kkvGJnIg5HfPaSUNB8J0/waO85xXZ
Rg391I97Bdoz5I4Fe6NirlPLATMo2BeFLLs3lAbEh17fhPt8/Fvcnry83q0wIMEJ
7Yq5B/BI9F/d2feQxTWKi5J64U8EtJctey8XLqwGfL9ZlOlqVReVCQRWjL0VPdOi
lN9jzG00cTw3JEsFCJnYxQl4r3drBjNQlAdYYbUuME/b
-----END CERTIFICATE-----
Generated at Tue May 28 10:15:25 2024 by rpki-client on console-ams.rpki-client.org