Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/miSX2bmrAhwwXa_iQcpweb0JJLM.roa
File: miSX2bmrAhwwXa_iQcpweb0JJLM.roa (raw, json)
Hash identifier: ZH++IkQh8QbNCkQv6HfFWiB3gA0rLk/vqkLXJYImUGk=
Subject key identifier: 9A:24:97:D9:B9:AB:02:1C:30:5D:AF:E2:41:CA:70:79:BD:09:24:B3
Certificate issuer: /CN=712f9cb3c298b150beb79080376f74bdeac438ac
Certificate serial: 018CD0B40846AD6F03EC667165D9A2D1DBBE
Authority key identifier: 71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/miSX2bmrAhwwXa_iQcpweb0JJLM.roa
Signing time: Wed 03 Jan 2024 19:01:48 +0000
ROA not before: Wed 03 Jan 2024 19:01:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60983
IP address blocks: 193.169.46.0/23 maxlen: 24
185.22.128.0/22 maxlen: 24
2a00:6060:ee37::/48 maxlen: 48
2a00:6060::/32 maxlen: 32
2a00:6060:ca00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/cS-cs8KYsVC-t5CAN290verEOKw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/cS-cs8KYsVC-t5CAN290verEOKw.mft
rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d0:b4:08:46:ad:6f:03:ec:66:71:65:d9:a2:d1:db:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=712f9cb3c298b150beb79080376f74bdeac438ac
Validity
Not Before: Jan 3 19:01:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a2497d9b9ab021c305dafe241ca7079bd0924b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:7a:23:2d:95:a6:f4:2f:64:b1:7a:b0:2f:3c:
7e:9c:cf:ce:17:e0:8c:bd:a9:9d:cb:c0:b0:1e:21:
ef:64:36:0f:be:86:87:97:29:8e:25:54:00:28:69:
6e:98:54:a0:9f:f2:cc:11:21:41:c4:c5:3a:91:d5:
b2:4d:b1:e6:d5:50:97:1f:bb:6b:8d:0e:74:b3:6e:
18:75:17:b1:5f:c2:d9:e0:3e:0b:2c:89:af:b3:83:
aa:82:34:39:f6:4a:ad:a8:c1:e1:81:30:3d:84:4f:
e7:e9:b5:34:13:c2:82:0c:00:3b:59:8f:76:d7:a8:
e0:a7:19:c4:28:be:24:65:8b:9e:01:a3:ec:8f:7f:
a1:d3:00:84:2d:1e:c1:02:ea:15:81:02:39:48:1f:
1d:2b:3a:e4:f8:a4:a6:8a:90:3f:c8:ec:61:98:81:
f5:b4:5c:2d:2b:bd:ca:1b:20:62:47:94:4c:28:a7:
d6:cc:b1:f3:78:eb:e3:9f:8f:f8:ae:55:9b:bd:1f:
86:91:2a:2f:3c:7f:c0:e3:29:99:ff:11:a1:15:79:
4e:46:ad:e1:fd:24:4e:ac:cb:40:e3:d1:1a:bc:27:
19:76:53:39:0b:98:89:0b:d0:42:f4:84:f5:49:64:
6d:3c:85:6a:25:f4:f7:48:bf:dd:1d:c1:4a:c0:f9:
a7:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:24:97:D9:B9:AB:02:1C:30:5D:AF:E2:41:CA:70:79:BD:09:24:B3
X509v3 Authority Key Identifier:
keyid:71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/miSX2bmrAhwwXa_iQcpweb0JJLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/cS-cs8KYsVC-t5CAN290verEOKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.128.0/22
193.169.46.0/23
IPv6:
2a00:6060::/32
Signature Algorithm: sha256WithRSAEncryption
3b:93:d6:d4:1e:9e:34:cb:11:32:19:07:67:e9:71:d7:e0:24:
79:89:30:3f:04:d7:30:38:8e:ae:9e:da:76:71:09:e8:71:e1:
07:d5:fa:14:c8:76:26:7c:6d:d1:9f:91:3a:7e:3f:52:35:5b:
70:af:19:36:06:7f:b0:92:58:6f:38:35:42:6e:2c:ed:c0:43:
87:94:fe:bf:79:ac:30:46:c5:47:63:78:9a:f4:61:90:bc:16:
a0:1f:44:d3:38:00:7f:7a:b0:c3:15:4b:ce:d1:55:74:ed:e5:
76:ed:7c:d9:32:60:80:cf:bf:f2:bd:5a:27:02:11:d8:27:05:
1e:25:e1:99:f8:11:cc:59:4d:c7:17:64:79:ee:69:ac:90:f6:
b9:c6:7b:8d:63:85:7d:3d:21:1d:7f:cd:ff:c7:be:f4:36:cd:
0a:99:b0:62:67:f6:00:8f:c8:69:0b:7c:35:31:f5:fa:cd:46:
d8:1d:48:3a:4a:eb:92:a3:9e:e7:66:78:fe:20:40:3f:45:16:
29:d8:94:aa:4e:c4:87:03:7e:67:67:48:e8:aa:dd:e5:0e:4f:
12:37:92:35:ee:1c:13:18:51:34:17:b5:39:03:3e:63:67:94:
6a:06:01:9b:6c:78:05:c9:91:89:40:c0:44:dc:9a:84:5d:24:
5b:50:41:63
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzQtAhGrW8D7GZxZdmi0du+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMmY5Y2IzYzI5OGIxNTBiZWI3OTA4MDM3NmY3NGJkZWFj
NDM4YWMwHhcNMjQwMTAzMTkwMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTI0OTdkOWI5YWIwMjFjMzA1ZGFmZTI0MWNhNzA3OWJkMDkyNGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXojLZWm9C9ksXqwLzx+nM/OF+CM
vamdy8CwHiHvZDYPvoaHlymOJVQAKGlumFSgn/LMESFBxMU6kdWyTbHm1VCXH7tr
jQ50s24YdRexX8LZ4D4LLImvs4OqgjQ59kqtqMHhgTA9hE/n6bU0E8KCDAA7WY92
16jgpxnEKL4kZYueAaPsj3+h0wCELR7BAuoVgQI5SB8dKzrk+KSmipA/yOxhmIH1
tFwtK73KGyBiR5RMKKfWzLHzeOvjn4/4rlWbvR+GkSovPH/A4ymZ/xGhFXlORq3h
/SROrMtA49EavCcZdlM5C5iJC9BC9IT1SWRtPIVqJfT3SL/dHcFKwPmn6QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJokl9m5qwIcMF2v4kHKcHm9CSSzMB8GA1UdIwQY
MBaAFHEvnLPCmLFQvreQgDdvdL3qxDisMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1MtY3M4S1lzVkMtdDVDQU4yOTB2ZXJFT0t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lMmUxMTktZmQ3OC00YjFhLWIxNmEt
OTg3ZGE0MzkyMDU2LzEvbWlTWDJibXJBaHd3WGFfaVFjcHdlYjBKSkxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lMmUxMTktZmQ3OC00YjFhLWIxNmEtOTg3ZGE0MzkyMDU2
LzEvY1MtY3M4S1lzVkMtdDVDQU4yOTB2ZXJFT0t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRaAAwQB
wakuMA0EAgACMAcDBQAqAGBgMA0GCSqGSIb3DQEBCwUAA4IBAQA7k9bUHp40yxEy
GQdn6XHX4CR5iTA/BNcwOI6untp2cQnoceEH1foUyHYmfG3Rn5E6fj9SNVtwrxk2
Bn+wklhvODVCbiztwEOHlP6/eawwRsVHY3ia9GGQvBagH0TTOAB/erDDFUvO0VV0
7eV27XzZMmCAz7/yvVonAhHYJwUeJeGZ+BHMWU3HF2R57mmskPa5xnuNY4V9PSEd
f83/x770Ns0KmbBiZ/YAj8hpC3w1MfX6zUbYHUg6SuuSo57nZnj+IEA/RRYp2JSq
TsSHA35nZ0joqt3lDk8SN5I17hwTGFE0F7U5Az5jZ5RqBgGbbHgFyZGJQMBE3JqE
XSRbUEFj
-----END CERTIFICATE-----
Generated at Sat Sep 28 20:53:32 2024 by rpki-client on console-fra.rpki-client.org