Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/9Mtk1uJ0a9YiX8BApmGzUBSEBj8.roa
File: 9Mtk1uJ0a9YiX8BApmGzUBSEBj8.roa (raw, json)
Hash identifier: +dc5ls7kwYUgRMXHZl2ciZfczbwNk7y3Elf2ME0MuTo=
Subject key identifier: F4:CB:64:D6:E2:74:6B:D6:22:5F:C0:40:A6:61:B3:50:14:84:06:3F
Certificate issuer: /CN=4126ac4afafd269881c10ad2eca2f4def8edbd21
Certificate serial: 018CC6B8A609B27FF5CF4F8EDECF5B7E048D
Authority key identifier: 41:26:AC:4A:FA:FD:26:98:81:C1:0A:D2:EC:A2:F4:DE:F8:ED:BD:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QSasSvr9JpiBwQrS7KL03vjtvSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/9Mtk1uJ0a9YiX8BApmGzUBSEBj8.roa
Signing time: Mon 01 Jan 2024 20:30:39 +0000
ROA not before: Mon 01 Jan 2024 20:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35185
IP address blocks: 91.208.199.0/24 maxlen: 24
85.209.165.0/24 maxlen: 24
85.209.166.0/24 maxlen: 24
85.209.164.0/24 maxlen: 24
85.209.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/QSasSvr9JpiBwQrS7KL03vjtvSE.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/QSasSvr9JpiBwQrS7KL03vjtvSE.mft
rsync://rpki.ripe.net/repository/DEFAULT/QSasSvr9JpiBwQrS7KL03vjtvSE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:03:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:a6:09:b2:7f:f5:cf:4f:8e:de:cf:5b:7e:04:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4126ac4afafd269881c10ad2eca2f4def8edbd21
Validity
Not Before: Jan 1 20:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4cb64d6e2746bd6225fc040a661b3501484063f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:cc:9d:5e:db:f7:42:23:a3:9d:ce:0c:fb:86:
22:c1:ec:e9:6f:e2:7d:b8:10:f5:a8:75:37:5c:29:
79:13:d5:25:f1:10:5b:17:26:f8:06:7c:d0:2f:72:
49:27:d9:f6:b3:45:70:34:28:23:c3:a4:72:90:26:
fc:bf:4c:3b:3e:bf:f8:c3:5b:fb:97:6a:1f:5b:c9:
57:0c:9a:01:3d:2c:3b:e1:ea:94:aa:3e:3e:b0:b3:
cf:5b:06:c2:8d:07:a6:b6:05:45:c3:74:0a:8e:9f:
e0:aa:0a:b3:cf:52:c0:15:b4:ff:ac:bc:36:cd:cc:
03:e0:15:5c:d5:01:81:75:3e:3d:1d:47:2c:48:88:
29:dd:30:50:ad:3d:59:74:fe:06:95:5f:0a:e9:bf:
02:6a:8f:22:fb:c1:17:61:a3:e2:8c:45:10:22:11:
04:a3:ab:74:82:c1:0e:c0:94:ac:48:5c:71:52:85:
d9:ec:de:16:7e:70:e3:08:9d:90:3c:90:18:86:07:
2d:be:68:13:bd:a4:69:41:c8:6c:da:0a:d5:03:81:
0a:ca:53:84:44:76:80:d3:03:e4:25:71:fd:ac:16:
86:ef:4e:50:c1:21:c0:43:1b:0f:2f:ce:0b:d4:5a:
63:fa:65:84:1a:77:f4:b7:f5:66:ff:28:99:f9:80:
95:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:CB:64:D6:E2:74:6B:D6:22:5F:C0:40:A6:61:B3:50:14:84:06:3F
X509v3 Authority Key Identifier:
keyid:41:26:AC:4A:FA:FD:26:98:81:C1:0A:D2:EC:A2:F4:DE:F8:ED:BD:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QSasSvr9JpiBwQrS7KL03vjtvSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/9Mtk1uJ0a9YiX8BApmGzUBSEBj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/QSasSvr9JpiBwQrS7KL03vjtvSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.164.0/22
91.208.199.0/24
Signature Algorithm: sha256WithRSAEncryption
53:96:17:76:ac:d9:5a:f7:43:ac:ab:63:bd:cc:52:c3:93:de:
90:f0:40:1a:63:ab:2a:a3:13:97:86:33:ee:4b:28:5f:b7:b1:
0f:5b:55:2d:bb:8f:81:78:3e:13:da:75:bc:f3:fb:d5:18:44:
27:3f:5e:f6:9b:c2:50:e9:c8:2a:7b:4f:80:99:a0:88:48:b5:
b7:56:72:17:c8:3c:a3:1f:e8:36:ca:ad:59:4c:0e:66:a5:65:
a7:82:c0:97:84:8f:81:ae:03:89:46:f7:a3:c9:23:6e:bf:41:
0e:7a:ff:d8:a8:7f:ad:73:54:19:e0:3c:c5:08:8f:d3:67:28:
fd:85:2d:d1:33:37:70:d0:ee:e8:b8:0c:00:c7:04:0b:dd:d7:
d3:38:6b:ac:0a:01:bc:98:b6:15:ac:db:f8:92:7d:b5:ce:59:
3b:f8:10:e0:c8:2f:85:a3:59:49:78:d4:04:cc:4a:27:6a:35:
c9:6b:d4:df:63:1a:33:bd:51:be:3a:eb:d6:79:cc:0b:13:d8:
21:a0:e5:a7:4d:c8:3d:7f:6e:99:64:53:f2:cc:3e:20:0c:0a:
31:1d:f4:c0:48:dd:b7:e0:1d:32:f4:bd:39:76:1e:71:75:9f:
b1:ea:2b:d0:93:f7:15:38:3e:5a:62:73:3b:44:0a:86:2b:48:
1e:25:7d:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuKYJsn/1z0+O3s9bfgSNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMjZhYzRhZmFmZDI2OTg4MWMxMGFkMmVjYTJmNGRlZjhl
ZGJkMjEwHhcNMjQwMTAxMjAzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGNiNjRkNmUyNzQ2YmQ2MjI1ZmMwNDBhNjYxYjM1MDE0ODQwNjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMydXtv3QiOjnc4M+4Yiwezpb+J9
uBD1qHU3XCl5E9Ul8RBbFyb4BnzQL3JJJ9n2s0VwNCgjw6RykCb8v0w7Pr/4w1v7
l2ofW8lXDJoBPSw74eqUqj4+sLPPWwbCjQemtgVFw3QKjp/gqgqzz1LAFbT/rLw2
zcwD4BVc1QGBdT49HUcsSIgp3TBQrT1ZdP4GlV8K6b8Cao8i+8EXYaPijEUQIhEE
o6t0gsEOwJSsSFxxUoXZ7N4WfnDjCJ2QPJAYhgctvmgTvaRpQchs2grVA4EKylOE
RHaA0wPkJXH9rBaG705QwSHAQxsPL84L1Fpj+mWEGnf0t/Vm/yiZ+YCVLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPTLZNbidGvWIl/AQKZhs1AUhAY/MB8GA1UdIwQY
MBaAFEEmrEr6/SaYgcEK0uyi9N747b0hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVNhc1N2cjlKcGlCd1FyUzdLTDAzdmp0dlNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi85NGRkMmEtNTA0Ni00ODgzLTkxZGEt
YzM5OWJlMDMxYjRhLzEvOU10azF1SjBhOVlpWDhCQXBtR3pVQlNFQmo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi85NGRkMmEtNTA0Ni00ODgzLTkxZGEtYzM5OWJlMDMxYjRh
LzEvUVNhc1N2cjlKcGlCd1FyUzdLTDAzdmp0dlNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVdGkAwQA
W9DHMA0GCSqGSIb3DQEBCwUAA4IBAQBTlhd2rNla90Osq2O9zFLDk96Q8EAaY6sq
oxOXhjPuSyhft7EPW1Utu4+BeD4T2nW88/vVGEQnP172m8JQ6cgqe0+AmaCISLW3
VnIXyDyjH+g2yq1ZTA5mpWWngsCXhI+BrgOJRvejySNuv0EOev/YqH+tc1QZ4DzF
CI/TZyj9hS3RMzdw0O7ouAwAxwQL3dfTOGusCgG8mLYVrNv4kn21zlk7+BDgyC+F
o1lJeNQEzEonajXJa9TfYxozvVG+OuvWecwLE9ghoOWnTcg9f26ZZFPyzD4gDAox
HfTASN234B0y9L05dh5xdZ+x6ivQk/cVOD5aYnM7RAqGK0geJX2b
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:32:50 2024 by rpki-client on console-ams.rpki-client.org