Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/mMIPRjMiZSXaB57rAQ0wytKjTJU.roa
File: mMIPRjMiZSXaB57rAQ0wytKjTJU.roa (raw, json)
Hash identifier: ZLymd2V7iuCz3LXSWaUlVcT2l4sB8VW+EdhcAR/dmA4=
Subject key identifier: 98:C2:0F:46:33:22:65:25:DA:07:9E:EB:01:0D:30:CA:D2:A3:4C:95
Certificate issuer: /CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Certificate serial: 019244FE4A1A272A59FEDA6C3DF90646D366
Authority key identifier: FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/mMIPRjMiZSXaB57rAQ0wytKjTJU.roa
Signing time: Mon 30 Sep 2024 22:12:48 +0000
ROA not before: Mon 30 Sep 2024 22:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62651
IP address blocks: 176.67.82.0/24 maxlen: 24
176.67.85.0/24 maxlen: 24
176.67.86.0/24 maxlen: 24
176.67.87.0/24 maxlen: 24
185.91.120.0/23 maxlen: 23
2a05:e9c0:1000::/40 maxlen: 40
2a05:e9c0:1400::/40 maxlen: 40
2a05:e9c0:1800::/40 maxlen: 40
2a05:e9c0:3800::/40 maxlen: 40
2a05:e9c0:4400::/40 maxlen: 40
2a05:e9c0:5000::/40 maxlen: 40
2a05:e9c0:6800::/40 maxlen: 40
2a05:e9c0:7400::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:44:fe:4a:1a:27:2a:59:fe:da:6c:3d:f9:06:46:d3:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Validity
Not Before: Sep 30 22:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98c20f4633226525da079eeb010d30cad2a34c95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:83:cc:36:45:ba:1f:79:8b:3f:c7:64:d1:42:
1f:cf:c3:5a:ae:f5:b4:fe:e5:29:a5:55:4f:4f:49:
33:1d:61:0d:bd:1d:cd:7f:04:67:cf:34:94:ac:6a:
3c:6a:03:bb:79:df:2f:14:34:86:79:e9:52:75:86:
3b:e5:4d:29:33:b2:35:b4:bc:56:dc:6b:a2:31:61:
6b:56:f1:1f:6c:bd:7e:f1:d9:d1:8a:c8:7f:5c:37:
c7:2a:7d:e8:b0:93:79:c6:df:b5:ef:66:b1:3e:5d:
f7:77:8c:02:34:95:59:e7:38:a5:58:9a:00:a2:96:
02:0f:58:64:eb:b1:e8:35:e3:50:d4:d0:9a:25:af:
80:92:ef:5f:f6:cb:d6:a6:1b:4f:cf:55:a8:1c:d0:
86:12:1a:a1:81:e6:56:b1:9d:19:92:55:a1:f2:8e:
e7:52:63:b9:05:27:db:2f:5e:8f:32:32:aa:b1:81:
f7:bf:61:66:12:ae:d0:e9:75:b6:77:90:72:08:7d:
8d:a0:7e:37:75:14:59:0a:73:5b:7f:7c:ef:4c:e9:
04:dd:4c:0e:bd:73:f8:db:e1:f2:dd:83:8c:dc:43:
da:4b:27:68:87:96:39:08:e3:35:da:fa:60:82:7d:
9b:b4:43:27:e4:da:64:43:7f:81:cd:e9:ff:51:3f:
3f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:C2:0F:46:33:22:65:25:DA:07:9E:EB:01:0D:30:CA:D2:A3:4C:95
X509v3 Authority Key Identifier:
keyid:FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/mMIPRjMiZSXaB57rAQ0wytKjTJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.67.82.0/24
176.67.85.0-176.67.87.255
185.91.120.0/23
IPv6:
2a05:e9c0:1000::/40
2a05:e9c0:1400::/40
2a05:e9c0:1800::/40
2a05:e9c0:3800::/40
2a05:e9c0:4400::/40
2a05:e9c0:5000::/40
2a05:e9c0:6800::/40
2a05:e9c0:7400::/40
Signature Algorithm: sha256WithRSAEncryption
60:ab:8c:ac:51:eb:29:bf:c4:09:a0:11:b4:ff:48:1d:c6:e1:
6d:de:98:b0:f9:b7:6f:95:94:2f:0a:12:51:d7:13:ba:18:93:
c4:0a:9d:17:4a:56:f8:5f:b9:94:e9:48:3f:f4:96:99:47:06:
90:a7:c0:7c:ad:c1:a6:fa:63:7d:e3:90:33:61:3a:15:5a:b1:
09:30:a6:45:45:40:2f:6b:13:69:6c:b5:97:c3:4c:90:7b:82:
88:c5:f7:01:5a:ba:32:28:30:9d:b9:53:c4:c0:f5:83:ab:5f:
eb:35:50:4b:75:92:02:67:3e:72:b4:d7:d3:55:49:f6:cf:c7:
b0:09:09:e5:0b:01:2c:1b:41:4f:ba:94:60:78:86:8f:ef:d1:
b3:66:c3:52:21:aa:04:1d:26:5f:f9:41:3c:70:9f:94:98:4a:
58:e6:ce:29:e1:f4:81:f5:c0:92:ad:47:c4:ad:bf:7f:7d:aa:
e2:b3:ff:10:a3:78:11:e2:86:b0:7f:47:41:60:5a:f2:87:1a:
5a:d3:e6:6a:c3:03:39:a6:b4:b7:7d:04:48:0e:53:57:c2:35:
36:e2:a0:f5:30:ef:72:51:32:8a:e9:01:12:c4:50:8f:b9:0d:
9c:20:c9:04:ed:28:d9:88:85:cf:5a:dc:6b:16:e7:39:f8:9e:
e8:74:52:22
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZJE/koaJypZ/tpsPfkGRtNmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlODE5OWU4MzQ1NTY3ZDg1MTZiNzg4ZmUyZTFkMzk3ZTI3
YzczYTQwHhcNMjQwOTMwMjIxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGMyMGY0NjMzMjI2NTI1ZGEwNzllZWIwMTBkMzBjYWQyYTM0Yzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2oPMNkW6H3mLP8dk0UIfz8NarvW0
/uUppVVPT0kzHWENvR3NfwRnzzSUrGo8agO7ed8vFDSGeelSdYY75U0pM7I1tLxW
3GuiMWFrVvEfbL1+8dnRish/XDfHKn3osJN5xt+172axPl33d4wCNJVZ5zilWJoA
opYCD1hk67HoNeNQ1NCaJa+Aku9f9svWphtPz1WoHNCGEhqhgeZWsZ0ZklWh8o7n
UmO5BSfbL16PMjKqsYH3v2FmEq7Q6XW2d5ByCH2NoH43dRRZCnNbf3zvTOkE3UwO
vXP42+Hy3YOM3EPaSydoh5Y5COM12vpggn2btEMn5NpkQ3+Bzen/UT8/6wIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFJjCD0YzImUl2gee6wENMMrSo0yVMB8GA1UdIwQY
MBaAFP6Bmeg0VWfYUWt4j+Lh05fifHOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQt
ODQwY2NiMzRiM2Y1LzEvbU1JUFJqTWlaU1hhQjU3ckFRMHd5dEtqVEpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQtODQwY2NiMzRiM2Y1
LzEvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajAgBAIAATAaAwQAsENSMAwD
BACwQ1UDBAOwQ1ADBAG5W3gwRgQCAAIwQAMGACoF6cAQAwYAKgXpwBQDBgAqBenA
GAMGACoF6cA4AwYAKgXpwEQDBgAqBenAUAMGACoF6cBoAwYAKgXpwHQwDQYJKoZI
hvcNAQELBQADggEBAGCrjKxR6ym/xAmgEbT/SB3G4W3emLD5t2+VlC8KElHXE7oY
k8QKnRdKVvhfuZTpSD/0lplHBpCnwHytwab6Y33jkDNhOhVasQkwpkVFQC9rE2ls
tZfDTJB7gojF9wFaujIoMJ25U8TA9YOrX+s1UEt1kgJnPnK019NVSfbPx7AJCeUL
ASwbQU+6lGB4ho/v0bNmw1IhqgQdJl/5QTxwn5SYSljmzinh9IH1wJKtR8Stv399
quKz/xCjeBHihrB/R0FgWvKHGlrT5mrDAzmmtLd9BEgOU1fCNTbioPUw73JRMorp
ARLEUI+5DZwgyQTtKNmIhc9a3GsW5zn4nuh0UiI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:44:18 2024 by rpki-client on console-ams.rpki-client.org