Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/dMjq98dTYAsqAmh0Bv3tDdzXDF8.roa
File: dMjq98dTYAsqAmh0Bv3tDdzXDF8.roa (raw, json)
Hash identifier: TzmFyNIfLyzEhn0tWQ52LRXyRo7dHAJXpwF6CDYk7GY=
Subject key identifier: 74:C8:EA:F7:C7:53:60:0B:2A:02:68:74:06:FD:ED:0D:DC:D7:0C:5F
Certificate issuer: /CN=9b632edb635aa8f9c40a0495a7a63bb6539580bb
Certificate serial: 018CC26D861EEA6C0DFEBCFC2F7E2AF32CAE
Authority key identifier: 9B:63:2E:DB:63:5A:A8:F9:C4:0A:04:95:A7:A6:3B:B6:53:95:80:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m2Mu22NaqPnECgSVp6Y7tlOVgLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/dMjq98dTYAsqAmh0Bv3tDdzXDF8.roa
Signing time: Mon 01 Jan 2024 00:30:06 +0000
ROA not before: Mon 01 Jan 2024 00:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8879
IP address blocks: 212.62.64.0/19 maxlen: 24
84.201.64.0/18 maxlen: 24
81.89.224.0/19 maxlen: 24
2a00:1348::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/m2Mu22NaqPnECgSVp6Y7tlOVgLs.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/m2Mu22NaqPnECgSVp6Y7tlOVgLs.mft
rsync://rpki.ripe.net/repository/DEFAULT/m2Mu22NaqPnECgSVp6Y7tlOVgLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:86:1e:ea:6c:0d:fe:bc:fc:2f:7e:2a:f3:2c:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b632edb635aa8f9c40a0495a7a63bb6539580bb
Validity
Not Before: Jan 1 00:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74c8eaf7c753600b2a02687406fded0ddcd70c5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d1:d6:03:ec:a1:bc:fc:13:4b:5e:c5:27:a1:
46:64:78:48:3d:86:c9:9b:71:69:40:50:ec:99:5e:
60:5f:dc:80:3f:5c:06:7d:37:24:49:b3:97:7e:11:
69:f6:4a:7f:39:79:7d:cd:16:64:55:19:d3:08:6a:
80:8d:75:0e:2e:61:fd:8c:f5:00:81:bd:d9:2d:12:
4d:f1:de:80:d3:a9:fe:4d:a4:0b:7c:42:1e:c2:e2:
1f:26:1f:e2:27:c6:71:76:36:99:49:c0:78:f2:c5:
5b:f8:fc:1f:10:47:bd:4e:e2:69:8b:95:47:63:01:
4b:44:a3:fd:0a:1c:a3:3a:62:bf:d3:7b:82:3d:3c:
a8:cd:14:78:32:64:74:b4:5e:56:c1:7f:c3:43:62:
41:ec:4b:47:73:f9:7a:09:60:de:48:fb:11:6f:b4:
90:93:84:89:d2:4d:74:d0:13:51:c1:d1:bc:4a:a6:
2e:6f:f7:e2:80:06:3b:5d:a5:72:a2:f8:66:ea:28:
30:0c:82:7c:bb:dc:68:5e:ae:73:a9:9c:89:27:d2:
9b:6a:c1:9c:e7:d7:64:a1:47:c9:4a:a7:bd:e2:ff:
b5:79:e1:42:4e:07:7c:25:76:f3:36:ea:7d:d6:2f:
db:b0:28:94:54:ed:f8:c0:b1:fb:6f:32:8d:c8:a6:
a6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:C8:EA:F7:C7:53:60:0B:2A:02:68:74:06:FD:ED:0D:DC:D7:0C:5F
X509v3 Authority Key Identifier:
keyid:9B:63:2E:DB:63:5A:A8:F9:C4:0A:04:95:A7:A6:3B:B6:53:95:80:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m2Mu22NaqPnECgSVp6Y7tlOVgLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/dMjq98dTYAsqAmh0Bv3tDdzXDF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/m2Mu22NaqPnECgSVp6Y7tlOVgLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.89.224.0/19
84.201.64.0/18
212.62.64.0/19
IPv6:
2a00:1348::/32
Signature Algorithm: sha256WithRSAEncryption
52:e1:af:4d:70:bd:6e:2b:fd:8c:4f:cc:3b:d1:b1:e4:85:e5:
9a:08:75:10:93:51:6e:e0:79:26:5f:9a:68:69:1c:23:49:cc:
c7:43:ba:f3:c4:44:18:f1:96:01:31:d0:4c:d6:73:ec:9e:c0:
af:7a:3e:89:dc:3f:18:dc:97:14:40:2f:ca:ac:e8:70:5e:dc:
4f:eb:7c:93:65:f5:df:a2:be:4f:8e:ea:c6:c5:51:c6:bb:8b:
b5:8e:54:14:2f:91:60:c2:a8:97:70:a5:be:cb:4f:f1:31:65:
b4:78:6a:19:aa:72:06:ae:c8:94:b1:62:c5:6d:72:06:ae:94:
8e:cc:3d:d9:fb:5a:a5:ab:d4:ca:67:c7:04:05:f3:30:09:04:
e9:06:d9:14:b2:75:d4:10:74:e4:7e:f7:2d:ee:ff:8e:4f:cc:
b6:36:f2:bd:7b:22:71:77:7a:ed:f9:96:47:ff:60:d6:2d:a0:
87:85:04:44:52:03:e0:f5:60:70:5f:6f:77:40:a5:1c:9a:78:
a8:ba:ba:01:40:d4:f7:02:ab:c3:51:1a:95:93:21:6e:89:e8:
aa:1e:3a:89:03:70:cf:07:9e:24:1b:e6:b9:28:bd:53:8a:93:
09:0e:5e:8c:37:17:1a:c4:54:36:37:61:5a:0e:4b:20:ed:a2:
cf:34:eb:43
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzCbYYe6mwN/rz8L34q8yyuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNjMyZWRiNjM1YWE4ZjljNDBhMDQ5NWE3YTYzYmI2NTM5
NTgwYmIwHhcNMjQwMTAxMDAzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGM4ZWFmN2M3NTM2MDBiMmEwMjY4NzQwNmZkZWQwZGRjZDcwYzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9HWA+yhvPwTS17FJ6FGZHhIPYbJ
m3FpQFDsmV5gX9yAP1wGfTckSbOXfhFp9kp/OXl9zRZkVRnTCGqAjXUOLmH9jPUA
gb3ZLRJN8d6A06n+TaQLfEIewuIfJh/iJ8ZxdjaZScB48sVb+PwfEEe9TuJpi5VH
YwFLRKP9ChyjOmK/03uCPTyozRR4MmR0tF5WwX/DQ2JB7EtHc/l6CWDeSPsRb7SQ
k4SJ0k100BNRwdG8SqYub/figAY7XaVyovhm6igwDIJ8u9xoXq5zqZyJJ9KbasGc
59dkoUfJSqe94v+1eeFCTgd8JXbzNup91i/bsCiUVO34wLH7bzKNyKam5QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHTI6vfHU2ALKgJodAb97Q3c1wxfMB8GA1UdIwQY
MBaAFJtjLttjWqj5xAoElaemO7ZTlYC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTJNdTIyTmFxUG5FQ2dTVnA2WTd0bE9WZ0xzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kMDI5ODMtYjExYy00YmY3LWI0YjUt
ZThjOWFkNWYwNTFhLzEvZE1qcTk4ZFRZQXNxQW1oMEJ2M3REZHpYREY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9kMDI5ODMtYjExYy00YmY3LWI0YjUtZThjOWFkNWYwNTFh
LzEvbTJNdTIyTmFxUG5FQ2dTVnA2WTd0bE9WZ0xzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFUVngAwQG
VMlAAwQF1D5AMA0EAgACMAcDBQAqABNIMA0GCSqGSIb3DQEBCwUAA4IBAQBS4a9N
cL1uK/2MT8w70bHkheWaCHUQk1Fu4HkmX5poaRwjSczHQ7rzxEQY8ZYBMdBM1nPs
nsCvej6J3D8Y3JcUQC/KrOhwXtxP63yTZfXfor5PjurGxVHGu4u1jlQUL5FgwqiX
cKW+y0/xMWW0eGoZqnIGrsiUsWLFbXIGrpSOzD3Z+1qlq9TKZ8cEBfMwCQTpBtkU
snXUEHTkfvct7v+OT8y2NvK9eyJxd3rt+ZZH/2DWLaCHhQREUgPg9WBwX293QKUc
mniouroBQNT3AqvDURqVkyFuieiqHjqJA3DPB54kG+a5KL1TipMJDl6MNxcaxFQ2
N2FaDksg7aLPNOtD
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:00:34 2024 by rpki-client on console-ams.rpki-client.org