Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/9ed6d4-7a0d-42b4-96e1-eb277a20f27f/1/mO7AYCrEoetoIZJA7-znXTlKz9g.roa
File: mO7AYCrEoetoIZJA7-znXTlKz9g.roa (raw, json)
Hash identifier: s43c4pGVZbpKAd3juRy92tmTkHd/uNikEP2KV5Su0iU=
Subject key identifier: 98:EE:C0:60:2A:C4:A1:EB:68:21:92:40:EF:EC:E7:5D:39:4A:CF:D8
Certificate issuer: /CN=19ee619ef96a3afd02fc2d5d003a947e4d2d590a
Certificate serial: 018D12AE61A88CC1171DF643F4CC500F0274
Authority key identifier: 19:EE:61:9E:F9:6A:3A:FD:02:FC:2D:5D:00:3A:94:7E:4D:2D:59:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5hnvlqOv0C_C1dADqUfk0tWQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/9ed6d4-7a0d-42b4-96e1-eb277a20f27f/1/mO7AYCrEoetoIZJA7-znXTlKz9g.roa
Signing time: Tue 16 Jan 2024 14:30:34 +0000
ROA not before: Tue 16 Jan 2024 14:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216258
IP address blocks: 92.42.98.0/24 maxlen: 26
2a13:2140::/32 maxlen: 48
2a13:2141:1::/48 maxlen: 48
2a13:2142:1::/48 maxlen: 48
2a13:2143:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/9ed6d4-7a0d-42b4-96e1-eb277a20f27f/1/Ge5hnvlqOv0C_C1dADqUfk0tWQo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/9ed6d4-7a0d-42b4-96e1-eb277a20f27f/1/Ge5hnvlqOv0C_C1dADqUfk0tWQo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ge5hnvlqOv0C_C1dADqUfk0tWQo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Jun 2024 11:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:12:ae:61:a8:8c:c1:17:1d:f6:43:f4:cc:50:0f:02:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee619ef96a3afd02fc2d5d003a947e4d2d590a
Validity
Not Before: Jan 16 14:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98eec0602ac4a1eb68219240efece75d394acfd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:43:87:eb:80:f0:f9:aa:e7:fd:8b:97:5b:7d:
d6:d1:16:45:91:f8:9e:e8:2f:e4:18:9e:3a:c6:06:
b9:69:5d:2f:5b:28:03:b6:de:ba:08:33:f5:32:1c:
1e:ae:fd:98:ad:64:1c:03:8d:cf:ea:87:26:0a:b6:
4c:24:93:7f:f4:3a:33:96:27:0f:9b:7e:12:63:31:
25:da:84:a4:b7:bd:f7:17:bf:3e:b1:23:27:fa:86:
e7:63:f1:b6:e8:64:fe:6b:e1:b2:26:ea:23:c5:e9:
cf:14:9e:d4:8f:09:a7:1a:b6:d5:c8:16:05:5a:47:
8b:24:47:51:19:83:b7:5f:ca:c0:f4:14:f9:4d:d0:
ee:69:f3:cb:17:ff:1c:43:ba:ca:9f:f2:f0:b8:88:
d3:75:f6:1f:a2:1c:a0:b4:8a:cd:be:01:fc:6b:56:
cf:d1:03:10:70:54:a9:78:00:0a:45:18:a8:a7:7c:
48:36:76:c2:69:8d:e8:66:58:c1:ac:85:2e:79:89:
e6:9f:b9:1a:e4:da:32:9c:a7:90:2d:0b:27:c5:56:
77:fc:64:4d:8c:84:2d:d1:04:59:f3:78:98:b0:d5:
ee:a7:2f:12:96:2f:ea:fc:f0:69:d0:ac:6d:70:a1:
da:37:ad:b6:90:6d:1e:65:8c:c6:b2:7f:ee:80:f5:
6c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:EE:C0:60:2A:C4:A1:EB:68:21:92:40:EF:EC:E7:5D:39:4A:CF:D8
X509v3 Authority Key Identifier:
keyid:19:EE:61:9E:F9:6A:3A:FD:02:FC:2D:5D:00:3A:94:7E:4D:2D:59:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5hnvlqOv0C_C1dADqUfk0tWQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/9ed6d4-7a0d-42b4-96e1-eb277a20f27f/1/mO7AYCrEoetoIZJA7-znXTlKz9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/9ed6d4-7a0d-42b4-96e1-eb277a20f27f/1/Ge5hnvlqOv0C_C1dADqUfk0tWQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.42.98.0/24
IPv6:
2a13:2140::/32
2a13:2141:1::/48
2a13:2142:1::/48
2a13:2143:1::/48
Signature Algorithm: sha256WithRSAEncryption
a5:07:f2:fc:9c:1e:34:b2:9f:5e:7c:29:42:60:f9:ab:6a:ab:
71:cc:48:1e:7b:8b:9f:1b:9f:22:41:e9:d0:17:51:e2:ce:32:
c1:48:82:c7:03:57:a9:25:e9:65:81:3b:1c:9d:19:ac:11:58:
25:e0:eb:bb:c1:d8:d7:03:75:e4:64:5c:5c:e8:7e:b3:b7:e8:
67:9e:60:7a:4e:91:a5:6f:8a:03:d6:6d:b0:92:1c:dc:18:59:
8d:1a:28:55:a3:f6:93:9a:bc:67:8c:d6:0e:c7:0c:61:8c:04:
8b:0a:c5:f7:0c:bc:40:ee:5c:1a:d7:b1:1e:2f:bf:84:fa:57:
a3:40:22:e4:d7:07:fc:32:42:ce:7f:9c:52:bb:3f:2f:9f:c2:
50:66:ee:a4:95:71:25:de:33:0d:cc:6f:05:df:18:8b:f4:33:
96:f8:64:58:18:7b:bc:d1:42:ac:82:e7:ee:20:9a:49:74:45:
53:76:59:dc:81:91:97:86:1a:2d:b1:96:59:30:f8:07:56:ee:
15:23:70:1f:2a:20:b6:10:59:e4:51:5c:45:0f:d2:0e:e5:3a:
94:71:fd:a7:81:85:96:83:0e:62:07:92:f7:e2:1c:93:66:4f:
fd:0b:20:0e:99:76:8c:8b:47:2e:2d:11:0d:c3:7c:c2:c6:2c:
7f:43:0a:a3
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY0SrmGojMEXHfZD9MxQDwJ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU2MTllZjk2YTNhZmQwMmZjMmQ1ZDAwM2E5NDdlNGQy
ZDU5MGEwHhcNMjQwMTE2MTQzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGVlYzA2MDJhYzRhMWViNjgyMTkyNDBlZmVjZTc1ZDM5NGFjZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEOH64Dw+arn/YuXW33W0RZFkfie
6C/kGJ46xga5aV0vWygDtt66CDP1Mhwerv2YrWQcA43P6ocmCrZMJJN/9DozlicP
m34SYzEl2oSkt733F78+sSMn+obnY/G26GT+a+GyJuojxenPFJ7UjwmnGrbVyBYF
WkeLJEdRGYO3X8rA9BT5TdDuafPLF/8cQ7rKn/LwuIjTdfYfohygtIrNvgH8a1bP
0QMQcFSpeAAKRRiop3xINnbCaY3oZljBrIUueYnmn7ka5NoynKeQLQsnxVZ3/GRN
jIQt0QRZ83iYsNXupy8Sli/q/PBp0KxtcKHaN622kG0eZYzGsn/ugPVsaQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJjuwGAqxKHraCGSQO/s5105Ss/YMB8GA1UdIwQY
MBaAFBnuYZ75ajr9AvwtXQA6lH5NLVkKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1aG52bHFPdjBDX0MxZEFEcVVmazB0V1FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC85ZWQ2ZDQtN2EwZC00MmI0LTk2ZTEt
ZWIyNzdhMjBmMjdmLzEvbU83QVlDckVvZXRvSVpKQTctem5YVGxLejlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC85ZWQ2ZDQtN2EwZC00MmI0LTk2ZTEtZWIyNzdhMjBmMjdm
LzEvR2U1aG52bHFPdjBDX0MxZEFEcVVmazB0V1FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAMBAIAATAGAwQAXCpiMCgE
AgACMCIDBQAqEyFAAwcAKhMhQQABAwcAKhMhQgABAwcAKhMhQwABMA0GCSqGSIb3
DQEBCwUAA4IBAQClB/L8nB40sp9efClCYPmraqtxzEgee4ufG58iQenQF1HizjLB
SILHA1epJellgTscnRmsEVgl4Ou7wdjXA3XkZFxc6H6zt+hnnmB6TpGlb4oD1m2w
khzcGFmNGihVo/aTmrxnjNYOxwxhjASLCsX3DLxA7lwa17EeL7+E+lejQCLk1wf8
MkLOf5xSuz8vn8JQZu6klXEl3jMNzG8F3xiL9DOW+GRYGHu80UKsgufuIJpJdEVT
dlncgZGXhhotsZZZMPgHVu4VI3AfKiC2EFnkUVxFD9IO5TqUcf2ngYWWgw5iB5L3
4hyTZk/9CyAOmXaMi0cuLRENw3zCxix/Qwqj
-----END CERTIFICATE-----
Generated at Thu Jun 13 19:54:20 2024 by rpki-client on console-ams.rpki-client.org