Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/9mcOMNmJn8Vd1BPjGbhoeq-eppE.roa
File: 9mcOMNmJn8Vd1BPjGbhoeq-eppE.roa (raw, json)
Hash identifier: KId9R8w2Vcq0r3uT6nQugNaPHowOLy7Lbuu5VI0i32g=
Subject key identifier: F6:67:0E:30:D9:89:9F:C5:5D:D4:13:E3:19:B8:68:7A:AF:9E:A6:91
Certificate issuer: /CN=de92a1ac8910cf5c865de5b0231b09d04e1132f3
Certificate serial: 018CC5DC12F8C6C9BB7175AD963F4555A796
Authority key identifier: DE:92:A1:AC:89:10:CF:5C:86:5D:E5:B0:23:1B:09:D0:4E:11:32:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/9mcOMNmJn8Vd1BPjGbhoeq-eppE.roa
Signing time: Mon 01 Jan 2024 16:29:43 +0000
ROA not before: Mon 01 Jan 2024 16:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200195
IP address blocks: 138.124.181.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:12:f8:c6:c9:bb:71:75:ad:96:3f:45:55:a7:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de92a1ac8910cf5c865de5b0231b09d04e1132f3
Validity
Not Before: Jan 1 16:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6670e30d9899fc55dd413e319b8687aaf9ea691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b3:ca:a2:8e:e6:ee:1d:b9:5e:64:ae:3a:12:
40:d6:b5:bd:d4:bc:12:94:d2:13:97:43:fa:ea:38:
b2:84:33:f8:88:9b:bf:19:13:3b:6a:49:e3:57:3d:
de:4a:28:f9:4b:3b:61:c3:0c:68:e8:84:87:9e:8c:
0f:fb:7e:7f:95:d3:b9:82:8c:be:87:51:f0:8e:09:
c3:93:0d:22:5d:1c:f5:9f:fe:c4:57:99:6d:5f:10:
1d:e3:5c:bb:13:4d:ac:aa:a9:75:46:76:11:ae:c0:
44:41:60:09:57:e4:19:cc:ae:9e:26:8c:19:94:c3:
bc:c8:a5:a7:f0:8e:32:c3:dc:eb:50:fb:0b:29:b9:
f9:6f:ee:8b:90:0a:ed:91:d0:19:44:18:db:c3:8b:
17:90:df:ee:ae:15:70:c2:4d:f1:6c:67:be:1f:5d:
8f:d4:03:af:12:32:81:a5:a7:b8:1a:c3:da:e2:f3:
f6:e4:fa:1a:2a:bc:8d:46:06:c8:34:fd:c7:5f:b3:
d6:9e:85:88:99:83:2f:2d:ff:c5:a1:12:86:1f:9c:
80:14:36:8e:88:02:34:b5:3e:18:77:b6:9f:b5:b2:
b3:ca:49:0b:9f:b6:a5:d8:26:cb:39:08:e0:36:f6:
4b:90:ba:f3:90:2e:1e:c8:38:20:d2:b2:d1:c2:1f:
b0:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:67:0E:30:D9:89:9F:C5:5D:D4:13:E3:19:B8:68:7A:AF:9E:A6:91
X509v3 Authority Key Identifier:
keyid:DE:92:A1:AC:89:10:CF:5C:86:5D:E5:B0:23:1B:09:D0:4E:11:32:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/9mcOMNmJn8Vd1BPjGbhoeq-eppE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.181.0/24
Signature Algorithm: sha256WithRSAEncryption
59:6c:a9:88:05:48:15:dd:33:1a:a4:98:bd:17:e4:22:ce:07:
df:1a:a3:11:fa:22:6e:20:2d:f6:11:05:d1:2d:da:17:f3:9f:
94:2b:25:f4:4e:b5:bb:23:ee:83:f8:15:7e:a7:92:94:30:da:
7e:4e:d2:f2:19:88:d5:87:fe:33:7f:49:95:2e:3e:72:a9:f4:
73:f8:40:2c:1c:69:d7:68:60:0d:97:f3:3b:5f:43:3f:20:0e:
6b:33:c9:aa:ef:f8:e8:1d:1a:fd:20:13:25:ce:7f:9b:79:ee:
fa:85:ea:a8:c6:94:b3:cd:d2:5e:51:aa:08:a5:78:7b:fe:0c:
46:a9:8f:86:67:1a:8c:bb:06:f7:0e:bd:d1:12:b2:20:03:91:
e3:a4:cb:b9:d0:9b:86:89:8a:53:4e:0a:a0:fe:ac:19:ae:d4:
83:f8:94:3b:0b:6d:cb:72:7b:47:aa:e8:10:77:e7:d9:9e:ea:
ad:14:da:ee:e9:9b:ec:f0:2a:d1:77:b9:e3:74:a2:65:7b:e1:
a4:d6:c0:c5:6b:dd:51:e6:89:a8:85:1b:b4:07:05:03:1f:18:
26:33:c8:bb:5f:e2:1b:fa:30:6b:bc:81:79:07:63:12:32:bc:
91:b0:a4:15:96:e9:e2:fc:17:72:66:25:88:8f:e8:97:f1:63:
f7:b3:17:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3BL4xsm7cXWtlj9FVaeWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTJhMWFjODkxMGNmNWM4NjVkZTViMDIzMWIwOWQwNGUx
MTMyZjMwHhcNMjQwMTAxMTYyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjY3MGUzMGQ5ODk5ZmM1NWRkNDEzZTMxOWI4Njg3YWFmOWVhNjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7PKoo7m7h25XmSuOhJA1rW91LwS
lNITl0P66jiyhDP4iJu/GRM7aknjVz3eSij5Szthwwxo6ISHnowP+35/ldO5goy+
h1HwjgnDkw0iXRz1n/7EV5ltXxAd41y7E02sqql1RnYRrsBEQWAJV+QZzK6eJowZ
lMO8yKWn8I4yw9zrUPsLKbn5b+6LkArtkdAZRBjbw4sXkN/urhVwwk3xbGe+H12P
1AOvEjKBpae4GsPa4vP25PoaKryNRgbINP3HX7PWnoWImYMvLf/FoRKGH5yAFDaO
iAI0tT4Yd7aftbKzykkLn7al2CbLOQjgNvZLkLrzkC4eyDgg0rLRwh+wuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPZnDjDZiZ/FXdQT4xm4aHqvnqaRMB8GA1UdIwQY
MBaAFN6SoayJEM9chl3lsCMbCdBOETLzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BLaHJJa1F6MXlHWGVXd0l4c0owRTRSTXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80Mzc3ZDYtNTE1Yy00MjBhLTkxMzQt
NjllMzM3ODg0Y2M5LzEvOW1jT01ObUpuOFZkMUJQakdiaG9lcS1lcHBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80Mzc3ZDYtNTE1Yy00MjBhLTkxMzQtNjllMzM3ODg0Y2M5
LzEvM3BLaHJJa1F6MXlHWGVXd0l4c0owRTRSTXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAiny1MA0G
CSqGSIb3DQEBCwUAA4IBAQBZbKmIBUgV3TMapJi9F+QizgffGqMR+iJuIC32EQXR
LdoX85+UKyX0TrW7I+6D+BV+p5KUMNp+TtLyGYjVh/4zf0mVLj5yqfRz+EAsHGnX
aGANl/M7X0M/IA5rM8mq7/joHRr9IBMlzn+bee76heqoxpSzzdJeUaoIpXh7/gxG
qY+GZxqMuwb3Dr3RErIgA5HjpMu50JuGiYpTTgqg/qwZrtSD+JQ7C23LcntHqugQ
d+fZnuqtFNru6Zvs8CrRd7njdKJle+Gk1sDFa91R5omohRu0BwUDHxgmM8i7X+Ib
+jBrvIF5B2MSMryRsKQVluni/BdyZiWIj+iX8WP3sxfR
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:28:14 2024 by rpki-client on console-fra.rpki-client.org