Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/a5930a-7233-4ee9-9900-b14cc91c776c/1/CMV0RZihWoKesXjR55zc3Ew0gQI.roa
File: CMV0RZihWoKesXjR55zc3Ew0gQI.roa (raw, json)
Hash identifier: gGEPzE+9BKhsHwqgv4oq0Hp23bwHImVuWzbqhTCqqEQ=
Subject key identifier: 08:C5:74:45:98:A1:5A:82:9E:B1:78:D1:E7:9C:DC:DC:4C:34:81:02
Certificate issuer: /CN=270290f5f31f238df3e8f3bdfcc05751cc2f192c
Certificate serial: 018CD897AD5E99747BDFDA0567B68410925E
Authority key identifier: 27:02:90:F5:F3:1F:23:8D:F3:E8:F3:BD:FC:C0:57:51:CC:2F:19:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JwKQ9fMfI43z6PO9_MBXUcwvGSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/a5930a-7233-4ee9-9900-b14cc91c776c/1/CMV0RZihWoKesXjR55zc3Ew0gQI.roa
Signing time: Fri 05 Jan 2024 07:47:48 +0000
ROA not before: Fri 05 Jan 2024 07:47:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41741
IP address blocks: 91.102.28.0/22 maxlen: 22
91.102.29.0/24 maxlen: 24
91.102.24.0/21 maxlen: 24
2a03:6180::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/a5930a-7233-4ee9-9900-b14cc91c776c/1/JwKQ9fMfI43z6PO9_MBXUcwvGSw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/a5930a-7233-4ee9-9900-b14cc91c776c/1/JwKQ9fMfI43z6PO9_MBXUcwvGSw.mft
rsync://rpki.ripe.net/repository/DEFAULT/JwKQ9fMfI43z6PO9_MBXUcwvGSw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d8:97:ad:5e:99:74:7b:df:da:05:67:b6:84:10:92:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=270290f5f31f238df3e8f3bdfcc05751cc2f192c
Validity
Not Before: Jan 5 07:47:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08c5744598a15a829eb178d1e79cdcdc4c348102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ab:cd:31:64:aa:7c:dd:f2:16:12:03:5d:81:
57:fa:a7:8f:74:43:96:09:e4:56:ae:32:b3:dd:f0:
82:de:2e:ba:20:a9:ea:34:35:9d:4a:53:ff:65:0e:
60:71:10:31:9f:12:99:4b:87:88:e3:98:5b:d8:18:
fc:c8:8b:cf:e4:a6:ac:6d:31:70:85:1a:5a:ee:4d:
12:a8:b7:f6:3f:fc:c3:18:5e:38:1e:3d:61:d0:c3:
79:33:8f:05:33:69:39:82:a9:fc:e0:0e:bd:c3:23:
08:df:9a:d4:20:08:e8:9d:5b:b8:2f:34:e2:93:aa:
66:cf:04:ac:da:5a:6a:47:56:17:4f:ff:c6:ca:bb:
2d:16:9d:d1:40:59:00:66:bc:e6:d6:2c:cc:12:23:
d9:f1:98:a8:9a:db:3b:c5:7e:a2:2a:9f:23:7d:fe:
81:5a:57:16:65:4a:10:80:cb:dd:9b:f0:a5:0a:b7:
ea:18:ab:14:9b:d8:d2:dd:c6:f3:b7:1e:c1:32:82:
1b:15:e6:4f:4f:48:62:38:7c:d3:19:7f:5f:0d:2c:
74:d2:38:d5:ef:0d:35:28:0f:91:c4:c2:3a:de:b1:
a3:6b:9a:8a:95:0c:11:31:0d:95:14:9a:ee:17:92:
b0:65:60:31:06:a1:eb:7b:de:5f:c4:58:88:08:61:
53:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:C5:74:45:98:A1:5A:82:9E:B1:78:D1:E7:9C:DC:DC:4C:34:81:02
X509v3 Authority Key Identifier:
keyid:27:02:90:F5:F3:1F:23:8D:F3:E8:F3:BD:FC:C0:57:51:CC:2F:19:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JwKQ9fMfI43z6PO9_MBXUcwvGSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a5930a-7233-4ee9-9900-b14cc91c776c/1/CMV0RZihWoKesXjR55zc3Ew0gQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a5930a-7233-4ee9-9900-b14cc91c776c/1/JwKQ9fMfI43z6PO9_MBXUcwvGSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.24.0/21
IPv6:
2a03:6180::/32
Signature Algorithm: sha256WithRSAEncryption
74:df:d9:3c:57:1b:cb:f0:de:5b:25:8f:55:27:d3:30:69:7b:
65:92:bc:53:01:51:81:ea:9b:2a:80:5b:91:30:94:73:a7:c8:
96:40:b3:5d:8c:96:7c:c2:c1:7d:8e:8d:cb:d9:5d:04:e8:3f:
cc:8a:5c:6c:6a:2c:b5:f8:d1:22:36:94:34:17:13:6a:ec:fc:
8d:e8:e8:00:e0:28:c2:ea:90:d1:c7:0f:41:07:7f:a0:f7:3f:
66:19:0d:fd:8e:a6:fe:54:a1:ab:eb:b3:dc:dd:43:78:52:6b:
f2:14:d0:a4:81:a3:11:c2:cc:28:b6:94:a0:60:93:4f:7c:04:
73:54:82:2b:e5:91:fa:c3:2d:ab:01:84:5a:c3:16:d6:e8:cc:
90:9c:c0:ac:f8:d4:da:ff:4b:3b:ef:e1:31:97:cd:0c:38:14:
a4:b2:d2:fe:cc:52:bd:3c:10:a2:e8:c4:c2:64:cd:12:12:3c:
e8:70:1f:7d:0e:2a:a0:ee:f6:aa:78:12:1f:de:2c:81:f1:35:
ba:21:9d:72:9a:9a:d5:ee:9d:53:4a:95:79:43:70:7c:2f:9b:
be:a5:25:89:ff:55:b7:37:ca:90:74:d8:a9:0d:01:e5:a4:83:
d6:47:1f:7f:22:67:9b:29:02:d1:8f:07:f2:98:8b:9a:e3:98:
ca:46:62:b8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzYl61emXR739oFZ7aEEJJeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MDI5MGY1ZjMxZjIzOGRmM2U4ZjNiZGZjYzA1NzUxY2My
ZjE5MmMwHhcNMjQwMTA1MDc0NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGM1NzQ0NTk4YTE1YTgyOWViMTc4ZDFlNzljZGNkYzRjMzQ4MTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36vNMWSqfN3yFhIDXYFX+qePdEOW
CeRWrjKz3fCC3i66IKnqNDWdSlP/ZQ5gcRAxnxKZS4eI45hb2Bj8yIvP5KasbTFw
hRpa7k0SqLf2P/zDGF44Hj1h0MN5M48FM2k5gqn84A69wyMI35rUIAjonVu4LzTi
k6pmzwSs2lpqR1YXT//GyrstFp3RQFkAZrzm1izMEiPZ8Ziomts7xX6iKp8jff6B
WlcWZUoQgMvdm/ClCrfqGKsUm9jS3cbztx7BMoIbFeZPT0hiOHzTGX9fDSx00jjV
7w01KA+RxMI63rGja5qKlQwRMQ2VFJruF5KwZWAxBqHre95fxFiICGFTaQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAjFdEWYoVqCnrF40eec3NxMNIECMB8GA1UdIwQY
MBaAFCcCkPXzHyON8+jzvfzAV1HMLxksMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSndLUTlmTWZJNDN6NlBPOV9NQlhVY3d2R1N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9hNTkzMGEtNzIzMy00ZWU5LTk5MDAt
YjE0Y2M5MWM3NzZjLzEvQ01WMFJaaWhXb0tlc1hqUjU1emMzRXcwZ1FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9hNTkzMGEtNzIzMy00ZWU5LTk5MDAtYjE0Y2M5MWM3NzZj
LzEvSndLUTlmTWZJNDN6NlBPOV9NQlhVY3d2R1N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDW2YYMA0E
AgACMAcDBQAqA2GAMA0GCSqGSIb3DQEBCwUAA4IBAQB039k8VxvL8N5bJY9VJ9Mw
aXtlkrxTAVGB6psqgFuRMJRzp8iWQLNdjJZ8wsF9jo3L2V0E6D/Milxsaiy1+NEi
NpQ0FxNq7PyN6OgA4CjC6pDRxw9BB3+g9z9mGQ39jqb+VKGr67Pc3UN4UmvyFNCk
gaMRwswotpSgYJNPfARzVIIr5ZH6wy2rAYRawxbW6MyQnMCs+NTa/0s77+Exl80M
OBSkstL+zFK9PBCi6MTCZM0SEjzocB99Diqg7vaqeBIf3iyB8TW6IZ1ymprV7p1T
SpV5Q3B8L5u+pSWJ/1W3N8qQdNipDQHlpIPWRx9/ImebKQLRjwfymIua45jKRmK4
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:48:04 2024 by rpki-client on console-ams.rpki-client.org