Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/60b006-6b53-4f00-a488-485dd4ad54fb/1/kMic-cYu_3jAGaMkqOjyp2h03_Q.roa
File: kMic-cYu_3jAGaMkqOjyp2h03_Q.roa (raw, json)
Hash identifier: q724sfMAPnUFvRmxjRBhUtLlfNKhUfTz/xhqtAFnU88=
Subject key identifier: 90:C8:9C:F9:C6:2E:FF:78:C0:19:A3:24:A8:E8:F2:A7:68:74:DF:F4
Certificate issuer: /CN=3c21fac5e895e5b7ce66fe089ffd0b2f61550d21
Certificate serial: 01941F8C3876DA56438EEF8D46415D31B6F3
Authority key identifier: 3C:21:FA:C5:E8:95:E5:B7:CE:66:FE:08:9F:FD:0B:2F:61:55:0D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PCH6xeiV5bfOZv4In_0LL2FVDSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/60b006-6b53-4f00-a488-485dd4ad54fb/1/kMic-cYu_3jAGaMkqOjyp2h03_Q.roa
Signing time: Wed 01 Jan 2025 01:47:50 +0000
ROA not before: Wed 01 Jan 2025 01:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207597
IP address blocks: 92.119.4.0/24 maxlen: 24
92.119.5.0/24 maxlen: 24
92.119.6.0/24 maxlen: 24
92.119.7.0/24 maxlen: 24
2a09:afc0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/60b006-6b53-4f00-a488-485dd4ad54fb/1/PCH6xeiV5bfOZv4In_0LL2FVDSE.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/60b006-6b53-4f00-a488-485dd4ad54fb/1/PCH6xeiV5bfOZv4In_0LL2FVDSE.mft
rsync://rpki.ripe.net/repository/DEFAULT/PCH6xeiV5bfOZv4In_0LL2FVDSE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:38:76:da:56:43:8e:ef:8d:46:41:5d:31:b6:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c21fac5e895e5b7ce66fe089ffd0b2f61550d21
Validity
Not Before: Jan 1 01:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90c89cf9c62eff78c019a324a8e8f2a76874dff4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ad:8a:d9:d7:b4:86:d2:ed:52:13:e5:8c:cf:
f2:26:70:48:be:cf:44:4a:ba:8b:6e:72:d7:c8:71:
2e:64:7a:ae:14:35:0d:a5:be:5a:92:01:bf:2b:6f:
5a:df:9a:5b:cd:ef:9f:c5:0c:20:9c:5b:b8:73:26:
ed:cc:79:3b:a7:5e:78:54:9f:83:26:5f:86:95:35:
a0:bf:e3:aa:be:fc:cd:70:25:21:f5:79:3c:d8:ad:
7f:45:90:bc:28:e9:b7:39:14:00:59:15:27:13:50:
26:f2:57:f9:4f:f2:9b:8f:e9:48:27:ef:08:eb:dd:
fb:ce:9d:30:fd:00:8b:10:37:20:c0:86:08:ec:ba:
c4:c7:45:b6:f1:67:79:38:1a:bd:01:8c:9f:27:c6:
ea:2c:d3:a8:83:18:64:5f:b9:cc:1c:dd:d7:87:ce:
f8:cb:14:79:85:df:f7:a1:92:1b:51:7a:04:87:d6:
ac:f4:de:05:cb:f2:f3:27:01:9b:48:a5:93:9c:e3:
2e:87:82:6a:7c:2c:ef:5c:e1:58:58:0f:79:d3:90:
23:58:87:4e:ec:85:22:30:52:79:95:2c:44:27:c2:
c3:2c:c5:d8:c9:9d:08:3d:f4:b2:c9:84:20:39:2a:
98:2d:62:2c:d5:c6:73:98:c3:74:76:ef:52:94:77:
57:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:C8:9C:F9:C6:2E:FF:78:C0:19:A3:24:A8:E8:F2:A7:68:74:DF:F4
X509v3 Authority Key Identifier:
keyid:3C:21:FA:C5:E8:95:E5:B7:CE:66:FE:08:9F:FD:0B:2F:61:55:0D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PCH6xeiV5bfOZv4In_0LL2FVDSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/60b006-6b53-4f00-a488-485dd4ad54fb/1/kMic-cYu_3jAGaMkqOjyp2h03_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/60b006-6b53-4f00-a488-485dd4ad54fb/1/PCH6xeiV5bfOZv4In_0LL2FVDSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.4.0/22
IPv6:
2a09:afc0::/48
Signature Algorithm: sha256WithRSAEncryption
39:b6:36:2b:20:0b:d7:6e:10:4d:41:4c:4c:a2:a2:1d:8f:ca:
56:96:ed:e5:7d:2b:56:5a:ef:3d:b4:1c:82:a5:e5:b2:1c:49:
6e:71:3f:4a:dd:9a:00:55:ea:e6:b5:61:b6:aa:bc:73:f7:2d:
0f:ba:5e:c8:55:3c:15:7b:83:12:d9:5f:86:f3:bf:08:39:9b:
7d:62:2f:20:a2:30:94:c0:11:b9:9a:26:f5:7b:41:77:00:8b:
86:31:d8:9b:7c:44:f3:a0:73:96:af:2c:c0:e0:48:02:40:b1:
3b:d9:89:4d:cf:3b:4d:31:8b:47:bb:5d:56:de:c0:88:c4:f5:
b2:eb:f9:c4:10:1a:fb:26:79:12:8e:ec:7a:55:0d:af:a6:f1:
b3:a6:d8:41:ba:c8:5e:53:20:26:63:bd:20:ef:34:cd:8e:66:
a6:f9:a5:c7:9a:73:2f:84:96:9b:08:0b:85:b7:1d:45:56:28:
08:b9:f8:66:db:82:21:ed:e7:1d:3a:df:51:b6:a4:34:d8:a6:
94:0c:c0:35:9c:9c:39:1d:a3:11:0e:bd:0b:1d:89:07:75:20:
b0:28:86:fe:cb:3f:34:42:7f:fe:c8:4d:78:a9:1b:0f:dc:a8:
2d:48:c2:1c:08:fa:d5:e7:c3:fe:0e:ca:ec:ec:2f:f6:79:75:
31:40:74:ec
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQfjDh22lZDju+NRkFdMbbzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMjFmYWM1ZTg5NWU1YjdjZTY2ZmUwODlmZmQwYjJmNjE1
NTBkMjEwHhcNMjUwMTAxMDE0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGM4OWNmOWM2MmVmZjc4YzAxOWEzMjRhOGU4ZjJhNzY4NzRkZmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl62K2de0htLtUhPljM/yJnBIvs9E
SrqLbnLXyHEuZHquFDUNpb5akgG/K29a35pbze+fxQwgnFu4cybtzHk7p154VJ+D
Jl+GlTWgv+OqvvzNcCUh9Xk82K1/RZC8KOm3ORQAWRUnE1Am8lf5T/Kbj+lIJ+8I
6937zp0w/QCLEDcgwIYI7LrEx0W28Wd5OBq9AYyfJ8bqLNOogxhkX7nMHN3Xh874
yxR5hd/3oZIbUXoEh9as9N4Fy/LzJwGbSKWTnOMuh4JqfCzvXOFYWA9505AjWIdO
7IUiMFJ5lSxEJ8LDLMXYyZ0IPfSyyYQgOSqYLWIs1cZzmMN0du9SlHdXWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJDInPnGLv94wBmjJKjo8qdodN/0MB8GA1UdIwQY
MBaAFDwh+sXoleW3zmb+CJ/9Cy9hVQ0hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUENINnhlaVY1YmZPWnY0SW5fMExMMkZWRFNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC82MGIwMDYtNmI1My00ZjAwLWE0ODgt
NDg1ZGQ0YWQ1NGZiLzEva01pYy1jWXVfM2pBR2FNa3FPanlwMmgwM19RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC82MGIwMDYtNmI1My00ZjAwLWE0ODgtNDg1ZGQ0YWQ1NGZi
LzEvUENINnhlaVY1YmZPWnY0SW5fMExMMkZWRFNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCXHcEMA8E
AgACMAkDBwAqCa/AAAAwDQYJKoZIhvcNAQELBQADggEBADm2NisgC9duEE1BTEyi
oh2PylaW7eV9K1Za7z20HIKl5bIcSW5xP0rdmgBV6ua1YbaqvHP3LQ+6XshVPBV7
gxLZX4bzvwg5m31iLyCiMJTAEbmaJvV7QXcAi4Yx2Jt8RPOgc5avLMDgSAJAsTvZ
iU3PO00xi0e7XVbewIjE9bLr+cQQGvsmeRKO7HpVDa+m8bOm2EG6yF5TICZjvSDv
NM2OZqb5pceacy+ElpsIC4W3HUVWKAi5+GbbgiHt5x0631G2pDTYppQMwDWcnDkd
oxEOvQsdiQd1ILAohv7LPzRCf/7ITXipGw/cqC1IwhwI+tXnw/4OyuzsL/Z5dTFA
dOw=
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:58:00 2025 by rpki-client