Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/mI_3V_JONtrZZfV-JBI2c0n-yTk.roa
File: mI_3V_JONtrZZfV-JBI2c0n-yTk.roa (raw, json)
Hash identifier: jHyPIJPJYZdzohDciFXa+T9ASvQd0GATH+WNQSflCgw=
Subject key identifier: 98:8F:F7:57:F2:4E:36:DA:D9:65:F5:7E:24:12:36:73:49:FE:C9:39
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 018CC5DCB02189C5B44A7FCB9547A523B34E
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/mI_3V_JONtrZZfV-JBI2c0n-yTk.roa
Signing time: Mon 01 Jan 2024 16:30:23 +0000
ROA not before: Mon 01 Jan 2024 16:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3329
IP address blocks: 82.198.32.0/20 maxlen: 24
82.198.32.0/19 maxlen: 24
212.22.32.0/20 maxlen: 24
82.198.48.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:b0:21:89:c5:b4:4a:7f:cb:95:47:a5:23:b3:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 1 16:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=988ff757f24e36dad965f57e2412367349fec939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:58:a5:71:2b:ec:1c:60:3a:c6:ed:2b:99:8e:
45:45:65:33:20:f5:cd:94:03:54:e2:bc:31:6e:67:
53:07:66:f0:13:8b:e5:4d:42:52:f1:15:1e:91:35:
0c:a5:21:3c:92:f1:ba:d9:59:d8:47:64:be:13:b9:
96:5c:dd:c4:71:90:56:69:8d:cc:8b:b1:f8:df:d6:
4d:40:e7:7c:2a:8b:3d:86:69:c1:1d:21:dd:dc:eb:
36:63:ea:ec:a0:d4:16:1b:9b:a7:57:00:dc:a7:5d:
7c:7c:65:46:49:54:67:0e:ef:77:a4:28:08:63:7e:
5f:e2:8c:c6:d4:d3:6b:d5:b5:16:e8:2b:5d:6e:f1:
cb:58:8b:20:1f:08:42:6d:8c:9d:bb:be:0f:ce:03:
c2:79:1d:50:81:18:4e:7f:1b:4b:3a:5c:71:42:b8:
14:ab:91:48:8f:b7:4e:5c:b8:b5:89:fb:e3:48:05:
b5:ec:a0:36:2e:32:08:ad:8f:e9:27:a2:a8:2c:89:
d6:d9:fb:0d:e6:ce:82:a1:a0:81:ca:49:e4:1d:4c:
02:60:1e:ab:19:c4:3e:4e:13:9d:b8:ef:25:b8:8d:
8e:fc:4b:20:e4:1c:18:ba:f2:77:91:2f:52:8d:a0:
f5:e7:56:00:77:c5:4c:81:8e:f6:40:f6:28:78:81:
b9:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:8F:F7:57:F2:4E:36:DA:D9:65:F5:7E:24:12:36:73:49:FE:C9:39
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/mI_3V_JONtrZZfV-JBI2c0n-yTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.198.32.0/19
212.22.32.0/20
Signature Algorithm: sha256WithRSAEncryption
8e:9d:1c:c9:33:4e:f4:e2:35:e3:a3:6d:95:ac:95:82:77:f0:
65:d5:d9:0c:3f:68:94:7d:dc:2f:e3:94:16:e8:f2:d2:51:c8:
44:6e:4c:70:3a:62:23:12:f7:fd:80:82:95:66:9c:4f:d4:6d:
d3:45:a0:0e:60:b6:2f:3e:63:59:29:42:e5:6a:b5:9e:88:d9:
4a:de:90:fa:26:f4:c8:11:dc:ac:f7:de:b7:be:1e:70:a0:4e:
8a:3c:51:e1:b5:4c:53:d0:e6:51:1f:a8:97:92:01:dd:d2:3d:
5d:5c:48:60:5a:aa:b3:e7:3e:78:9b:61:bc:0e:19:21:85:c4:
4b:d4:b1:50:f8:11:f8:40:27:f5:05:85:13:e7:c4:66:4f:e4:
94:c1:8e:ce:68:a4:5f:12:17:ed:6d:55:36:03:55:12:67:93:
3a:15:6e:fa:6f:a4:df:59:b7:54:64:ec:69:b5:1f:c2:61:e7:
dc:47:21:fe:f1:61:98:67:55:18:ed:a3:c8:af:d4:fd:34:82:
23:e0:af:b8:46:8d:d8:6b:f5:95:a0:23:99:06:b2:fa:c1:fc:
d6:a8:9f:8b:99:d2:45:67:8f:94:24:b0:ad:d1:67:0f:7e:26:
7c:08:82:d3:d7:59:21:e1:f2:63:7a:7e:c4:ea:91:70:11:78:
b1:35:c4:d6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3LAhicW0Sn/LlUelI7NOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjQwMTAxMTYzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODhmZjc1N2YyNGUzNmRhZDk2NWY1N2UyNDEyMzY3MzQ5ZmVjOTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1ilcSvsHGA6xu0rmY5FRWUzIPXN
lANU4rwxbmdTB2bwE4vlTUJS8RUekTUMpSE8kvG62VnYR2S+E7mWXN3EcZBWaY3M
i7H439ZNQOd8Kos9hmnBHSHd3Os2Y+rsoNQWG5unVwDcp118fGVGSVRnDu93pCgI
Y35f4ozG1NNr1bUW6CtdbvHLWIsgHwhCbYydu74PzgPCeR1QgRhOfxtLOlxxQrgU
q5FIj7dOXLi1ifvjSAW17KA2LjIIrY/pJ6KoLInW2fsN5s6CoaCByknkHUwCYB6r
GcQ+ThOduO8luI2O/Esg5BwYuvJ3kS9SjaD151YAd8VMgY72QPYoeIG5PQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJiP91fyTjba2WX1fiQSNnNJ/sk5MB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvbUlfM1ZfSk9OdHJaWmZWLUpCSTJjMG4teVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFUsYgAwQE
1BYgMA0GCSqGSIb3DQEBCwUAA4IBAQCOnRzJM0704jXjo22VrJWCd/Bl1dkMP2iU
fdwv45QW6PLSUchEbkxwOmIjEvf9gIKVZpxP1G3TRaAOYLYvPmNZKULlarWeiNlK
3pD6JvTIEdys9963vh5woE6KPFHhtUxT0OZRH6iXkgHd0j1dXEhgWqqz5z54m2G8
DhkhhcRL1LFQ+BH4QCf1BYUT58RmT+SUwY7OaKRfEhftbVU2A1USZ5M6FW76b6Tf
WbdUZOxptR/CYefcRyH+8WGYZ1UY7aPIr9T9NIIj4K+4Ro3Ya/WVoCOZBrL6wfzW
qJ+LmdJFZ4+UJLCt0WcPfiZ8CILT11kh4fJjen7E6pFwEXixNcTW
-----END CERTIFICATE-----
Generated at Sun May 19 10:59:09 2024 by rpki-client on console-fra.rpki-client.org