Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/eeb813-f24c-4175-828b-9d58ce221843/1/MnOTeK7pVGrxRZ6UdI13NAgPJ2k.roa
File: MnOTeK7pVGrxRZ6UdI13NAgPJ2k.roa (raw, json)
Hash identifier: 4pRY4nLTUABC7SO5lUk5Q5XJbmQ1VYdH/H90XUNU/8w=
Subject key identifier: 32:73:93:78:AE:E9:54:6A:F1:45:9E:94:74:8D:77:34:08:0F:27:69
Certificate issuer: /CN=44566c1a283d553ef3f656f57223984dda7c355f
Certificate serial: 018CC5DC393DCB052582D64B5329564509B3
Authority key identifier: 44:56:6C:1A:28:3D:55:3E:F3:F6:56:F5:72:23:98:4D:DA:7C:35:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFZsGig9VT7z9lb1ciOYTdp8NV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/eeb813-f24c-4175-828b-9d58ce221843/1/MnOTeK7pVGrxRZ6UdI13NAgPJ2k.roa
Signing time: Mon 01 Jan 2024 16:29:53 +0000
ROA not before: Mon 01 Jan 2024 16:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29399
IP address blocks: 185.212.216.0/22 maxlen: 27
185.49.128.0/22 maxlen: 27
178.250.88.0/21 maxlen: 27
195.149.85.0/24 maxlen: 27
170.84.252.0/23 maxlen: 27
195.137.222.0/23 maxlen: 27
2a03:5d00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/eeb813-f24c-4175-828b-9d58ce221843/1/RFZsGig9VT7z9lb1ciOYTdp8NV8.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/eeb813-f24c-4175-828b-9d58ce221843/1/RFZsGig9VT7z9lb1ciOYTdp8NV8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFZsGig9VT7z9lb1ciOYTdp8NV8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jul 2024 10:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:39:3d:cb:05:25:82:d6:4b:53:29:56:45:09:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44566c1a283d553ef3f656f57223984dda7c355f
Validity
Not Before: Jan 1 16:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32739378aee9546af1459e94748d7734080f2769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:47:0e:1e:84:2e:c9:44:8d:00:1f:62:66:dd:
0a:22:ef:03:d3:98:1f:ea:bd:83:89:d7:1a:51:fe:
69:c9:8c:7d:02:a7:64:6c:e2:74:12:46:22:43:4e:
5d:83:33:c2:70:d2:ce:da:ed:aa:bf:47:74:67:f8:
cf:9b:4c:7c:49:5a:60:f4:0e:80:d4:35:7b:fc:4c:
28:a5:cf:02:3e:3c:76:61:27:99:46:6e:19:ce:df:
b8:03:16:b5:01:20:7c:d4:22:ce:b7:9f:9f:14:c0:
a9:db:30:7e:69:48:36:d3:0d:f3:39:f2:50:82:e2:
b3:73:70:57:95:b6:86:15:6a:a0:83:fa:c6:6f:a6:
6a:3d:3b:96:87:3e:fc:dc:ed:ff:14:fd:c8:93:ee:
fe:7d:e8:5a:31:dd:0a:1c:98:ab:61:83:31:ea:22:
31:44:6a:aa:71:37:01:64:f4:93:f0:56:88:56:34:
e7:59:22:b7:b8:d3:0b:fa:fb:35:fe:04:78:04:cd:
dd:84:2f:3f:e7:42:27:44:a9:3c:77:d7:8b:06:9e:
06:d9:32:b9:36:38:90:68:bf:aa:30:ec:c3:3a:70:
a3:8e:8f:14:89:20:08:5b:9b:6f:26:84:2d:f4:ce:
ae:27:86:53:59:be:06:7a:54:2f:63:75:d2:12:38:
98:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:73:93:78:AE:E9:54:6A:F1:45:9E:94:74:8D:77:34:08:0F:27:69
X509v3 Authority Key Identifier:
keyid:44:56:6C:1A:28:3D:55:3E:F3:F6:56:F5:72:23:98:4D:DA:7C:35:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFZsGig9VT7z9lb1ciOYTdp8NV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/eeb813-f24c-4175-828b-9d58ce221843/1/MnOTeK7pVGrxRZ6UdI13NAgPJ2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/eeb813-f24c-4175-828b-9d58ce221843/1/RFZsGig9VT7z9lb1ciOYTdp8NV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.84.252.0/23
178.250.88.0/21
185.49.128.0/22
185.212.216.0/22
195.137.222.0/23
195.149.85.0/24
IPv6:
2a03:5d00::/29
Signature Algorithm: sha256WithRSAEncryption
a4:e2:d4:27:04:f5:0a:58:f6:2e:47:0a:ff:e1:f6:51:50:68:
0c:61:ed:ae:ab:8c:e7:ce:56:16:4b:db:3f:2a:26:6d:c5:b2:
ae:0b:22:49:c8:9a:b1:80:b8:50:da:93:9d:9e:91:b1:7c:35:
08:3d:ae:1f:ae:f4:c0:21:cd:ee:b5:4a:ec:91:a9:cf:f4:c3:
88:ea:fb:06:d0:fd:6a:68:7e:92:f0:87:94:23:90:ad:42:83:
b8:1e:03:d6:c0:12:18:60:52:b3:ef:6a:28:b4:6f:da:b7:e6:
37:96:d7:b3:e1:6d:e4:3c:e4:fd:ce:da:a9:0b:0b:c9:a0:35:
c6:41:72:47:89:f0:90:9f:73:d5:e4:ae:cc:43:93:78:32:a6:
95:c8:5a:d4:c8:38:80:6f:70:8c:2a:b5:eb:8d:a3:15:57:8e:
99:9b:39:78:70:3d:cc:e5:74:30:66:2a:ab:2f:42:8a:50:71:
ee:ff:05:ee:09:f5:83:19:9d:41:fe:b6:56:2d:a9:8f:85:1c:
c2:42:d3:58:10:9b:eb:be:be:e6:d7:b3:9a:83:66:0c:43:ee:
e4:b4:99:fd:e6:b3:00:24:7e:64:96:2e:42:18:a0:99:ac:be:
99:ff:4c:46:2e:16:a9:b5:1a:d5:91:61:1c:a5:7d:74:f7:98:
95:2a:7d:46
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzF3Dk9ywUlgtZLUylWRQmzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTY2YzFhMjgzZDU1M2VmM2Y2NTZmNTcyMjM5ODRkZGE3
YzM1NWYwHhcNMjQwMTAxMTYyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjczOTM3OGFlZTk1NDZhZjE0NTllOTQ3NDhkNzczNDA4MGYyNzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokcOHoQuyUSNAB9iZt0KIu8D05gf
6r2DidcaUf5pyYx9AqdkbOJ0EkYiQ05dgzPCcNLO2u2qv0d0Z/jPm0x8SVpg9A6A
1DV7/Ewopc8CPjx2YSeZRm4Zzt+4Axa1ASB81CLOt5+fFMCp2zB+aUg20w3zOfJQ
guKzc3BXlbaGFWqgg/rGb6ZqPTuWhz783O3/FP3Ik+7+fehaMd0KHJirYYMx6iIx
RGqqcTcBZPST8FaIVjTnWSK3uNML+vs1/gR4BM3dhC8/50InRKk8d9eLBp4G2TK5
NjiQaL+qMOzDOnCjjo8UiSAIW5tvJoQt9M6uJ4ZTWb4GelQvY3XSEjiYTwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFDJzk3iu6VRq8UWelHSNdzQIDydpMB8GA1UdIwQY
MBaAFERWbBooPVU+8/ZW9XIjmE3afDVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZac0dpZzlWVDd6OWxiMWNpT1lUZHA4TlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lZWI4MTMtZjI0Yy00MTc1LTgyOGIt
OWQ1OGNlMjIxODQzLzEvTW5PVGVLN3BWR3J4Ulo2VWRJMTNOQWdQSjJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lZWI4MTMtZjI0Yy00MTc1LTgyOGItOWQ1OGNlMjIxODQz
LzEvUkZac0dpZzlWVDd6OWxiMWNpT1lUZHA4TlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQBqlT8AwQD
svpYAwQCuTGAAwQCudTYAwQBw4neAwQAw5VVMA0EAgACMAcDBQMqA10AMA0GCSqG
SIb3DQEBCwUAA4IBAQCk4tQnBPUKWPYuRwr/4fZRUGgMYe2uq4znzlYWS9s/KiZt
xbKuCyJJyJqxgLhQ2pOdnpGxfDUIPa4frvTAIc3utUrskanP9MOI6vsG0P1qaH6S
8IeUI5CtQoO4HgPWwBIYYFKz72ootG/at+Y3ltez4W3kPOT9ztqpCwvJoDXGQXJH
ifCQn3PV5K7MQ5N4MqaVyFrUyDiAb3CMKrXrjaMVV46Zmzl4cD3M5XQwZiqrL0KK
UHHu/wXuCfWDGZ1B/rZWLamPhRzCQtNYEJvrvr7m17Oag2YMQ+7ktJn95rMAJH5k
li5CGKCZrL6Z/0xGLhaptRrVkWEcpX1095iVKn1G
-----END CERTIFICATE-----
Generated at Sun Jun 30 18:36:53 2024 by rpki-client on console-fra.rpki-client.org