Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/b7ceb8-4856-4463-b7b8-353bc6266ee6/1/MrhejJHxrr7SFjZJxTB4XVYRB_Y.roa
File: MrhejJHxrr7SFjZJxTB4XVYRB_Y.roa (raw, json)
Hash identifier: 9z60qiznv9T5TpZUl2Qk87xtzQ+VIElsIvN3F9d5o4w=
Subject key identifier: 32:B8:5E:8C:91:F1:AE:BE:D2:16:36:49:C5:30:78:5D:56:11:07:F6
Certificate issuer: /CN=db282fd897317c2cadd7b13969f6f015c397e05d
Certificate serial: 018DF92D3E8FBA0F35FF12ABFE0DBDBD3F1D
Authority key identifier: DB:28:2F:D8:97:31:7C:2C:AD:D7:B1:39:69:F6:F0:15:C3:97:E0:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ygv2JcxfCyt17E5afbwFcOX4F0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/b7ceb8-4856-4463-b7b8-353bc6266ee6/1/MrhejJHxrr7SFjZJxTB4XVYRB_Y.roa
Signing time: Fri 01 Mar 2024 08:41:48 +0000
ROA not before: Fri 01 Mar 2024 08:41:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9121
IP address blocks: 185.9.36.0/24 maxlen: 24
185.9.37.0/24 maxlen: 24
185.9.38.0/24 maxlen: 24
185.9.39.0/24 maxlen: 24
185.244.144.0/24 maxlen: 24
185.244.145.0/24 maxlen: 24
185.244.146.0/24 maxlen: 24
185.244.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/b7ceb8-4856-4463-b7b8-353bc6266ee6/1/2ygv2JcxfCyt17E5afbwFcOX4F0.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/b7ceb8-4856-4463-b7b8-353bc6266ee6/1/2ygv2JcxfCyt17E5afbwFcOX4F0.mft
rsync://rpki.ripe.net/repository/DEFAULT/2ygv2JcxfCyt17E5afbwFcOX4F0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:2d:3e:8f:ba:0f:35:ff:12:ab:fe:0d:bd:bd:3f:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db282fd897317c2cadd7b13969f6f015c397e05d
Validity
Not Before: Mar 1 08:41:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32b85e8c91f1aebed2163649c530785d561107f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:92:47:5b:12:38:9a:58:1c:1e:10:36:67:12:
1d:f9:a7:7a:99:33:7e:e3:6d:25:41:e6:17:b7:54:
29:af:52:ed:de:86:9d:e8:1b:e9:67:fe:47:f3:3f:
42:8e:a4:5c:64:03:4c:8d:95:4b:17:7b:bd:d9:a2:
4a:90:1e:eb:70:e6:59:ce:b0:cd:b4:81:af:7d:28:
a7:f2:86:25:4c:0a:64:c0:a2:de:a3:f0:bf:79:14:
80:f3:e4:c2:10:f4:e9:50:c5:e9:b6:e3:1b:8a:c6:
ce:96:82:47:4d:dc:13:37:57:cd:47:29:c5:7d:dd:
a9:ab:73:48:b1:09:0b:f4:eb:dd:44:5d:29:0a:88:
d7:a3:a1:77:30:bf:62:85:1e:09:a9:c7:86:00:88:
20:f8:10:90:71:2d:be:57:c1:cb:9b:99:38:6b:e3:
fe:45:69:3f:dc:13:04:ac:df:4e:09:2e:99:48:65:
c1:90:0b:be:15:9f:d9:71:63:82:a1:68:af:14:c6:
63:22:57:de:25:f0:81:93:f4:f7:aa:aa:17:9b:76:
1e:90:88:fe:84:ec:f9:b3:04:2f:44:9f:52:07:53:
ea:57:c5:16:f1:7b:1a:bd:99:9c:9d:eb:f2:d5:f6:
94:53:6b:08:c8:83:4d:41:79:47:1c:01:86:73:73:
68:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:B8:5E:8C:91:F1:AE:BE:D2:16:36:49:C5:30:78:5D:56:11:07:F6
X509v3 Authority Key Identifier:
keyid:DB:28:2F:D8:97:31:7C:2C:AD:D7:B1:39:69:F6:F0:15:C3:97:E0:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ygv2JcxfCyt17E5afbwFcOX4F0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/b7ceb8-4856-4463-b7b8-353bc6266ee6/1/MrhejJHxrr7SFjZJxTB4XVYRB_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/b7ceb8-4856-4463-b7b8-353bc6266ee6/1/2ygv2JcxfCyt17E5afbwFcOX4F0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.36.0/22
185.244.144.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:e8:c7:ee:5a:1e:38:a6:15:39:a4:32:4e:ca:98:f5:1f:34:
fe:ca:a2:e5:6e:0b:2b:3e:7a:e6:d1:a9:0f:ca:94:3c:7c:6e:
8b:81:b7:fd:85:f8:f9:c1:87:89:aa:aa:5d:f4:bc:df:c6:46:
7d:ef:ee:b6:8e:6c:19:40:97:8c:b9:e0:4d:ef:ae:9c:ef:fb:
3b:4e:fe:3f:bc:b5:8e:6d:de:49:85:7b:91:4c:19:49:69:9d:
ab:38:f1:76:2b:8a:45:47:66:27:a5:ac:d2:ec:2a:8d:2a:a0:
72:0a:30:c8:cd:0e:b9:af:80:7b:7b:bd:2c:dc:47:93:80:96:
da:e6:99:f3:8d:1d:04:44:f9:f8:c7:83:6c:40:f6:ee:4a:35:
c8:e2:ca:ea:b4:9c:27:de:91:a8:17:95:9b:05:7c:39:12:21:
91:db:f2:2e:54:20:ae:03:31:69:bd:db:03:5b:6c:fa:62:4d:
43:fe:42:91:83:0a:23:16:31:03:34:47:f5:81:f9:3f:d9:ef:
a1:33:42:dc:30:5c:73:4e:42:95:be:44:70:49:d1:20:3d:c3:
71:8f:e0:39:77:74:67:7e:d6:d6:4d:0f:dc:67:9c:16:09:69:
0c:9d:05:fb:a2:65:89:5b:8e:c4:04:d1:fe:b4:9b:09:14:56:
3a:66:8a:b5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY35LT6Pug81/xKr/g29vT8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjgyZmQ4OTczMTdjMmNhZGQ3YjEzOTY5ZjZmMDE1YzM5
N2UwNWQwHhcNMjQwMzAxMDg0MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmI4NWU4YzkxZjFhZWJlZDIxNjM2NDljNTMwNzg1ZDU2MTEwN2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJJHWxI4mlgcHhA2ZxId+ad6mTN+
420lQeYXt1Qpr1Lt3oad6BvpZ/5H8z9CjqRcZANMjZVLF3u92aJKkB7rcOZZzrDN
tIGvfSin8oYlTApkwKLeo/C/eRSA8+TCEPTpUMXptuMbisbOloJHTdwTN1fNRynF
fd2pq3NIsQkL9OvdRF0pCojXo6F3ML9ihR4JqceGAIgg+BCQcS2+V8HLm5k4a+P+
RWk/3BMErN9OCS6ZSGXBkAu+FZ/ZcWOCoWivFMZjIlfeJfCBk/T3qqoXm3YekIj+
hOz5swQvRJ9SB1PqV8UW8XsavZmcnevy1faUU2sIyINNQXlHHAGGc3NoSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDK4XoyR8a6+0hY2ScUweF1WEQf2MB8GA1UdIwQY
MBaAFNsoL9iXMXwsrdexOWn28BXDl+BdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlndjJKY3hmQ3l0MTdFNWFmYndGY09YNEYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9iN2NlYjgtNDg1Ni00NDYzLWI3Yjgt
MzUzYmM2MjY2ZWU2LzEvTXJoZWpKSHhycjdTRmpaSnhUQjRYVllSQl9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9iN2NlYjgtNDg1Ni00NDYzLWI3YjgtMzUzYmM2MjY2ZWU2
LzEvMnlndjJKY3hmQ3l0MTdFNWFmYndGY09YNEYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuQkkAwQC
ufSQMA0GCSqGSIb3DQEBCwUAA4IBAQA/6MfuWh44phU5pDJOypj1HzT+yqLlbgsr
Pnrm0akPypQ8fG6Lgbf9hfj5wYeJqqpd9LzfxkZ97+62jmwZQJeMueBN766c7/s7
Tv4/vLWObd5JhXuRTBlJaZ2rOPF2K4pFR2YnpazS7CqNKqByCjDIzQ65r4B7e70s
3EeTgJba5pnzjR0ERPn4x4NsQPbuSjXI4srqtJwn3pGoF5WbBXw5EiGR2/IuVCCu
AzFpvdsDW2z6Yk1D/kKRgwojFjEDNEf1gfk/2e+hM0LcMFxzTkKVvkRwSdEgPcNx
j+A5d3RnftbWTQ/cZ5wWCWkMnQX7omWJW47EBNH+tJsJFFY6Zoq1
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:16:43 2024 by rpki-client on console-fra.rpki-client.org