Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/miwo3mZBa-EtPkyRyvbWk89OGRY.roa
File: miwo3mZBa-EtPkyRyvbWk89OGRY.roa (raw, json)
Hash identifier: aSrD5C5flSihtB0KMj6M4hLWb7DrfMEQFsHkjf2Fck4=
Subject key identifier: 9A:2C:28:DE:66:41:6B:E1:2D:3E:4C:91:CA:F6:D6:93:CF:4E:19:16
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 018CC8DF5FCA873D20FA0888FFDD61CAFF76
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/miwo3mZBa-EtPkyRyvbWk89OGRY.roa
Signing time: Tue 02 Jan 2024 06:32:11 +0000
ROA not before: Tue 02 Jan 2024 06:32:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44547
IP address blocks: 193.31.116.0/24 maxlen: 24
213.226.119.0/24 maxlen: 24
176.98.41.0/24 maxlen: 24
84.54.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.mft
rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 12:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:5f:ca:87:3d:20:fa:08:88:ff:dd:61:ca:ff:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Jan 2 06:32:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a2c28de66416be12d3e4c91caf6d693cf4e1916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e3:a1:6a:44:b9:96:19:30:ae:7d:fe:e0:1d:
d4:df:1c:75:9b:f1:1c:03:69:13:25:28:c0:17:a8:
21:c1:8c:01:d1:8f:81:53:83:d4:cb:0b:a8:e0:79:
73:9f:35:8e:6a:b9:aa:ef:6b:1d:5a:7b:d3:ce:1d:
51:5d:fb:d8:30:9e:d7:8b:f2:a6:42:44:82:a0:0b:
e0:19:f7:cd:00:34:68:d8:09:68:41:7d:44:31:ee:
9d:2b:4c:82:a4:11:ef:6e:40:74:0b:0e:d5:82:17:
7b:cd:df:52:a0:57:70:44:8d:13:60:44:25:0e:34:
ca:f1:4e:7c:4e:b5:4c:b9:9f:b4:97:77:92:7b:72:
84:9f:19:8c:bd:17:95:af:d5:ed:90:dd:77:90:eb:
26:02:64:f8:69:0d:23:14:ee:f5:ff:ba:0a:72:55:
6d:bf:b8:ae:6a:dc:e1:85:0a:df:b5:1d:61:17:07:
ad:4c:c5:59:36:94:25:8e:a1:89:20:59:ae:f0:38:
49:6b:4c:0e:36:c6:10:0d:71:44:72:63:f9:4d:28:
a8:ed:40:31:bf:ba:db:33:85:db:58:2f:b7:7e:7d:
a9:dc:f6:8e:0a:7a:99:a5:63:19:dc:66:6d:48:5a:
af:10:5c:97:dc:a1:38:79:c3:6f:d4:00:c7:96:f8:
df:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:2C:28:DE:66:41:6B:E1:2D:3E:4C:91:CA:F6:D6:93:CF:4E:19:16
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/miwo3mZBa-EtPkyRyvbWk89OGRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.13.0/24
176.98.41.0/24
193.31.116.0/24
213.226.119.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:b5:e4:15:2d:85:e6:e8:03:30:e9:6d:d2:73:b2:bf:df:5c:
90:9a:3e:76:a4:af:59:31:21:31:63:f4:e4:24:e4:74:60:f4:
d6:b2:38:1a:e3:ab:e2:c8:72:1a:ad:0a:aa:7d:7a:48:8f:e9:
74:83:04:ab:64:b3:83:30:fd:d8:cf:7a:39:78:35:37:02:56:
34:30:56:a5:81:21:85:22:34:a6:18:92:e7:15:40:c4:67:c6:
50:e6:4d:71:98:e5:ba:f6:45:6d:71:13:4f:d0:b5:cc:40:4e:
04:a0:af:8e:5f:27:f2:9e:c7:40:6b:6a:32:c8:68:44:02:47:
70:04:00:95:2f:d9:f6:4f:bb:c4:e5:44:34:1a:b5:41:a7:42:
a5:d6:b6:08:35:aa:5d:bd:3f:bb:d2:03:58:11:95:7b:ec:2c:
25:6f:73:00:1b:44:48:c6:2b:45:89:c7:d3:f7:df:e0:5b:2a:
cb:6a:72:eb:3b:be:9e:11:6f:14:6f:b3:ae:8f:61:24:16:c0:
16:41:63:ed:32:e8:b0:3d:7e:f2:c1:49:a3:9f:7b:a5:30:66:
25:5c:3e:51:02:c7:7a:1e:fc:e1:b2:bf:73:66:3e:67:9d:73:
82:b7:47:b5:79:44:89:b5:3c:a6:c5:e6:28:2c:de:88:5f:0a:
c6:29:5c:b9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzI31/Khz0g+giI/91hyv92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjQwMTAyMDYzMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTJjMjhkZTY2NDE2YmUxMmQzZTRjOTFjYWY2ZDY5M2NmNGUxOTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+OhakS5lhkwrn3+4B3U3xx1m/Ec
A2kTJSjAF6ghwYwB0Y+BU4PUywuo4HlznzWOarmq72sdWnvTzh1RXfvYMJ7Xi/Km
QkSCoAvgGffNADRo2AloQX1EMe6dK0yCpBHvbkB0Cw7Vghd7zd9SoFdwRI0TYEQl
DjTK8U58TrVMuZ+0l3eSe3KEnxmMvReVr9XtkN13kOsmAmT4aQ0jFO71/7oKclVt
v7iuatzhhQrftR1hFwetTMVZNpQljqGJIFmu8DhJa0wONsYQDXFEcmP5TSio7UAx
v7rbM4XbWC+3fn2p3PaOCnqZpWMZ3GZtSFqvEFyX3KE4ecNv1ADHlvjfbwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJosKN5mQWvhLT5Mkcr21pPPThkWMB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvbWl3bzNtWkJhLUV0UGt5Unl2YldrODlPR1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVDYNAwQA
sGIpAwQAwR90AwQA1eJ3MA0GCSqGSIb3DQEBCwUAA4IBAQCyteQVLYXm6AMw6W3S
c7K/31yQmj52pK9ZMSExY/TkJOR0YPTWsjga46viyHIarQqqfXpIj+l0gwSrZLOD
MP3Yz3o5eDU3AlY0MFalgSGFIjSmGJLnFUDEZ8ZQ5k1xmOW69kVtcRNP0LXMQE4E
oK+OXyfynsdAa2oyyGhEAkdwBACVL9n2T7vE5UQ0GrVBp0Kl1rYINapdvT+70gNY
EZV77Cwlb3MAG0RIxitFicfT99/gWyrLanLrO76eEW8Ub7Ouj2EkFsAWQWPtMuiw
PX7ywUmjn3ulMGYlXD5RAsd6Hvzhsr9zZj5nnXOCt0e1eUSJtTymxeYoLN6IXwrG
KVy5
-----END CERTIFICATE-----
Generated at Sat Jun 15 19:47:58 2024 by rpki-client on console-fra.rpki-client.org