Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/MQLAZtM7yFr_hR7h_Q0sFiUjo0E.roa
File: MQLAZtM7yFr_hR7h_Q0sFiUjo0E.roa (raw, json)
Hash identifier: Q6UPvomfMUjtEY5D/bbb2IMqQQUf16FtPI8dYvm2RyQ=
Subject key identifier: 31:02:C0:66:D3:3B:C8:5A:FF:85:1E:E1:FD:0D:2C:16:25:23:A3:41
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 018CC64A7388FDD6C1F664AF6C432431F74E
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/MQLAZtM7yFr_hR7h_Q0sFiUjo0E.roa
Signing time: Mon 01 Jan 2024 18:30:17 +0000
ROA not before: Mon 01 Jan 2024 18:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 217.212.224.0/19 maxlen: 19
193.45.0.0/22 maxlen: 22
193.45.6.0/24 maxlen: 24
193.45.10.0/23 maxlen: 24
193.45.14.0/23 maxlen: 23
193.45.142.0/24 maxlen: 24
193.45.142.0/23 maxlen: 23
193.45.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 04:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:73:88:fd:d6:c1:f6:64:af:6c:43:24:31:f7:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Jan 1 18:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3102c066d33bc85aff851ee1fd0d2c162523a341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:25:4d:1e:87:79:b9:b1:b6:36:e5:a0:e6:fc:
ed:b6:2a:18:85:e7:04:47:57:8e:1b:8d:71:bf:bb:
d9:71:80:82:70:98:7a:2e:91:76:b5:fb:82:59:f4:
34:30:5e:a1:75:30:61:91:b3:0e:94:4f:72:b8:46:
86:d3:0e:06:fe:b3:1b:4b:67:6d:07:80:65:e7:d8:
8f:6b:9e:85:6d:93:00:f7:8c:30:83:28:c6:1d:96:
61:f6:59:43:a8:5c:12:31:af:65:53:0c:49:3b:45:
58:3c:c0:dc:55:d3:23:90:e7:bc:5d:79:22:c8:2a:
57:4c:85:4f:bc:0d:98:40:af:4c:8d:a5:84:5d:52:
96:c2:6e:9a:c8:65:4c:90:03:55:39:23:35:58:f8:
55:1a:92:44:8d:f7:24:c8:e1:34:43:60:a9:ba:fc:
c2:6e:cf:74:af:67:0f:eb:a0:60:bb:04:58:ba:0c:
ba:95:89:2b:87:61:65:25:27:10:71:45:bd:64:07:
3a:a9:62:01:0a:b1:9b:24:80:a9:6c:e7:3a:2b:4d:
bb:69:fc:27:0f:5d:97:ef:a7:e1:56:03:2e:b9:5a:
23:7e:13:46:33:e7:2d:d7:31:19:77:01:ca:64:3d:
3a:47:67:50:44:4c:fb:f2:76:f6:98:93:9b:30:67:
f2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:02:C0:66:D3:3B:C8:5A:FF:85:1E:E1:FD:0D:2C:16:25:23:A3:41
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/MQLAZtM7yFr_hR7h_Q0sFiUjo0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.45.0.0/22
193.45.6.0/24
193.45.10.0/23
193.45.14.0/23
193.45.142.0/23
193.45.254.0/24
217.212.224.0/19
Signature Algorithm: sha256WithRSAEncryption
5d:5a:de:2f:ef:e2:6b:2b:b0:df:53:db:6b:58:83:85:9f:bd:
90:5e:17:fd:04:e8:bd:d7:e7:20:b1:10:3f:5a:dc:39:dc:04:
0e:c1:64:fd:49:73:68:73:43:33:b7:e5:7c:ba:7d:dd:87:d0:
8a:cb:52:36:38:95:46:02:d6:07:46:d1:b6:12:d6:0b:13:e5:
16:23:c7:a3:03:78:58:0a:e1:31:e2:35:d8:1d:97:fc:d9:e3:
a5:da:3f:9f:5b:0f:0f:3f:4a:72:72:73:52:24:32:c4:38:ba:
36:c0:2a:58:29:9c:bf:35:7d:92:be:8e:8e:b5:4b:a2:33:92:
48:44:02:f1:ba:4e:0b:01:0f:ec:0b:6f:3b:76:ec:12:1a:f6:
de:71:55:1e:e1:f6:c8:89:6d:0c:59:65:55:6d:83:18:20:c6:
3b:47:67:09:e0:92:96:55:45:b7:0b:73:a7:a3:f2:e0:07:31:
c9:e5:71:6a:c2:35:db:d2:31:e7:f9:96:78:d2:95:0d:a3:68:
b9:49:51:52:e4:60:5b:c2:11:d6:7e:43:fa:b7:3d:b7:0e:89:
a7:d1:37:72:8b:ae:06:22:36:c4:5a:65:b8:b3:32:14:9c:d5:
f9:b6:4e:a2:63:f9:de:bb:cf:95:d9:9f:0d:3f:7e:3f:31:60:
22:34:e8:8c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzGSnOI/dbB9mSvbEMkMfdOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjgxMzhkNGVjMmVhNTFjYWNlZjA5ZmYxMDU4YTM3MGE1
YmUxOTAwHhcNMjQwMTAxMTgzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTAyYzA2NmQzM2JjODVhZmY4NTFlZTFmZDBkMmMxNjI1MjNhMzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliVNHod5ubG2NuWg5vzttioYhecE
R1eOG41xv7vZcYCCcJh6LpF2tfuCWfQ0MF6hdTBhkbMOlE9yuEaG0w4G/rMbS2dt
B4Bl59iPa56FbZMA94wwgyjGHZZh9llDqFwSMa9lUwxJO0VYPMDcVdMjkOe8XXki
yCpXTIVPvA2YQK9MjaWEXVKWwm6ayGVMkANVOSM1WPhVGpJEjfckyOE0Q2CpuvzC
bs90r2cP66BguwRYugy6lYkrh2FlJScQcUW9ZAc6qWIBCrGbJICpbOc6K027afwn
D12X76fhVgMuuVojfhNGM+ct1zEZdwHKZD06R2dQREz78nb2mJObMGfyBQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDECwGbTO8ha/4Ue4f0NLBYlI6NBMB8GA1UdIwQY
MBaAFB9oE41OwupRys7wn/EFijcKW+GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgt
NjA4NTY0ODM5ZmQwLzEvTVFMQVp0TTd5RnJfaFI3aF9RMHNGaVVqbzBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgtNjA4NTY0ODM5ZmQw
LzEvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCwS0AAwQA
wS0GAwQBwS0KAwQBwS0OAwQBwS2OAwQAwS3+AwQF2dTgMA0GCSqGSIb3DQEBCwUA
A4IBAQBdWt4v7+JrK7DfU9trWIOFn72QXhf9BOi91+cgsRA/Wtw53AQOwWT9SXNo
c0Mzt+V8un3dh9CKy1I2OJVGAtYHRtG2EtYLE+UWI8ejA3hYCuEx4jXYHZf82eOl
2j+fWw8PP0pycnNSJDLEOLo2wCpYKZy/NX2Svo6OtUuiM5JIRALxuk4LAQ/sC287
duwSGvbecVUe4fbIiW0MWWVVbYMYIMY7R2cJ4JKWVUW3C3Ono/LgBzHJ5XFqwjXb
0jHn+ZZ40pUNo2i5SVFS5GBbwhHWfkP6tz23Domn0Tdyi64GIjbEWmW4szIUnNX5
tk6iY/neu8+V2Z8NP34/MWAiNOiM
-----END CERTIFICATE-----
Generated at Wed Jun 26 11:09:50 2024 by rpki-client on console-fra.rpki-client.org