Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/Myna4g7AK6BofRb82SaxtnGKUEU.roa
File: Myna4g7AK6BofRb82SaxtnGKUEU.roa (raw, json)
Hash identifier: KAyTP+sEBCa9uTZFMOlhyrtJtOWTQ0y04dwS9syq02M=
Subject key identifier: 33:29:DA:E2:0E:C0:2B:A0:68:7D:16:FC:D9:26:B1:B6:71:8A:50:45
Certificate issuer: /CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Certificate serial: 018CC500D70C2724BF4E5793234511DE1B5E
Authority key identifier: 0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/Myna4g7AK6BofRb82SaxtnGKUEU.roa
Signing time: Mon 01 Jan 2024 12:30:15 +0000
ROA not before: Mon 01 Jan 2024 12:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49571
IP address blocks: 188.72.9.0/24 maxlen: 24
188.72.23.0/24 maxlen: 24
188.72.20.0/24 maxlen: 24
188.72.29.0/24 maxlen: 24
185.72.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jul 2024 04:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:d7:0c:27:24:bf:4e:57:93:23:45:11:de:1b:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Validity
Not Before: Jan 1 12:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3329dae20ec02ba0687d16fcd926b1b6718a5045
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d6:46:5b:86:4f:fd:8a:99:87:05:13:9e:8d:
b1:de:da:54:40:f3:fa:98:98:1e:29:ca:2e:17:07:
9b:d8:94:23:05:c2:ae:32:8f:eb:30:65:c6:c0:6f:
e2:05:24:4a:54:29:5c:46:ab:53:bb:b7:cd:f1:69:
38:87:be:dd:1b:e9:11:61:1d:30:99:f1:67:a0:a2:
e7:38:8b:3b:78:05:77:b1:8a:74:d1:97:ff:05:4e:
4b:61:c8:62:88:a9:47:20:6d:4e:84:3f:ae:d2:2e:
ab:72:e9:60:d8:27:94:4e:93:58:e5:d0:bc:6e:0d:
c5:db:12:d3:64:13:1d:97:ee:5d:aa:d1:c4:db:b5:
25:0e:70:9d:d5:b1:72:7d:f6:f2:8c:6f:6f:ed:91:
b6:2d:4e:6f:f1:42:91:8f:a5:53:75:2e:b6:04:7f:
b3:59:41:85:24:dd:c6:92:34:bf:69:7b:36:aa:1d:
e9:c8:b8:ac:97:50:8a:ac:a0:ce:62:4f:cc:e7:b7:
94:73:0c:b8:c0:34:0c:5c:3a:f2:8b:61:18:af:76:
ee:21:52:cd:6f:4e:20:ea:14:0f:5d:3b:ce:b7:25:
ed:60:ac:1f:56:ca:78:27:11:5d:79:69:4c:14:20:
82:91:87:9b:fc:b2:ee:36:fa:9c:2a:b9:fd:02:0d:
cb:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:29:DA:E2:0E:C0:2B:A0:68:7D:16:FC:D9:26:B1:B6:71:8A:50:45
X509v3 Authority Key Identifier:
keyid:0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/Myna4g7AK6BofRb82SaxtnGKUEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.254.0/24
188.72.9.0/24
188.72.20.0/24
188.72.23.0/24
188.72.29.0/24
Signature Algorithm: sha256WithRSAEncryption
74:4c:12:51:f1:71:c6:85:72:f0:bb:98:17:8e:cf:8d:b9:95:
fe:bd:0d:03:0a:eb:85:70:49:d0:07:e6:2d:6a:1e:07:c6:09:
bd:55:51:b7:d8:1a:16:e1:5d:e4:66:2d:8b:c4:9e:82:76:ae:
e9:84:d2:ee:fa:2c:0c:ae:e0:b2:17:fa:00:b3:41:4f:68:7a:
3a:60:11:50:d2:f3:7c:f4:63:70:df:2c:a5:2b:61:ea:6e:3c:
00:6f:ab:ac:cc:67:a7:53:c9:84:99:a8:d9:66:3b:51:de:e2:
75:35:a6:7d:d7:9a:6b:ce:db:50:90:15:89:fe:3e:b0:40:68:
ca:31:67:21:a3:71:08:6b:cb:db:a0:87:6d:ff:13:c8:9b:9f:
79:a3:5b:d2:fa:46:a5:62:90:26:5c:11:aa:0c:96:05:aa:a8:
a6:bb:e5:ac:40:fd:e0:4a:76:45:a6:29:3e:b1:ec:a9:13:48:
c5:20:77:86:06:2a:24:50:88:88:ee:73:58:a4:0c:63:dd:06:
13:23:00:70:1a:8a:d7:1b:f8:f3:78:c7:e2:bf:5f:8b:84:83:
27:3b:88:61:d2:88:3a:bb:6f:26:76:60:17:77:04:71:f2:76:
c6:bc:b4:39:eb:75:7d:20:6e:c9:fb:ad:c8:51:d2:66:fc:42:
e7:62:7e:1f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzFANcMJyS/TleTI0UR3hteMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNTE0MDI4MjU5MWY5OTEyZjk2MzllZTE0MTJiNmQxZGNm
ZjA4NjEwHhcNMjQwMTAxMTIzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzI5ZGFlMjBlYzAyYmEwNjg3ZDE2ZmNkOTI2YjFiNjcxOGE1MDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNZGW4ZP/YqZhwUTno2x3tpUQPP6
mJgeKcouFweb2JQjBcKuMo/rMGXGwG/iBSRKVClcRqtTu7fN8Wk4h77dG+kRYR0w
mfFnoKLnOIs7eAV3sYp00Zf/BU5LYchiiKlHIG1OhD+u0i6rculg2CeUTpNY5dC8
bg3F2xLTZBMdl+5dqtHE27UlDnCd1bFyffbyjG9v7ZG2LU5v8UKRj6VTdS62BH+z
WUGFJN3GkjS/aXs2qh3pyLisl1CKrKDOYk/M57eUcwy4wDQMXDryi2EYr3buIVLN
b04g6hQPXTvOtyXtYKwfVsp4JxFdeWlMFCCCkYeb/LLuNvqcKrn9Ag3LMwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDMp2uIOwCugaH0W/NkmsbZxilBFMB8GA1UdIwQY
MBaAFAxRQCglkfmRL5Y57hQSttHc/whhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUt
ZGU5MTQ2OWQzNzcyLzEvTXluYTRnN0FLNkJvZlJiODJTYXh0bkdLVUVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUtZGU5MTQ2OWQzNzcy
LzEvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAuUj+AwQA
vEgJAwQAvEgUAwQAvEgXAwQAvEgdMA0GCSqGSIb3DQEBCwUAA4IBAQB0TBJR8XHG
hXLwu5gXjs+NuZX+vQ0DCuuFcEnQB+Ytah4Hxgm9VVG32BoW4V3kZi2LxJ6Cdq7p
hNLu+iwMruCyF/oAs0FPaHo6YBFQ0vN89GNw3yylK2HqbjwAb6uszGenU8mEmajZ
ZjtR3uJ1NaZ915przttQkBWJ/j6wQGjKMWcho3EIa8vboIdt/xPIm595o1vS+kal
YpAmXBGqDJYFqqimu+WsQP3gSnZFpik+seypE0jFIHeGBiokUIiI7nNYpAxj3QYT
IwBwGorXG/jzeMfiv1+LhIMnO4hh0og6u28mdmAXdwRx8nbGvLQ563V9IG7J+63I
UdJm/ELnYn4f
-----END CERTIFICATE-----
Generated at Thu Jul 4 13:41:29 2024 by rpki-client on console-fra.rpki-client.org