Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/Ma22HQffkC1w9LLY9MHkMh7_bpw.roa
File: Ma22HQffkC1w9LLY9MHkMh7_bpw.roa (raw, json)
Hash identifier: N2mjCEa/JcfQCAn4u3DIWAiyt0Yf9HIjVhjZ6tK9LZw=
Subject key identifier: 31:AD:B6:1D:07:DF:90:2D:70:F4:B2:D8:F4:C1:E4:32:1E:FF:6E:9C
Certificate issuer: /CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Certificate serial: 018CC5DC52553A6C988A321143661A5C9376
Authority key identifier: 47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/Ma22HQffkC1w9LLY9MHkMh7_bpw.roa
Signing time: Mon 01 Jan 2024 16:29:59 +0000
ROA not before: Mon 01 Jan 2024 16:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34444
IP address blocks: 213.180.225.0/24 maxlen: 24
213.180.226.0/24 maxlen: 24
213.180.240.0/21 maxlen: 24
84.22.64.0/19 maxlen: 19
84.22.68.0/24 maxlen: 24
84.22.69.0/24 maxlen: 24
84.22.77.0/24 maxlen: 24
84.22.78.0/24 maxlen: 24
84.22.80.0/24 maxlen: 24
84.22.84.0/24 maxlen: 24
84.22.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.mft
rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:52:55:3a:6c:98:8a:32:11:43:66:1a:5c:93:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Validity
Not Before: Jan 1 16:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31adb61d07df902d70f4b2d8f4c1e4321eff6e9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:02:80:4f:c4:6b:69:7b:37:78:3d:05:92:56:
09:b1:ca:38:fc:37:56:31:6a:25:d2:b6:90:f0:e6:
92:44:a5:4b:f8:0f:88:93:52:0d:07:1d:01:85:47:
44:b8:34:4b:1a:c4:0c:d9:4e:78:93:78:e4:05:41:
e3:f4:3b:5d:cd:51:35:23:3b:59:a4:6a:f1:7e:6c:
91:cd:ff:d7:5d:0a:d0:36:19:32:47:29:00:f0:00:
15:34:76:c7:db:44:d7:b8:41:34:12:6f:fb:d8:fb:
dc:ff:40:b8:f9:0a:7d:68:6d:7d:3f:1e:78:34:bb:
d2:69:de:78:2d:2b:a1:ed:5c:f0:93:55:ff:b0:65:
f4:93:cd:9f:02:3a:dd:da:1e:c4:81:34:d5:02:51:
5c:0a:47:e7:31:ad:8b:ff:c5:f4:6c:e5:01:86:59:
e0:07:2e:8d:ef:ec:8a:4b:db:9b:61:dd:26:ae:b8:
9b:54:b9:7f:1e:ee:78:fc:8f:5b:1f:bc:fb:02:64:
ad:96:fb:54:ff:05:d6:bc:c7:0a:6b:d5:e3:6b:ae:
9e:23:96:9e:c3:5e:e3:cc:b6:eb:c6:9d:fd:e2:69:
4d:fc:ed:c5:07:c2:e1:85:62:10:b5:6c:cb:86:35:
dd:e0:72:f0:6b:db:e6:8a:e8:d7:37:35:ff:b4:b1:
03:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:AD:B6:1D:07:DF:90:2D:70:F4:B2:D8:F4:C1:E4:32:1E:FF:6E:9C
X509v3 Authority Key Identifier:
keyid:47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/Ma22HQffkC1w9LLY9MHkMh7_bpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.22.64.0/19
213.180.225.0-213.180.226.255
213.180.240.0/21
Signature Algorithm: sha256WithRSAEncryption
4c:30:79:71:9a:31:e6:f1:f3:64:4e:1e:c5:56:62:2b:17:90:
47:e8:75:cb:a7:8d:42:5b:ee:b2:d1:5f:3d:f6:13:f8:03:19:
9f:43:27:84:7f:7b:38:f6:12:bd:20:76:64:bd:76:86:d8:b9:
92:fa:d8:af:8c:78:77:56:95:9a:44:bd:ff:d4:db:95:ca:24:
4e:ad:61:cb:a4:ce:d2:45:ca:31:f8:a6:e7:25:85:5a:1c:bc:
61:a9:09:38:f5:99:f4:85:78:d0:98:7b:84:92:b6:de:74:bc:
20:ce:4e:93:4e:1e:e1:6f:41:0b:69:a7:be:69:19:9a:3a:dd:
51:11:0f:a5:b3:00:ee:e6:70:20:fd:3e:bc:90:23:cd:c2:ee:
92:27:ea:35:0d:8f:97:06:65:48:a4:61:40:30:1d:58:52:a2:
9e:92:1a:c1:8c:49:18:63:75:1a:5b:3c:3b:ae:ec:a0:65:91:
78:2d:5c:34:43:f0:47:3b:af:7d:a6:44:37:91:f3:61:67:25:
40:62:6e:d1:85:34:3e:df:8e:58:8b:38:6c:e4:c8:d3:f1:e7:
b7:35:78:58:43:35:39:f4:e4:2f:03:d3:6d:5b:85:11:01:ca:
3d:98:68:cc:ef:34:5b:7a:12:ed:24:9e:37:54:60:a2:e8:82:
3e:14:b4:6e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzF3FJVOmyYijIRQ2YaXJN2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZTk0Y2NiN2I2MDFkYTBjYTA5NDY5ZjYwZjY1MzY0MGZl
ZDhjMWMwHhcNMjQwMTAxMTYyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWFkYjYxZDA3ZGY5MDJkNzBmNGIyZDhmNGMxZTQzMjFlZmY2ZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAKAT8RraXs3eD0FklYJsco4/DdW
MWol0raQ8OaSRKVL+A+Ik1INBx0BhUdEuDRLGsQM2U54k3jkBUHj9DtdzVE1IztZ
pGrxfmyRzf/XXQrQNhkyRykA8AAVNHbH20TXuEE0Em/72Pvc/0C4+Qp9aG19Px54
NLvSad54LSuh7Vzwk1X/sGX0k82fAjrd2h7EgTTVAlFcCkfnMa2L/8X0bOUBhlng
By6N7+yKS9ubYd0mrribVLl/Hu54/I9bH7z7AmStlvtU/wXWvMcKa9Xja66eI5ae
w17jzLbrxp394mlN/O3FB8LhhWIQtWzLhjXd4HLwa9vmiujXNzX/tLEDaQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDGtth0H35AtcPSy2PTB5DIe/26cMB8GA1UdIwQY
MBaAFEfpTMt7YB2gyglGn2D2U2QP7YwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQt
YmQ5MGEzZjA2ZTE2LzEvTWEyMkhRZmZrQzF3OUxMWTlNSGtNaDdfYnB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQtYmQ5MGEzZjA2ZTE2
LzEvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQFVBZAMAwD
BADVtOEDBADVtOIDBAPVtPAwDQYJKoZIhvcNAQELBQADggEBAEwweXGaMebx82RO
HsVWYisXkEfodcunjUJb7rLRXz32E/gDGZ9DJ4R/ezj2Er0gdmS9dobYuZL62K+M
eHdWlZpEvf/U25XKJE6tYcukztJFyjH4puclhVocvGGpCTj1mfSFeNCYe4SStt50
vCDOTpNOHuFvQQtpp75pGZo63VERD6WzAO7mcCD9PryQI83C7pIn6jUNj5cGZUik
YUAwHVhSop6SGsGMSRhjdRpbPDuu7KBlkXgtXDRD8Ec7r32mRDeR82FnJUBibtGF
ND7fjliLOGzkyNPx57c1eFhDNTn05C8D021bhREByj2YaMzvNFt6Eu0knjdUYKLo
gj4UtG4=
-----END CERTIFICATE-----
Generated at Mon Jun 24 09:14:01 2024 by rpki-client on console-ams.rpki-client.org