Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/2a84e9-68b3-4e3f-b615-a0ad61d194a1/1/MBb6r7UbJZydpaAvTB3sJxOjvjs.roa
File: MBb6r7UbJZydpaAvTB3sJxOjvjs.roa (raw, json)
Hash identifier: mxOJ11OUrBkgNscNGW9RhGPv9qFH7mtwG45PR40LBU8=
Subject key identifier: 30:16:FA:AF:B5:1B:25:9C:9D:A5:A0:2F:4C:1D:EC:27:13:A3:BE:3B
Certificate issuer: /CN=c330acdf041b5dcc7e5ec6cf8ff8bd0648e8670c
Certificate serial: 018DFAC8503265590956B53303B3CE0D7CDB
Authority key identifier: C3:30:AC:DF:04:1B:5D:CC:7E:5E:C6:CF:8F:F8:BD:06:48:E8:67:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wzCs3wQbXcx-XsbPj_i9BkjoZww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/2a84e9-68b3-4e3f-b615-a0ad61d194a1/1/MBb6r7UbJZydpaAvTB3sJxOjvjs.roa
Signing time: Fri 01 Mar 2024 16:10:48 +0000
ROA not before: Fri 01 Mar 2024 16:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207858
IP address blocks: 193.28.255.0/24 maxlen: 24
193.29.1.0/24 maxlen: 24
193.29.4.0/24 maxlen: 24
193.29.8.0/24 maxlen: 24
2a0f:7a40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/2a84e9-68b3-4e3f-b615-a0ad61d194a1/1/wzCs3wQbXcx-XsbPj_i9BkjoZww.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/2a84e9-68b3-4e3f-b615-a0ad61d194a1/1/wzCs3wQbXcx-XsbPj_i9BkjoZww.mft
rsync://rpki.ripe.net/repository/DEFAULT/wzCs3wQbXcx-XsbPj_i9BkjoZww.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fa:c8:50:32:65:59:09:56:b5:33:03:b3:ce:0d:7c:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c330acdf041b5dcc7e5ec6cf8ff8bd0648e8670c
Validity
Not Before: Mar 1 16:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3016faafb51b259c9da5a02f4c1dec2713a3be3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2f:b3:98:c2:46:8e:04:c0:bf:21:18:06:f1:
6e:76:b0:01:18:6c:01:6a:51:aa:0a:f7:29:c4:c7:
8b:84:89:8c:0a:0d:ad:19:bd:c1:e6:38:09:d7:cf:
fd:e6:3c:0a:0f:92:6e:76:cc:30:36:93:ef:80:a5:
57:f3:3e:56:43:23:7d:11:59:82:f6:95:9f:d4:d6:
93:c9:79:9b:e0:5c:29:3c:a8:18:0e:c2:f2:9e:57:
f6:1e:fc:2e:1e:7f:bc:fd:e5:07:10:01:f8:ed:23:
7e:b8:02:8e:32:68:ec:8d:41:6f:e7:6c:83:54:bd:
99:cf:8c:06:c4:14:42:7d:4e:32:7c:0c:2d:8a:b2:
e5:16:c3:0e:2d:02:f0:7d:c2:f4:6f:a3:6f:eb:4c:
b4:92:25:c7:f8:39:74:cd:ab:08:d5:77:86:b8:1c:
25:5f:5b:b4:60:40:68:3e:94:f6:33:55:77:96:08:
de:36:12:bf:48:4b:6e:4b:a2:d5:48:c8:53:e1:e5:
61:fa:19:40:02:d6:5c:8f:33:36:37:eb:ee:c4:a5:
1e:6d:4b:d3:70:cf:8a:55:4d:91:ae:3e:af:a0:98:
9d:d8:c0:0f:ae:db:dd:d5:15:e2:91:aa:99:4a:15:
46:a6:d6:d4:d8:36:67:c9:40:e2:7b:df:59:e7:7e:
f2:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:16:FA:AF:B5:1B:25:9C:9D:A5:A0:2F:4C:1D:EC:27:13:A3:BE:3B
X509v3 Authority Key Identifier:
keyid:C3:30:AC:DF:04:1B:5D:CC:7E:5E:C6:CF:8F:F8:BD:06:48:E8:67:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wzCs3wQbXcx-XsbPj_i9BkjoZww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/2a84e9-68b3-4e3f-b615-a0ad61d194a1/1/MBb6r7UbJZydpaAvTB3sJxOjvjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/2a84e9-68b3-4e3f-b615-a0ad61d194a1/1/wzCs3wQbXcx-XsbPj_i9BkjoZww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.255.0/24
193.29.1.0/24
193.29.4.0/24
193.29.8.0/24
IPv6:
2a0f:7a40::/29
Signature Algorithm: sha256WithRSAEncryption
02:2a:12:1f:01:e9:67:ab:ab:2d:4c:e3:57:3b:80:b7:35:74:
24:da:80:82:23:0d:91:c9:89:1e:f1:7e:d4:8f:d7:ba:e8:39:
4b:7a:26:ff:ea:02:30:72:f8:7f:6a:ca:e4:57:76:97:b8:5c:
3b:d0:7d:10:d6:58:30:3c:13:90:22:2f:08:64:b3:5e:31:ab:
41:6a:fb:e7:4e:8f:4d:f1:cb:36:23:f0:56:31:43:ac:91:34:
38:8f:3b:39:f3:53:08:f1:90:ab:74:f9:dd:4c:1f:da:e6:b4:
1c:d2:ee:ae:03:8d:d3:bf:fb:17:c2:9a:63:a1:fa:5a:89:0e:
dc:ca:2b:3d:d7:dc:6f:c2:ce:b4:07:a8:fe:e0:e8:0b:dd:16:
a2:91:60:ad:f3:7c:97:9f:30:3a:55:aa:61:8b:0e:00:2f:16:
34:89:1f:f6:ea:23:0f:88:96:69:2e:20:7a:c1:10:09:4d:12:
f4:8c:67:76:09:73:36:c6:1d:83:4a:28:37:2e:da:b5:3e:cf:
5f:c6:5f:68:a1:8a:af:30:b7:b2:23:47:23:6c:b2:c9:3f:76:
cf:08:a2:31:4b:6e:a8:18:28:83:2c:46:6a:1f:b0:37:ef:d4:
8d:05:fc:df:47:a4:a5:45:09:25:3e:bd:9b:a1:4c:b1:5e:2c:
0c:36:4a:3a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY36yFAyZVkJVrUzA7PODXzbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMzBhY2RmMDQxYjVkY2M3ZTVlYzZjZjhmZjhiZDA2NDhl
ODY3MGMwHhcNMjQwMzAxMTYxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDE2ZmFhZmI1MWIyNTljOWRhNWEwMmY0YzFkZWMyNzEzYTNiZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqC+zmMJGjgTAvyEYBvFudrABGGwB
alGqCvcpxMeLhImMCg2tGb3B5jgJ18/95jwKD5JudswwNpPvgKVX8z5WQyN9EVmC
9pWf1NaTyXmb4FwpPKgYDsLynlf2HvwuHn+8/eUHEAH47SN+uAKOMmjsjUFv52yD
VL2Zz4wGxBRCfU4yfAwtirLlFsMOLQLwfcL0b6Nv60y0kiXH+Dl0zasI1XeGuBwl
X1u0YEBoPpT2M1V3lgjeNhK/SEtuS6LVSMhT4eVh+hlAAtZcjzM2N+vuxKUebUvT
cM+KVU2Rrj6voJid2MAPrtvd1RXikaqZShVGptbU2DZnyUDie99Z537yGwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDAW+q+1GyWcnaWgL0wd7CcTo747MB8GA1UdIwQY
MBaAFMMwrN8EG13Mfl7Gz4/4vQZI6GcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3pDczN3UWJYY3gtWHNiUGpfaTlCa2pvWnd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8yYTg0ZTktNjhiMy00ZTNmLWI2MTUt
YTBhZDYxZDE5NGExLzEvTUJiNnI3VWJKWnlkcGFBdlRCM3NKeE9qdmpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8yYTg0ZTktNjhiMy00ZTNmLWI2MTUtYTBhZDYxZDE5NGEx
LzEvd3pDczN3UWJYY3gtWHNiUGpfaTlCa2pvWnd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwRz/AwQA
wR0BAwQAwR0EAwQAwR0IMA0EAgACMAcDBQMqD3pAMA0GCSqGSIb3DQEBCwUAA4IB
AQACKhIfAelnq6stTONXO4C3NXQk2oCCIw2RyYke8X7Uj9e66DlLeib/6gIwcvh/
asrkV3aXuFw70H0Q1lgwPBOQIi8IZLNeMatBavvnTo9N8cs2I/BWMUOskTQ4jzs5
81MI8ZCrdPndTB/a5rQc0u6uA43Tv/sXwppjofpaiQ7cyis919xvws60B6j+4OgL
3RaikWCt83yXnzA6Vaphiw4ALxY0iR/26iMPiJZpLiB6wRAJTRL0jGd2CXM2xh2D
Sig3Ltq1Ps9fxl9ooYqvMLeyI0cjbLLJP3bPCKIxS26oGCiDLEZqH7A379SNBfzf
R6SlRQklPr2boUyxXiwMNko6
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:51:04 2024 by rpki-client on console-fra.rpki-client.org