Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MClrH3UBOGZcek9c4794rxSed34.roa
File: MClrH3UBOGZcek9c4794rxSed34.roa (raw, json)
Hash identifier: 4A/3W+c5W1Tx9XJKQz8II74u72pM8Cra9IFmCuTU16g=
Subject key identifier: 30:29:6B:1F:75:01:38:66:5C:7A:4F:5C:E3:BF:78:AF:14:9E:77:7E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCDBD0293EEF4695D92DB20C34A2F2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MClrH3UBOGZcek9c4794rxSed34.roa
Signing time: Tue 02 Jan 2024 06:29:26 +0000
ROA not before: Tue 02 Jan 2024 06:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34368
IP address blocks: 85.217.192.0/24 maxlen: 24
85.217.194.0/24 maxlen: 24
85.217.198.0/24 maxlen: 24
85.217.193.0/24 maxlen: 24
85.217.196.0/23 maxlen: 23
85.217.195.0/24 maxlen: 24
85.217.199.0/24 maxlen: 24
85.217.200.0/22 maxlen: 22
85.217.204.0/22 maxlen: 22
2a00:1728:18::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 06:47:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:db:d0:29:3e:ef:46:95:d9:2d:b2:0c:34:a2:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30296b1f750138665c7a4f5ce3bf78af149e777e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d6:d1:fd:66:fb:7d:0a:bf:69:71:e3:dd:a8:
8c:a6:b4:a9:d1:50:44:8b:38:ad:24:cf:cb:30:76:
21:60:31:e7:62:52:86:4a:75:74:ad:86:c7:13:37:
5a:03:ce:56:fd:fd:74:e0:df:97:9d:b0:c4:52:e8:
e0:99:24:01:39:33:6b:43:c1:3f:be:f5:58:19:41:
b2:b1:62:0e:63:b0:09:0f:55:fc:e5:2e:d4:88:7c:
28:5b:e6:5f:9e:ef:cb:f6:41:0f:a8:72:b7:0b:9b:
45:ed:be:7b:20:93:90:6f:5d:bf:61:8a:e2:34:85:
d8:f1:4c:47:c8:36:96:6b:97:5d:a2:be:ad:37:70:
80:15:c4:da:a8:c3:aa:66:17:ae:5a:44:4b:1d:24:
c6:8a:87:f3:e5:73:77:fc:03:96:01:e0:0d:90:05:
ca:5a:d9:3d:76:6e:2c:1f:76:70:cb:e0:a8:1d:9d:
71:4d:e4:ca:01:26:c5:50:90:8a:60:23:66:12:85:
9c:18:70:6e:95:82:3e:b0:b8:de:2b:57:95:8e:58:
c0:42:fb:7a:fb:50:8a:f5:22:0b:46:b0:ef:1c:0f:
5d:ef:23:29:47:1b:92:8f:e0:f5:e4:2c:90:a5:a4:
65:61:e3:8f:48:57:ea:bb:7a:f6:2f:b1:4a:b6:c1:
1d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:29:6B:1F:75:01:38:66:5C:7A:4F:5C:E3:BF:78:AF:14:9E:77:7E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MClrH3UBOGZcek9c4794rxSed34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.192.0/20
IPv6:
2a00:1728:18::/48
Signature Algorithm: sha256WithRSAEncryption
ad:4c:3c:16:2c:f6:51:c4:0b:df:b8:c6:38:85:c4:d4:9e:f8:
d1:e8:a3:1e:bc:db:24:26:8b:b1:b7:e2:02:a5:c4:a0:75:14:
76:2f:80:38:b6:97:6f:4d:86:d3:4e:61:a7:77:de:a5:82:9d:
c8:0f:85:cb:91:6f:7a:b3:c6:d5:a0:b8:26:56:8b:91:1b:d8:
86:7b:95:1b:1f:26:1f:3a:be:c0:60:75:16:e5:45:86:e5:d8:
91:fb:cc:cb:a7:b2:b4:28:75:e5:68:e8:88:cc:dc:1b:0c:ac:
c8:6d:d7:fd:9d:35:da:11:06:c8:59:75:38:28:6a:4d:0f:ba:
dc:dc:12:57:31:0e:ac:19:3e:c1:c0:d0:7e:55:12:f1:a3:b2:
b7:57:8c:90:15:9b:31:34:cc:64:9a:03:a4:9f:d1:97:ae:00:
44:7c:f0:20:dd:26:27:b5:c4:3f:61:ec:0d:44:c6:fb:de:eb:
34:03:21:52:75:d5:f3:ab:a4:5e:dd:86:39:ab:1f:80:a1:53:
93:a9:5f:ac:3f:cb:89:01:e8:cf:4a:38:e3:11:1c:6c:12:ea:
8d:d5:77:7e:44:9b:39:52:15:f9:a1:c3:19:50:4f:ca:48:25:
33:89:7d:34:80:e7:47:e6:72:1f:12:f6:d4:8e:36:65:21:70:
bc:a4:0a:c9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzI3NvQKT7vRpXZLbIMNKLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDI5NmIxZjc1MDEzODY2NWM3YTRmNWNlM2JmNzhhZjE0OWU3NzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidbR/Wb7fQq/aXHj3aiMprSp0VBE
izitJM/LMHYhYDHnYlKGSnV0rYbHEzdaA85W/f104N+XnbDEUujgmSQBOTNrQ8E/
vvVYGUGysWIOY7AJD1X85S7UiHwoW+Zfnu/L9kEPqHK3C5tF7b57IJOQb12/YYri
NIXY8UxHyDaWa5ddor6tN3CAFcTaqMOqZheuWkRLHSTGiofz5XN3/AOWAeANkAXK
Wtk9dm4sH3Zwy+CoHZ1xTeTKASbFUJCKYCNmEoWcGHBulYI+sLjeK1eVjljAQvt6
+1CK9SILRrDvHA9d7yMpRxuSj+D15CyQpaRlYeOPSFfqu3r2L7FKtsEdJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDApax91AThmXHpPXOO/eK8Unnd+MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTUNsckgzVUJPR1pjZWs5YzQ3OTRyeFNlZDM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQEVdnAMA8E
AgACMAkDBwAqABcoABgwDQYJKoZIhvcNAQELBQADggEBAK1MPBYs9lHEC9+4xjiF
xNSe+NHoox682yQmi7G34gKlxKB1FHYvgDi2l29NhtNOYad33qWCncgPhcuRb3qz
xtWguCZWi5Eb2IZ7lRsfJh86vsBgdRblRYbl2JH7zMunsrQodeVo6IjM3BsMrMht
1/2dNdoRBshZdTgoak0PutzcElcxDqwZPsHA0H5VEvGjsrdXjJAVmzE0zGSaA6Sf
0ZeuAER88CDdJie1xD9h7A1Exvve6zQDIVJ11fOrpF7dhjmrH4ChU5OpX6w/y4kB
6M9KOOMRHGwS6o3Vd35EmzlSFfmhwxlQT8pIJTOJfTSA50fmch8S9tSONmUhcLyk
Csk=
-----END CERTIFICATE-----
Generated at Sat Apr 27 15:37:22 2024 by rpki-client on console-ams.rpki-client.org