Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/McFWJNiVWMPNzW1GXCqc84Qk5YQ.roa
File: McFWJNiVWMPNzW1GXCqc84Qk5YQ.roa (raw, json)
Hash identifier: H3rDFU7SLyW2/UJ8CLmBSp7sR6m+AaAAl5Dc+lanoVM=
Subject key identifier: 31:C1:56:24:D8:95:58:C3:CD:CD:6D:46:5C:2A:9C:F3:84:24:E5:84
Certificate issuer: /CN=836528e152b6dcba1571241ac55be5bce01118b7
Certificate serial: 018E65993DA147F0AE78513207C48CBF9EA3
Authority key identifier: 83:65:28:E1:52:B6:DC:BA:15:71:24:1A:C5:5B:E5:BC:E0:11:18:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g2Uo4VK23LoVcSQaxVvlvOARGLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/McFWJNiVWMPNzW1GXCqc84Qk5YQ.roa
Signing time: Fri 22 Mar 2024 09:58:45 +0000
ROA not before: Fri 22 Mar 2024 09:58:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197991
IP address blocks: 5.144.144.0/21 maxlen: 24
149.126.32.0/20 maxlen: 24
178.132.59.0/24 maxlen: 24
178.132.60.0/22 maxlen: 24
2a0d:a5c0::/29 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/g2Uo4VK23LoVcSQaxVvlvOARGLc.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/g2Uo4VK23LoVcSQaxVvlvOARGLc.mft
rsync://rpki.ripe.net/repository/DEFAULT/g2Uo4VK23LoVcSQaxVvlvOARGLc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:65:99:3d:a1:47:f0:ae:78:51:32:07:c4:8c:bf:9e:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=836528e152b6dcba1571241ac55be5bce01118b7
Validity
Not Before: Mar 22 09:58:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31c15624d89558c3cdcd6d465c2a9cf38424e584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:88:58:e5:66:bc:d9:c1:a4:bb:6f:0c:bf:e9:
40:e9:a5:bb:45:ae:18:04:93:cf:34:a7:8f:cb:29:
83:7e:e5:04:3f:a3:e7:be:2b:ed:8a:1d:e9:46:a3:
f3:b2:10:6d:59:ed:e0:af:9f:48:5a:94:83:4c:2e:
42:88:ca:8b:86:c3:c8:32:c1:1b:7f:15:be:38:d7:
6a:f2:43:25:a4:7f:bc:3c:fb:4d:98:f0:8e:52:60:
98:10:ed:d7:4c:bc:9f:e0:f7:fe:e7:60:f9:99:70:
51:84:c2:74:90:6c:5d:2c:9d:25:0a:eb:ab:db:d2:
0a:91:c5:f2:38:57:5b:14:47:e4:75:cb:7f:63:ea:
19:b7:d7:7f:12:bf:05:71:f3:ab:ee:0d:ef:66:9b:
c0:6c:5a:3f:ad:9c:a8:3e:cb:28:95:3a:e4:61:ec:
3a:90:af:d0:1c:59:ec:06:df:2f:07:23:bb:51:af:
29:1c:b3:8a:2b:1b:2a:83:b6:08:a8:bb:e8:53:8d:
e5:54:fd:b3:fd:ef:62:a0:74:99:34:9a:2c:4f:45:
7e:1d:d6:8a:f8:bf:e7:6a:56:ba:0d:2e:de:56:9a:
b1:72:7f:08:a3:2d:12:c9:e4:07:2c:9c:ac:22:c8:
85:b4:6e:24:24:4f:33:ab:bc:04:46:da:de:41:1f:
ec:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:C1:56:24:D8:95:58:C3:CD:CD:6D:46:5C:2A:9C:F3:84:24:E5:84
X509v3 Authority Key Identifier:
keyid:83:65:28:E1:52:B6:DC:BA:15:71:24:1A:C5:5B:E5:BC:E0:11:18:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g2Uo4VK23LoVcSQaxVvlvOARGLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/McFWJNiVWMPNzW1GXCqc84Qk5YQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/g2Uo4VK23LoVcSQaxVvlvOARGLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.144.0/21
149.126.32.0/20
178.132.59.0-178.132.63.255
IPv6:
2a0d:a5c0::/29
Signature Algorithm: sha256WithRSAEncryption
01:29:66:9a:7f:ff:09:bd:27:7e:8c:08:cf:f4:c7:b2:f0:4b:
d5:0e:3e:c8:a8:88:12:d1:56:3b:8f:90:4e:21:84:be:d2:75:
e5:d0:a6:56:08:ff:5a:00:27:ae:20:c3:4c:95:dc:88:5f:77:
28:eb:1a:61:12:2e:7c:4f:d2:29:44:d9:d8:bb:8f:02:59:90:
b1:d9:7c:07:68:57:6d:82:b6:67:84:b3:0a:02:ab:ad:1d:44:
54:74:33:cb:ee:5d:24:10:d2:b5:da:52:c1:39:0a:19:53:84:
4b:49:24:72:56:f3:20:52:10:5a:e4:46:14:93:b2:5b:ed:ac:
6e:08:32:6c:cb:1c:c9:5a:3c:6c:ad:41:a8:57:97:81:18:fd:
66:80:14:7c:bf:53:60:13:58:28:da:e7:8c:8d:01:11:34:dd:
7a:1b:6d:4e:f9:dc:4e:cc:25:78:25:af:eb:32:85:4f:97:6e:
f8:57:ef:dc:45:66:02:cf:c6:29:55:73:41:e9:6d:51:61:7c:
78:18:ef:cd:c7:19:52:82:7c:a0:5a:da:e9:8f:36:7b:ca:9f:
0a:d4:42:85:72:f0:5b:ff:2d:34:69:df:76:16:7a:64:82:19:
78:47:bb:78:23:1e:d6:53:4a:8d:79:81:11:6c:1f:8c:36:55:
de:81:19:a6
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAY5lmT2hR/CueFEyB8SMv56jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNjUyOGUxNTJiNmRjYmExNTcxMjQxYWM1NWJlNWJjZTAx
MTE4YjcwHhcNMjQwMzIyMDk1ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWMxNTYyNGQ4OTU1OGMzY2RjZDZkNDY1YzJhOWNmMzg0MjRlNTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIhY5Wa82cGku28Mv+lA6aW7Ra4Y
BJPPNKePyymDfuUEP6Pnvivtih3pRqPzshBtWe3gr59IWpSDTC5CiMqLhsPIMsEb
fxW+ONdq8kMlpH+8PPtNmPCOUmCYEO3XTLyf4Pf+52D5mXBRhMJ0kGxdLJ0lCuur
29IKkcXyOFdbFEfkdct/Y+oZt9d/Er8FcfOr7g3vZpvAbFo/rZyoPssolTrkYew6
kK/QHFnsBt8vByO7Ua8pHLOKKxsqg7YIqLvoU43lVP2z/e9ioHSZNJosT0V+HdaK
+L/nala6DS7eVpqxcn8Ioy0SyeQHLJysIsiFtG4kJE8zq7wERtreQR/s4wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFDHBViTYlVjDzc1tRlwqnPOEJOWEMB8GA1UdIwQY
MBaAFINlKOFStty6FXEkGsVb5bzgERi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzJVbzRWSzIzTG9WY1NRYXhWdmx2T0FSR0xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC83YzcwZjQtNWYzYS00ZmQzLTg4M2Mt
ZWI5NDE1ZWM1NDhhLzEvTWNGV0pOaVZXTVBOelcxR1hDcWM4NFFrNVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC83YzcwZjQtNWYzYS00ZmQzLTg4M2MtZWI5NDE1ZWM1NDhh
LzEvZzJVbzRWSzIzTG9WY1NRYXhWdmx2T0FSR0xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQDBZCQAwQE
lX4gMAwDBACyhDsDBAayhAAwDQQCAAIwBwMFAyoNpcAwDQYJKoZIhvcNAQELBQAD
ggEBAAEpZpp//wm9J36MCM/0x7LwS9UOPsioiBLRVjuPkE4hhL7SdeXQplYI/1oA
J64gw0yV3IhfdyjrGmESLnxP0ilE2di7jwJZkLHZfAdoV22CtmeEswoCq60dRFR0
M8vuXSQQ0rXaUsE5ChlThEtJJHJW8yBSEFrkRhSTslvtrG4IMmzLHMlaPGytQahX
l4EY/WaAFHy/U2ATWCja54yNARE03XobbU753E7MJXglr+syhU+XbvhX79xFZgLP
xilVc0HpbVFhfHgY783HGVKCfKBa2umPNnvKnwrUQoVy8Fv/LTRp33YWemSCGXhH
u3gjHtZTSo15gRFsH4w2Vd6BGaY=
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:16:54 2024 by rpki-client on console-fra.rpki-client.org