Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/9a9506-20d4-4ab7-b563-e2d3d94cc238/1/M82VRRJuohB5A2-qNOGM-v-WW8c.roa
File: M82VRRJuohB5A2-qNOGM-v-WW8c.roa (raw, json)
Hash identifier: 9jdBw1vfS09bWXOdoB+OHyXnvOGdajc9jf7ctXOHvk0=
Subject key identifier: 33:CD:95:45:12:6E:A2:10:79:03:6F:AA:34:E1:8C:FA:FF:96:5B:C7
Certificate issuer: /CN=3238786e9f70e6db74230d72675a483bd24ef256
Certificate serial: 018CC56E7C812F6C0AAE67699B65D3A47C04
Authority key identifier: 32:38:78:6E:9F:70:E6:DB:74:23:0D:72:67:5A:48:3B:D2:4E:F2:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mjh4bp9w5tt0Iw1yZ1pIO9JO8lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/9a9506-20d4-4ab7-b563-e2d3d94cc238/1/M82VRRJuohB5A2-qNOGM-v-WW8c.roa
Signing time: Mon 01 Jan 2024 14:30:01 +0000
ROA not before: Mon 01 Jan 2024 14:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204562
IP address blocks: 185.245.240.0/22 maxlen: 24
2a0d:6e80::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/9a9506-20d4-4ab7-b563-e2d3d94cc238/1/Mjh4bp9w5tt0Iw1yZ1pIO9JO8lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/9a9506-20d4-4ab7-b563-e2d3d94cc238/1/Mjh4bp9w5tt0Iw1yZ1pIO9JO8lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mjh4bp9w5tt0Iw1yZ1pIO9JO8lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:7c:81:2f:6c:0a:ae:67:69:9b:65:d3:a4:7c:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3238786e9f70e6db74230d72675a483bd24ef256
Validity
Not Before: Jan 1 14:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33cd9545126ea21079036faa34e18cfaff965bc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3f:5a:2c:d6:40:3b:f6:ca:7c:0c:fc:96:07:
80:43:b2:8d:f8:39:c6:62:b3:b2:32:b3:54:8b:ff:
68:1a:1e:57:9b:dd:63:f0:52:7c:dc:19:3f:5a:b1:
28:6c:72:c5:d5:35:be:1b:4e:29:4b:d9:21:97:45:
ff:f5:45:d1:4a:4c:6d:65:66:b2:7d:df:42:dd:38:
47:cb:07:ee:85:10:59:c9:53:07:a7:9e:38:fd:fe:
8f:b3:31:55:95:d1:bf:da:e3:a6:f4:43:bb:6c:6f:
e7:60:59:ad:f8:d2:51:74:2d:ec:cc:c1:cf:0b:42:
a0:52:d8:2c:2c:64:72:b5:85:0a:ba:1c:c4:46:aa:
98:f1:58:48:99:13:73:39:ee:ef:9f:97:5e:b7:ce:
42:47:37:90:f9:eb:49:5b:cd:c5:6a:a1:d3:1c:88:
ed:15:38:92:84:41:ef:0a:43:28:58:e8:10:83:c6:
12:19:b8:5e:e2:88:08:ed:6c:2d:9f:03:b5:a9:4a:
dc:93:d5:a1:c3:70:20:f1:f9:de:49:54:6e:b2:bf:
e1:9a:54:c7:74:42:c4:45:d7:64:51:f0:60:a3:2c:
0e:de:34:60:51:54:17:b8:2c:ad:06:0d:06:d4:73:
d9:2e:b6:7e:9d:33:b6:47:97:c9:8b:39:36:9d:bd:
d8:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:CD:95:45:12:6E:A2:10:79:03:6F:AA:34:E1:8C:FA:FF:96:5B:C7
X509v3 Authority Key Identifier:
keyid:32:38:78:6E:9F:70:E6:DB:74:23:0D:72:67:5A:48:3B:D2:4E:F2:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mjh4bp9w5tt0Iw1yZ1pIO9JO8lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9a9506-20d4-4ab7-b563-e2d3d94cc238/1/M82VRRJuohB5A2-qNOGM-v-WW8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9a9506-20d4-4ab7-b563-e2d3d94cc238/1/Mjh4bp9w5tt0Iw1yZ1pIO9JO8lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.240.0/22
IPv6:
2a0d:6e80::/29
Signature Algorithm: sha256WithRSAEncryption
10:ed:08:6d:13:f7:fd:fd:38:bd:63:40:52:ea:cd:62:a0:00:
2e:4e:67:29:9f:dc:2d:1d:07:79:ec:8c:0c:5e:4f:a8:dc:d8:
73:90:e9:70:d3:91:0b:6f:41:94:f1:6f:a0:9c:97:a0:28:f3:
d6:de:aa:1f:00:ea:ef:81:7d:8a:96:1c:5d:ca:d4:b3:dc:14:
1d:49:d2:02:5f:75:5c:15:36:01:b4:c3:44:23:d1:89:39:b7:
f8:f4:6f:60:7c:7c:48:f0:3f:24:71:ad:a6:d3:7c:f9:b2:87:
88:f5:a8:74:e0:bb:07:ab:2e:3f:87:92:71:d6:53:6b:80:c8:
1c:e8:4a:7a:76:92:6f:01:06:8f:de:a0:de:53:d2:e7:91:f3:
ed:43:5b:6f:46:95:fb:73:57:44:34:5f:8e:d2:1e:7f:33:16:
f2:94:12:ab:3f:7e:13:d5:aa:e7:e5:82:56:9a:e1:d4:3e:9b:
e6:ba:8c:19:b0:f3:a0:5f:41:54:90:32:b2:8f:f1:58:a7:9e:
41:79:41:12:52:39:d8:39:f8:1f:f2:c2:b3:84:14:d2:ab:15:
0f:fe:e3:72:e2:5f:a3:1b:48:c5:11:d1:25:8b:6d:2a:8a:c6:
18:7b:b5:0c:2d:23:e0:2c:0a:4f:fb:a4:74:f4:d8:34:4b:a9:
a0:6d:ca:32
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbnyBL2wKrmdpm2XTpHwEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMzg3ODZlOWY3MGU2ZGI3NDIzMGQ3MjY3NWE0ODNiZDI0
ZWYyNTYwHhcNMjQwMTAxMTQzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2NkOTU0NTEyNmVhMjEwNzkwMzZmYWEzNGUxOGNmYWZmOTY1YmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiD9aLNZAO/bKfAz8lgeAQ7KN+DnG
YrOyMrNUi/9oGh5Xm91j8FJ83Bk/WrEobHLF1TW+G04pS9khl0X/9UXRSkxtZWay
fd9C3ThHywfuhRBZyVMHp544/f6PszFVldG/2uOm9EO7bG/nYFmt+NJRdC3szMHP
C0KgUtgsLGRytYUKuhzERqqY8VhImRNzOe7vn5det85CRzeQ+etJW83FaqHTHIjt
FTiShEHvCkMoWOgQg8YSGbhe4ogI7WwtnwO1qUrck9Whw3Ag8fneSVRusr/hmlTH
dELERddkUfBgoywO3jRgUVQXuCytBg0G1HPZLrZ+nTO2R5fJizk2nb3YQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDPNlUUSbqIQeQNvqjThjPr/llvHMB8GA1UdIwQY
MBaAFDI4eG6fcObbdCMNcmdaSDvSTvJWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWpoNGJwOXc1dHQwSXcxeVoxcElPOUpPOGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS85YTk1MDYtMjBkNC00YWI3LWI1NjMt
ZTJkM2Q5NGNjMjM4LzEvTTgyVlJSSnVvaEI1QTItcU5PR00tdi1XVzhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS85YTk1MDYtMjBkNC00YWI3LWI1NjMtZTJkM2Q5NGNjMjM4
LzEvTWpoNGJwOXc1dHQwSXcxeVoxcElPOUpPOGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufXwMA0E
AgACMAcDBQMqDW6AMA0GCSqGSIb3DQEBCwUAA4IBAQAQ7QhtE/f9/Ti9Y0BS6s1i
oAAuTmcpn9wtHQd57IwMXk+o3NhzkOlw05ELb0GU8W+gnJegKPPW3qofAOrvgX2K
lhxdytSz3BQdSdICX3VcFTYBtMNEI9GJObf49G9gfHxI8D8kca2m03z5soeI9ah0
4LsHqy4/h5Jx1lNrgMgc6Ep6dpJvAQaP3qDeU9LnkfPtQ1tvRpX7c1dENF+O0h5/
MxbylBKrP34T1arn5YJWmuHUPpvmuowZsPOgX0FUkDKyj/FYp55BeUESUjnYOfgf
8sKzhBTSqxUP/uNy4l+jG0jFEdEli20qisYYe7UMLSPgLApP+6R09Ng0S6mgbcoy
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:33:48 2024 by rpki-client on console-ams.rpki-client.org