Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/cee70d-8b52-4c11-a77c-074305735ac2/1/mHVrRmnmpgzQHjpuCArGDIWBdcs.roa
File: mHVrRmnmpgzQHjpuCArGDIWBdcs.roa (raw, json)
Hash identifier: JQ9KMlTRuZRd36ML4JtAuzDABHW1IytKLfnmS7P3W0U=
Subject key identifier: 98:75:6B:46:69:E6:A6:0C:D0:1E:3A:6E:08:0A:C6:0C:85:81:75:CB
Certificate issuer: /CN=c57e58c346e7b415550c13aeadd2cf90edd07895
Certificate serial: 018CC5012C89BA94035F6AD8261C83549A63
Authority key identifier: C5:7E:58:C3:46:E7:B4:15:55:0C:13:AE:AD:D2:CF:90:ED:D0:78:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xX5Yw0bntBVVDBOurdLPkO3QeJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/cee70d-8b52-4c11-a77c-074305735ac2/1/mHVrRmnmpgzQHjpuCArGDIWBdcs.roa
Signing time: Mon 01 Jan 2024 12:30:37 +0000
ROA not before: Mon 01 Jan 2024 12:30:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39611
IP address blocks: 185.49.24.0/24 maxlen: 24
185.49.25.0/24 maxlen: 24
185.49.26.0/24 maxlen: 24
185.49.27.0/24 maxlen: 24
213.207.39.0/24 maxlen: 24
213.207.40.0/24 maxlen: 24
213.207.40.0/22 maxlen: 22
213.207.43.0/24 maxlen: 24
213.207.41.0/24 maxlen: 24
213.207.42.0/24 maxlen: 24
213.207.44.0/22 maxlen: 22
213.207.44.0/24 maxlen: 24
213.207.45.0/24 maxlen: 24
213.207.46.0/24 maxlen: 24
213.207.47.0/24 maxlen: 24
213.207.48.0/21 maxlen: 21
213.207.48.0/20 maxlen: 20
213.207.50.0/24 maxlen: 24
213.207.48.0/24 maxlen: 24
213.207.48.0/22 maxlen: 22
213.207.49.0/24 maxlen: 24
213.207.51.0/24 maxlen: 24
213.207.55.0/24 maxlen: 24
213.207.57.0/24 maxlen: 24
213.207.52.0/22 maxlen: 22
213.207.53.0/24 maxlen: 24
213.207.54.0/24 maxlen: 24
213.207.52.0/24 maxlen: 24
213.207.56.0/22 maxlen: 22
213.207.56.0/21 maxlen: 21
213.207.56.0/24 maxlen: 24
213.207.58.0/24 maxlen: 24
213.207.60.0/24 maxlen: 24
213.207.60.0/22 maxlen: 22
213.207.61.0/24 maxlen: 24
213.207.59.0/24 maxlen: 24
213.207.63.0/24 maxlen: 24
213.207.62.0/24 maxlen: 24
213.207.37.0/24 maxlen: 24
213.207.38.0/24 maxlen: 24
213.207.35.0/24 maxlen: 24
213.207.32.0/22 maxlen: 22
213.207.32.0/24 maxlen: 24
213.207.33.0/24 maxlen: 24
213.207.34.0/24 maxlen: 24
213.207.32.0/19 maxlen: 19
213.207.32.0/20 maxlen: 20
213.207.36.0/22 maxlen: 22
213.207.36.0/24 maxlen: 24
2a01:9d24::/31 maxlen: 31
2a01:9d20::/29 maxlen: 29
2a01:9d22::/31 maxlen: 31
2a01:9d20::/31 maxlen: 31
2a01:9d26::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/cee70d-8b52-4c11-a77c-074305735ac2/1/xX5Yw0bntBVVDBOurdLPkO3QeJU.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/cee70d-8b52-4c11-a77c-074305735ac2/1/xX5Yw0bntBVVDBOurdLPkO3QeJU.mft
rsync://rpki.ripe.net/repository/DEFAULT/xX5Yw0bntBVVDBOurdLPkO3QeJU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Dec 2024 03:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:2c:89:ba:94:03:5f:6a:d8:26:1c:83:54:9a:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c57e58c346e7b415550c13aeadd2cf90edd07895
Validity
Not Before: Jan 1 12:30:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98756b4669e6a60cd01e3a6e080ac60c858175cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7e:c0:bf:93:4e:d5:78:aa:50:38:42:3f:62:
82:ad:37:9a:38:6e:f6:03:c9:75:b3:b5:b8:d9:7c:
e8:1a:fe:f7:4d:b1:da:57:31:9e:22:bf:9e:68:2f:
8e:b9:cc:74:4d:86:80:c9:86:af:b7:98:86:de:1c:
ee:f0:dc:a6:db:92:37:04:8b:15:b4:32:c7:16:a1:
3d:a3:8f:97:1a:77:95:9a:b1:a0:74:7d:62:e1:e8:
2f:2c:77:d5:85:4f:9b:da:7b:bd:05:b6:35:15:11:
ed:9c:d1:ad:ba:ea:2f:43:aa:2b:e4:c3:0f:cb:6c:
ac:05:34:c8:ac:4c:14:55:4c:99:39:d2:67:43:bb:
f7:18:07:4d:22:62:0a:97:00:8a:e9:18:18:cb:b3:
fc:68:a4:44:3b:74:55:b7:6e:69:21:8a:33:e5:28:
90:cd:0d:f0:9e:14:ff:d7:ac:ec:ad:9b:8e:53:54:
f1:d5:95:a3:14:80:09:11:17:2e:b8:99:32:c1:cf:
4f:97:bd:19:b3:74:c7:6a:f6:35:c8:af:95:2b:82:
02:c4:ed:bb:4a:f9:56:f0:e9:e8:b0:af:53:b5:3e:
57:8e:3f:e1:f5:71:ca:8f:c5:c2:7a:cc:b7:e1:88:
4d:92:d5:55:6b:6b:00:45:94:4d:27:34:03:4d:cb:
b4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:75:6B:46:69:E6:A6:0C:D0:1E:3A:6E:08:0A:C6:0C:85:81:75:CB
X509v3 Authority Key Identifier:
keyid:C5:7E:58:C3:46:E7:B4:15:55:0C:13:AE:AD:D2:CF:90:ED:D0:78:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xX5Yw0bntBVVDBOurdLPkO3QeJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/cee70d-8b52-4c11-a77c-074305735ac2/1/mHVrRmnmpgzQHjpuCArGDIWBdcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/cee70d-8b52-4c11-a77c-074305735ac2/1/xX5Yw0bntBVVDBOurdLPkO3QeJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.24.0/22
213.207.32.0/19
IPv6:
2a01:9d20::/29
Signature Algorithm: sha256WithRSAEncryption
8c:2c:02:ad:8b:6e:b4:4d:f2:e9:bb:a8:d7:72:9a:d3:3d:91:
b1:ad:93:9b:d0:02:c2:1b:e6:1e:7b:48:f8:f5:e4:0d:53:fc:
00:03:bc:0f:eb:44:7c:04:b5:dd:fe:6b:c2:ca:56:57:ae:82:
7f:44:cc:cb:cf:fb:a8:c0:7b:66:64:99:6f:98:1e:5e:80:82:
2a:35:72:41:b5:1c:e7:30:21:a1:5a:ef:68:ef:26:7a:a1:63:
95:77:16:56:84:70:c1:ee:00:fa:2b:49:56:94:86:74:b8:bb:
de:52:c2:db:45:71:1e:d5:47:1b:12:35:a6:37:27:2c:4e:c0:
62:7c:23:5f:b8:52:e4:85:90:cd:a2:d5:9d:7b:73:bd:36:a2:
88:d4:64:84:4e:49:46:a8:e9:3a:ab:5b:a2:7a:01:ec:8a:70:
78:d2:36:f0:46:0c:c2:7b:3e:77:03:cf:ce:e6:06:cf:e3:fb:
58:a5:9a:74:15:c8:5b:68:fb:97:a8:07:a4:09:4c:10:79:35:
4c:56:b1:ed:c4:8d:d5:f9:d1:39:b1:28:d2:f9:78:0e:9f:61:
bb:d7:0b:c4:f8:89:0b:53:06:fb:64:8a:30:54:fb:ab:fd:2c:
ba:3b:2f:6b:9b:5a:eb:a4:4a:8a:8e:53:13:ac:fd:c4:86:ef:
e6:a1:12:5b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFASyJupQDX2rYJhyDVJpjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1N2U1OGMzNDZlN2I0MTU1NTBjMTNhZWFkZDJjZjkwZWRk
MDc4OTUwHhcNMjQwMTAxMTIzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODc1NmI0NjY5ZTZhNjBjZDAxZTNhNmUwODBhYzYwYzg1ODE3NWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApH7Av5NO1XiqUDhCP2KCrTeaOG72
A8l1s7W42XzoGv73TbHaVzGeIr+eaC+Oucx0TYaAyYavt5iG3hzu8Nym25I3BIsV
tDLHFqE9o4+XGneVmrGgdH1i4egvLHfVhU+b2nu9BbY1FRHtnNGtuuovQ6or5MMP
y2ysBTTIrEwUVUyZOdJnQ7v3GAdNImIKlwCK6RgYy7P8aKREO3RVt25pIYoz5SiQ
zQ3wnhT/16zsrZuOU1Tx1ZWjFIAJERcuuJkywc9Pl70Zs3THavY1yK+VK4ICxO27
SvlW8OnosK9TtT5Xjj/h9XHKj8XCesy34YhNktVVa2sARZRNJzQDTcu0jQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJh1a0Zp5qYM0B46bggKxgyFgXXLMB8GA1UdIwQY
MBaAFMV+WMNG57QVVQwTrq3Sz5Dt0HiVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFg1WXcwYm50QlZWREJPdXJkTFBrTzNRZUpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9jZWU3MGQtOGI1Mi00YzExLWE3N2Mt
MDc0MzA1NzM1YWMyLzEvbUhWclJtbm1wZ3pRSGpwdUNBckdESVdCZGNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9jZWU3MGQtOGI1Mi00YzExLWE3N2MtMDc0MzA1NzM1YWMy
LzEveFg1WXcwYm50QlZWREJPdXJkTFBrTzNRZUpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuTEYAwQF
1c8gMA0EAgACMAcDBQMqAZ0gMA0GCSqGSIb3DQEBCwUAA4IBAQCMLAKti260TfLp
u6jXcprTPZGxrZOb0ALCG+Yee0j49eQNU/wAA7wP60R8BLXd/mvCylZXroJ/RMzL
z/uowHtmZJlvmB5egIIqNXJBtRznMCGhWu9o7yZ6oWOVdxZWhHDB7gD6K0lWlIZ0
uLveUsLbRXEe1UcbEjWmNycsTsBifCNfuFLkhZDNotWde3O9NqKI1GSETklGqOk6
q1uiegHsinB40jbwRgzCez53A8/O5gbP4/tYpZp0FchbaPuXqAekCUwQeTVMVrHt
xI3V+dE5sSjS+XgOn2G71wvE+IkLUwb7ZIowVPur/Sy6Oy9rm1rrpEqKjlMTrP3E
hu/moRJb
-----END CERTIFICATE-----
Generated at Sun Dec 29 10:23:30 2024 by rpki-client on console-fra.rpki-client.org