Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/MQoy-ze9auOiRnYWkevo5ug6b74.roa
File: MQoy-ze9auOiRnYWkevo5ug6b74.roa (raw, json)
Hash identifier: e50zWSr9FAOpXTByWZCk9NzWnhOqRMc92RH7Gp5XlqE=
Subject key identifier: 31:0A:32:FB:37:BD:6A:E3:A2:46:76:16:91:EB:E8:E6:E8:3A:6F:BE
Certificate issuer: /CN=8c77013e488a09c709b632246d9405da458c5538
Certificate serial: 019426D9946CE95FFC258D2E3306547D5C20
Authority key identifier: 8C:77:01:3E:48:8A:09:C7:09:B6:32:24:6D:94:05:DA:45:8C:55:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jHcBPkiKCccJtjIkbZQF2kWMVTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/MQoy-ze9auOiRnYWkevo5ug6b74.roa
Signing time: Thu 02 Jan 2025 11:49:40 +0000
ROA not before: Thu 02 Jan 2025 11:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51184
IP address blocks: 91.206.8.0/23 maxlen: 24
116.204.196.0/22 maxlen: 24
178.251.64.0/21 maxlen: 24
185.17.12.0/22 maxlen: 24
185.68.248.0/22 maxlen: 24
185.128.244.0/22 maxlen: 24
185.129.172.0/22 maxlen: 24
193.238.236.0/22 maxlen: 24
217.116.176.0/20 maxlen: 24
2001:1b98::/32 maxlen: 48
2a02:1748::/32 maxlen: 48
2a06:d180::/29 maxlen: 48
2a06:d500::/29 maxlen: 48
2a0c:ad40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/jHcBPkiKCccJtjIkbZQF2kWMVTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/jHcBPkiKCccJtjIkbZQF2kWMVTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/jHcBPkiKCccJtjIkbZQF2kWMVTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:94:6c:e9:5f:fc:25:8d:2e:33:06:54:7d:5c:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c77013e488a09c709b632246d9405da458c5538
Validity
Not Before: Jan 2 11:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=310a32fb37bd6ae3a246761691ebe8e6e83a6fbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:4d:18:ba:09:bf:2a:c5:7a:af:08:c7:58:26:
8b:63:a5:3c:d1:7c:7c:28:a4:88:d0:4b:44:b5:ac:
90:82:ea:45:cb:04:d5:7d:81:e5:d8:69:7d:a1:e9:
20:b4:71:05:44:67:9a:70:a8:e3:38:ce:c6:0d:ea:
b0:c0:be:b8:98:c1:65:90:90:75:98:57:0e:00:36:
44:b6:a0:2b:60:6d:91:70:f8:b3:4b:bc:89:64:69:
7c:06:f7:35:18:f3:c3:33:f5:e4:f4:d4:d0:d6:bb:
ab:71:97:e4:da:ae:99:6a:e1:8e:e3:d7:a8:39:73:
f3:fb:2e:df:2e:af:af:1f:be:9f:d4:28:0c:e6:7a:
a8:18:ab:14:ca:4e:ec:09:53:c0:97:37:46:70:a1:
88:67:d3:9f:5e:b2:27:24:bf:cd:1a:7a:03:96:e0:
e9:34:f3:75:fe:7f:7a:f8:7c:13:81:7c:d0:c0:6a:
2d:0b:57:25:0e:c2:61:ad:a6:a2:8f:1d:0a:d1:10:
5f:18:cd:c8:5b:eb:18:6d:f6:08:6b:eb:1a:d5:b8:
bd:2e:1a:c4:55:fd:db:07:fb:42:5c:69:70:98:7f:
ba:f9:37:3c:61:ba:85:d4:f3:cb:6f:04:8e:c1:3e:
90:54:3b:38:ea:92:b4:4b:65:05:4b:e1:27:d0:77:
79:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:0A:32:FB:37:BD:6A:E3:A2:46:76:16:91:EB:E8:E6:E8:3A:6F:BE
X509v3 Authority Key Identifier:
keyid:8C:77:01:3E:48:8A:09:C7:09:B6:32:24:6D:94:05:DA:45:8C:55:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jHcBPkiKCccJtjIkbZQF2kWMVTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/MQoy-ze9auOiRnYWkevo5ug6b74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/jHcBPkiKCccJtjIkbZQF2kWMVTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.8.0/23
116.204.196.0/22
178.251.64.0/21
185.17.12.0/22
185.68.248.0/22
185.128.244.0/22
185.129.172.0/22
193.238.236.0/22
217.116.176.0/20
IPv6:
2001:1b98::/32
2a02:1748::/32
2a06:d180::/29
2a06:d500::/29
2a0c:ad40::/29
Signature Algorithm: sha256WithRSAEncryption
cc:6d:56:54:d4:09:ea:09:e1:9f:9a:ff:f9:ac:b6:59:30:cb:
e7:2d:f0:bf:39:00:21:92:73:dd:8d:c3:a2:93:95:80:13:d1:
fa:d0:64:81:8b:cd:5f:72:4f:b2:b4:47:51:36:40:41:27:70:
4c:af:c9:63:d2:54:69:8f:cf:e7:ed:49:b1:88:d5:62:28:6a:
3e:3d:30:78:e4:59:38:e6:16:d6:f1:14:11:2b:31:c8:52:ca:
24:ac:b2:2b:4d:23:b2:00:d1:b6:84:8d:c9:cf:fb:94:5f:71:
0c:91:be:4a:27:92:b5:d1:53:a2:dd:3b:70:53:34:44:c5:f9:
df:fb:6f:e7:60:d4:d9:d2:8f:69:34:f7:dd:5b:e0:9d:68:1c:
3a:02:b8:a8:59:5b:92:2e:03:f1:0e:5e:6e:77:10:6b:5a:ca:
0b:4c:9a:e2:cd:77:d1:55:95:3f:52:74:e5:13:5f:82:ba:a2:
44:6c:03:c0:77:59:9a:fc:24:08:f1:fd:56:b7:60:4f:20:20:
f9:44:3c:c9:34:62:20:1a:7f:1b:e4:e8:f1:67:9f:1a:95:78:
e6:7f:f5:e9:11:2a:d2:75:89:82:67:25:d7:73:b9:9f:37:16:
76:a2:6d:c2:14:18:1d:bc:5e:d4:f8:b0:fa:68:3a:00:90:f6:
52:1c:1d:40
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAZQm2ZRs6V/8JY0uMwZUfVwgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNzcwMTNlNDg4YTA5YzcwOWI2MzIyNDZkOTQwNWRhNDU4
YzU1MzgwHhcNMjUwMTAyMTE0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTBhMzJmYjM3YmQ2YWUzYTI0Njc2MTY5MWViZThlNmU4M2E2ZmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1U0Yugm/KsV6rwjHWCaLY6U80Xx8
KKSI0EtEtayQgupFywTVfYHl2Gl9oekgtHEFRGeacKjjOM7GDeqwwL64mMFlkJB1
mFcOADZEtqArYG2RcPizS7yJZGl8Bvc1GPPDM/Xk9NTQ1rurcZfk2q6ZauGO49eo
OXPz+y7fLq+vH76f1CgM5nqoGKsUyk7sCVPAlzdGcKGIZ9OfXrInJL/NGnoDluDp
NPN1/n96+HwTgXzQwGotC1clDsJhraaijx0K0RBfGM3IW+sYbfYIa+sa1bi9LhrE
Vf3bB/tCXGlwmH+6+Tc8YbqF1PPLbwSOwT6QVDs46pK0S2UFS+En0Hd5ZQIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFDEKMvs3vWrjokZ2FpHr6OboOm++MB8GA1UdIwQY
MBaAFIx3AT5IignHCbYyJG2UBdpFjFU4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakhjQlBraUtDY2NKdGpJa2JaUUYya1dNVlRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8xNjg1MDktMmNmMy00ODNkLWJjZDgt
MDIxMjk1MzNhMzNkLzEvTVFveS16ZTlhdU9pUm5ZV2tldm81dWc2Yjc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8xNjg1MDktMmNmMy00ODNkLWJjZDgtMDIxMjk1MzNhMzNk
LzEvakhjQlBraUtDY2NKdGpJa2JaUUYya1dNVlRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTA8BAIAATA2AwQBW84IAwQC
dMzEAwQDsvtAAwQCuREMAwQCuUT4AwQCuYD0AwQCuYGsAwQCwe7sAwQE2XSwMCkE
AgACMCMDBQAgARuYAwUAKgIXSAMFAyoG0YADBQMqBtUAAwUDKgytQDANBgkqhkiG
9w0BAQsFAAOCAQEAzG1WVNQJ6gnhn5r/+ay2WTDL5y3wvzkAIZJz3Y3DopOVgBPR
+tBkgYvNX3JPsrRHUTZAQSdwTK/JY9JUaY/P5+1JsYjVYihqPj0weORZOOYW1vEU
ESsxyFLKJKyyK00jsgDRtoSNyc/7lF9xDJG+SieStdFTot07cFM0RMX53/tv52DU
2dKPaTT33VvgnWgcOgK4qFlbki4D8Q5ebncQa1rKC0ya4s130VWVP1J05RNfgrqi
RGwDwHdZmvwkCPH9VrdgTyAg+UQ8yTRiIBp/G+To8WefGpV45n/16REq0nWJgmcl
13O5nzcWdqJtwhQYHbxe1Piw+mg6AJD2UhwdQA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 02:01:25 2025 by rpki-client