Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/8c07ae-de72-476a-8029-f0816e38adde/1/sMQQ4FuP6tab9r4nZKBnZAxE0b0.roa
File: sMQQ4FuP6tab9r4nZKBnZAxE0b0.roa (raw, json)
Hash identifier: VOSm48WErObx+J6QnWk5qqO2ceHWQZmU35SccKMgXQ8=
Subject key identifier: B0:C4:10:E0:5B:8F:EA:D6:9B:F6:BE:27:64:A0:67:64:0C:44:D1:BD
Certificate issuer: /CN=33410875ca78cc5e3d192e054a96df0302c7f97a
Certificate serial: 018CCA2B17D7D30A5083ABB110B4486DD698
Authority key identifier: 33:41:08:75:CA:78:CC:5E:3D:19:2E:05:4A:96:DF:03:02:C7:F9:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M0EIdcp4zF49GS4FSpbfAwLH-Xo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/8c07ae-de72-476a-8029-f0816e38adde/1/sMQQ4FuP6tab9r4nZKBnZAxE0b0.roa
Signing time: Tue 02 Jan 2024 12:34:30 +0000
ROA not before: Tue 02 Jan 2024 12:34:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196968
IP address blocks: 162.208.52.0/22 maxlen: 22
185.69.180.0/22 maxlen: 22
178.21.0.0/21 maxlen: 21
217.61.232.0/22 maxlen: 22
199.247.56.0/21 maxlen: 21
176.10.48.0/21 maxlen: 21
2a00:6e00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/8c07ae-de72-476a-8029-f0816e38adde/1/M0EIdcp4zF49GS4FSpbfAwLH-Xo.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/8c07ae-de72-476a-8029-f0816e38adde/1/M0EIdcp4zF49GS4FSpbfAwLH-Xo.mft
rsync://rpki.ripe.net/repository/DEFAULT/M0EIdcp4zF49GS4FSpbfAwLH-Xo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:17:d7:d3:0a:50:83:ab:b1:10:b4:48:6d:d6:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33410875ca78cc5e3d192e054a96df0302c7f97a
Validity
Not Before: Jan 2 12:34:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0c410e05b8fead69bf6be2764a067640c44d1bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2c:c5:91:e7:d3:d6:35:0f:5d:8d:f3:35:fc:
dc:8f:a8:ee:4f:0a:f6:62:ff:65:bb:0a:bf:43:b0:
65:cc:ed:85:75:fd:72:93:38:f9:4f:92:f1:49:26:
1d:ae:e1:42:ed:91:8f:cf:f3:37:da:09:c7:ad:5c:
0d:fa:d0:cc:f6:25:cd:1f:d0:09:7c:c0:8e:98:15:
57:fa:aa:98:d5:71:20:e5:ad:d2:a0:e7:26:6e:ee:
25:e7:3a:c1:6c:55:09:76:de:88:ff:5d:ed:b4:e1:
d3:64:cf:d8:dc:54:d6:df:75:9a:f6:c1:47:6c:ee:
49:c1:06:78:0d:03:1c:f4:a5:47:58:01:3b:49:1e:
db:6d:e8:6b:bb:17:a4:78:38:2c:26:57:4e:9a:a1:
b4:0c:51:cb:a1:3b:c8:86:73:f4:d8:d3:68:84:e3:
b3:21:9d:8d:4e:f5:c9:0c:94:02:78:4a:b7:4c:23:
e5:b9:8a:41:4e:8c:23:2f:20:b9:19:28:84:c4:de:
42:c2:32:9f:fa:8f:8c:0f:69:9f:7e:b8:0d:7b:54:
14:a7:56:7f:20:46:4c:ca:19:df:99:a5:6f:39:3e:
8f:1a:98:32:ea:27:8d:10:b6:e4:6a:5b:ea:92:fd:
73:da:37:27:78:dc:ea:e7:12:ba:33:7c:5c:0b:92:
2b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:C4:10:E0:5B:8F:EA:D6:9B:F6:BE:27:64:A0:67:64:0C:44:D1:BD
X509v3 Authority Key Identifier:
keyid:33:41:08:75:CA:78:CC:5E:3D:19:2E:05:4A:96:DF:03:02:C7:F9:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M0EIdcp4zF49GS4FSpbfAwLH-Xo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/8c07ae-de72-476a-8029-f0816e38adde/1/sMQQ4FuP6tab9r4nZKBnZAxE0b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/8c07ae-de72-476a-8029-f0816e38adde/1/M0EIdcp4zF49GS4FSpbfAwLH-Xo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
162.208.52.0/22
176.10.48.0/21
178.21.0.0/21
185.69.180.0/22
199.247.56.0/21
217.61.232.0/22
IPv6:
2a00:6e00::/32
Signature Algorithm: sha256WithRSAEncryption
18:11:51:61:3e:45:15:2a:c8:be:62:1f:fc:9f:18:f2:4c:03:
2e:52:fa:4c:88:e7:41:24:42:05:38:05:c7:d7:a8:9e:70:b5:
59:38:c8:cc:be:02:73:91:e9:93:14:e0:d2:3a:38:6e:05:8e:
4d:6d:6c:8c:4d:b7:8e:45:1d:3b:ca:37:10:cf:f3:e4:80:23:
7e:e2:41:e8:34:b2:f5:96:06:27:d8:01:a4:2a:24:3f:8b:db:
3a:69:35:ef:01:f1:6f:89:11:44:05:f4:e1:fe:60:d0:55:7a:
6d:cd:bd:a4:39:81:5e:6a:d9:aa:e0:3d:0a:cf:0e:84:25:0c:
d4:43:81:19:a6:a8:94:eb:b2:16:a5:15:4a:67:19:31:7b:43:
06:e8:00:83:a2:2c:26:b4:31:99:70:34:b7:b4:23:54:34:e2:
f1:58:85:7a:e2:32:1a:c2:c9:4e:52:3b:59:e8:0f:58:1a:39:
0d:64:b0:f3:21:ca:fe:51:b5:5a:ba:dc:1f:b7:59:16:19:30:
02:a4:6c:b1:39:fa:98:3c:02:87:2c:09:99:4a:36:5f:d1:f1:
76:78:81:0a:66:20:1e:f0:51:01:aa:50:89:51:53:0f:f7:96:
aa:16:90:d2:31:36:92:fe:4d:4a:01:ee:96:98:1c:6d:5b:27:
e4:86:b2:ff
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzKKxfX0wpQg6uxELRIbdaYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNDEwODc1Y2E3OGNjNWUzZDE5MmUwNTRhOTZkZjAzMDJj
N2Y5N2EwHhcNMjQwMTAyMTIzNDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGM0MTBlMDViOGZlYWQ2OWJmNmJlMjc2NGEwNjc2NDBjNDRkMWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryzFkefT1jUPXY3zNfzcj6juTwr2
Yv9luwq/Q7BlzO2Fdf1ykzj5T5LxSSYdruFC7ZGPz/M32gnHrVwN+tDM9iXNH9AJ
fMCOmBVX+qqY1XEg5a3SoOcmbu4l5zrBbFUJdt6I/13ttOHTZM/Y3FTW33Wa9sFH
bO5JwQZ4DQMc9KVHWAE7SR7bbehruxekeDgsJldOmqG0DFHLoTvIhnP02NNohOOz
IZ2NTvXJDJQCeEq3TCPluYpBTowjLyC5GSiExN5CwjKf+o+MD2mffrgNe1QUp1Z/
IEZMyhnfmaVvOT6PGpgy6ieNELbkalvqkv1z2jcneNzq5xK6M3xcC5IrFwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLDEEOBbj+rWm/a+J2SgZ2QMRNG9MB8GA1UdIwQY
MBaAFDNBCHXKeMxePRkuBUqW3wMCx/l6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTBFSWRjcDR6RjQ5R1M0RlNwYmZBd0xILVhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84YzA3YWUtZGU3Mi00NzZhLTgwMjkt
ZjA4MTZlMzhhZGRlLzEvc01RUTRGdVA2dGFiOXI0blpLQm5aQXhFMGIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84YzA3YWUtZGU3Mi00NzZhLTgwMjktZjA4MTZlMzhhZGRl
LzEvTTBFSWRjcDR6RjQ5R1M0RlNwYmZBd0xILVhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCotA0AwQD
sAowAwQDshUAAwQCuUW0AwQDx/c4AwQC2T3oMA0EAgACMAcDBQAqAG4AMA0GCSqG
SIb3DQEBCwUAA4IBAQAYEVFhPkUVKsi+Yh/8nxjyTAMuUvpMiOdBJEIFOAXH16ie
cLVZOMjMvgJzkemTFODSOjhuBY5NbWyMTbeORR07yjcQz/PkgCN+4kHoNLL1lgYn
2AGkKiQ/i9s6aTXvAfFviRFEBfTh/mDQVXptzb2kOYFeatmq4D0Kzw6EJQzUQ4EZ
pqiU67IWpRVKZxkxe0MG6ACDoiwmtDGZcDS3tCNUNOLxWIV64jIawslOUjtZ6A9Y
GjkNZLDzIcr+UbVautwft1kWGTACpGyxOfqYPAKHLAmZSjZf0fF2eIEKZiAe8FEB
qlCJUVMP95aqFpDSMTaS/k1KAe6WmBxtWyfkhrL/
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:07:55 2024 by rpki-client on console-fra.rpki-client.org