Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/msYggzHFe-pP8-gJYimbbCq9UyI.roa
File: msYggzHFe-pP8-gJYimbbCq9UyI.roa (raw, json)
Hash identifier: XISeGGw817R/9OfQpPMedHLAojxcRYepJDAc341WQdQ=
Subject key identifier: 9A:C6:20:83:31:C5:7B:EA:4F:F3:E8:09:62:29:9B:6C:2A:BD:53:22
Certificate issuer: /CN=d3c35bc9b7f8550be3e467c54a9d3a66e2443bd4
Certificate serial: 018CC34894D122F8D15B764753DC3EF22AC6
Authority key identifier: D3:C3:5B:C9:B7:F8:55:0B:E3:E4:67:C5:4A:9D:3A:66:E2:44:3B:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08Nbybf4VQvj5GfFSp06ZuJEO9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/msYggzHFe-pP8-gJYimbbCq9UyI.roa
Signing time: Mon 01 Jan 2024 04:29:22 +0000
ROA not before: Mon 01 Jan 2024 04:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62020
IP address blocks: 91.246.55.0/24 maxlen: 24
45.159.12.0/24 maxlen: 24
45.159.15.0/24 maxlen: 24
45.159.13.0/24 maxlen: 24
185.9.0.0/22 maxlen: 22
2a03:4440::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/08Nbybf4VQvj5GfFSp06ZuJEO9Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/08Nbybf4VQvj5GfFSp06ZuJEO9Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/08Nbybf4VQvj5GfFSp06ZuJEO9Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 May 2024 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:94:d1:22:f8:d1:5b:76:47:53:dc:3e:f2:2a:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3c35bc9b7f8550be3e467c54a9d3a66e2443bd4
Validity
Not Before: Jan 1 04:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ac6208331c57bea4ff3e80962299b6c2abd5322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:92:a9:d1:ed:ad:d6:ac:43:7c:81:2d:47:d0:
a0:d7:16:b3:06:a0:64:fe:e0:13:48:25:8a:7f:cd:
15:00:57:59:b1:8c:cb:bb:4e:42:eb:07:72:bb:f1:
fc:05:99:05:ca:e3:ba:9e:8b:6c:5a:65:ed:34:60:
d4:70:b4:23:da:2d:58:0f:c4:5d:d7:92:de:94:71:
25:6f:d8:4a:d5:69:8e:6d:75:9d:f2:1f:92:9c:3b:
fa:fb:ca:4d:7c:b1:b7:50:85:12:4c:28:85:65:08:
81:b8:ec:59:99:4d:20:38:16:19:f3:a0:1d:d0:18:
37:12:8d:29:a2:62:dd:c4:7b:c9:c9:32:db:27:e5:
e6:9b:95:b2:ca:dc:2c:11:3f:e5:7d:db:5f:06:08:
a3:53:90:20:2c:74:a8:04:a2:1d:df:b5:fb:d0:94:
a6:e6:d1:74:b8:70:ba:d7:bf:63:d3:6a:ae:fa:dc:
53:cb:e1:fe:30:81:0d:6a:ff:f7:dd:db:ae:64:7d:
c3:3a:93:67:9a:dd:a4:9b:ef:89:a4:5e:26:dc:7c:
c6:48:d4:33:01:7a:37:19:b2:c0:85:38:af:76:43:
86:fb:90:3c:f1:ce:56:bb:29:3f:11:79:81:66:77:
cb:68:46:30:7e:8e:8d:21:dd:da:9b:8e:13:d9:f2:
d4:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:C6:20:83:31:C5:7B:EA:4F:F3:E8:09:62:29:9B:6C:2A:BD:53:22
X509v3 Authority Key Identifier:
keyid:D3:C3:5B:C9:B7:F8:55:0B:E3:E4:67:C5:4A:9D:3A:66:E2:44:3B:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08Nbybf4VQvj5GfFSp06ZuJEO9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/msYggzHFe-pP8-gJYimbbCq9UyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/08Nbybf4VQvj5GfFSp06ZuJEO9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.12.0/23
45.159.15.0/24
91.246.55.0/24
185.9.0.0/22
IPv6:
2a03:4440::/32
Signature Algorithm: sha256WithRSAEncryption
3f:0d:13:30:de:a2:2e:15:8b:1c:17:0b:f0:13:2c:95:5b:67:
a0:64:7c:4f:69:4f:53:7d:d4:05:52:96:50:04:ce:73:38:6b:
7f:5c:c4:f4:6b:f1:7c:23:0f:5d:ec:f5:69:7c:c4:be:b9:c9:
7c:bc:9b:1e:62:54:4d:5a:30:69:49:be:3e:d1:d1:18:47:66:
ab:b8:6a:41:4d:37:d8:04:f8:b8:52:63:88:fa:e5:6a:c5:81:
10:79:ee:36:c6:91:1d:48:f1:31:0d:b6:9d:d9:f2:96:19:8b:
55:f1:3e:b3:a0:d3:e6:8b:10:95:50:07:f8:b8:5d:54:a7:d6:
e3:1a:61:b1:72:6f:e8:47:b5:db:5f:28:22:13:e0:c8:12:ee:
be:7b:13:3c:56:2e:27:45:a8:c8:b3:d9:ff:b2:11:fb:10:6d:
16:22:70:a6:5c:b8:7e:42:66:71:92:a7:6c:c9:1a:c6:6f:cd:
2a:84:32:4a:c6:20:1b:4a:27:3e:62:6e:56:f1:e0:c2:49:3e:
4c:39:73:27:c8:49:07:34:cf:d0:4b:b9:1d:b6:82:c5:5c:ee:
f3:6d:30:67:45:5b:51:92:80:a0:0c:21:f6:ea:08:ee:9b:42:
e0:b7:70:7f:9c:9c:a5:65:6d:b1:b7:57:4b:36:a7:d9:86:44:
34:93:be:71
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzDSJTRIvjRW3ZHU9w+8irGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYzM1YmM5YjdmODU1MGJlM2U0NjdjNTRhOWQzYTY2ZTI0
NDNiZDQwHhcNMjQwMTAxMDQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWM2MjA4MzMxYzU3YmVhNGZmM2U4MDk2MjI5OWI2YzJhYmQ1MzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJKp0e2t1qxDfIEtR9Cg1xazBqBk
/uATSCWKf80VAFdZsYzLu05C6wdyu/H8BZkFyuO6notsWmXtNGDUcLQj2i1YD8Rd
15LelHElb9hK1WmObXWd8h+SnDv6+8pNfLG3UIUSTCiFZQiBuOxZmU0gOBYZ86Ad
0Bg3Eo0pomLdxHvJyTLbJ+Xmm5WyytwsET/lfdtfBgijU5AgLHSoBKId37X70JSm
5tF0uHC6179j02qu+txTy+H+MIENav/33duuZH3DOpNnmt2km++JpF4m3HzGSNQz
AXo3GbLAhTivdkOG+5A88c5Wuyk/EXmBZnfLaEYwfo6NId3am44T2fLUMQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJrGIIMxxXvqT/PoCWIpm2wqvVMiMB8GA1UdIwQY
MBaAFNPDW8m3+FUL4+RnxUqdOmbiRDvUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDhOYnliZjRWUXZqNUdmRlNwMDZadUpFTzlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84YmE4YmItYzFjMC00ZDM1LTkwYTct
Y2RhNWMzNzY2ZjAzLzEvbXNZZ2d6SEZlLXBQOC1nSllpbWJiQ3E5VXlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy84YmE4YmItYzFjMC00ZDM1LTkwYTctY2RhNWMzNzY2ZjAz
LzEvMDhOYnliZjRWUXZqNUdmRlNwMDZadUpFTzlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBLZ8MAwQA
LZ8PAwQAW/Y3AwQCuQkAMA0EAgACMAcDBQAqA0RAMA0GCSqGSIb3DQEBCwUAA4IB
AQA/DRMw3qIuFYscFwvwEyyVW2egZHxPaU9TfdQFUpZQBM5zOGt/XMT0a/F8Iw9d
7PVpfMS+ucl8vJseYlRNWjBpSb4+0dEYR2aruGpBTTfYBPi4UmOI+uVqxYEQee42
xpEdSPExDbad2fKWGYtV8T6zoNPmixCVUAf4uF1Up9bjGmGxcm/oR7XbXygiE+DI
Eu6+exM8Vi4nRajIs9n/shH7EG0WInCmXLh+QmZxkqdsyRrGb80qhDJKxiAbSic+
Ym5W8eDCST5MOXMnyEkHNM/QS7kdtoLFXO7zbTBnRVtRkoCgDCH26gjum0Lgt3B/
nJylZW2xt1dLNqfZhkQ0k75x
-----END CERTIFICATE-----
Generated at Thu May 23 16:54:52 2024 by rpki-client on console-ams.rpki-client.org