Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/MKk7qhfDIivXkUiKToqwYo6mF50.roa
File: MKk7qhfDIivXkUiKToqwYo6mF50.roa (raw, json)
Hash identifier: PgGFv1SbxWcAA3ouyDIq8STID1zgNS8Z3onlFirs0D0=
Subject key identifier: 30:A9:3B:AA:17:C3:22:2B:D7:91:48:8A:4E:8A:B0:62:8E:A6:17:9D
Certificate issuer: /CN=d36bfd928bccb42ad9c468a552ab7393fdd87095
Certificate serial: 018DA7DB9425EF991B9D97FAC57829573280
Authority key identifier: D3:6B:FD:92:8B:CC:B4:2A:D9:C4:68:A5:52:AB:73:93:FD:D8:70:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02v9kovMtCrZxGilUqtzk_3YcJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/MKk7qhfDIivXkUiKToqwYo6mF50.roa
Signing time: Wed 14 Feb 2024 13:43:21 +0000
ROA not before: Wed 14 Feb 2024 13:43:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29063
IP address blocks: 83.138.0.0/21 maxlen: 24
212.25.192.0/20 maxlen: 24
212.25.212.0/23 maxlen: 24
212.159.192.0/19 maxlen: 24
212.159.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/02v9kovMtCrZxGilUqtzk_3YcJU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/02v9kovMtCrZxGilUqtzk_3YcJU.mft
rsync://rpki.ripe.net/repository/DEFAULT/02v9kovMtCrZxGilUqtzk_3YcJU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:db:94:25:ef:99:1b:9d:97:fa:c5:78:29:57:32:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d36bfd928bccb42ad9c468a552ab7393fdd87095
Validity
Not Before: Feb 14 13:43:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30a93baa17c3222bd791488a4e8ab0628ea6179d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e2:19:57:e5:3a:c3:7d:30:aa:a9:fc:27:29:
2d:c4:68:be:68:cc:70:11:d1:53:fd:6d:04:f5:fb:
b6:ae:6f:55:c9:e6:1f:bd:5a:8b:e7:b6:a2:1c:49:
46:a2:02:4f:72:f0:1b:21:6e:aa:e0:88:eb:03:96:
9f:d1:99:14:82:0e:89:da:e0:f6:7c:cf:86:af:41:
e6:c2:78:97:fb:22:c2:15:2a:fb:2e:02:7e:eb:ed:
43:07:48:1d:96:66:4a:c8:37:7d:79:52:39:a3:75:
e0:52:1a:c6:87:3f:08:dc:63:56:5e:4b:e2:78:a2:
e2:2f:9d:4b:3c:94:b7:83:0a:f2:6a:3f:9e:e2:4b:
ec:4b:c6:67:2f:b7:eb:46:0c:d8:37:32:c8:9a:68:
37:9a:c4:bb:05:fd:71:8b:1f:ba:e0:98:ad:52:c9:
ec:67:a7:50:68:3e:76:d8:6b:00:1b:63:d3:f2:0b:
2a:56:c1:9e:d1:83:35:3b:ba:ee:a9:65:94:12:0e:
4b:e4:5f:60:03:d4:2a:1a:13:6e:40:e3:53:e9:ba:
07:8f:51:31:08:e0:13:cb:2f:5f:98:d0:de:4e:78:
8a:ae:23:00:a7:b7:1b:1e:0b:c6:7d:87:28:ed:44:
60:5f:f2:11:b0:e9:79:0c:08:a3:3c:a7:4d:89:34:
a1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:A9:3B:AA:17:C3:22:2B:D7:91:48:8A:4E:8A:B0:62:8E:A6:17:9D
X509v3 Authority Key Identifier:
keyid:D3:6B:FD:92:8B:CC:B4:2A:D9:C4:68:A5:52:AB:73:93:FD:D8:70:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02v9kovMtCrZxGilUqtzk_3YcJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/MKk7qhfDIivXkUiKToqwYo6mF50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/c7aa2a-090c-4f77-9d69-a74e4a887804/1/02v9kovMtCrZxGilUqtzk_3YcJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.138.0.0/21
212.25.192.0/20
212.25.212.0/23
212.159.192.0/18
Signature Algorithm: sha256WithRSAEncryption
1f:16:c8:08:ef:cf:48:26:ac:c9:db:34:b4:13:19:79:72:b3:
61:64:c1:47:3f:12:90:b6:21:d9:8f:4d:67:60:7d:65:1e:c0:
49:8d:a1:06:55:00:52:b7:19:11:c6:fc:2b:b7:d4:69:26:1b:
f6:68:a4:09:fe:86:90:72:b7:1f:24:db:97:8b:f5:7d:da:93:
b3:47:4c:65:c3:4b:ff:fc:8f:33:00:b3:c1:a4:09:e3:61:06:
52:ab:54:ed:93:9d:db:c9:92:48:1c:ed:c1:a0:51:21:a2:47:
c1:ea:17:29:6d:82:76:c2:77:bc:b8:9d:60:de:e1:06:c9:82:
dc:ca:9e:52:b3:93:4f:ea:72:b3:c2:9d:16:b8:e1:34:0c:3f:
1a:f7:aa:06:f8:b3:fa:f5:81:df:c6:e5:46:97:50:2f:75:44:
c0:8a:32:58:a1:e2:16:db:dd:1e:b6:3c:61:1a:ff:6e:11:e4:
b9:33:5c:e0:40:96:a6:8b:6c:80:9e:f8:73:e2:e7:7a:99:4c:
4c:a8:bd:41:98:d1:4e:53:6b:36:8a:eb:8d:86:79:cb:7d:32:
e7:9e:8f:d4:8c:f5:24:f3:84:8e:bb:78:4c:53:37:46:31:90:
27:04:d6:c9:74:45:65:31:35:5b:5c:10:a6:1e:d4:f0:71:62:
30:6e:95:4f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY2n25Ql75kbnZf6xXgpVzKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNmJmZDkyOGJjY2I0MmFkOWM0NjhhNTUyYWI3MzkzZmRk
ODcwOTUwHhcNMjQwMjE0MTM0MzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGE5M2JhYTE3YzMyMjJiZDc5MTQ4OGE0ZThhYjA2MjhlYTYxNzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneIZV+U6w30wqqn8JyktxGi+aMxw
EdFT/W0E9fu2rm9VyeYfvVqL57aiHElGogJPcvAbIW6q4IjrA5af0ZkUgg6J2uD2
fM+Gr0HmwniX+yLCFSr7LgJ+6+1DB0gdlmZKyDd9eVI5o3XgUhrGhz8I3GNWXkvi
eKLiL51LPJS3gwryaj+e4kvsS8ZnL7frRgzYNzLImmg3msS7Bf1xix+64JitUsns
Z6dQaD522GsAG2PT8gsqVsGe0YM1O7ruqWWUEg5L5F9gA9QqGhNuQONT6boHj1Ex
COATyy9fmNDeTniKriMAp7cbHgvGfYco7URgX/IRsOl5DAijPKdNiTShRwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDCpO6oXwyIr15FIik6KsGKOphedMB8GA1UdIwQY
MBaAFNNr/ZKLzLQq2cRopVKrc5P92HCVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJ2OWtvdk10Q3JaeEdpbFVxdHprXzNZY0pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9jN2FhMmEtMDkwYy00Zjc3LTlkNjkt
YTc0ZTRhODg3ODA0LzEvTUtrN3FoZkRJaXZYa1VpS1RvcXdZbzZtRjUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9jN2FhMmEtMDkwYy00Zjc3LTlkNjktYTc0ZTRhODg3ODA0
LzEvMDJ2OWtvdk10Q3JaeEdpbFVxdHprXzNZY0pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDU4oAAwQE
1BnAAwQB1BnUAwQG1J/AMA0GCSqGSIb3DQEBCwUAA4IBAQAfFsgI789IJqzJ2zS0
Exl5crNhZMFHPxKQtiHZj01nYH1lHsBJjaEGVQBStxkRxvwrt9RpJhv2aKQJ/oaQ
crcfJNuXi/V92pOzR0xlw0v//I8zALPBpAnjYQZSq1Ttk53byZJIHO3BoFEhokfB
6hcpbYJ2wne8uJ1g3uEGyYLcyp5Ss5NP6nKzwp0WuOE0DD8a96oG+LP69YHfxuVG
l1AvdUTAijJYoeIW290etjxhGv9uEeS5M1zgQJami2yAnvhz4ud6mUxMqL1BmNFO
U2s2iuuNhnnLfTLnno/UjPUk84SOu3hMUzdGMZAnBNbJdEVlMTVbXBCmHtTwcWIw
bpVP
-----END CERTIFICATE-----
Generated at Sat May 11 15:47:38 2024 by rpki-client on console-fra.rpki-client.org