Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/89757a-911a-41b7-bad1-6cd51c84c015/1/MCg1JBf40Hl__0sa-ou1MaqBLds.roa
File: MCg1JBf40Hl__0sa-ou1MaqBLds.roa (raw, json)
Hash identifier: Lxw16xNZMlDLnFUdQ22YV0IJyqqBClTo7d4n3+Fk18A=
Subject key identifier: 30:28:35:24:17:F8:D0:79:7F:FF:4B:1A:FA:8B:B5:31:AA:81:2D:DB
Certificate issuer: /CN=7b26cfcda397163d835c897adea9071e61c8bc4d
Certificate serial: 018D6629C03497B04E0CBF41E44B26CC564B
Authority key identifier: 7B:26:CF:CD:A3:97:16:3D:83:5C:89:7A:DE:A9:07:1E:61:C8:BC:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eybPzaOXFj2DXIl63qkHHmHIvE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/89757a-911a-41b7-bad1-6cd51c84c015/1/MCg1JBf40Hl__0sa-ou1MaqBLds.roa
Signing time: Thu 01 Feb 2024 19:33:48 +0000
ROA not before: Thu 01 Feb 2024 19:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24971
IP address blocks: 37.205.8.0/22 maxlen: 22
37.205.12.0/22 maxlen: 22
185.8.164.0/23 maxlen: 23
185.8.166.0/23 maxlen: 24
2a03:3b40::/40 maxlen: 40
2a03:3b40:100::/40 maxlen: 40
2a03:3b40:200::/39 maxlen: 39
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/89757a-911a-41b7-bad1-6cd51c84c015/1/eybPzaOXFj2DXIl63qkHHmHIvE0.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/89757a-911a-41b7-bad1-6cd51c84c015/1/eybPzaOXFj2DXIl63qkHHmHIvE0.mft
rsync://rpki.ripe.net/repository/DEFAULT/eybPzaOXFj2DXIl63qkHHmHIvE0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 22:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:66:29:c0:34:97:b0:4e:0c:bf:41:e4:4b:26:cc:56:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b26cfcda397163d835c897adea9071e61c8bc4d
Validity
Not Before: Feb 1 19:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3028352417f8d0797fff4b1afa8bb531aa812ddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ca:a1:ca:b2:fc:f7:77:e4:90:d2:80:c7:22:
4c:78:b0:12:63:30:87:7e:cb:8a:fe:a4:b5:2c:04:
29:7c:ba:f9:d8:c4:9a:71:7f:cc:2c:46:c9:b7:49:
2c:ed:87:99:2d:50:93:eb:da:88:33:8c:0e:7a:9d:
77:85:10:17:c8:51:f2:dd:c0:41:f0:97:93:20:e3:
f2:7d:53:40:b2:db:f5:40:2e:86:d4:59:9f:7c:51:
a5:ef:2d:97:d3:e8:46:15:55:36:00:06:ce:8b:13:
6e:0d:ad:b3:bb:4d:e3:d0:1f:ee:23:84:06:b1:35:
4a:6a:33:76:c3:7e:87:64:9e:38:bf:e7:11:75:96:
e4:1d:08:81:b9:23:bd:38:b9:2e:6b:81:45:eb:7d:
00:4b:04:42:81:df:82:4f:c4:9f:20:35:d3:9c:0a:
87:ed:9f:0b:ad:71:3a:f9:77:44:61:18:9a:ba:54:
e9:4b:e9:14:77:9a:86:e2:0e:74:a7:cd:27:11:d1:
40:3a:5e:35:e5:57:23:93:c6:0e:76:fd:6a:cd:3a:
2b:97:de:8c:2c:ca:0b:df:b2:a1:9f:57:6b:2e:9b:
2c:a1:ee:c0:d3:c5:e6:3e:40:9c:bc:51:8c:d6:79:
81:79:ed:53:9c:0e:9a:78:b8:a7:a3:fe:68:ba:be:
f2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:28:35:24:17:F8:D0:79:7F:FF:4B:1A:FA:8B:B5:31:AA:81:2D:DB
X509v3 Authority Key Identifier:
keyid:7B:26:CF:CD:A3:97:16:3D:83:5C:89:7A:DE:A9:07:1E:61:C8:BC:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eybPzaOXFj2DXIl63qkHHmHIvE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/89757a-911a-41b7-bad1-6cd51c84c015/1/MCg1JBf40Hl__0sa-ou1MaqBLds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/89757a-911a-41b7-bad1-6cd51c84c015/1/eybPzaOXFj2DXIl63qkHHmHIvE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.205.8.0/21
185.8.164.0/22
IPv6:
2a03:3b40::/38
Signature Algorithm: sha256WithRSAEncryption
25:f5:09:cc:e9:16:40:ac:8e:66:83:6a:9d:40:48:88:ac:2f:
e0:97:9f:3c:2a:3c:de:e4:1f:18:11:78:a8:ab:af:ee:75:83:
5d:c6:2a:81:70:7c:be:4b:3c:4f:1c:23:1c:04:08:35:05:fd:
89:b0:a1:52:5b:eb:a6:5a:e9:21:95:5a:28:cf:73:46:93:89:
64:d8:0f:cc:ce:1a:4e:a0:70:e7:b9:54:ea:c5:64:84:28:61:
c9:8f:4a:f5:50:f9:6d:5e:35:e3:c0:fc:e5:e9:c8:ef:30:f4:
3c:d3:2f:bb:b8:52:14:24:7f:86:2a:7d:46:14:bc:21:1b:6d:
2a:92:e3:92:30:fd:91:59:5e:55:03:d5:42:1d:8e:04:95:ac:
5d:49:4d:47:28:37:8f:ba:4b:45:ef:eb:67:c6:dc:d6:40:e3:
ae:2b:38:99:bf:85:eb:78:5f:c3:67:55:05:dc:0b:a1:98:1f:
4b:7f:9e:7e:a2:5a:d5:e0:7a:31:d3:a0:ca:8b:48:80:eb:b4:
11:ae:85:9a:88:b0:3c:22:2a:2a:2d:f7:c0:d1:54:5d:25:53:
6f:52:89:56:07:d7:27:b9:c8:0d:40:92:6b:14:cc:d7:27:0a:
9b:da:79:2c:f9:3c:3d:c4:17:93:a2:40:32:47:95:3a:c5:08:
05:7d:87:9b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY1mKcA0l7BODL9B5EsmzFZLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMjZjZmNkYTM5NzE2M2Q4MzVjODk3YWRlYTkwNzFlNjFj
OGJjNGQwHhcNMjQwMjAxMTkzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDI4MzUyNDE3ZjhkMDc5N2ZmZjRiMWFmYThiYjUzMWFhODEyZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMqhyrL893fkkNKAxyJMeLASYzCH
fsuK/qS1LAQpfLr52MSacX/MLEbJt0ks7YeZLVCT69qIM4wOep13hRAXyFHy3cBB
8JeTIOPyfVNAstv1QC6G1FmffFGl7y2X0+hGFVU2AAbOixNuDa2zu03j0B/uI4QG
sTVKajN2w36HZJ44v+cRdZbkHQiBuSO9OLkua4FF630ASwRCgd+CT8SfIDXTnAqH
7Z8LrXE6+XdEYRiaulTpS+kUd5qG4g50p80nEdFAOl415Vcjk8YOdv1qzTorl96M
LMoL37Khn1drLpssoe7A08XmPkCcvFGM1nmBee1TnA6aeLino/5our7y8QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDAoNSQX+NB5f/9LGvqLtTGqgS3bMB8GA1UdIwQY
MBaAFHsmz82jlxY9g1yJet6pBx5hyLxNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXliUHphT1hGajJEWElsNjNxa0hIbUhJdkUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi84OTc1N2EtOTExYS00MWI3LWJhZDEt
NmNkNTFjODRjMDE1LzEvTUNnMUpCZjQwSGxfXzBzYS1vdTFNYXFCTGRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi84OTc1N2EtOTExYS00MWI3LWJhZDEtNmNkNTFjODRjMDE1
LzEvZXliUHphT1hGajJEWElsNjNxa0hIbUhJdkUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQDJc0IAwQC
uQikMA4EAgACMAgDBgIqAztAADANBgkqhkiG9w0BAQsFAAOCAQEAJfUJzOkWQKyO
ZoNqnUBIiKwv4JefPCo83uQfGBF4qKuv7nWDXcYqgXB8vks8TxwjHAQINQX9ibCh
UlvrplrpIZVaKM9zRpOJZNgPzM4aTqBw57lU6sVkhChhyY9K9VD5bV4148D85enI
7zD0PNMvu7hSFCR/hip9RhS8IRttKpLjkjD9kVleVQPVQh2OBJWsXUlNRyg3j7pL
Re/rZ8bc1kDjris4mb+F63hfw2dVBdwLoZgfS3+efqJa1eB6MdOgyotIgOu0Ea6F
moiwPCIqKi33wNFUXSVTb1KJVgfXJ7nIDUCSaxTM1ycKm9p5LPk8PcQXk6JAMkeV
OsUIBX2Hmw==
-----END CERTIFICATE-----
Generated at Sat Jun 8 02:59:44 2024 by rpki-client on console-fra.rpki-client.org