Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/45cf37-afa5-4994-aedb-485b20952d93/1/MRetR3twXJKcq3PrjHO_rrwooOo.roa
File: MRetR3twXJKcq3PrjHO_rrwooOo.roa (raw, json)
Hash identifier: BqJWWhod5uhjZmkewKD1QkVe216+B1/Caw5J6zNFAak=
Subject key identifier: 31:17:AD:47:7B:70:5C:92:9C:AB:73:EB:8C:73:BF:AE:BC:28:A0:EA
Certificate issuer: /CN=06ce5b28466b92742526031392d94bf1a558e844
Certificate serial: 018CC2DACCC68AFB762DA30D28005DCD8977
Authority key identifier: 06:CE:5B:28:46:6B:92:74:25:26:03:13:92:D9:4B:F1:A5:58:E8:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bs5bKEZrknQlJgMTktlL8aVY6EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/45cf37-afa5-4994-aedb-485b20952d93/1/MRetR3twXJKcq3PrjHO_rrwooOo.roa
Signing time: Mon 01 Jan 2024 02:29:28 +0000
ROA not before: Mon 01 Jan 2024 02:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44128
IP address blocks: 213.189.218.0/23 maxlen: 23
213.189.216.0/23 maxlen: 23
185.41.162.0/23 maxlen: 23
185.41.160.0/23 maxlen: 23
213.189.223.0/24 maxlen: 24
213.189.222.0/24 maxlen: 24
213.189.220.0/23 maxlen: 23
193.107.236.0/23 maxlen: 23
193.107.238.0/23 maxlen: 23
91.226.82.0/23 maxlen: 23
91.226.80.0/23 maxlen: 23
91.201.52.0/24 maxlen: 24
185.93.110.0/23 maxlen: 23
185.93.109.0/24 maxlen: 24
185.93.108.0/24 maxlen: 24
91.201.54.0/23 maxlen: 23
91.201.53.0/24 maxlen: 24
2a01:5560:8000::/33 maxlen: 33
2a01:5560::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/45cf37-afa5-4994-aedb-485b20952d93/1/Bs5bKEZrknQlJgMTktlL8aVY6EQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/45cf37-afa5-4994-aedb-485b20952d93/1/Bs5bKEZrknQlJgMTktlL8aVY6EQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Bs5bKEZrknQlJgMTktlL8aVY6EQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:02:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:cc:c6:8a:fb:76:2d:a3:0d:28:00:5d:cd:89:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06ce5b28466b92742526031392d94bf1a558e844
Validity
Not Before: Jan 1 02:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3117ad477b705c929cab73eb8c73bfaebc28a0ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:32:2e:41:b1:41:ba:b9:aa:fd:45:9d:d5:56:
2b:26:4f:7b:9c:cc:c9:0b:c4:ab:54:9f:fb:1f:b8:
d9:bc:31:11:91:d3:3e:27:1d:4b:db:a9:a9:6d:52:
54:07:8f:41:fa:4b:c1:73:c8:94:ee:74:f9:be:38:
89:ad:ef:b0:bd:5b:e3:d5:fb:c3:f3:f2:a9:85:93:
18:54:1c:23:c1:09:56:74:80:0a:c5:cf:12:6f:be:
a3:83:e5:d6:e1:de:96:f4:a8:61:7d:ec:de:77:17:
7f:36:0f:d2:99:ff:6f:fe:46:f6:b6:30:84:30:5d:
44:a0:2b:ad:6e:77:d2:ce:cd:ed:c2:44:27:19:3f:
58:e0:97:64:90:96:59:ff:67:8a:ab:ad:34:99:17:
10:c1:db:03:be:1c:63:62:45:78:bf:24:f0:88:7c:
e5:c4:51:79:f0:28:0b:f1:ca:3d:7a:95:f5:b8:15:
b6:3f:8b:7e:3d:7e:41:66:e7:93:f8:dd:c9:94:d0:
23:f9:5d:4a:ed:2d:b9:95:57:c1:4d:86:47:e1:7b:
22:32:75:cc:77:c1:90:33:65:ef:1c:45:5b:f2:9a:
8a:ff:3a:cd:81:6d:39:b3:ba:19:2b:f7:4f:33:3d:
7d:7c:4c:78:41:35:0b:77:ec:47:c1:56:78:04:5f:
bb:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:17:AD:47:7B:70:5C:92:9C:AB:73:EB:8C:73:BF:AE:BC:28:A0:EA
X509v3 Authority Key Identifier:
keyid:06:CE:5B:28:46:6B:92:74:25:26:03:13:92:D9:4B:F1:A5:58:E8:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bs5bKEZrknQlJgMTktlL8aVY6EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/45cf37-afa5-4994-aedb-485b20952d93/1/MRetR3twXJKcq3PrjHO_rrwooOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/45cf37-afa5-4994-aedb-485b20952d93/1/Bs5bKEZrknQlJgMTktlL8aVY6EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.52.0/22
91.226.80.0/22
185.41.160.0/22
185.93.108.0/22
193.107.236.0/22
213.189.216.0/21
IPv6:
2a01:5560::/32
Signature Algorithm: sha256WithRSAEncryption
30:06:c6:1e:89:8a:7f:c1:66:34:ca:e5:7c:e4:6e:d4:34:39:
b6:93:65:8f:b7:23:43:bb:0b:36:b4:ba:c7:19:de:c2:e9:06:
85:a7:81:35:eb:c3:81:6b:43:5f:5a:ba:50:9c:c3:df:77:64:
b9:d2:d8:82:f2:d8:51:d6:35:d0:d3:69:3f:47:9a:da:18:4c:
63:d4:6e:cb:86:c7:58:31:92:8b:fa:4b:5d:e4:db:b3:dc:a4:
81:54:f0:7c:2a:19:42:bd:0d:65:e4:01:1f:fc:f7:0d:d6:0d:
de:cd:06:94:38:83:49:bb:e0:16:e7:bc:30:21:a6:71:99:d5:
e3:83:13:7c:8c:be:dd:76:bf:ad:05:a1:a0:5d:b3:ba:35:c7:
f8:e4:cb:06:e3:0f:fa:8e:1e:de:9d:ef:17:8a:60:ad:0a:36:
be:8e:f3:63:c7:6e:0b:4d:98:74:70:6a:89:6e:3e:a7:6b:e2:
35:d9:e1:74:06:7b:97:ff:9e:14:05:14:b9:55:2e:46:39:7a:
69:92:c6:be:e0:09:85:b7:17:20:13:9c:be:bd:16:06:d6:71:
74:2e:26:86:7c:60:dc:05:40:a0:c2:62:2d:0e:0b:62:42:a2:
56:c6:67:58:0b:e8:c5:9f:da:41:fa:4c:34:23:cc:09:6e:84:
fd:2b:77:6a
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzC2szGivt2LaMNKABdzYl3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2Y2U1YjI4NDY2YjkyNzQyNTI2MDMxMzkyZDk0YmYxYTU1
OGU4NDQwHhcNMjQwMTAxMDIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTE3YWQ0NzdiNzA1YzkyOWNhYjczZWI4YzczYmZhZWJjMjhhMGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDIuQbFBurmq/UWd1VYrJk97nMzJ
C8SrVJ/7H7jZvDERkdM+Jx1L26mpbVJUB49B+kvBc8iU7nT5vjiJre+wvVvj1fvD
8/KphZMYVBwjwQlWdIAKxc8Sb76jg+XW4d6W9Khhfezedxd/Ng/Smf9v/kb2tjCE
MF1EoCutbnfSzs3twkQnGT9Y4JdkkJZZ/2eKq600mRcQwdsDvhxjYkV4vyTwiHzl
xFF58CgL8co9epX1uBW2P4t+PX5BZueT+N3JlNAj+V1K7S25lVfBTYZH4XsiMnXM
d8GQM2XvHEVb8pqK/zrNgW05s7oZK/dPMz19fEx4QTULd+xHwVZ4BF+7owIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFDEXrUd7cFySnKtz64xzv668KKDqMB8GA1UdIwQY
MBaAFAbOWyhGa5J0JSYDE5LZS/GlWOhEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnM1YktFWnJrblFsSmdNVGt0bEw4YVZZNkVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS80NWNmMzctYWZhNS00OTk0LWFlZGIt
NDg1YjIwOTUyZDkzLzEvTVJldFIzdHdYSktjcTNQcmpIT19ycndvb09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS80NWNmMzctYWZhNS00OTk0LWFlZGItNDg1YjIwOTUyZDkz
LzEvQnM1YktFWnJrblFsSmdNVGt0bEw4YVZZNkVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCW8k0AwQC
W+JQAwQCuSmgAwQCuV1sAwQCwWvsAwQD1b3YMA0EAgACMAcDBQAqAVVgMA0GCSqG
SIb3DQEBCwUAA4IBAQAwBsYeiYp/wWY0yuV85G7UNDm2k2WPtyNDuws2tLrHGd7C
6QaFp4E168OBa0NfWrpQnMPfd2S50tiC8thR1jXQ02k/R5raGExj1G7LhsdYMZKL
+ktd5Nuz3KSBVPB8KhlCvQ1l5AEf/PcN1g3ezQaUOINJu+AW57wwIaZxmdXjgxN8
jL7ddr+tBaGgXbO6Ncf45MsG4w/6jh7ene8XimCtCja+jvNjx24LTZh0cGqJbj6n
a+I12eF0BnuX/54UBRS5VS5GOXppksa+4AmFtxcgE5y+vRYG1nF0LiaGfGDcBUCg
wmItDgtiQqJWxmdYC+jFn9pB+kw0I8wJboT9K3dq
-----END CERTIFICATE-----
Generated at Fri May 17 18:24:54 2024 by rpki-client on console-fra.rpki-client.org