Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/MkxmncTh_9psY6Ab9r3cjZpFPXc.roa
File: MkxmncTh_9psY6Ab9r3cjZpFPXc.roa (raw, json)
Hash identifier: xTz0KZS9ZRuuC7qS5yR4a/0NWZniKO7CMWunCZrXeso=
Subject key identifier: 32:4C:66:9D:C4:E1:FF:DA:6C:63:A0:1B:F6:BD:DC:8D:9A:45:3D:77
Certificate issuer: /CN=4f36103344fcd3b5759f2db3f3c7071376f9e233
Certificate serial: 018CC94E473A188D6CFF4E8876ECB8B82357
Authority key identifier: 4F:36:10:33:44:FC:D3:B5:75:9F:2D:B3:F3:C7:07:13:76:F9:E2:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/MkxmncTh_9psY6Ab9r3cjZpFPXc.roa
Signing time: Tue 02 Jan 2024 08:33:19 +0000
ROA not before: Tue 02 Jan 2024 08:33:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8990
IP address blocks: 212.92.0.0/19 maxlen: 19
82.150.32.0/19 maxlen: 19
91.144.64.0/18 maxlen: 24
95.171.64.0/19 maxlen: 19
45.88.204.0/22 maxlen: 22
109.199.32.0/19 maxlen: 24
109.199.46.0/24 maxlen: 24
109.199.57.0/24 maxlen: 24
91.144.121.0/24 maxlen: 24
109.199.58.0/24 maxlen: 24
109.199.62.0/24 maxlen: 24
109.199.61.0/24 maxlen: 24
2a03:9900:2::/48 maxlen: 48
2a03:9900:1::/48 maxlen: 48
2a03:9900::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/TzYQM0T807V1ny2z88cHE3b54jM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/TzYQM0T807V1ny2z88cHE3b54jM.mft
rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:47:3a:18:8d:6c:ff:4e:88:76:ec:b8:b8:23:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f36103344fcd3b5759f2db3f3c7071376f9e233
Validity
Not Before: Jan 2 08:33:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=324c669dc4e1ffda6c63a01bf6bddc8d9a453d77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:84:00:2b:a1:a6:9d:29:ad:4a:f0:e7:bf:9e:
c4:80:a4:dd:37:86:93:03:0f:61:96:9e:1c:51:e8:
13:18:4b:99:6b:92:40:4f:5b:4c:cb:28:f0:02:0b:
a2:c3:18:d1:d9:53:15:32:ac:54:6a:36:65:9c:a6:
1a:7e:45:0d:3b:65:be:0b:36:83:d0:df:e1:60:59:
41:91:22:0c:6f:31:48:df:2e:a6:10:2c:71:2b:ad:
4f:56:00:dc:42:de:01:b4:b3:1f:13:ad:b2:c5:48:
99:a0:6e:40:04:84:8b:c0:11:58:c3:09:47:41:22:
d2:a0:9c:6d:24:58:b5:f0:ea:70:01:29:9f:a0:7b:
84:a2:39:e4:72:db:3d:64:68:7b:62:3e:11:a2:5c:
82:c9:82:98:24:0c:99:e5:0b:0c:17:91:0b:89:3c:
2d:61:0d:1b:3d:75:60:be:6b:25:fb:a5:31:86:a4:
44:6e:82:a1:f3:51:fc:41:bd:22:0c:b8:be:0e:25:
aa:38:c9:b4:fc:66:a6:66:45:a3:3d:5d:85:9f:a6:
a6:54:5e:21:cc:de:5a:24:37:d9:d5:cb:fc:b0:b4:
72:a4:34:e8:6d:fa:85:0f:7d:e7:83:fd:4a:6d:95:
bb:48:29:a8:59:87:89:fe:79:6d:bb:70:3d:26:f3:
bb:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:4C:66:9D:C4:E1:FF:DA:6C:63:A0:1B:F6:BD:DC:8D:9A:45:3D:77
X509v3 Authority Key Identifier:
keyid:4F:36:10:33:44:FC:D3:B5:75:9F:2D:B3:F3:C7:07:13:76:F9:E2:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/MkxmncTh_9psY6Ab9r3cjZpFPXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/TzYQM0T807V1ny2z88cHE3b54jM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.204.0/22
82.150.32.0/19
91.144.64.0/18
95.171.64.0/19
109.199.32.0/19
212.92.0.0/19
IPv6:
2a03:9900::/32
Signature Algorithm: sha256WithRSAEncryption
4f:f3:0c:78:3c:ed:cd:3e:ba:1f:39:8c:e6:f3:9d:bd:1a:ac:
c1:a4:3a:9a:67:0f:31:40:b4:ae:19:fb:46:f8:56:96:8f:44:
64:fa:ab:08:0e:e8:21:a5:76:5f:f3:6d:c0:49:b0:46:f2:fe:
b8:0b:d6:32:bf:f0:34:79:8a:ee:cf:64:48:22:eb:5f:a0:14:
24:7e:e7:87:9c:ac:05:ac:42:f5:cd:ee:db:37:b0:c4:f4:07:
d9:f4:06:2a:d5:09:23:09:38:ab:f5:70:fd:14:4e:6d:4a:2b:
52:1a:6c:19:bc:52:b9:f8:d2:06:b1:cb:9a:87:2c:b6:50:38:
ff:76:09:b5:6c:e5:d8:d0:f0:71:7e:e6:4c:ee:be:78:38:01:
d1:92:2d:35:82:74:96:ac:43:86:21:2c:20:b8:48:1a:39:47:
1f:d8:68:5e:a8:a0:7a:18:27:28:da:50:75:ee:69:1a:7d:27:
b3:8c:90:49:ff:2b:d5:f4:c4:33:3d:8e:66:5d:86:9d:8f:7b:
3e:67:3f:53:5d:e3:33:bc:3d:76:39:d7:79:cf:00:0e:f1:5e:
c1:44:81:74:94:9b:8b:27:5b:63:c3:d6:fe:79:54:0f:5b:41:
46:48:65:d1:dd:50:be:ec:5c:1f:be:8b:9a:bd:fd:45:19:4f:
4b:9b:91:6a
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzJTkc6GI1s/06Iduy4uCNXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMzYxMDMzNDRmY2QzYjU3NTlmMmRiM2YzYzcwNzEzNzZm
OWUyMzMwHhcNMjQwMTAyMDgzMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjRjNjY5ZGM0ZTFmZmRhNmM2M2EwMWJmNmJkZGM4ZDlhNDUzZDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4QAK6GmnSmtSvDnv57EgKTdN4aT
Aw9hlp4cUegTGEuZa5JAT1tMyyjwAguiwxjR2VMVMqxUajZlnKYafkUNO2W+CzaD
0N/hYFlBkSIMbzFI3y6mECxxK61PVgDcQt4BtLMfE62yxUiZoG5ABISLwBFYwwlH
QSLSoJxtJFi18OpwASmfoHuEojnkcts9ZGh7Yj4RolyCyYKYJAyZ5QsMF5ELiTwt
YQ0bPXVgvmsl+6UxhqREboKh81H8Qb0iDLi+DiWqOMm0/GamZkWjPV2Fn6amVF4h
zN5aJDfZ1cv8sLRypDTobfqFD33ng/1KbZW7SCmoWYeJ/nltu3A9JvO7HwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFDJMZp3E4f/abGOgG/a93I2aRT13MB8GA1UdIwQY
MBaAFE82EDNE/NO1dZ8ts/PHBxN2+eIzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHpZUU0wVDgwN1Yxbnkyejg4Y0hFM2I1NGpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy84MGQ5ZGYtZWFmMy00OGI2LThmZDUt
MGFjYzg5MmIxMWQyLzEvTWt4bW5jVGhfOXBzWTZBYjlyM2NqWnBGUFhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy84MGQ5ZGYtZWFmMy00OGI2LThmZDUtMGFjYzg5MmIxMWQy
LzEvVHpZUU0wVDgwN1Yxbnkyejg4Y0hFM2I1NGpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLVjMAwQF
UpYgAwQGW5BAAwQFX6tAAwQFbccgAwQF1FwAMA0EAgACMAcDBQAqA5kAMA0GCSqG
SIb3DQEBCwUAA4IBAQBP8wx4PO3NProfOYzm8529GqzBpDqaZw8xQLSuGftG+FaW
j0Rk+qsIDughpXZf823ASbBG8v64C9Yyv/A0eYruz2RIIutfoBQkfueHnKwFrEL1
ze7bN7DE9AfZ9AYq1QkjCTir9XD9FE5tSitSGmwZvFK5+NIGscuahyy2UDj/dgm1
bOXY0PBxfuZM7r54OAHRki01gnSWrEOGISwguEgaOUcf2GheqKB6GCco2lB17mka
fSezjJBJ/yvV9MQzPY5mXYadj3s+Zz9TXeMzvD12Odd5zwAO8V7BRIF0lJuLJ1tj
w9b+eVQPW0FGSGXR3VC+7Fwfvouavf1FGU9Lm5Fq
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:46:57 2024 by rpki-client on console-ams.rpki-client.org