Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/e5a2c7-0453-48ba-b10c-0ba9679de2e6/1/Mxhv7uZp6AnaPqTYgMggLcktoPg.roa
File: Mxhv7uZp6AnaPqTYgMggLcktoPg.roa (raw, json)
Hash identifier: KfU8wSsATezro4WhhKeAoUdJE8dnuj0338goIH+nYeM=
Subject key identifier: 33:18:6F:EE:E6:69:E8:09:DA:3E:A4:D8:80:C8:20:2D:C9:2D:A0:F8
Certificate issuer: /CN=5fc24743304b7fd9a065d22cd89cda95045e269c
Certificate serial: 018CC7936E9294E33D0CDAF8339E23B42F43
Authority key identifier: 5F:C2:47:43:30:4B:7F:D9:A0:65:D2:2C:D8:9C:DA:95:04:5E:26:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X8JHQzBLf9mgZdIs2JzalQReJpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/e5a2c7-0453-48ba-b10c-0ba9679de2e6/1/Mxhv7uZp6AnaPqTYgMggLcktoPg.roa
Signing time: Tue 02 Jan 2024 00:29:37 +0000
ROA not before: Tue 02 Jan 2024 00:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30781
IP address blocks: 185.61.163.0/24 maxlen: 24
185.61.162.0/24 maxlen: 24
185.61.161.0/24 maxlen: 24
185.61.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/e5a2c7-0453-48ba-b10c-0ba9679de2e6/1/X8JHQzBLf9mgZdIs2JzalQReJpw.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/e5a2c7-0453-48ba-b10c-0ba9679de2e6/1/X8JHQzBLf9mgZdIs2JzalQReJpw.mft
rsync://rpki.ripe.net/repository/DEFAULT/X8JHQzBLf9mgZdIs2JzalQReJpw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 12:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:6e:92:94:e3:3d:0c:da:f8:33:9e:23:b4:2f:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fc24743304b7fd9a065d22cd89cda95045e269c
Validity
Not Before: Jan 2 00:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33186feee669e809da3ea4d880c8202dc92da0f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:93:75:15:aa:d1:f3:ad:42:8c:c9:cd:55:e4:
10:d9:0f:0e:23:bb:b0:da:f5:bf:b0:ad:c6:8a:d5:
75:de:db:b1:71:cb:c0:d8:81:d6:07:17:96:09:06:
50:e3:e0:b6:d4:59:fe:63:34:a3:e2:d4:26:50:ab:
bc:c0:38:bb:0c:36:e8:b7:59:31:0f:1b:a0:b5:cd:
26:d4:ad:42:a8:21:b7:5b:8c:35:13:ff:2f:71:89:
45:37:9f:42:db:5c:cb:b8:8f:d1:63:d8:c2:e0:a4:
ca:60:53:b3:34:1e:94:bf:e5:1a:fd:8c:2a:c4:d7:
b8:bc:e2:e7:d4:5e:58:6f:bc:27:4c:6a:cd:9b:21:
d1:02:94:b7:ff:ea:b8:fe:dd:da:2e:29:2f:66:0f:
1e:a2:18:d8:15:8d:18:2e:ec:94:74:a5:9f:c5:bb:
58:62:19:f2:16:1c:fd:af:eb:58:92:82:b1:c6:0c:
ac:3e:6e:3a:b0:5e:7c:f0:0d:c5:30:4b:e4:c6:bd:
df:93:c4:bc:7c:65:17:df:03:45:3f:79:a1:6e:87:
a0:22:4f:ed:50:fa:20:4f:d9:6b:15:ac:0c:e7:cd:
8a:88:e8:3e:a7:15:71:66:82:54:81:db:8d:c4:4d:
27:d8:1a:9b:23:42:71:b4:19:d1:61:2e:04:e9:04:
56:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:18:6F:EE:E6:69:E8:09:DA:3E:A4:D8:80:C8:20:2D:C9:2D:A0:F8
X509v3 Authority Key Identifier:
keyid:5F:C2:47:43:30:4B:7F:D9:A0:65:D2:2C:D8:9C:DA:95:04:5E:26:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X8JHQzBLf9mgZdIs2JzalQReJpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/e5a2c7-0453-48ba-b10c-0ba9679de2e6/1/Mxhv7uZp6AnaPqTYgMggLcktoPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/e5a2c7-0453-48ba-b10c-0ba9679de2e6/1/X8JHQzBLf9mgZdIs2JzalQReJpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.61.160.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:bf:98:1c:e5:ee:30:d3:f3:12:75:fa:a8:e2:fd:73:51:f2:
aa:2b:f0:70:f2:c1:86:f5:0e:de:25:67:51:a4:cf:95:c9:c1:
92:ef:e5:f5:4c:17:45:7c:75:b6:aa:bc:f4:53:40:90:7e:ca:
19:0b:28:18:5b:72:6a:dc:15:eb:58:1c:8c:52:a6:6a:20:59:
51:6d:93:ea:dc:79:ea:83:ec:d0:74:75:ac:8f:1c:a7:1d:5f:
07:70:ad:25:c4:4d:06:81:17:5f:27:86:95:f6:54:b7:1e:37:
03:48:b2:a4:e5:e3:cd:bf:e9:51:4f:ee:4e:e7:1d:f2:a2:05:
d1:5c:9b:6d:7b:9c:64:18:6a:12:96:82:9a:ad:e6:e1:f8:2f:
37:57:e1:0c:92:fe:fb:49:38:3b:ca:99:87:e7:73:42:c0:60:
ee:5d:b2:d6:41:17:ce:33:42:b5:cd:1e:71:f6:df:bb:fe:cf:
c8:e9:e1:47:a3:e2:71:93:04:15:cb:52:5f:ef:f6:ef:bf:44:
6b:91:70:c1:7d:41:af:f8:ca:45:7e:e2:f7:11:39:c5:44:39:
a5:33:b1:e9:28:fc:43:17:88:da:88:fe:33:47:c1:48:e6:b2:
a5:db:8b:68:ee:15:58:d1:0b:1e:de:33:02:37:c8:6c:c6:1b:
b1:62:3d:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHk26SlOM9DNr4M54jtC9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYzI0NzQzMzA0YjdmZDlhMDY1ZDIyY2Q4OWNkYTk1MDQ1
ZTI2OWMwHhcNMjQwMTAyMDAyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzE4NmZlZWU2NjllODA5ZGEzZWE0ZDg4MGM4MjAyZGM5MmRhMGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpN1FarR861CjMnNVeQQ2Q8OI7uw
2vW/sK3GitV13tuxccvA2IHWBxeWCQZQ4+C21Fn+YzSj4tQmUKu8wDi7DDbot1kx
Dxugtc0m1K1CqCG3W4w1E/8vcYlFN59C21zLuI/RY9jC4KTKYFOzNB6Uv+Ua/Ywq
xNe4vOLn1F5Yb7wnTGrNmyHRApS3/+q4/t3aLikvZg8eohjYFY0YLuyUdKWfxbtY
YhnyFhz9r+tYkoKxxgysPm46sF588A3FMEvkxr3fk8S8fGUX3wNFP3mhboegIk/t
UPogT9lrFawM582KiOg+pxVxZoJUgduNxE0n2BqbI0JxtBnRYS4E6QRW9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDMYb+7maegJ2j6k2IDIIC3JLaD4MB8GA1UdIwQY
MBaAFF/CR0MwS3/ZoGXSLNic2pUEXiacMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDhKSFF6QkxmOW1nWmRJczJKemFsUVJlSnB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9lNWEyYzctMDQ1My00OGJhLWIxMGMt
MGJhOTY3OWRlMmU2LzEvTXhodjd1WnA2QW5hUHFUWWdNZ2dMY2t0b1BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9lNWEyYzctMDQ1My00OGJhLWIxMGMtMGJhOTY3OWRlMmU2
LzEvWDhKSFF6QkxmOW1nWmRJczJKemFsUVJlSnB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuT2gMA0G
CSqGSIb3DQEBCwUAA4IBAQAOv5gc5e4w0/MSdfqo4v1zUfKqK/Bw8sGG9Q7eJWdR
pM+VycGS7+X1TBdFfHW2qrz0U0CQfsoZCygYW3Jq3BXrWByMUqZqIFlRbZPq3Hnq
g+zQdHWsjxynHV8HcK0lxE0GgRdfJ4aV9lS3HjcDSLKk5ePNv+lRT+5O5x3yogXR
XJtte5xkGGoSloKarebh+C83V+EMkv77STg7ypmH53NCwGDuXbLWQRfOM0K1zR5x
9t+7/s/I6eFHo+JxkwQVy1Jf7/bvv0RrkXDBfUGv+MpFfuL3ETnFRDmlM7HpKPxD
F4jaiP4zR8FI5rKl24to7hVY0Qse3jMCN8hsxhuxYj3P
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:32:00 2024 by rpki-client on console-ams.rpki-client.org