Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/mQvSe6_vH0AH-NEDAoZCeaTih48.roa
File: mQvSe6_vH0AH-NEDAoZCeaTih48.roa (raw, json)
Hash identifier: 0usbaNMaptNT3nDd78U4OjTaN0xqttEpQpmb2ML4kOk=
Subject key identifier: 99:0B:D2:7B:AF:EF:1F:40:07:F8:D1:03:02:86:42:79:A4:E2:87:8F
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018CC8DF3B290011EF6FD9F1C463AFECC808
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/mQvSe6_vH0AH-NEDAoZCeaTih48.roa
Signing time: Tue 02 Jan 2024 06:32:02 +0000
ROA not before: Tue 02 Jan 2024 06:32:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 213.209.131.0/24 maxlen: 24
213.209.137.0/24 maxlen: 24
213.209.139.0/24 maxlen: 24
213.209.141.0/24 maxlen: 24
213.209.152.0/24 maxlen: 24
213.209.155.0/24 maxlen: 24
213.209.154.0/24 maxlen: 24
213.209.153.0/24 maxlen: 24
77.90.159.0/24 maxlen: 24
77.90.158.0/24 maxlen: 24
77.90.163.0/24 maxlen: 24
77.90.162.0/24 maxlen: 24
77.90.161.0/24 maxlen: 24
77.90.160.0/24 maxlen: 24
77.90.165.0/24 maxlen: 24
77.90.170.0/24 maxlen: 24
77.90.169.0/24 maxlen: 24
77.90.172.0/24 maxlen: 24
77.90.171.0/24 maxlen: 24
77.90.177.0/24 maxlen: 24
77.90.175.0/24 maxlen: 24
77.90.182.0/24 maxlen: 24
77.90.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:3b:29:00:11:ef:6f:d9:f1:c4:63:af:ec:c8:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 2 06:32:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=990bd27bafef1f4007f8d10302864279a4e2878f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f7:12:8c:81:5b:9c:b0:35:45:25:d2:7d:a7:
59:84:99:0f:2b:d5:b4:6c:ee:f2:bb:06:1d:cd:16:
c3:5e:84:d7:09:73:61:54:88:fd:47:c1:2f:1e:20:
e4:d6:02:de:7c:a6:60:67:d1:bb:e3:e2:0f:ab:c4:
57:6a:ce:4b:70:03:60:7d:e4:5e:fa:d0:fb:ba:0e:
ea:0a:3c:56:ea:b7:4c:4b:ba:0b:ce:5a:37:72:0e:
f4:ca:b6:f3:0f:df:45:94:d2:1c:13:bd:b3:a7:b7:
28:0b:f8:2f:bc:b0:2e:7d:c5:0d:34:23:d4:19:75:
ea:f3:33:7e:d5:5a:4e:22:3b:8b:4d:58:0a:b7:bd:
04:11:88:63:af:e9:1b:16:87:29:eb:82:8e:27:32:
28:ca:cb:df:47:b0:be:37:9b:6a:ad:09:b6:57:7f:
78:8f:fe:8f:03:29:cd:f6:7f:87:34:fa:60:2f:38:
f6:8d:e5:93:73:6b:8d:5c:bc:9c:60:e0:38:ed:9b:
99:3d:14:86:12:87:4d:17:67:75:6d:22:c2:b6:7f:
ec:73:51:da:69:f8:86:42:05:08:c8:f7:5e:25:bf:
d1:9a:aa:84:cf:f9:6a:c4:6b:76:c0:2e:0a:77:1b:
48:61:7f:ea:be:94:5b:0f:4c:0e:04:bd:69:79:13:
1a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:0B:D2:7B:AF:EF:1F:40:07:F8:D1:03:02:86:42:79:A4:E2:87:8F
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/mQvSe6_vH0AH-NEDAoZCeaTih48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.158.0-77.90.163.255
77.90.165.0/24
77.90.169.0-77.90.172.255
77.90.175.0/24
77.90.177.0/24
77.90.182.0/24
77.90.186.0/24
213.209.131.0/24
213.209.137.0/24
213.209.139.0/24
213.209.141.0/24
213.209.152.0/22
Signature Algorithm: sha256WithRSAEncryption
03:a6:fd:8b:95:72:68:54:e6:6f:ee:a0:53:b3:4a:c0:aa:f9:
fd:7b:e0:97:9e:28:b5:56:c7:56:0f:56:51:63:3f:28:b3:bf:
8b:64:0c:14:ba:63:d2:2b:3b:1d:4a:cd:44:b1:dd:3d:96:a6:
af:73:17:57:b3:f5:76:34:68:b6:c7:b0:e0:b1:08:51:5e:e6:
43:9d:6c:d5:d2:65:35:76:94:b4:c8:a2:55:95:8a:00:53:c5:
e9:89:98:c4:8a:f1:98:a8:26:7c:d2:5f:e5:01:12:e2:d9:63:
71:ce:7b:8e:61:cf:a8:0f:78:a7:22:1b:9a:7d:f1:a3:3e:9e:
41:18:78:c2:5d:de:e9:4e:b2:c0:78:6a:90:25:df:5c:c0:11:
43:e1:81:ea:a4:95:28:17:bc:85:4a:78:7b:27:7f:91:25:33:
17:48:92:e8:ff:78:8b:dc:4f:c8:4e:3c:3d:2a:b8:63:f6:a4:
2d:9b:e5:ab:05:53:0e:0e:17:64:11:c1:8f:5c:6c:2f:d5:2c:
e3:b8:35:c2:83:0d:8a:51:52:e5:60:7f:53:2b:02:d3:3d:0a:
6e:77:ef:90:2e:73:db:6d:28:33:99:7e:44:e0:33:9d:65:90:
bc:00:4b:2e:33:42:48:57:d0:30:71:85:99:31:48:2b:b6:06:
d4:b8:77:d2
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYzI3zspABHvb9nxxGOv7MgIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMTAyMDYzMjAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTBiZDI3YmFmZWYxZjQwMDdmOGQxMDMwMjg2NDI3OWE0ZTI4NzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovcSjIFbnLA1RSXSfadZhJkPK9W0
bO7yuwYdzRbDXoTXCXNhVIj9R8EvHiDk1gLefKZgZ9G74+IPq8RXas5LcANgfeRe
+tD7ug7qCjxW6rdMS7oLzlo3cg70yrbzD99FlNIcE72zp7coC/gvvLAufcUNNCPU
GXXq8zN+1VpOIjuLTVgKt70EEYhjr+kbFocp64KOJzIoysvfR7C+N5tqrQm2V394
j/6PAynN9n+HNPpgLzj2jeWTc2uNXLycYOA47ZuZPRSGEodNF2d1bSLCtn/sc1Ha
afiGQgUIyPdeJb/RmqqEz/lqxGt2wC4KdxtIYX/qvpRbD0wOBL1peRMaTQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFJkL0nuv7x9AB/jRAwKGQnmk4oePMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvbVF2U2U2X3ZIMEFILU5FREFvWkNlYVRpaDQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYMAwDBAFNWp4D
BAJNWqADBABNWqUwDAMEAE1aqQMEAE1arAMEAE1arwMEAE1asQMEAE1atgMEAE1a
ugMEANXRgwMEANXRiQMEANXRiwMEANXRjQMEAtXRmDANBgkqhkiG9w0BAQsFAAOC
AQEAA6b9i5VyaFTmb+6gU7NKwKr5/Xvgl54otVbHVg9WUWM/KLO/i2QMFLpj0is7
HUrNRLHdPZamr3MXV7P1djRotsew4LEIUV7mQ51s1dJlNXaUtMiiVZWKAFPF6YmY
xIrxmKgmfNJf5QES4tljcc57jmHPqA94pyIbmn3xoz6eQRh4wl3e6U6ywHhqkCXf
XMARQ+GB6qSVKBe8hUp4eyd/kSUzF0iS6P94i9xPyE48PSq4Y/akLZvlqwVTDg4X
ZBHBj1xsL9Us47g1woMNilFS5WB/UysC0z0KbnfvkC5z220oM5l+ROAznWWQvABL
LjNCSFfQMHGFmTFIK7YG1Lh30g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:39:54 2024 by rpki-client on console-fra.rpki-client.org