Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/30cf07-3fa8-44a6-935b-f9a7acd91bcc/1/Mi7uqjw3EFwH2vaQ8CKQ0xvIUZ4.roa
File: Mi7uqjw3EFwH2vaQ8CKQ0xvIUZ4.roa (raw, json)
Hash identifier: pHo/uX3EaueWBs0PMvxs/bb1U2sOI1cm59A9umYFnvc=
Subject key identifier: 32:2E:EE:AA:3C:37:10:5C:07:DA:F6:90:F0:22:90:D3:1B:C8:51:9E
Certificate issuer: /CN=bc3033a102b3b7912a366320f4435c53fb9773f4
Certificate serial: 018CC94DBDC81282B81266FD35B7DA102620
Authority key identifier: BC:30:33:A1:02:B3:B7:91:2A:36:63:20:F4:43:5C:53:FB:97:73:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vDAzoQKzt5EqNmMg9ENcU_uXc_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/30cf07-3fa8-44a6-935b-f9a7acd91bcc/1/Mi7uqjw3EFwH2vaQ8CKQ0xvIUZ4.roa
Signing time: Tue 02 Jan 2024 08:32:44 +0000
ROA not before: Tue 02 Jan 2024 08:32:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62179
IP address blocks: 185.44.73.0/24 maxlen: 24
185.44.74.0/24 maxlen: 24
185.44.72.0/24 maxlen: 24
185.44.75.0/24 maxlen: 24
185.44.72.0/22 maxlen: 22
2a01:7220::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/30cf07-3fa8-44a6-935b-f9a7acd91bcc/1/vDAzoQKzt5EqNmMg9ENcU_uXc_Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/30cf07-3fa8-44a6-935b-f9a7acd91bcc/1/vDAzoQKzt5EqNmMg9ENcU_uXc_Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/vDAzoQKzt5EqNmMg9ENcU_uXc_Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 20:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:bd:c8:12:82:b8:12:66:fd:35:b7:da:10:26:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc3033a102b3b7912a366320f4435c53fb9773f4
Validity
Not Before: Jan 2 08:32:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=322eeeaa3c37105c07daf690f02290d31bc8519e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:dc:13:92:1c:ec:7d:c1:7c:31:52:d4:ca:60:
2c:67:b9:89:1d:3f:81:ac:25:7c:01:97:55:3a:d1:
57:4b:2f:0f:59:59:a6:44:c0:4e:81:91:bb:18:13:
ff:ea:19:b2:f1:34:47:e0:2a:7e:cf:81:4c:a2:4f:
3a:f3:d8:27:8b:44:b4:73:b3:d8:3c:78:ff:5a:6f:
b7:44:b4:05:e3:b9:e9:4d:0f:98:24:0a:29:31:6b:
5f:13:33:ea:0a:7c:04:11:b1:1d:5d:7f:90:d3:d2:
bb:7b:68:7c:1b:e9:c4:fd:39:46:e2:2a:85:4c:a8:
8f:d9:46:55:68:07:b3:f1:2b:25:c1:42:b7:c7:17:
95:68:d1:5b:87:be:a0:ab:3f:76:be:79:3c:49:2a:
89:5f:89:a8:f5:d4:ef:34:81:9e:64:b0:81:b0:fd:
c3:ba:6a:d8:07:af:79:8d:fc:18:9b:80:be:6c:ce:
12:71:1d:a1:65:dd:d0:43:11:b4:3a:f1:c3:5c:25:
04:cd:84:84:85:7e:2b:07:27:a9:9d:ef:8e:1b:87:
ca:b5:0b:77:96:c6:cd:f4:96:4b:28:2f:f9:ad:ef:
b9:60:06:39:b8:2e:73:b1:a1:f8:d2:6e:f7:20:32:
c1:82:e4:43:55:cb:41:fd:7a:ba:94:b2:f4:39:4e:
30:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:2E:EE:AA:3C:37:10:5C:07:DA:F6:90:F0:22:90:D3:1B:C8:51:9E
X509v3 Authority Key Identifier:
keyid:BC:30:33:A1:02:B3:B7:91:2A:36:63:20:F4:43:5C:53:FB:97:73:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vDAzoQKzt5EqNmMg9ENcU_uXc_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/30cf07-3fa8-44a6-935b-f9a7acd91bcc/1/Mi7uqjw3EFwH2vaQ8CKQ0xvIUZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/30cf07-3fa8-44a6-935b-f9a7acd91bcc/1/vDAzoQKzt5EqNmMg9ENcU_uXc_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.44.72.0/22
IPv6:
2a01:7220::/32
Signature Algorithm: sha256WithRSAEncryption
c0:7b:4d:15:f7:3c:c8:d3:8c:8c:58:c0:24:bf:4c:bc:d9:99:
4a:a2:9a:9b:21:cb:e3:9b:e0:e4:7c:ea:e3:47:94:13:13:e9:
9a:22:ca:42:a8:d7:e3:56:04:2d:32:60:ad:e8:19:2e:c8:2e:
6f:a9:1a:0e:15:09:89:c8:4b:04:9d:fd:1e:06:f4:98:07:e1:
85:d6:8d:7c:1d:0a:12:6b:71:c8:5d:f0:9f:aa:a0:bc:8d:ae:
66:e2:49:c4:4e:2b:03:2c:2a:6e:ed:0c:1a:ea:84:be:7d:e5:
51:8b:2c:b6:ea:1c:b9:82:9a:69:3a:03:df:fb:c2:f1:1a:e4:
d1:ad:dc:86:44:8f:bb:24:1b:33:0f:04:d9:6b:fe:19:8d:7e:
d2:4b:e8:7e:3b:4e:1f:82:c5:a2:23:ef:eb:f5:82:3c:8a:56:
39:23:a7:31:58:20:29:7d:f4:e8:fb:72:c1:64:55:7e:a9:1f:
51:cc:dd:f1:58:2a:2e:73:e3:ac:af:21:7a:3d:3b:3d:68:ca:
7d:d1:a9:cb:aa:10:e8:91:a4:ed:7b:c1:f7:d3:e1:13:19:29:
c5:92:5a:0f:25:2a:2a:11:2d:65:87:cf:12:de:f0:ed:aa:c3:
2b:7f:09:1f:fd:49:88:a1:c1:22:ba:21:62:c1:9a:d8:a3:08:
55:da:54:81
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTb3IEoK4Emb9NbfaECYgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjMzAzM2ExMDJiM2I3OTEyYTM2NjMyMGY0NDM1YzUzZmI5
NzczZjQwHhcNMjQwMTAyMDgzMjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjJlZWVhYTNjMzcxMDVjMDdkYWY2OTBmMDIyOTBkMzFiYzg1MTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNwTkhzsfcF8MVLUymAsZ7mJHT+B
rCV8AZdVOtFXSy8PWVmmRMBOgZG7GBP/6hmy8TRH4Cp+z4FMok8689gni0S0c7PY
PHj/Wm+3RLQF47npTQ+YJAopMWtfEzPqCnwEEbEdXX+Q09K7e2h8G+nE/TlG4iqF
TKiP2UZVaAez8SslwUK3xxeVaNFbh76gqz92vnk8SSqJX4mo9dTvNIGeZLCBsP3D
umrYB695jfwYm4C+bM4ScR2hZd3QQxG0OvHDXCUEzYSEhX4rByepne+OG4fKtQt3
lsbN9JZLKC/5re+5YAY5uC5zsaH40m73IDLBguRDVctB/Xq6lLL0OU4w6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDIu7qo8NxBcB9r2kPAikNMbyFGeMB8GA1UdIwQY
MBaAFLwwM6ECs7eRKjZjIPRDXFP7l3P0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkRBem9RS3p0NUVxTm1NZzlFTmNVX3VYY19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zMGNmMDctM2ZhOC00NGE2LTkzNWIt
ZjlhN2FjZDkxYmNjLzEvTWk3dXFqdzNFRndIMnZhUThDS1EweHZJVVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zMGNmMDctM2ZhOC00NGE2LTkzNWItZjlhN2FjZDkxYmNj
LzEvdkRBem9RS3p0NUVxTm1NZzlFTmNVX3VYY19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSxIMA0E
AgACMAcDBQAqAXIgMA0GCSqGSIb3DQEBCwUAA4IBAQDAe00V9zzI04yMWMAkv0y8
2ZlKopqbIcvjm+DkfOrjR5QTE+maIspCqNfjVgQtMmCt6BkuyC5vqRoOFQmJyEsE
nf0eBvSYB+GF1o18HQoSa3HIXfCfqqC8ja5m4knETisDLCpu7Qwa6oS+feVRiyy2
6hy5gpppOgPf+8LxGuTRrdyGRI+7JBszDwTZa/4ZjX7SS+h+O04fgsWiI+/r9YI8
ilY5I6cxWCApffTo+3LBZFV+qR9RzN3xWCouc+OsryF6PTs9aMp90anLqhDokaTt
e8H30+ETGSnFkloPJSoqES1lh88S3vDtqsMrfwkf/UmIocEiuiFiwZrYowhV2lSB
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:02:23 2024 by rpki-client on console-ams.rpki-client.org