Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/MrkMXJlb6rEQ_grwdar2uKyZp6w.roa
File: MrkMXJlb6rEQ_grwdar2uKyZp6w.roa (raw, json)
Hash identifier: cQoztnCSLiXL21aMdmp/aICcHN3ou+toy1XjHePNESo=
Subject key identifier: 32:B9:0C:5C:99:5B:EA:B1:10:FE:0A:F0:75:AA:F6:B8:AC:99:A7:AC
Certificate issuer: /CN=df27b939934a2cc206ffba6bce9c90fdcba39c71
Certificate serial: 0190DBE558307A148306B84341BB81B93000
Authority key identifier: DF:27:B9:39:93:4A:2C:C2:06:FF:BA:6B:CE:9C:90:FD:CB:A3:9C:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ye5OZNKLMIG_7przpyQ_cujnHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/MrkMXJlb6rEQ_grwdar2uKyZp6w.roa
Signing time: Mon 22 Jul 2024 19:22:38 +0000
ROA not before: Mon 22 Jul 2024 19:22:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58331
IP address blocks: 185.75.207.0/24 maxlen: 24
193.242.194.0/24 maxlen: 24
193.242.195.0/24 maxlen: 24
2a05:5440::/32 maxlen: 32
2a05:5441::/32 maxlen: 32
2a05:5442::/32 maxlen: 32
2a05:5443::/32 maxlen: 32
2a05:5444::/32 maxlen: 32
2a05:5445::/32 maxlen: 32
2a05:5446::/32 maxlen: 32
2a05:5447::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/3ye5OZNKLMIG_7przpyQ_cujnHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/3ye5OZNKLMIG_7przpyQ_cujnHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ye5OZNKLMIG_7przpyQ_cujnHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:db:e5:58:30:7a:14:83:06:b8:43:41:bb:81:b9:30:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df27b939934a2cc206ffba6bce9c90fdcba39c71
Validity
Not Before: Jul 22 19:22:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32b90c5c995beab110fe0af075aaf6b8ac99a7ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e8:94:b9:1a:7b:49:7f:a1:06:f3:20:a2:9d:
6c:81:cd:a4:46:77:fe:7b:0f:5c:d0:d9:52:8f:57:
7b:35:40:68:db:38:5b:29:4f:0c:dc:51:d0:c4:f3:
6f:10:e4:b8:3e:ab:64:69:02:c7:40:ae:e8:fd:76:
2a:8b:a5:6a:91:99:57:ba:28:b5:c6:6e:c3:8a:32:
94:00:34:c3:93:7a:19:0a:65:19:e2:4f:fd:48:e6:
fc:6c:86:95:bf:b7:3d:7d:3f:99:45:61:cf:62:3f:
2a:20:82:26:fa:9e:0c:b8:df:cd:20:f7:42:b9:6a:
35:05:16:7d:f6:80:dd:15:e8:8d:f0:b9:11:68:b9:
ac:41:69:88:6b:78:a6:9f:23:63:8e:85:e4:73:8f:
f8:69:9b:79:87:91:0f:d5:80:ef:a8:91:4c:82:29:
b8:a7:00:7e:2b:3c:d8:d2:c7:c7:51:39:6b:69:4c:
90:b4:04:2b:93:26:df:0c:d4:b7:03:b5:74:91:a6:
a4:09:7c:c8:3c:a9:39:99:0a:46:de:26:05:9e:24:
71:d1:ed:05:4d:08:49:fb:67:61:05:c6:f2:29:7e:
05:7f:5c:d6:7e:ca:a5:2e:5b:18:3e:66:43:c0:0a:
8c:35:cb:76:5d:f5:b1:68:7a:f6:d5:1e:e5:5a:a4:
77:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:B9:0C:5C:99:5B:EA:B1:10:FE:0A:F0:75:AA:F6:B8:AC:99:A7:AC
X509v3 Authority Key Identifier:
keyid:DF:27:B9:39:93:4A:2C:C2:06:FF:BA:6B:CE:9C:90:FD:CB:A3:9C:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ye5OZNKLMIG_7przpyQ_cujnHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/MrkMXJlb6rEQ_grwdar2uKyZp6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/3ye5OZNKLMIG_7przpyQ_cujnHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.207.0/24
193.242.194.0/23
IPv6:
2a05:5440::/29
Signature Algorithm: sha256WithRSAEncryption
5b:f0:9b:cb:7b:6a:4d:41:b9:c7:61:e4:48:67:78:ef:65:0e:
62:9c:dc:3b:c3:9b:b9:d5:94:c8:0e:ce:b6:a2:ff:50:d3:27:
0c:57:7d:67:bf:29:51:92:9d:cb:af:eb:c0:9e:f0:47:d6:10:
e7:00:99:98:a9:73:5a:2e:88:35:98:c5:26:2f:58:cf:67:2b:
1d:56:92:d7:10:be:5b:da:55:30:a5:5c:0b:59:ff:a4:e7:a0:
45:66:c1:f9:9b:89:01:ba:5d:ef:9e:bb:74:00:0e:9e:ad:0e:
0d:4a:6a:dc:09:f0:23:6b:bb:92:50:fa:b0:a9:d6:76:40:89:
20:44:57:17:79:c0:4d:9e:05:f0:bf:a5:aa:f0:de:9a:72:14:
d0:1d:d6:7e:03:cc:57:af:52:47:82:09:59:e9:49:f3:89:4c:
29:a7:35:4b:8f:2e:f8:2e:04:22:e9:56:02:5d:bf:9f:ee:3a:
39:b2:e5:68:41:4a:9d:f8:d6:55:f6:a6:47:9e:08:a2:83:f3:
78:07:72:d1:af:59:7e:6c:8a:4b:dc:55:36:34:57:95:4a:20:
b6:67:81:de:ae:01:6d:90:6d:60:69:22:d1:cd:fa:b8:dc:9b:
42:f4:3d:63:02:2a:04:40:63:52:f8:1f:5e:c6:2b:0f:c7:15:
77:b7:fe:ba
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZDb5VgwehSDBrhDQbuBuTAAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMjdiOTM5OTM0YTJjYzIwNmZmYmE2YmNlOWM5MGZkY2Jh
MzljNzEwHhcNMjQwNzIyMTkyMjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmI5MGM1Yzk5NWJlYWIxMTBmZTBhZjA3NWFhZjZiOGFjOTlhN2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+iUuRp7SX+hBvMgop1sgc2kRnf+
ew9c0NlSj1d7NUBo2zhbKU8M3FHQxPNvEOS4PqtkaQLHQK7o/XYqi6VqkZlXuii1
xm7DijKUADTDk3oZCmUZ4k/9SOb8bIaVv7c9fT+ZRWHPYj8qIIIm+p4MuN/NIPdC
uWo1BRZ99oDdFeiN8LkRaLmsQWmIa3imnyNjjoXkc4/4aZt5h5EP1YDvqJFMgim4
pwB+KzzY0sfHUTlraUyQtAQrkybfDNS3A7V0kaakCXzIPKk5mQpG3iYFniRx0e0F
TQhJ+2dhBcbyKX4Ff1zWfsqlLlsYPmZDwAqMNct2XfWxaHr21R7lWqR3BQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDK5DFyZW+qxEP4K8HWq9rismaesMB8GA1UdIwQY
MBaAFN8nuTmTSizCBv+6a86ckP3Lo5xxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3llNU9aTktMTUlHXzdwcnpweVFfY3VqbkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi85NjYyNjEtODNiNS00ZWFkLWE0Njgt
NmVkNTRkM2ZlNGY0LzEvTXJrTVhKbGI2ckVRX2dyd2RhcjJ1S3lacDZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi85NjYyNjEtODNiNS00ZWFkLWE0NjgtNmVkNTRkM2ZlNGY0
LzEvM3llNU9aTktMTUlHXzdwcnpweVFfY3VqbkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuUvPAwQB
wfLCMA0EAgACMAcDBQMqBVRAMA0GCSqGSIb3DQEBCwUAA4IBAQBb8JvLe2pNQbnH
YeRIZ3jvZQ5inNw7w5u51ZTIDs62ov9Q0ycMV31nvylRkp3Lr+vAnvBH1hDnAJmY
qXNaLog1mMUmL1jPZysdVpLXEL5b2lUwpVwLWf+k56BFZsH5m4kBul3vnrt0AA6e
rQ4NSmrcCfAja7uSUPqwqdZ2QIkgRFcXecBNngXwv6Wq8N6achTQHdZ+A8xXr1JH
gglZ6UnziUwppzVLjy74LgQi6VYCXb+f7jo5suVoQUqd+NZV9qZHngiig/N4B3LR
r1l+bIpL3FU2NFeVSiC2Z4HergFtkG1gaSLRzfq43JtC9D1jAioEQGNS+B9exisP
xxV3t/66
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:11:10 2024 by rpki-client on console-fra.rpki-client.org