Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/McgOG9JNXxsDS6O-1qmhVPNeXPk.roa
File: McgOG9JNXxsDS6O-1qmhVPNeXPk.roa (raw, json)
Hash identifier: gUF+0S13eYNfkFLz/wVOd7RnSjoJkK0FWKtSUighGGQ=
Subject key identifier: 31:C8:0E:1B:D2:4D:5F:1B:03:4B:A3:BE:D6:A9:A1:54:F3:5E:5C:F9
Certificate issuer: /CN=8eee7a3ad152bb8725a7db9bb7520804b6f1155f
Certificate serial: 018CC26D7018876BEA304D060BFD6CAE0A6A
Authority key identifier: 8E:EE:7A:3A:D1:52:BB:87:25:A7:DB:9B:B7:52:08:04:B6:F1:15:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ju56OtFSu4clp9ubt1IIBLbxFV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/McgOG9JNXxsDS6O-1qmhVPNeXPk.roa
Signing time: Mon 01 Jan 2024 00:30:01 +0000
ROA not before: Mon 01 Jan 2024 00:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202499
IP address blocks: 185.239.64.0/24 maxlen: 24
185.239.64.0/22 maxlen: 24
185.71.168.0/24 maxlen: 24
185.71.168.0/22 maxlen: 24
185.71.169.0/24 maxlen: 24
185.71.170.0/24 maxlen: 24
185.71.171.0/24 maxlen: 24
185.239.65.0/24 maxlen: 24
185.239.66.0/24 maxlen: 24
185.239.67.0/24 maxlen: 24
185.228.240.0/24 maxlen: 24
185.228.241.0/24 maxlen: 24
185.228.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/ju56OtFSu4clp9ubt1IIBLbxFV8.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/ju56OtFSu4clp9ubt1IIBLbxFV8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ju56OtFSu4clp9ubt1IIBLbxFV8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 07:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:70:18:87:6b:ea:30:4d:06:0b:fd:6c:ae:0a:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eee7a3ad152bb8725a7db9bb7520804b6f1155f
Validity
Not Before: Jan 1 00:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31c80e1bd24d5f1b034ba3bed6a9a154f35e5cf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:91:5c:35:36:7c:a5:65:6c:ff:9a:14:60:4b:
15:fe:a8:c9:95:b4:5c:eb:a7:ce:57:c0:90:d7:11:
42:21:f6:f1:86:38:26:62:b7:d0:b0:a5:0c:e6:be:
b3:31:db:f5:0c:33:10:fc:e4:55:35:06:e4:1d:c1:
b4:c6:1e:66:b1:25:ca:34:76:bd:86:8d:e4:a9:70:
f9:fa:2b:7a:da:f5:ee:10:30:69:1e:ef:56:25:69:
01:4c:f2:6d:8d:26:5e:df:cb:3a:d8:e7:e5:2f:68:
18:2c:c1:d2:f3:10:57:f1:2e:51:2a:55:49:36:f5:
43:ae:69:17:b2:f2:f9:e4:e9:95:70:4a:9a:e9:d7:
6e:f2:5f:67:20:47:ff:6f:2f:3c:40:1b:8a:cd:2d:
c5:04:46:8f:71:73:8d:2c:31:bc:aa:0f:1a:e7:7a:
0e:c5:00:ff:4e:1e:a9:48:b4:83:61:dc:0f:12:39:
56:f7:28:b1:9e:95:af:df:44:2f:0d:09:55:7a:41:
2c:96:0f:e9:53:32:a3:a3:12:bb:93:59:ed:51:af:
ca:37:af:08:b7:25:b4:6f:62:35:aa:29:12:db:48:
ce:27:0b:ca:b2:95:09:59:f6:2f:af:e7:a5:54:cd:
2c:fd:c4:6c:f6:7f:31:91:3f:28:43:04:0b:ca:a6:
c0:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:C8:0E:1B:D2:4D:5F:1B:03:4B:A3:BE:D6:A9:A1:54:F3:5E:5C:F9
X509v3 Authority Key Identifier:
keyid:8E:EE:7A:3A:D1:52:BB:87:25:A7:DB:9B:B7:52:08:04:B6:F1:15:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ju56OtFSu4clp9ubt1IIBLbxFV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/McgOG9JNXxsDS6O-1qmhVPNeXPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/ju56OtFSu4clp9ubt1IIBLbxFV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.168.0/22
185.228.240.0-185.228.242.255
185.239.64.0/22
Signature Algorithm: sha256WithRSAEncryption
52:44:6b:59:21:44:f6:d1:a0:e6:87:ee:0d:2f:0a:91:81:0c:
7c:61:f6:9a:e6:40:e6:09:5e:8b:b9:30:73:3f:0c:bc:5e:d7:
24:5a:97:78:d1:84:0d:de:ca:29:1c:ec:50:71:2b:1d:25:40:
47:50:1f:c8:b9:43:13:89:63:1e:1c:b6:bf:ac:2d:11:ce:57:
88:58:90:a3:fc:81:69:02:4b:51:d9:c8:a1:21:54:5a:cf:bf:
5a:b7:5b:97:43:bd:0f:4c:a3:17:01:c3:67:4a:33:7f:ee:d8:
3a:35:64:fd:4a:57:32:41:18:a4:67:a4:c5:12:75:94:40:65:
30:25:bc:21:ef:be:e4:2d:26:0c:d6:af:ae:df:98:7d:eb:e0:
5d:0d:65:1a:13:be:21:23:65:0f:81:8b:73:af:8e:a8:02:f7:
b1:c6:fd:cc:73:7c:20:d5:78:24:e2:b8:34:70:71:b1:f4:32:
98:63:f1:e5:19:06:0b:23:94:49:be:66:4b:ac:31:3b:36:f7:
88:e5:bc:55:d6:25:63:ec:68:26:81:98:7c:c6:7b:75:ab:e3:
97:0c:07:55:5e:97:61:75:94:ec:8b:d1:af:e9:a4:a8:bf:10:
d5:4d:4d:e1:c0:e6:1d:29:de:d5:ac:79:98:95:f0:77:57:cd:
80:44:1e:a0
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzCbXAYh2vqME0GC/1srgpqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZWU3YTNhZDE1MmJiODcyNWE3ZGI5YmI3NTIwODA0YjZm
MTE1NWYwHhcNMjQwMTAxMDAzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWM4MGUxYmQyNGQ1ZjFiMDM0YmEzYmVkNmE5YTE1NGYzNWU1Y2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupFcNTZ8pWVs/5oUYEsV/qjJlbRc
66fOV8CQ1xFCIfbxhjgmYrfQsKUM5r6zMdv1DDMQ/ORVNQbkHcG0xh5msSXKNHa9
ho3kqXD5+it62vXuEDBpHu9WJWkBTPJtjSZe38s62OflL2gYLMHS8xBX8S5RKlVJ
NvVDrmkXsvL55OmVcEqa6ddu8l9nIEf/by88QBuKzS3FBEaPcXONLDG8qg8a53oO
xQD/Th6pSLSDYdwPEjlW9yixnpWv30QvDQlVekEslg/pUzKjoxK7k1ntUa/KN68I
tyW0b2I1qikS20jOJwvKspUJWfYvr+elVM0s/cRs9n8xkT8oQwQLyqbA2QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDHIDhvSTV8bA0ujvtapoVTzXlz5MB8GA1UdIwQY
MBaAFI7uejrRUruHJafbm7dSCAS28RVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanU1Nk90RlN1NGNscDl1YnQxSUlCTGJ4RlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83OTc5YjItYzNkOS00ZjMzLWEwOWYt
NDk1OTFhZmUxN2YwLzEvTWNnT0c5Sk5YeHNEUzZPLTFxbWhWUE5lWFBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83OTc5YjItYzNkOS00ZjMzLWEwOWYtNDk1OTFhZmUxN2Yw
LzEvanU1Nk90RlN1NGNscDl1YnQxSUlCTGJ4RlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCuUeoMAwD
BAS55PADBAC55PIDBAK570AwDQYJKoZIhvcNAQELBQADggEBAFJEa1khRPbRoOaH
7g0vCpGBDHxh9prmQOYJXou5MHM/DLxe1yRal3jRhA3eyikc7FBxKx0lQEdQH8i5
QxOJYx4ctr+sLRHOV4hYkKP8gWkCS1HZyKEhVFrPv1q3W5dDvQ9MoxcBw2dKM3/u
2Do1ZP1KVzJBGKRnpMUSdZRAZTAlvCHvvuQtJgzWr67fmH3r4F0NZRoTviEjZQ+B
i3OvjqgC97HG/cxzfCDVeCTiuDRwcbH0Mphj8eUZBgsjlEm+ZkusMTs294jlvFXW
JWPsaCaBmHzGe3Wr45cMB1Vel2F1lOyL0a/ppKi/ENVNTeHA5h0p3tWseZiV8HdX
zYBEHqA=
-----END CERTIFICATE-----
Generated at Mon Jul 1 15:51:20 2024 by rpki-client on console-fra.rpki-client.org