Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/abacf1-f4c6-4710-93e9-fc83db13f3a1/1/mWcgUYzwcY21P3WT4JyVYaq5b28.roa
File: mWcgUYzwcY21P3WT4JyVYaq5b28.roa (raw, json)
Hash identifier: LEPfK/SZ96vfo4FnLxAkn8Q4VMoOflW/bmtwNQo6Y78=
Subject key identifier: 99:67:20:51:8C:F0:71:8D:B5:3F:75:93:E0:9C:95:61:AA:B9:6F:6F
Certificate issuer: /CN=f875df13bf8c1ba8b10e2da480ae61a5348ab8e9
Certificate serial: 018CCA28F6BD5F12FCAE63224744906AB768
Authority key identifier: F8:75:DF:13:BF:8C:1B:A8:B1:0E:2D:A4:80:AE:61:A5:34:8A:B8:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-HXfE7-MG6ixDi2kgK5hpTSKuOk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/abacf1-f4c6-4710-93e9-fc83db13f3a1/1/mWcgUYzwcY21P3WT4JyVYaq5b28.roa
Signing time: Tue 02 Jan 2024 12:32:11 +0000
ROA not before: Tue 02 Jan 2024 12:32:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50919
IP address blocks: 178.23.72.0/21 maxlen: 21
194.62.224.0/22 maxlen: 22
188.164.200.0/21 maxlen: 21
2a00:1f68::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/abacf1-f4c6-4710-93e9-fc83db13f3a1/1/1-HXfE7-MG6ixDi2kgK5hpTSKuOk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/abacf1-f4c6-4710-93e9-fc83db13f3a1/1/1-HXfE7-MG6ixDi2kgK5hpTSKuOk.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-HXfE7-MG6ixDi2kgK5hpTSKuOk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:f6:bd:5f:12:fc:ae:63:22:47:44:90:6a:b7:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f875df13bf8c1ba8b10e2da480ae61a5348ab8e9
Validity
Not Before: Jan 2 12:32:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=996720518cf0718db53f7593e09c9561aab96f6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:96:88:0a:be:d2:22:dc:b5:63:2c:67:d9:cb:
83:73:6b:ed:04:c2:34:00:dd:50:1b:52:81:e0:15:
e9:47:11:34:a7:3b:02:64:ac:b6:86:11:a6:b2:ed:
69:98:0f:b5:e2:a7:fa:3f:a9:d5:0b:b3:8f:ca:37:
46:92:69:cc:ac:e7:e7:e0:e5:8c:e5:2f:74:f0:a9:
0a:0d:bb:88:cd:4a:59:79:8b:25:b9:c2:21:b5:fc:
93:44:ed:b4:5a:03:93:95:29:e5:56:47:76:31:28:
01:17:54:c2:0b:42:88:4e:48:08:bc:79:2c:ef:c8:
a3:b9:7f:64:ec:c0:e8:9f:02:7b:90:d9:89:43:e5:
ad:91:54:5c:d6:65:0d:e7:3e:e9:95:30:ee:e2:7c:
23:96:76:13:6f:bf:aa:8f:32:25:50:55:96:7e:e4:
f7:7a:a9:68:2b:87:49:b5:55:06:65:4a:1f:02:b2:
31:06:9f:4b:64:6d:15:fc:c9:14:c9:ea:22:40:52:
a9:1c:c7:09:00:1d:36:37:ee:9b:93:89:b7:1d:49:
33:bc:d0:05:d6:86:75:4a:dd:f5:50:2a:c7:ad:a8:
a6:8b:a2:e3:bf:13:37:ba:72:93:aa:41:c9:2d:b5:
48:81:fe:b6:a5:ff:6d:49:11:8b:fc:d2:45:19:4c:
12:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:67:20:51:8C:F0:71:8D:B5:3F:75:93:E0:9C:95:61:AA:B9:6F:6F
X509v3 Authority Key Identifier:
keyid:F8:75:DF:13:BF:8C:1B:A8:B1:0E:2D:A4:80:AE:61:A5:34:8A:B8:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-HXfE7-MG6ixDi2kgK5hpTSKuOk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/abacf1-f4c6-4710-93e9-fc83db13f3a1/1/mWcgUYzwcY21P3WT4JyVYaq5b28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/abacf1-f4c6-4710-93e9-fc83db13f3a1/1/1-HXfE7-MG6ixDi2kgK5hpTSKuOk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.23.72.0/21
188.164.200.0/21
194.62.224.0/22
IPv6:
2a00:1f68::/32
Signature Algorithm: sha256WithRSAEncryption
96:0b:01:60:88:fb:3c:ba:32:4a:08:33:a5:93:f1:ac:b1:e6:
46:3c:2b:6a:6c:eb:a5:b3:a5:bd:5b:ce:5d:6a:94:31:69:58:
45:1f:d5:f6:c3:f4:ca:46:1a:67:69:a4:64:7c:60:4e:e9:54:
80:a1:be:39:89:0b:7f:aa:0f:e7:d5:f0:8f:a4:09:7e:1d:e1:
48:c8:aa:dc:5d:dc:5f:98:4b:b7:88:50:e1:80:e1:0e:e9:a5:
6d:74:11:cd:3c:d8:1b:10:33:28:83:1f:32:2b:dd:f2:79:42:
03:ad:0c:1a:a9:8b:58:95:c0:73:9b:8f:ef:a4:e9:a8:e2:af:
2a:72:a8:5e:08:aa:30:b5:9e:0d:c5:d7:23:51:80:28:da:a5:
27:ed:b6:d7:7f:e7:da:27:5d:87:9c:e3:e1:58:0d:79:23:0b:
94:be:fb:ba:b3:e7:a3:65:bc:29:d0:a3:86:4f:a2:72:ae:cc:
68:4b:e6:0b:c5:c2:58:47:17:22:43:7c:0d:b3:1a:b8:8a:20:
cd:e4:6f:c4:48:3d:76:b7:c2:4e:d0:40:3f:3e:ed:21:4a:ad:
8c:a5:43:f2:60:43:cd:79:65:86:30:9b:20:88:17:28:38:17:
3d:19:33:2b:f5:ba:10:e1:96:9b:f2:06:57:bc:ee:cd:c0:07:
0b:0c:56:23
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzKKPa9XxL8rmMiR0SQardoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NzVkZjEzYmY4YzFiYThiMTBlMmRhNDgwYWU2MWE1MzQ4
YWI4ZTkwHhcNMjQwMTAyMTIzMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTY3MjA1MThjZjA3MThkYjUzZjc1OTNlMDljOTU2MWFhYjk2ZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8paICr7SIty1Yyxn2cuDc2vtBMI0
AN1QG1KB4BXpRxE0pzsCZKy2hhGmsu1pmA+14qf6P6nVC7OPyjdGkmnMrOfn4OWM
5S908KkKDbuIzUpZeYslucIhtfyTRO20WgOTlSnlVkd2MSgBF1TCC0KITkgIvHks
78ijuX9k7MDonwJ7kNmJQ+WtkVRc1mUN5z7plTDu4nwjlnYTb7+qjzIlUFWWfuT3
eqloK4dJtVUGZUofArIxBp9LZG0V/MkUyeoiQFKpHMcJAB02N+6bk4m3HUkzvNAF
1oZ1St31UCrHraimi6LjvxM3unKTqkHJLbVIgf62pf9tSRGL/NJFGUwStwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJlnIFGM8HGNtT91k+CclWGquW9vMB8GA1UdIwQY
MBaAFPh13xO/jBuosQ4tpICuYaU0irjpMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1IWGZFNy1NRzZpeERpMmtnSzVocFRTS3VPay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2IvYWJhY2YxLWY0YzYtNDcxMC05M2U5
LWZjODNkYjEzZjNhMS8xL21XY2dVWXp3Y1kyMVAzV1Q0SnlWWWFxNWIyOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2IvYWJhY2YxLWY0YzYtNDcxMC05M2U5LWZjODNkYjEzZjNh
MS8xLzEtSFhmRTctTUc2aXhEaTJrZ0s1aHBUU0t1T2suY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAOyF0gD
BAO8pMgDBALCPuAwDQQCAAIwBwMFACoAH2gwDQYJKoZIhvcNAQELBQADggEBAJYL
AWCI+zy6MkoIM6WT8ayx5kY8K2ps66Wzpb1bzl1qlDFpWEUf1fbD9MpGGmdppGR8
YE7pVIChvjmJC3+qD+fV8I+kCX4d4UjIqtxd3F+YS7eIUOGA4Q7ppW10Ec082BsQ
MyiDHzIr3fJ5QgOtDBqpi1iVwHObj++k6ajirypyqF4IqjC1ng3F1yNRgCjapSft
ttd/59onXYec4+FYDXkjC5S++7qz56NlvCnQo4ZPonKuzGhL5gvFwlhHFyJDfA2z
GriKIM3kb8RIPXa3wk7QQD8+7SFKrYylQ/JgQ815ZYYwmyCIFyg4Fz0ZMyv1uhDh
lpvyBle87s3ABwsMViM=
-----END CERTIFICATE-----
Generated at Sun May 19 14:07:33 2024 by rpki-client on console-fra.rpki-client.org