Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/MJUSZy9WXPA2SNu4tFYs_7ZRig0.roa
File: MJUSZy9WXPA2SNu4tFYs_7ZRig0.roa (raw, json)
Hash identifier: Fh9ge+6w7QKETcmrs44lQImK9Ku5/PGcDLUBwZdK7Mc=
Subject key identifier: 30:95:12:67:2F:56:5C:F0:36:48:DB:B8:B4:56:2C:FF:B6:51:8A:0D
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018CCA298485E34A248448EA40ADA33F2888
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/MJUSZy9WXPA2SNu4tFYs_7ZRig0.roa
Signing time: Tue 02 Jan 2024 12:32:47 +0000
ROA not before: Tue 02 Jan 2024 12:32:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39351
IP address blocks: 85.203.53.0/24 maxlen: 24
85.203.55.0/24 maxlen: 24
85.203.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:84:85:e3:4a:24:84:48:ea:40:ad:a3:3f:28:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 12:32:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=309512672f565cf03648dbb8b4562cffb6518a0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:46:3b:1b:ae:e3:51:24:7d:64:7e:a9:ef:30:
1f:6d:99:50:c3:5c:03:76:68:d8:27:7a:4b:38:24:
e7:19:17:bd:66:49:49:30:a7:a9:5a:94:c5:b9:2b:
0e:bd:a2:3d:74:d9:63:03:a4:53:84:dd:af:db:2e:
23:b4:81:37:35:29:3b:54:19:e0:9d:09:41:28:49:
08:6e:8f:3e:ea:5a:8b:ed:99:51:a9:f5:1b:d8:15:
bf:1a:1d:99:95:f0:f9:ba:f3:63:70:c6:a7:d4:99:
f1:54:3c:d7:b3:91:27:59:6f:67:21:a9:97:1b:ae:
86:67:73:64:9f:d8:61:c0:46:7a:e4:e7:e8:10:34:
fd:08:e9:a2:f9:96:ab:93:58:3e:15:63:a9:9d:17:
f6:32:a5:25:1a:65:49:99:ed:73:23:2c:f5:e9:4e:
8d:2c:cb:27:6a:6c:c8:d8:b0:78:01:13:a6:bb:e9:
5b:30:92:ff:19:02:18:67:10:2f:e8:57:5b:a9:af:
1b:f4:ec:b1:f7:46:24:85:5a:5d:d1:97:f9:ed:99:
9d:28:e5:19:11:bc:34:0c:6f:71:06:f5:1d:82:a6:
b0:64:3a:30:e3:a7:58:53:fb:47:61:3b:bc:ac:8f:
61:1d:1b:60:96:93:f7:d3:d9:14:1e:40:4d:ea:30:
24:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:95:12:67:2F:56:5C:F0:36:48:DB:B8:B4:56:2C:FF:B6:51:8A:0D
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/MJUSZy9WXPA2SNu4tFYs_7ZRig0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.53.0-85.203.55.255
Signature Algorithm: sha256WithRSAEncryption
3d:8c:58:0d:77:f3:ad:2a:d8:d4:94:f0:92:b8:f9:c2:ce:8d:
d4:40:b5:4d:06:18:34:57:60:21:62:74:13:a1:63:21:6f:cf:
14:26:c2:62:14:65:1f:1e:77:07:6d:d0:c8:ba:c8:a3:3b:87:
37:3a:6d:9b:9d:67:d4:14:b6:7c:74:ee:47:87:ea:e8:a2:c9:
6a:11:23:b5:a3:ba:a1:7e:59:3a:39:62:a3:0f:39:c9:5e:2f:
1c:52:a5:de:0e:f6:99:0d:5d:c1:8a:eb:21:d0:a4:6a:d2:4d:
ac:ea:5c:34:be:2d:f1:a3:db:a5:46:48:56:a4:90:16:b4:5e:
6a:1d:e3:9d:1b:5d:1e:7e:ea:a2:e2:36:e0:7e:76:a8:7f:84:
d1:72:08:44:85:1a:8b:f4:86:01:aa:ef:f1:9d:ec:60:74:f0:
9c:8f:da:bb:d6:0e:6d:f1:56:5c:8c:3c:8c:4d:20:68:e7:49:
26:12:37:56:16:8d:a6:db:c3:35:cf:a8:b6:09:69:94:20:57:
8f:34:f7:a6:53:4d:e7:78:11:55:56:0b:45:40:5c:eb:39:fa:
dd:93:c1:eb:58:3e:23:19:71:8d:34:ea:93:7c:e8:30:6d:db:
c1:4e:22:01:e9:ef:35:c7:ac:0f:a5:7b:b8:2b:cb:c0:7c:73:
e3:b8:57:c8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzKKYSF40okhEjqQK2jPyiIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjQwMTAyMTIzMjQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDk1MTI2NzJmNTY1Y2YwMzY0OGRiYjhiNDU2MmNmZmI2NTE4YTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEY7G67jUSR9ZH6p7zAfbZlQw1wD
dmjYJ3pLOCTnGRe9ZklJMKepWpTFuSsOvaI9dNljA6RThN2v2y4jtIE3NSk7VBng
nQlBKEkIbo8+6lqL7ZlRqfUb2BW/Gh2ZlfD5uvNjcMan1JnxVDzXs5EnWW9nIamX
G66GZ3Nkn9hhwEZ65OfoEDT9COmi+Zark1g+FWOpnRf2MqUlGmVJme1zIyz16U6N
LMsnamzI2LB4AROmu+lbMJL/GQIYZxAv6Fdbqa8b9Oyx90YkhVpd0Zf57ZmdKOUZ
Ebw0DG9xBvUdgqawZDow46dYU/tHYTu8rI9hHRtglpP309kUHkBN6jAkvQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDCVEmcvVlzwNkjbuLRWLP+2UYoNMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvTUpVU1p5OVdYUEEyU051NHRGWXNfN1pSaWcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABVyzUD
BANVyzAwDQYJKoZIhvcNAQELBQADggEBAD2MWA13860q2NSU8JK4+cLOjdRAtU0G
GDRXYCFidBOhYyFvzxQmwmIUZR8edwdt0Mi6yKM7hzc6bZudZ9QUtnx07keH6uii
yWoRI7WjuqF+WTo5YqMPOcleLxxSpd4O9pkNXcGK6yHQpGrSTazqXDS+LfGj26VG
SFakkBa0Xmod450bXR5+6qLiNuB+dqh/hNFyCESFGov0hgGq7/Gd7GB08JyP2rvW
Dm3xVlyMPIxNIGjnSSYSN1YWjabbwzXPqLYJaZQgV48096ZTTed4EVVWC0VAXOs5
+t2TwetYPiMZcY006pN86DBt28FOIgHp7zXHrA+le7gry8B8c+O4V8g=
-----END CERTIFICATE-----
Generated at Thu May 2 15:20:06 2024 by rpki-client on console-fra.rpki-client.org