Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/mvKlnp01Neqhpw7xiWPPxve9E1o.roa
File: mvKlnp01Neqhpw7xiWPPxve9E1o.roa (raw, json)
Hash identifier: cj+JxWgVcGKDiMoOgtcCq5LVm/7nmtJ1s1vejUOzIR4=
Subject key identifier: 9A:F2:A5:9E:9D:35:35:EA:A1:A7:0E:F1:89:63:CF:C6:F7:BD:13:5A
Certificate issuer: /CN=a7d78de0234e6f99701592f536e45f5f5594eec3
Certificate serial: 018CC801815D63877767D503DF2390F20FA1
Authority key identifier: A7:D7:8D:E0:23:4E:6F:99:70:15:92:F5:36:E4:5F:5F:55:94:EE:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p9eN4CNOb5lwFZL1NuRfX1WU7sM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/mvKlnp01Neqhpw7xiWPPxve9E1o.roa
Signing time: Tue 02 Jan 2024 02:29:51 +0000
ROA not before: Tue 02 Jan 2024 02:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44306
IP address blocks: 213.186.25.0/24 maxlen: 24
213.186.26.0/24 maxlen: 24
213.186.27.0/24 maxlen: 24
213.186.28.0/22 maxlen: 24
46.151.128.0/21 maxlen: 24
185.151.132.0/24 maxlen: 24
185.151.133.0/24 maxlen: 24
185.151.134.0/24 maxlen: 24
213.186.0.0/24 maxlen: 24
213.186.1.0/24 maxlen: 24
213.186.0.0/19 maxlen: 19
213.186.0.0/20 maxlen: 20
213.186.4.0/23 maxlen: 23
213.186.9.0/24 maxlen: 24
213.186.16.0/23 maxlen: 23
213.186.23.0/24 maxlen: 24
213.186.18.0/24 maxlen: 24
213.186.19.0/24 maxlen: 24
213.186.21.0/24 maxlen: 24
213.186.22.0/23 maxlen: 23
213.186.22.0/24 maxlen: 24
91.199.77.0/24 maxlen: 24
2a02:2608:fffe::/48 maxlen: 48
2a02:2608:fffe:1::/64 maxlen: 64
2a02:2608::/32 maxlen: 32
2a02:2608:1000::/48 maxlen: 48
2a02:2608:3000::/48 maxlen: 48
2a02:2608:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/p9eN4CNOb5lwFZL1NuRfX1WU7sM.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/p9eN4CNOb5lwFZL1NuRfX1WU7sM.mft
rsync://rpki.ripe.net/repository/DEFAULT/p9eN4CNOb5lwFZL1NuRfX1WU7sM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:81:5d:63:87:77:67:d5:03:df:23:90:f2:0f:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7d78de0234e6f99701592f536e45f5f5594eec3
Validity
Not Before: Jan 2 02:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9af2a59e9d3535eaa1a70ef18963cfc6f7bd135a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e6:bf:4d:82:bd:57:b2:a8:a0:d0:21:65:17:
49:e2:92:a1:87:16:ca:d6:6d:21:db:c5:d4:be:f5:
24:4f:bc:bb:d2:74:42:80:69:b3:d6:a4:ea:44:da:
eb:cb:69:ab:f6:16:db:7b:f6:db:b8:7f:98:46:30:
d2:6a:b0:ab:e0:6d:a1:61:c4:95:41:2b:0b:c1:66:
81:86:af:a4:f4:e0:30:d4:fd:fe:91:67:a4:5e:bb:
96:4a:c4:4b:a1:9d:37:62:56:b6:e1:26:53:69:18:
84:2e:76:9e:bd:aa:6f:63:62:19:49:56:73:23:35:
36:09:b4:67:c6:e0:10:e2:04:0b:e8:96:ba:95:ad:
78:b5:5f:ec:d4:d7:fd:47:13:44:cf:92:c9:bf:78:
cc:07:19:1a:21:ab:45:da:1b:d3:6f:46:6b:15:c0:
b8:d4:1f:f1:e7:17:29:e3:4c:21:65:d7:5e:9f:a8:
f6:c2:db:1f:58:56:3e:fc:fa:b2:71:e4:7f:3a:9a:
4e:d5:ca:2d:6d:d5:5b:37:31:c7:2d:49:4f:b3:26:
8b:86:65:cc:58:ba:90:67:eb:8e:b0:b5:fb:80:52:
ce:b2:7b:30:21:98:76:db:7d:a3:48:d2:30:3e:10:
e8:e9:16:f1:b6:20:d3:12:a3:5b:3e:ed:be:08:ed:
7a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:F2:A5:9E:9D:35:35:EA:A1:A7:0E:F1:89:63:CF:C6:F7:BD:13:5A
X509v3 Authority Key Identifier:
keyid:A7:D7:8D:E0:23:4E:6F:99:70:15:92:F5:36:E4:5F:5F:55:94:EE:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p9eN4CNOb5lwFZL1NuRfX1WU7sM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/mvKlnp01Neqhpw7xiWPPxve9E1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/p9eN4CNOb5lwFZL1NuRfX1WU7sM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.151.128.0/21
91.199.77.0/24
185.151.132.0-185.151.134.255
213.186.0.0/19
IPv6:
2a02:2608::/32
Signature Algorithm: sha256WithRSAEncryption
b8:2b:2c:4c:8a:d7:cb:2e:0f:69:cf:c5:4f:cc:4b:9a:ee:45:
9f:a1:3d:51:6d:14:88:15:d3:6e:a3:be:7f:62:77:5f:a9:eb:
af:b5:ac:79:cd:6f:2a:31:f6:38:40:6d:e6:8b:d0:84:12:3f:
23:77:d4:07:69:9c:35:25:44:f4:e3:18:e6:22:c3:a4:47:ef:
cc:e1:42:8b:4a:19:ca:a4:c0:7a:05:07:1f:11:83:80:2b:c4:
3e:96:a5:54:31:3a:55:bf:d1:f6:cc:0a:e5:48:15:c5:ee:4c:
fc:d3:c5:f5:b6:c2:4b:32:37:68:4c:53:54:4c:3b:c5:46:89:
27:ca:e5:66:9f:3c:ed:81:0d:75:1a:91:7e:1f:d6:ff:20:28:
cd:de:c1:9d:4d:ec:29:46:8e:23:97:54:8b:f3:fd:5e:bd:51:
74:4b:2b:52:c8:7f:21:2c:83:15:2c:48:31:27:78:af:84:39:
e2:c5:8a:e2:25:ce:ec:18:36:e2:47:89:2d:da:26:d7:4c:6a:
91:53:66:41:88:ce:52:97:2b:59:2a:9c:00:fd:dc:74:35:29:
cd:ca:58:d2:d0:5c:40:ff:2b:03:10:22:40:5e:ba:04:3a:2e:
fa:a8:24:cc:c3:7c:78:c2:db:4d:59:36:14:91:2d:33:74:cf:
aa:65:5b:af
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzIAYFdY4d3Z9UD3yOQ8g+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZDc4ZGUwMjM0ZTZmOTk3MDE1OTJmNTM2ZTQ1ZjVmNTU5
NGVlYzMwHhcNMjQwMTAyMDIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWYyYTU5ZTlkMzUzNWVhYTFhNzBlZjE4OTYzY2ZjNmY3YmQxMzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+a/TYK9V7KooNAhZRdJ4pKhhxbK
1m0h28XUvvUkT7y70nRCgGmz1qTqRNrry2mr9hbbe/bbuH+YRjDSarCr4G2hYcSV
QSsLwWaBhq+k9OAw1P3+kWekXruWSsRLoZ03Yla24SZTaRiELnaevapvY2IZSVZz
IzU2CbRnxuAQ4gQL6Ja6la14tV/s1Nf9RxNEz5LJv3jMBxkaIatF2hvTb0ZrFcC4
1B/x5xcp40whZdden6j2wtsfWFY+/PqyceR/OppO1cotbdVbNzHHLUlPsyaLhmXM
WLqQZ+uOsLX7gFLOsnswIZh2232jSNIwPhDo6RbxtiDTEqNbPu2+CO16KwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFJrypZ6dNTXqoacO8Yljz8b3vRNaMB8GA1UdIwQY
MBaAFKfXjeAjTm+ZcBWS9TbkX19VlO7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDllTjRDTk9iNWx3RlpMMU51UmZYMVdVN3NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8zMWFhYmEtYWM3ZS00ODlmLTg3N2Mt
MjhkNWI2MDdhNDdmLzEvbXZLbG5wMDFOZXFocHc3eGlXUFB4dmU5RTFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8zMWFhYmEtYWM3ZS00ODlmLTg3N2MtMjhkNWI2MDdhNDdm
LzEvcDllTjRDTk9iNWx3RlpMMU51UmZYMVdVN3NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQDLpeAAwQA
W8dNMAwDBAK5l4QDBAC5l4YDBAXVugAwDQQCAAIwBwMFACoCJggwDQYJKoZIhvcN
AQELBQADggEBALgrLEyK18suD2nPxU/MS5ruRZ+hPVFtFIgV026jvn9id1+p66+1
rHnNbyox9jhAbeaL0IQSPyN31AdpnDUlRPTjGOYiw6RH78zhQotKGcqkwHoFBx8R
g4ArxD6WpVQxOlW/0fbMCuVIFcXuTPzTxfW2wksyN2hMU1RMO8VGiSfK5WafPO2B
DXUakX4f1v8gKM3ewZ1N7ClGjiOXVIvz/V69UXRLK1LIfyEsgxUsSDEneK+EOeLF
iuIlzuwYNuJHiS3aJtdMapFTZkGIzlKXK1kqnAD93HQ1Kc3KWNLQXED/KwMQIkBe
ugQ6LvqoJMzDfHjC201ZNhSRLTN0z6plW68=
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:46:46 2024 by rpki-client on console-fra.rpki-client.org