Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/MIEDbKFitJqBoRbuZ_mr0_-h4HU.roa
File: MIEDbKFitJqBoRbuZ_mr0_-h4HU.roa (raw, json)
Hash identifier: mEzJEntYIci9lsXmtlKRHka9ePIl7WyVxGLNJKhx1Fw=
Subject key identifier: 30:81:03:6C:A1:62:B4:9A:81:A1:16:EE:67:F9:AB:D3:FF:A1:E0:75
Certificate issuer: /CN=7d502e2d24b1f216913088207a268e6626b0ce39
Certificate serial: 018E16270B11BFC0BB1B3E8A518464DC96EB
Authority key identifier: 7D:50:2E:2D:24:B1:F2:16:91:30:88:20:7A:26:8E:66:26:B0:CE:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVAuLSSx8haRMIggeiaOZiawzjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/MIEDbKFitJqBoRbuZ_mr0_-h4HU.roa
Signing time: Wed 06 Mar 2024 23:44:01 +0000
ROA not before: Wed 06 Mar 2024 23:44:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42330
IP address blocks: 185.250.9.0/24 maxlen: 24
185.250.10.0/23 maxlen: 23
2a0b:9400:1000::/48 maxlen: 48
2a0b:9400:1001::/48 maxlen: 48
2a0b:9401::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/fVAuLSSx8haRMIggeiaOZiawzjk.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/fVAuLSSx8haRMIggeiaOZiawzjk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVAuLSSx8haRMIggeiaOZiawzjk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 14:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:16:27:0b:11:bf:c0:bb:1b:3e:8a:51:84:64:dc:96:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d502e2d24b1f216913088207a268e6626b0ce39
Validity
Not Before: Mar 6 23:44:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3081036ca162b49a81a116ee67f9abd3ffa1e075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:56:ce:d2:cc:58:87:35:c1:a9:20:14:88:16:
b4:f7:36:34:5f:55:c7:0d:ac:5e:fe:84:f6:aa:67:
24:db:6b:3d:34:b4:21:eb:ec:39:7d:41:be:f5:fa:
40:40:10:0b:9e:6f:1a:ac:db:59:bc:89:57:f4:fb:
3a:3a:95:20:7a:bf:91:35:c4:fa:c2:88:9c:83:93:
fc:89:2a:89:fc:ae:88:c3:ad:15:9c:7f:6d:86:7a:
bb:0e:cd:da:18:ae:84:60:1b:4a:1e:23:9b:d3:b7:
29:05:a8:23:de:d2:31:de:cf:4d:d2:ba:75:aa:86:
a7:75:8a:cc:1a:d2:7d:66:6c:89:a5:35:77:b2:ad:
3d:6b:6b:e7:6c:46:f9:9e:9e:d7:13:f3:8c:26:29:
f3:f7:36:66:41:07:a0:09:6c:67:7a:42:6c:51:89:
39:69:4a:e0:0a:b9:7d:a9:96:ee:1e:bd:69:f3:b3:
93:b6:d7:b4:3e:ee:e8:50:9a:2c:40:ad:a9:a9:aa:
e7:1c:3b:a3:0d:a1:46:f8:6b:ea:93:ef:4f:f4:b5:
46:05:35:bf:09:a2:b4:d7:31:65:7a:5a:18:58:09:
26:8e:75:9b:71:ae:02:65:59:f5:63:a3:4d:93:ce:
47:f3:31:0e:f4:aa:8f:32:a7:a9:fe:52:c6:1c:b8:
15:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:81:03:6C:A1:62:B4:9A:81:A1:16:EE:67:F9:AB:D3:FF:A1:E0:75
X509v3 Authority Key Identifier:
keyid:7D:50:2E:2D:24:B1:F2:16:91:30:88:20:7A:26:8E:66:26:B0:CE:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVAuLSSx8haRMIggeiaOZiawzjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/MIEDbKFitJqBoRbuZ_mr0_-h4HU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/fVAuLSSx8haRMIggeiaOZiawzjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.9.0-185.250.11.255
IPv6:
2a0b:9400:1000::/47
2a0b:9401::/32
Signature Algorithm: sha256WithRSAEncryption
70:ab:ca:25:9e:39:3f:7c:ec:45:44:20:0f:cf:b4:2b:39:f7:
d1:f9:47:b9:b4:7d:68:2a:2b:35:70:ce:b4:56:cf:b8:73:61:
f7:f5:0f:32:73:0f:43:48:2c:fe:97:0b:b9:c9:06:39:37:8f:
04:92:7c:13:92:32:a4:0e:da:54:63:c4:1d:f2:4b:b4:04:3d:
3e:89:0c:7a:7f:0b:5f:06:82:0f:43:27:e4:2c:00:c8:27:09:
c8:bc:5a:6e:c8:a8:f4:c8:0b:b7:c2:96:de:40:12:bf:70:06:
39:33:f6:bd:e8:2e:a9:62:9d:12:f5:99:44:cb:8d:76:b9:06:
75:19:6a:7f:b7:1c:e1:57:81:0b:ba:f5:9a:01:c1:94:ca:76:
fe:70:0e:25:f9:cd:c3:9b:4c:30:6d:da:46:f6:22:70:4f:c6:
bf:2b:4a:38:59:8f:e4:da:09:90:bc:a9:7d:7b:e7:5c:2e:90:
a9:43:55:f1:e4:09:c0:ea:0e:5e:e4:18:02:e7:bc:ed:9c:24:
44:52:f2:2e:2e:63:20:5f:0f:da:0b:07:e9:cd:9a:00:67:33:
5a:d6:33:9f:3a:15:3e:bd:57:74:c9:73:a5:45:70:59:62:f1:
c2:8a:49:b3:c1:d9:a1:bf:15:3c:4a:51:6d:0f:d0:59:e9:16:
1d:36:3c:d0
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY4WJwsRv8C7Gz6KUYRk3JbrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTAyZTJkMjRiMWYyMTY5MTMwODgyMDdhMjY4ZTY2MjZi
MGNlMzkwHhcNMjQwMzA2MjM0NDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDgxMDM2Y2ExNjJiNDlhODFhMTE2ZWU2N2Y5YWJkM2ZmYTFlMDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1bO0sxYhzXBqSAUiBa09zY0X1XH
Daxe/oT2qmck22s9NLQh6+w5fUG+9fpAQBALnm8arNtZvIlX9Ps6OpUger+RNcT6
woicg5P8iSqJ/K6Iw60VnH9thnq7Ds3aGK6EYBtKHiOb07cpBagj3tIx3s9N0rp1
qoandYrMGtJ9ZmyJpTV3sq09a2vnbEb5np7XE/OMJinz9zZmQQegCWxnekJsUYk5
aUrgCrl9qZbuHr1p87OTtte0Pu7oUJosQK2pqarnHDujDaFG+Gvqk+9P9LVGBTW/
CaK01zFleloYWAkmjnWbca4CZVn1Y6NNk85H8zEO9KqPMqep/lLGHLgVywIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDCBA2yhYrSagaEW7mf5q9P/oeB1MB8GA1UdIwQY
MBaAFH1QLi0ksfIWkTCIIHomjmYmsM45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZBdUxTU3g4aGFSTUlnZ2VpYU9aaWF3emprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9hYTUzY2YtZjk4OC00MGViLTgwODMt
NTFkNzU1NjhhOWUzLzEvTUlFRGJLRml0SnFCb1JidVpfbXIwXy1oNEhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9hYTUzY2YtZjk4OC00MGViLTgwODMtNTFkNzU1NjhhOWUz
LzEvZlZBdUxTU3g4aGFSTUlnZ2VpYU9aaWF3emprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAUBAIAATAOMAwDBAC5+gkD
BAK5+ggwFgQCAAIwEAMHASoLlAAQAAMFACoLlAEwDQYJKoZIhvcNAQELBQADggEB
AHCryiWeOT987EVEIA/PtCs599H5R7m0fWgqKzVwzrRWz7hzYff1DzJzD0NILP6X
C7nJBjk3jwSSfBOSMqQO2lRjxB3yS7QEPT6JDHp/C18Ggg9DJ+QsAMgnCci8Wm7I
qPTIC7fClt5AEr9wBjkz9r3oLqlinRL1mUTLjXa5BnUZan+3HOFXgQu69ZoBwZTK
dv5wDiX5zcObTDBt2kb2InBPxr8rSjhZj+TaCZC8qX1751wukKlDVfHkCcDqDl7k
GALnvO2cJERS8i4uYyBfD9oLB+nNmgBnM1rWM586FT69V3TJc6VFcFli8cKKSbPB
2aG/FTxKUW0P0FnpFh02PNA=
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:21:50 2024 by rpki-client on console-ams.rpki-client.org