Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/rn2F7jJzqt-1vSSxlSXfoSaye34.roa
File: rn2F7jJzqt-1vSSxlSXfoSaye34.roa (raw, json)
Hash identifier: lE1P5XHBY7cToewM+c8nOZy6tQbj5DL8FX+PX0sb05Q=
Subject key identifier: AE:7D:85:EE:32:73:AA:DF:B5:BD:24:B1:95:25:DF:A1:26:B2:7B:7E
Certificate issuer: /CN=311d62b7fd9fcfc87dfea987515767c838e21bb9
Certificate serial: 018CC26D4B5DC705EE78EC0FBB2FC2F49259
Authority key identifier: 31:1D:62:B7:FD:9F:CF:C8:7D:FE:A9:87:51:57:67:C8:38:E2:1B:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/rn2F7jJzqt-1vSSxlSXfoSaye34.roa
Signing time: Mon 01 Jan 2024 00:29:51 +0000
ROA not before: Mon 01 Jan 2024 00:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199422
IP address blocks: 185.92.20.0/24 maxlen: 24
77.95.64.0/23 maxlen: 23
77.95.64.0/22 maxlen: 22
77.95.66.0/23 maxlen: 23
2a03:9180::/33 maxlen: 33
2a03:9180:8000::/33 maxlen: 33
2a03:9180::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.mft
rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 09:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:4b:5d:c7:05:ee:78:ec:0f:bb:2f:c2:f4:92:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=311d62b7fd9fcfc87dfea987515767c838e21bb9
Validity
Not Before: Jan 1 00:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae7d85ee3273aadfb5bd24b19525dfa126b27b7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e2:77:12:02:c0:87:50:ac:75:f2:66:e7:e9:
46:2e:21:5e:8b:f5:73:7b:5b:07:35:fd:c7:7d:2a:
21:c2:a1:3b:92:9e:d0:3e:c2:74:d1:8f:ae:fa:20:
8c:54:13:8c:ab:7f:de:75:27:82:52:ae:d3:79:cd:
b0:0c:22:a4:25:99:f3:d7:0f:4e:58:ec:ad:4e:5f:
c4:dc:6b:d8:3d:f4:ac:11:0d:80:4e:ba:62:1f:5f:
9a:ae:ca:ff:b6:a8:28:1c:46:25:75:8a:d2:55:c1:
5e:c0:67:a4:62:b1:59:48:a7:8e:62:08:c4:17:ae:
0a:09:c2:ed:86:bb:10:fe:2f:34:78:00:f3:ab:7b:
d2:37:22:bc:7f:c9:6d:de:0c:90:88:aa:fa:a2:72:
85:20:a2:76:89:29:22:cd:c5:8a:c4:5f:4d:4c:7e:
18:c1:62:c8:8a:fd:3a:53:a6:2f:10:80:39:df:bd:
1f:7b:32:91:43:b4:ff:60:0e:5d:0a:b8:13:8f:eb:
c4:5c:38:e0:a1:90:42:aa:e7:24:af:e2:b8:6a:e4:
15:df:31:89:91:76:0a:28:1b:41:d4:4f:af:d6:5d:
03:72:bd:60:49:17:77:0c:17:5f:87:08:f6:cd:58:
9c:4d:3c:cf:40:c1:0b:14:fc:56:df:e5:16:65:76:
ab:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:7D:85:EE:32:73:AA:DF:B5:BD:24:B1:95:25:DF:A1:26:B2:7B:7E
X509v3 Authority Key Identifier:
keyid:31:1D:62:B7:FD:9F:CF:C8:7D:FE:A9:87:51:57:67:C8:38:E2:1B:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/rn2F7jJzqt-1vSSxlSXfoSaye34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.64.0/22
185.92.20.0/24
IPv6:
2a03:9180::/32
Signature Algorithm: sha256WithRSAEncryption
9a:c8:ff:74:1d:9d:e3:c5:52:22:79:0b:10:5a:8e:a0:78:90:
a0:b2:d9:6c:a4:f3:f3:02:de:f8:13:f4:56:eb:40:fc:15:2b:
72:0c:5a:e5:62:9c:43:0b:95:e1:7b:f5:9f:77:42:cf:ff:75:
d1:72:21:56:02:ab:f8:c0:ec:40:16:05:ea:91:40:07:04:8e:
da:90:d8:40:65:2e:db:f1:cb:71:dd:06:a6:21:36:c6:50:5c:
26:42:7c:d8:f6:03:36:8b:2a:5a:68:e0:e3:15:6d:be:ba:5b:
d0:4b:a9:cc:b8:4e:43:d7:32:76:07:ed:54:f7:9a:bf:3a:14:
ad:44:fc:83:60:33:0c:da:34:d3:67:47:df:6a:5b:5d:67:50:
4d:64:4a:a7:ac:60:d5:3e:15:31:37:47:27:50:93:03:2d:44:
06:1d:49:f8:cf:51:6d:82:2d:7f:cf:c1:bd:96:4b:6f:4c:2d:
2f:95:78:f7:64:76:c8:16:35:79:2f:fa:4e:cc:1c:f8:e0:4e:
d4:78:fc:7b:33:4f:70:f9:65:02:fb:e9:49:6d:6c:d7:8e:89:
5e:c5:d8:1d:1f:0f:71:29:df:49:5a:85:73:ac:4f:18:59:71:
d8:4b:bf:6f:29:84:21:4a:cd:ff:9a:77:2e:30:25:7b:d5:94:
fa:28:33:24
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzCbUtdxwXueOwPuy/C9JJZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMWQ2MmI3ZmQ5ZmNmYzg3ZGZlYTk4NzUxNTc2N2M4Mzhl
MjFiYjkwHhcNMjQwMTAxMDAyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTdkODVlZTMyNzNhYWRmYjViZDI0YjE5NTI1ZGZhMTI2YjI3YjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuJ3EgLAh1CsdfJm5+lGLiFei/Vz
e1sHNf3HfSohwqE7kp7QPsJ00Y+u+iCMVBOMq3/edSeCUq7Tec2wDCKkJZnz1w9O
WOytTl/E3GvYPfSsEQ2ATrpiH1+arsr/tqgoHEYldYrSVcFewGekYrFZSKeOYgjE
F64KCcLthrsQ/i80eADzq3vSNyK8f8lt3gyQiKr6onKFIKJ2iSkizcWKxF9NTH4Y
wWLIiv06U6YvEIA5370fezKRQ7T/YA5dCrgTj+vEXDjgoZBCquckr+K4auQV3zGJ
kXYKKBtB1E+v1l0Dcr1gSRd3DBdfhwj2zVicTTzPQMELFPxW3+UWZXarnQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK59he4yc6rftb0ksZUl36Emsnt+MB8GA1UdIwQY
MBaAFDEdYrf9n8/Iff6ph1FXZ8g44hu5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVIxaXRfMmZ6OGg5X3FtSFVWZG55RGppRzdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy81NzY4OGUtYTk2NC00OTMzLTg2MzEt
ODUwZjM0OTA2MjI5LzEvcm4yRjdqSnpxdC0xdlNTeGxTWGZvU2F5ZTM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy81NzY4OGUtYTk2NC00OTMzLTg2MzEtODUwZjM0OTA2MjI5
LzEvTVIxaXRfMmZ6OGg5X3FtSFVWZG55RGppRzdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCTV9AAwQA
uVwUMA0EAgACMAcDBQAqA5GAMA0GCSqGSIb3DQEBCwUAA4IBAQCayP90HZ3jxVIi
eQsQWo6geJCgstlspPPzAt74E/RW60D8FStyDFrlYpxDC5Xhe/Wfd0LP/3XRciFW
Aqv4wOxAFgXqkUAHBI7akNhAZS7b8ctx3QamITbGUFwmQnzY9gM2iypaaODjFW2+
ulvQS6nMuE5D1zJ2B+1U95q/OhStRPyDYDMM2jTTZ0ffaltdZ1BNZEqnrGDVPhUx
N0cnUJMDLUQGHUn4z1Ftgi1/z8G9lktvTC0vlXj3ZHbIFjV5L/pOzBz44E7UePx7
M09w+WUC++lJbWzXjolexdgdHw9xKd9JWoVzrE8YWXHYS79vKYQhSs3/mncuMCV7
1ZT6KDMk
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:12:20 2024 by rpki-client on console-fra.rpki-client.org