Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/427db2-c613-4e84-b38c-90569bc6ca54/1/Ms1vSnNZIP4liFHW3jPgg5ggocs.roa
File: Ms1vSnNZIP4liFHW3jPgg5ggocs.roa (raw, json)
Hash identifier: tGZGkwlsYsamH8ExOfp+EZxiGKysKiieyCVjzGNZ0S0=
Subject key identifier: 32:CD:6F:4A:73:59:20:FE:25:88:51:D6:DE:33:E0:83:98:20:A1:CB
Certificate issuer: /CN=a64fa64bb3c2de4788306312c652de749ec93517
Certificate serial: 0192531BDFE47529129A93009C929A33FE1F
Authority key identifier: A6:4F:A6:4B:B3:C2:DE:47:88:30:63:12:C6:52:DE:74:9E:C9:35:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pk-mS7PC3keIMGMSxlLedJ7JNRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/427db2-c613-4e84-b38c-90569bc6ca54/1/Ms1vSnNZIP4liFHW3jPgg5ggocs.roa
Signing time: Thu 03 Oct 2024 15:59:48 +0000
ROA not before: Thu 03 Oct 2024 15:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212097
IP address blocks: 185.242.100.0/24 maxlen: 24
185.242.101.0/24 maxlen: 24
185.242.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/427db2-c613-4e84-b38c-90569bc6ca54/1/pk-mS7PC3keIMGMSxlLedJ7JNRc.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/427db2-c613-4e84-b38c-90569bc6ca54/1/pk-mS7PC3keIMGMSxlLedJ7JNRc.mft
rsync://rpki.ripe.net/repository/DEFAULT/pk-mS7PC3keIMGMSxlLedJ7JNRc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:53:1b:df:e4:75:29:12:9a:93:00:9c:92:9a:33:fe:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a64fa64bb3c2de4788306312c652de749ec93517
Validity
Not Before: Oct 3 15:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32cd6f4a735920fe258851d6de33e0839820a1cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a4:66:40:01:75:ac:a0:af:23:4d:4a:0a:4a:
c9:22:bf:73:50:de:68:c3:36:6b:b6:1b:fa:84:8e:
52:46:b5:03:7f:53:5b:00:cf:f8:12:d6:84:3a:53:
d8:80:0b:97:14:9d:a1:85:bf:67:9a:da:6e:d3:f4:
64:9b:5f:4f:f7:f4:cc:a5:0f:2f:a1:b5:0b:52:e4:
0b:2e:29:b4:3e:8f:82:e5:2a:fb:b8:b4:81:ec:d6:
5e:5f:55:cc:65:e4:89:84:ba:27:8f:7c:36:2f:ea:
69:1f:f7:3e:72:c5:1a:50:c6:cb:31:f4:e3:0a:ce:
12:12:47:4f:36:37:62:ce:17:f8:f1:d2:71:38:b8:
5f:4c:ea:f9:9f:7d:ad:ae:6c:54:4f:fa:f8:28:85:
94:46:de:99:09:34:af:80:c8:ae:d0:da:78:3b:42:
fc:bc:13:4d:cb:a3:41:16:e8:c8:76:9b:f1:22:81:
5f:85:16:2e:22:c8:78:1b:0d:6f:6f:22:f7:d0:20:
49:79:ab:8e:52:30:9d:14:21:bf:61:5d:2c:e5:1c:
c9:8e:82:a6:3e:77:ba:dd:ca:8f:9c:22:7d:fa:9e:
7a:02:88:d7:f9:12:59:f9:a9:34:28:82:f4:11:5d:
d9:b8:cc:1c:1b:02:2f:42:53:c7:cb:08:9e:15:01:
35:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:CD:6F:4A:73:59:20:FE:25:88:51:D6:DE:33:E0:83:98:20:A1:CB
X509v3 Authority Key Identifier:
keyid:A6:4F:A6:4B:B3:C2:DE:47:88:30:63:12:C6:52:DE:74:9E:C9:35:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pk-mS7PC3keIMGMSxlLedJ7JNRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/427db2-c613-4e84-b38c-90569bc6ca54/1/Ms1vSnNZIP4liFHW3jPgg5ggocs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/427db2-c613-4e84-b38c-90569bc6ca54/1/pk-mS7PC3keIMGMSxlLedJ7JNRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.100.0-185.242.102.255
Signature Algorithm: sha256WithRSAEncryption
6b:04:2b:3c:3a:0d:43:10:3c:55:65:c9:e8:4a:26:c5:32:29:
bd:e5:29:3b:5e:e3:77:cc:a4:06:be:78:13:d0:44:2b:0c:c8:
1c:b8:a2:69:c6:6e:73:be:31:d7:2e:2f:f7:24:8a:a2:c4:d4:
16:25:0a:62:ec:41:0e:fa:39:17:09:be:86:c3:db:93:7b:ce:
f0:41:67:ad:f9:0c:fd:c5:c9:83:12:44:49:8b:33:e2:76:b8:
34:ed:d8:b9:05:7e:e0:d6:41:2f:e3:c1:c9:78:09:a1:6b:d0:
06:46:60:c9:d2:ce:93:54:5a:08:1f:10:50:49:67:d4:8d:0e:
41:a0:72:1f:54:e2:aa:82:c0:bc:00:e6:bd:5a:f2:7a:b4:71:
a4:29:d5:9e:79:db:cf:71:24:09:e4:a5:df:dc:92:9a:c6:fb:
c4:04:21:af:41:5b:9b:6c:2b:c9:ce:e2:20:a7:e1:65:99:aa:
07:07:25:a7:60:72:77:37:03:05:7c:a1:32:9a:cc:c8:a3:ed:
31:ff:e6:5c:b5:85:3b:c7:ed:6f:21:41:4d:3e:2e:40:96:0d:
a9:6a:4b:d5:9e:31:37:89:99:bd:d0:3f:14:be:96:0d:b5:9e:
70:34:97:0c:38:a1:bf:07:96:52:63:b6:56:10:e1:7e:2b:a9:
12:da:ab:99
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZJTG9/kdSkSmpMAnJKaM/4fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NGZhNjRiYjNjMmRlNDc4ODMwNjMxMmM2NTJkZTc0OWVj
OTM1MTcwHhcNMjQxMDAzMTU1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmNkNmY0YTczNTkyMGZlMjU4ODUxZDZkZTMzZTA4Mzk4MjBhMWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKRmQAF1rKCvI01KCkrJIr9zUN5o
wzZrthv6hI5SRrUDf1NbAM/4EtaEOlPYgAuXFJ2hhb9nmtpu0/Rkm19P9/TMpQ8v
obULUuQLLim0Po+C5Sr7uLSB7NZeX1XMZeSJhLonj3w2L+ppH/c+csUaUMbLMfTj
Cs4SEkdPNjdizhf48dJxOLhfTOr5n32trmxUT/r4KIWURt6ZCTSvgMiu0Np4O0L8
vBNNy6NBFujIdpvxIoFfhRYuIsh4Gw1vbyL30CBJeauOUjCdFCG/YV0s5RzJjoKm
Pne63cqPnCJ9+p56AojX+RJZ+ak0KIL0EV3ZuMwcGwIvQlPHywieFQE1EwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDLNb0pzWSD+JYhR1t4z4IOYIKHLMB8GA1UdIwQY
MBaAFKZPpkuzwt5HiDBjEsZS3nSeyTUXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGstbVM3UEMza2VJTUdNU3hsTGVkSjdKTlJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80MjdkYjItYzYxMy00ZTg0LWIzOGMt
OTA1NjliYzZjYTU0LzEvTXMxdlNuTlpJUDRsaUZIVzNqUGdnNWdnb2NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80MjdkYjItYzYxMy00ZTg0LWIzOGMtOTA1NjliYzZjYTU0
LzEvcGstbVM3UEMza2VJTUdNU3hsTGVkSjdKTlJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK58mQD
BAC58mYwDQYJKoZIhvcNAQELBQADggEBAGsEKzw6DUMQPFVlyehKJsUyKb3lKTte
43fMpAa+eBPQRCsMyBy4omnGbnO+MdcuL/ckiqLE1BYlCmLsQQ76ORcJvobD25N7
zvBBZ635DP3FyYMSREmLM+J2uDTt2LkFfuDWQS/jwcl4CaFr0AZGYMnSzpNUWggf
EFBJZ9SNDkGgch9U4qqCwLwA5r1a8nq0caQp1Z55289xJAnkpd/ckprG+8QEIa9B
W5tsK8nO4iCn4WWZqgcHJadgcnc3AwV8oTKazMij7TH/5ly1hTvH7W8hQU0+LkCW
DalqS9WeMTeJmb3QPxS+lg21nnA0lww4ob8HllJjtlYQ4X4rqRLaq5k=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:31:10 2024 by rpki-client on console-ams.rpki-client.org