Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/MnaUkxH7xvziy5s5EAgmfsu6IgI.roa
File: MnaUkxH7xvziy5s5EAgmfsu6IgI.roa (raw, json)
Hash identifier: W8wwBQ/OwYIZPy8lkItjLMQt8Gq8yMtLREcyqOvOFuQ=
Subject key identifier: 32:76:94:93:11:FB:C6:FC:E2:CB:9B:39:10:08:26:7E:CB:BA:22:02
Certificate issuer: /CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Certificate serial: 018E7FBCD3ED1E8AF7EAC971D250A9C9673E
Authority key identifier: 42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/MnaUkxH7xvziy5s5EAgmfsu6IgI.roa
Signing time: Wed 27 Mar 2024 11:47:45 +0000
ROA not before: Wed 27 Mar 2024 11:47:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44854
IP address blocks: 93.114.180.0/23 maxlen: 24
185.219.6.0/24 maxlen: 24
2a10:e300:26::/48 maxlen: 48
2a10:e300:27::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/QpK12ktP_q9yBklRj7qqEMXLKBE.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/QpK12ktP_q9yBklRj7qqEMXLKBE.mft
rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:bc:d3:ed:1e:8a:f7:ea:c9:71:d2:50:a9:c9:67:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Validity
Not Before: Mar 27 11:47:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3276949311fbc6fce2cb9b391008267ecbba2202
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:43:ff:d9:32:bd:94:c0:50:48:75:64:e7:83:
92:68:0c:d7:61:3c:40:65:88:ea:7a:49:c7:10:9f:
12:5c:1c:25:f3:3c:2c:c3:70:93:ae:94:7f:0c:93:
84:36:6d:5f:5b:a1:a6:9b:25:c3:54:11:7d:40:42:
12:03:bb:23:5a:90:c7:25:ea:65:20:bd:4c:54:74:
ab:34:b4:fa:da:ac:51:18:7a:a9:f1:5a:9b:8c:81:
a8:12:22:0a:1f:08:11:6b:23:48:df:de:be:98:be:
77:77:5f:fc:1d:1c:26:b5:67:7d:82:88:30:9b:e9:
12:04:0c:ad:05:6b:ea:54:b0:b3:07:a7:d0:7e:71:
85:fd:15:cc:ad:52:12:83:dc:fa:18:84:54:ff:f0:
81:9a:fe:99:33:93:84:21:c5:1a:ba:f1:51:99:cf:
9d:23:58:be:af:3b:a3:d7:19:cf:62:b5:4b:84:96:
47:79:22:2d:90:5d:dc:0a:18:5c:ff:46:77:bc:7e:
5a:e3:9b:06:d4:37:3a:ca:d3:8c:8a:81:1b:0a:c7:
b2:02:ce:80:3f:ad:68:67:a2:0c:57:cf:0e:02:7e:
c1:f4:23:55:26:f8:fb:ff:d5:41:26:37:4d:0f:86:
86:a0:e5:f3:55:88:25:aa:dd:4e:a5:4a:c0:8a:40:
9c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:76:94:93:11:FB:C6:FC:E2:CB:9B:39:10:08:26:7E:CB:BA:22:02
X509v3 Authority Key Identifier:
keyid:42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/MnaUkxH7xvziy5s5EAgmfsu6IgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/QpK12ktP_q9yBklRj7qqEMXLKBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.180.0/23
185.219.6.0/24
IPv6:
2a10:e300:26::/47
Signature Algorithm: sha256WithRSAEncryption
bf:7a:28:37:9f:e0:3b:ca:ca:3e:7a:1b:c5:b9:13:4f:d0:a7:
22:15:48:f6:d5:d4:ae:3a:75:66:6c:ea:98:30:ee:80:40:b5:
43:e1:9b:e7:bb:32:c5:3e:e8:75:26:5a:09:5b:5f:7c:eb:b1:
57:09:dd:cf:ec:c2:d0:6e:35:ea:65:22:df:87:ce:86:53:67:
9f:0a:b9:16:40:4a:be:75:67:36:4e:f3:b6:d2:00:18:e0:52:
3d:90:a8:c0:5d:81:95:c0:fa:47:8d:07:5a:14:fe:61:da:62:
77:16:39:d6:e1:b9:e1:9e:41:d2:b8:c4:a3:74:ef:a8:f8:c4:
92:97:35:ef:c9:7b:e6:b5:7a:83:25:23:42:aa:0d:cb:a4:f6:
0a:41:41:3d:6d:ce:11:73:1e:6d:1c:42:8f:eb:3b:ad:76:3c:
5a:e3:9a:41:03:15:cb:7b:de:b2:b1:38:42:d3:6f:73:61:51:
52:86:c2:de:5d:fa:45:fc:a0:d1:91:90:10:82:40:28:37:03:
38:9f:2d:22:fa:1d:4c:63:25:6e:1a:54:98:c3:50:b6:c1:0c:
cb:96:82:37:45:3f:38:72:52:dd:29:28:ff:13:5a:32:0a:ae:
4f:cc:09:9d:e9:9a:f2:73:c8:fb:a0:fa:ed:0f:c8:2d:f6:b1:
a5:19:84:a2
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY5/vNPtHor36slx0lCpyWc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTJiNWRhNGI0ZmZlYWY3MjA2NDk1MThmYmFhYTEwYzVj
YjI4MTEwHhcNMjQwMzI3MTE0NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjc2OTQ5MzExZmJjNmZjZTJjYjliMzkxMDA4MjY3ZWNiYmEyMjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkP/2TK9lMBQSHVk54OSaAzXYTxA
ZYjqeknHEJ8SXBwl8zwsw3CTrpR/DJOENm1fW6GmmyXDVBF9QEISA7sjWpDHJepl
IL1MVHSrNLT62qxRGHqp8VqbjIGoEiIKHwgRayNI396+mL53d1/8HRwmtWd9gogw
m+kSBAytBWvqVLCzB6fQfnGF/RXMrVISg9z6GIRU//CBmv6ZM5OEIcUauvFRmc+d
I1i+rzuj1xnPYrVLhJZHeSItkF3cChhc/0Z3vH5a45sG1Dc6ytOMioEbCseyAs6A
P61oZ6IMV88OAn7B9CNVJvj7/9VBJjdND4aGoOXzVYglqt1OpUrAikCcfQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDJ2lJMR+8b84subORAIJn7LuiICMB8GA1UdIwQY
MBaAFEKStdpLT/6vcgZJUY+6qhDFyygRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3Yzct
YTA0M2UxYjY3Yjk0LzEvTW5hVWt4SDd4dnppeTVzNUVBZ21mc3U2SWdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3YzctYTA0M2UxYjY3Yjk0
LzEvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBXXK0AwQA
udsGMA8EAgACMAkDBwEqEOMAACYwDQYJKoZIhvcNAQELBQADggEBAL96KDef4DvK
yj56G8W5E0/QpyIVSPbV1K46dWZs6pgw7oBAtUPhm+e7MsU+6HUmWglbX3zrsVcJ
3c/swtBuNeplIt+HzoZTZ58KuRZASr51ZzZO87bSABjgUj2QqMBdgZXA+keNB1oU
/mHaYncWOdbhueGeQdK4xKN076j4xJKXNe/Je+a1eoMlI0KqDcuk9gpBQT1tzhFz
Hm0cQo/rO612PFrjmkEDFct73rKxOELTb3NhUVKGwt5d+kX8oNGRkBCCQCg3Azif
LSL6HUxjJW4aVJjDULbBDMuWgjdFPzhyUt0pKP8TWjIKrk/MCZ3pmvJzyPug+u0P
yC32saUZhKI=
-----END CERTIFICATE-----
Generated at Fri May 31 20:29:21 2024 by rpki-client on console-fra.rpki-client.org