Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/Mqd3HFO18ohH8UNILvLRExE4Klg.roa
File: Mqd3HFO18ohH8UNILvLRExE4Klg.roa (raw, json)
Hash identifier: LOKAGwAFo9y698gXEHE84dmTbpZPONJJI/Ps7w7q08I=
Subject key identifier: 32:A7:77:1C:53:B5:F2:88:47:F1:43:48:2E:F2:D1:13:11:38:2A:58
Certificate issuer: /CN=4214088c77bd12687fd4ba9fe3159ea805888ed2
Certificate serial: 018CC4937A6C8E49C8DFBEA14D4944C2B0E6
Authority key identifier: 42:14:08:8C:77:BD:12:68:7F:D4:BA:9F:E3:15:9E:A8:05:88:8E:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QhQIjHe9Emh_1Lqf4xWeqAWIjtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/Mqd3HFO18ohH8UNILvLRExE4Klg.roa
Signing time: Mon 01 Jan 2024 10:30:48 +0000
ROA not before: Mon 01 Jan 2024 10:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21183
IP address blocks: 188.164.216.0/22 maxlen: 22
188.164.216.0/21 maxlen: 24
188.164.219.0/24 maxlen: 24
46.252.32.0/20 maxlen: 24
185.237.16.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/QhQIjHe9Emh_1Lqf4xWeqAWIjtI.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/QhQIjHe9Emh_1Lqf4xWeqAWIjtI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QhQIjHe9Emh_1Lqf4xWeqAWIjtI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 04:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:7a:6c:8e:49:c8:df:be:a1:4d:49:44:c2:b0:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4214088c77bd12687fd4ba9fe3159ea805888ed2
Validity
Not Before: Jan 1 10:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32a7771c53b5f28847f143482ef2d11311382a58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bc:de:ed:88:b5:8d:98:ba:a9:83:83:ce:d9:
ad:a5:01:7e:75:6a:94:8d:ed:63:5b:ca:a8:44:76:
3e:89:c1:1e:ce:11:ac:ae:f4:2a:39:1b:04:53:6f:
5b:fe:c6:28:16:e8:ab:69:2e:c0:9a:c2:29:7d:bb:
62:93:e1:b3:b9:4f:d1:90:9b:94:94:38:f2:c9:f5:
a1:8c:5d:f9:29:56:98:28:8d:71:93:6b:c9:13:1b:
aa:ee:e2:d4:9c:7e:d0:18:d7:45:f2:95:eb:d8:8f:
96:78:75:17:75:c0:2f:10:0d:f6:f2:70:30:7e:02:
84:4c:0c:16:52:24:fc:00:df:05:d2:81:bc:9d:2d:
bd:9d:7d:8d:f7:27:e2:f3:35:aa:da:5a:91:2b:55:
33:ff:5d:14:e4:6f:0d:de:1e:a7:9e:31:2d:58:87:
dd:61:0c:64:07:ea:32:64:fd:3f:3d:40:7e:01:72:
5e:72:20:b2:c7:52:4d:d9:53:c0:6b:e0:15:57:14:
17:24:45:cf:f0:bc:ed:d3:c2:e2:18:16:68:d4:b9:
17:e1:bc:aa:d6:e9:c4:93:57:5b:2e:f6:2f:a2:2c:
f0:89:39:7a:7c:68:16:b8:f8:66:e8:ee:20:f0:73:
dc:af:14:48:72:92:10:49:cb:cc:e0:2e:3a:4e:77:
09:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:A7:77:1C:53:B5:F2:88:47:F1:43:48:2E:F2:D1:13:11:38:2A:58
X509v3 Authority Key Identifier:
keyid:42:14:08:8C:77:BD:12:68:7F:D4:BA:9F:E3:15:9E:A8:05:88:8E:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhQIjHe9Emh_1Lqf4xWeqAWIjtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/Mqd3HFO18ohH8UNILvLRExE4Klg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/QhQIjHe9Emh_1Lqf4xWeqAWIjtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.32.0/20
185.237.16.0/23
188.164.216.0/21
Signature Algorithm: sha256WithRSAEncryption
63:ad:43:82:44:d3:60:cb:fe:30:e4:b1:62:bf:78:46:8e:d8:
7d:58:60:cf:cf:ec:20:d6:d6:2c:70:c4:8a:60:20:60:46:ae:
58:0a:96:db:15:94:8a:f4:4a:5a:7b:ba:c5:2a:35:86:cb:a3:
f8:2c:04:a7:fb:3a:1b:85:b0:e6:d3:30:a5:ef:52:11:c5:30:
f1:76:94:0e:d5:2e:0a:14:90:c5:0b:82:e7:b3:e2:98:67:16:
3e:f2:ba:01:79:b2:a5:5b:03:d0:ed:2c:de:3c:2c:b4:e1:b8:
ef:a9:b0:3a:9d:b4:65:b1:8d:5c:c0:f4:29:68:0d:9b:e0:ab:
b0:d1:c6:12:ba:77:4b:35:06:c2:5d:4f:12:21:73:a5:26:56:
6e:c2:6e:00:b5:47:15:39:3f:c7:38:77:a3:ba:b3:71:13:82:
16:41:16:ca:cf:c0:e7:4d:b4:d9:95:10:50:d4:77:24:94:25:
9f:6b:bb:0c:07:9f:0a:be:05:18:55:6a:6e:f4:69:b5:f9:0d:
13:20:fa:bb:1e:f8:84:ec:57:8a:af:49:90:32:c4:0b:45:0a:
3b:99:33:51:c6:1d:e2:f7:11:9f:7c:54:4d:6a:11:cd:2d:b9:
ac:d6:5e:ab:07:72:a9:0c:3a:bf:d3:ed:1d:b6:6d:1f:16:6f:
67:d1:fb:1b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEk3psjknI376hTUlEwrDmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMTQwODhjNzdiZDEyNjg3ZmQ0YmE5ZmUzMTU5ZWE4MDU4
ODhlZDIwHhcNMjQwMTAxMTAzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmE3NzcxYzUzYjVmMjg4NDdmMTQzNDgyZWYyZDExMzExMzgyYTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7ze7Yi1jZi6qYODztmtpQF+dWqU
je1jW8qoRHY+icEezhGsrvQqORsEU29b/sYoFuiraS7AmsIpfbtik+GzuU/RkJuU
lDjyyfWhjF35KVaYKI1xk2vJExuq7uLUnH7QGNdF8pXr2I+WeHUXdcAvEA328nAw
fgKETAwWUiT8AN8F0oG8nS29nX2N9yfi8zWq2lqRK1Uz/10U5G8N3h6nnjEtWIfd
YQxkB+oyZP0/PUB+AXJeciCyx1JN2VPAa+AVVxQXJEXP8Lzt08LiGBZo1LkX4byq
1unEk1dbLvYvoizwiTl6fGgWuPhm6O4g8HPcrxRIcpIQScvM4C46TncJiQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDKndxxTtfKIR/FDSC7y0RMROCpYMB8GA1UdIwQY
MBaAFEIUCIx3vRJof9S6n+MVnqgFiI7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWhRSWpIZTlFbWhfMUxxZjR4V2VxQVdJanRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9iYjVlY2UtMDEyZS00MTk0LTk5ODAt
N2UyMWRiNWEyZWY5LzEvTXFkM0hGTzE4b2hIOFVOSUx2TFJFeEU0S2xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9iYjVlY2UtMDEyZS00MTk0LTk5ODAtN2UyMWRiNWEyZWY5
LzEvUWhRSWpIZTlFbWhfMUxxZjR4V2VxQVdJanRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQELvwgAwQB
ue0QAwQDvKTYMA0GCSqGSIb3DQEBCwUAA4IBAQBjrUOCRNNgy/4w5LFiv3hGjth9
WGDPz+wg1tYscMSKYCBgRq5YCpbbFZSK9Epae7rFKjWGy6P4LASn+zobhbDm0zCl
71IRxTDxdpQO1S4KFJDFC4Lns+KYZxY+8roBebKlWwPQ7SzePCy04bjvqbA6nbRl
sY1cwPQpaA2b4Kuw0cYSundLNQbCXU8SIXOlJlZuwm4AtUcVOT/HOHejurNxE4IW
QRbKz8DnTbTZlRBQ1HcklCWfa7sMB58KvgUYVWpu9Gm1+Q0TIPq7HviE7FeKr0mQ
MsQLRQo7mTNRxh3i9xGffFRNahHNLbms1l6rB3KpDDq/0+0dtm0fFm9n0fsb
-----END CERTIFICATE-----
Generated at Sat Jun 15 10:55:52 2024 by rpki-client on console-ams.rpki-client.org