Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/MSJe_RzNI6Rt2Nu7VnpMyOeEb_0.roa
File: MSJe_RzNI6Rt2Nu7VnpMyOeEb_0.roa (raw, json)
Hash identifier: RJoFb15YTmHZm8cNFqaNaXGLPlk3jzn1eTv1QwWLTcw=
Subject key identifier: 31:22:5E:FD:1C:CD:23:A4:6D:D8:DB:BB:56:7A:4C:C8:E7:84:6F:FD
Certificate issuer: /CN=5d129b0460cf9ee0500ee880a2cfa1a524e4df00
Certificate serial: 018CC8DE3F4910D97F6078870E6F17B90E4A
Authority key identifier: 5D:12:9B:04:60:CF:9E:E0:50:0E:E8:80:A2:CF:A1:A5:24:E4:DF:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XRKbBGDPnuBQDuiAos-hpSTk3wA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/MSJe_RzNI6Rt2Nu7VnpMyOeEb_0.roa
Signing time: Tue 02 Jan 2024 06:30:57 +0000
ROA not before: Tue 02 Jan 2024 06:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29695
IP address blocks: 188.228.0.0/17 maxlen: 17
45.13.240.0/22 maxlen: 22
37.97.0.0/18 maxlen: 18
2a00:fd00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/XRKbBGDPnuBQDuiAos-hpSTk3wA.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/XRKbBGDPnuBQDuiAos-hpSTk3wA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XRKbBGDPnuBQDuiAos-hpSTk3wA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:3f:49:10:d9:7f:60:78:87:0e:6f:17:b9:0e:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d129b0460cf9ee0500ee880a2cfa1a524e4df00
Validity
Not Before: Jan 2 06:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31225efd1ccd23a46dd8dbbb567a4cc8e7846ffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:24:1b:dc:4c:ed:36:1f:33:e0:8a:be:22:2a:
7a:ed:65:b3:4a:02:82:09:f6:e9:cc:ae:f4:1a:f0:
73:7f:49:e7:9e:80:66:ad:fc:b7:13:18:d1:5e:d8:
79:8d:4b:30:96:21:94:a0:f2:87:72:9a:c1:d5:da:
e1:23:1c:0a:61:31:ee:49:47:d0:f3:48:ad:2f:d2:
d6:8b:d9:a1:12:39:16:d1:b3:7b:ac:54:95:d8:c1:
07:63:c8:8e:e5:e1:f0:ef:df:6b:72:c2:6b:c0:8b:
4e:6c:0c:3b:94:84:02:37:a8:3a:fe:b1:7a:8c:4e:
2e:d4:a0:5f:ef:0f:27:e5:ad:38:8d:d2:0e:a2:f4:
cb:27:c4:30:65:98:cd:37:ca:13:57:f8:af:0c:12:
b1:1a:e4:3e:9d:b1:73:fb:55:90:55:1e:84:fd:2c:
6c:95:10:9a:f2:87:df:fd:f3:74:4f:53:70:82:8c:
ca:76:70:4c:f2:d0:07:83:0c:5b:c7:06:4c:86:d0:
54:4b:85:24:91:4c:2c:85:26:6c:66:c1:ea:19:59:
05:39:0b:b9:9e:ca:cd:16:c8:ee:60:55:1e:82:0b:
81:43:99:f7:f8:7b:90:6b:64:c5:66:2e:b0:b4:06:
37:a1:2e:1c:40:63:11:c7:18:a7:f9:f9:17:5b:05:
d4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:22:5E:FD:1C:CD:23:A4:6D:D8:DB:BB:56:7A:4C:C8:E7:84:6F:FD
X509v3 Authority Key Identifier:
keyid:5D:12:9B:04:60:CF:9E:E0:50:0E:E8:80:A2:CF:A1:A5:24:E4:DF:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XRKbBGDPnuBQDuiAos-hpSTk3wA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/MSJe_RzNI6Rt2Nu7VnpMyOeEb_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/XRKbBGDPnuBQDuiAos-hpSTk3wA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.0.0/18
45.13.240.0/22
188.228.0.0/17
IPv6:
2a00:fd00::/32
Signature Algorithm: sha256WithRSAEncryption
33:9c:61:e5:87:69:fe:c4:d2:e8:0e:0c:e8:0e:37:e4:0e:55:
6c:b7:c9:df:11:f3:8d:fa:bd:78:53:1f:6b:c1:c1:3d:d7:f3:
0d:a1:d7:93:a3:0c:4f:8e:e4:6f:33:26:7a:fd:a6:13:95:c8:
94:10:37:f7:52:be:95:23:a7:55:5a:ec:cc:c4:a7:4d:07:19:
b5:39:46:22:b5:52:71:ca:04:f1:e3:b6:e5:54:7e:11:7e:b9:
c3:04:0b:f9:55:38:79:b2:db:ec:0e:f6:23:31:da:b4:42:a1:
8f:d2:92:ea:28:ff:3e:e0:42:7b:db:f5:bb:41:a2:e9:0b:2e:
5a:31:a3:ce:2c:f8:5a:64:c3:37:3f:f9:de:ed:66:07:d4:ed:
4b:cd:ee:d8:26:f2:cd:c1:dc:96:d3:7e:34:5a:be:92:08:89:
e8:31:bc:3a:d5:8d:3b:90:31:6c:d3:72:1d:87:27:28:4c:c4:
bd:99:20:b7:f2:e7:09:27:66:01:35:c5:03:46:34:04:e3:b0:
b8:ce:88:e0:c1:dd:12:78:c6:64:d9:a0:be:f3:d0:c8:c8:11:
59:25:d7:61:71:c1:41:d1:8a:28:21:9c:95:d4:c9:cb:f3:f5:
72:06:8b:b7:1c:85:70:88:94:f9:b9:df:36:ee:da:69:6d:04:
6b:91:6b:11
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzI3j9JENl/YHiHDm8XuQ5KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMTI5YjA0NjBjZjllZTA1MDBlZTg4MGEyY2ZhMWE1MjRl
NGRmMDAwHhcNMjQwMTAyMDYzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTIyNWVmZDFjY2QyM2E0NmRkOGRiYmI1NjdhNGNjOGU3ODQ2ZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyQb3EztNh8z4Iq+Iip67WWzSgKC
CfbpzK70GvBzf0nnnoBmrfy3ExjRXth5jUswliGUoPKHcprB1drhIxwKYTHuSUfQ
80itL9LWi9mhEjkW0bN7rFSV2MEHY8iO5eHw799rcsJrwItObAw7lIQCN6g6/rF6
jE4u1KBf7w8n5a04jdIOovTLJ8QwZZjNN8oTV/ivDBKxGuQ+nbFz+1WQVR6E/Sxs
lRCa8off/fN0T1NwgozKdnBM8tAHgwxbxwZMhtBUS4UkkUwshSZsZsHqGVkFOQu5
nsrNFsjuYFUegguBQ5n3+HuQa2TFZi6wtAY3oS4cQGMRxxin+fkXWwXUnQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDEiXv0czSOkbdjbu1Z6TMjnhG/9MB8GA1UdIwQY
MBaAFF0SmwRgz57gUA7ogKLPoaUk5N8AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFJLYkJHRFBudUJRRHVpQW9zLWhwU1RrM3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi84NTU3ZTAtMzY4ZC00ZDhlLTk3NDEt
YTg3N2RkNTFiYzQ5LzEvTVNKZV9Sek5JNlJ0Mk51N1ZucE15T2VFYl8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi84NTU3ZTAtMzY4ZC00ZDhlLTk3NDEtYTg3N2RkNTFiYzQ5
LzEvWFJLYkJHRFBudUJRRHVpQW9zLWhwU1RrM3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGJWEAAwQC
LQ3wAwQHvOQAMA0EAgACMAcDBQAqAP0AMA0GCSqGSIb3DQEBCwUAA4IBAQAznGHl
h2n+xNLoDgzoDjfkDlVst8nfEfON+r14Ux9rwcE91/MNodeTowxPjuRvMyZ6/aYT
lciUEDf3Ur6VI6dVWuzMxKdNBxm1OUYitVJxygTx47blVH4RfrnDBAv5VTh5stvs
DvYjMdq0QqGP0pLqKP8+4EJ72/W7QaLpCy5aMaPOLPhaZMM3P/ne7WYH1O1Lze7Y
JvLNwdyW0340Wr6SCInoMbw61Y07kDFs03IdhycoTMS9mSC38ucJJ2YBNcUDRjQE
47C4zojgwd0SeMZk2aC+89DIyBFZJddhccFB0YooIZyV1MnL8/VyBou3HIVwiJT5
ud827tppbQRrkWsR
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:05:54 2024 by rpki-client on console-fra.rpki-client.org